rezabarkhordary commited on
Commit
6e25017
·
verified ·
1 Parent(s): 0a7312a

Create severeign_external_verifier_v8.py

Browse files
Files changed (1) hide show
  1. severeign_external_verifier_v8.py +723 -0
severeign_external_verifier_v8.py ADDED
@@ -0,0 +1,723 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+
2
+ # sovereign_external_verifier_v8.py
3
+ from __future__ import annotations
4
+
5
+ import argparse
6
+ import json
7
+ from pathlib import Path
8
+ from typing import Any, Dict, List, Optional
9
+
10
+ from sovereign_crypto_seal import SovereignCryptoSeal
11
+
12
+
13
+ def _load_json(path: str) -> Dict[str, Any]:
14
+ p = Path(path)
15
+ if not p.exists():
16
+ raise FileNotFoundError(f"File not found: {path}")
17
+ data = json.loads(p.read_text(encoding="utf-8"))
18
+ if not isinstance(data, dict):
19
+ raise ValueError(f"JSON root must be an object: {path}")
20
+ return data
21
+
22
+
23
+ class SovereignExternalVerifierV8:
24
+ """
25
+ Extended independent verifier for Sovereign artifacts.
26
+
27
+ Supported artifact families:
28
+ - runtime result bundles
29
+ - benchmark bundles
30
+ - validation report bundles
31
+ - validation manifest bundles
32
+ - capacity report bundles
33
+ - capacity manifest bundles
34
+ - SLA/profile bundles
35
+ - fail-safe profile/report bundles
36
+ - deployment profile/report bundles
37
+ - role/scope profile/report bundles
38
+ - control-plane profile/report bundles
39
+ - generic manifest bundles
40
+ - technical identity bundles with nested verification
41
+ """
42
+
43
+ def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None:
44
+ self.sealer = sealer or SovereignCryptoSeal()
45
+
46
+ # ------------------------------------------------------------------
47
+ # Core verification helper
48
+ # ------------------------------------------------------------------
49
+ def _verify_object_with_seal(
50
+ self,
51
+ *,
52
+ artifact_type: str,
53
+ obj: Dict[str, Any],
54
+ seal: Dict[str, Any],
55
+ ) -> Dict[str, Any]:
56
+ verified = self.sealer.verify_object(obj, seal)
57
+ return {
58
+ "ok": bool(verified.get("ok")),
59
+ "artifact_type": artifact_type,
60
+ "verified": bool(verified.get("verified")),
61
+ "verification": verified,
62
+ }
63
+
64
+ # ------------------------------------------------------------------
65
+ # Runtime result
66
+ # ------------------------------------------------------------------
67
+ def verify_runtime_result_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
68
+ seal = bundle.get("crypto_seal")
69
+ if not isinstance(seal, dict):
70
+ return {
71
+ "ok": False,
72
+ "artifact_type": "runtime_result",
73
+ "verified": False,
74
+ "error": "missing_runtime_crypto_seal",
75
+ }
76
+
77
+ obj = dict(bundle)
78
+ obj.pop("crypto_seal", None)
79
+ obj.pop("sealed", None)
80
+
81
+ return self._verify_object_with_seal(
82
+ artifact_type="runtime_result",
83
+ obj=obj,
84
+ seal=seal,
85
+ )
86
+
87
+ # ------------------------------------------------------------------
88
+ # Benchmark
89
+ # ------------------------------------------------------------------
90
+ def verify_benchmark_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
91
+ seal = bundle.get("crypto_seal")
92
+ report = bundle.get("report")
93
+
94
+ if not isinstance(seal, dict):
95
+ return {
96
+ "ok": False,
97
+ "artifact_type": "benchmark_bundle",
98
+ "verified": False,
99
+ "error": "missing_benchmark_crypto_seal",
100
+ }
101
+
102
+ if not isinstance(report, dict):
103
+ return {
104
+ "ok": False,
105
+ "artifact_type": "benchmark_bundle",
106
+ "verified": False,
107
+ "error": "missing_benchmark_report",
108
+ }
109
+
110
+ return self._verify_object_with_seal(
111
+ artifact_type="benchmark_bundle",
112
+ obj=report,
113
+ seal=seal,
114
+ )
115
+
116
+ # ------------------------------------------------------------------
117
+ # Validation
118
+ # ------------------------------------------------------------------
119
+ def verify_validation_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
120
+ seal = bundle.get("crypto_seal")
121
+ report = bundle.get("report")
122
+
123
+ if not isinstance(seal, dict):
124
+ return {
125
+ "ok": False,
126
+ "artifact_type": "validation_report_bundle",
127
+ "verified": False,
128
+ "error": "missing_validation_crypto_seal",
129
+ }
130
+
131
+ if not isinstance(report, dict):
132
+ return {
133
+ "ok": False,
134
+ "artifact_type": "validation_report_bundle",
135
+ "verified": False,
136
+ "error": "missing_validation_report",
137
+ }
138
+
139
+ return self._verify_object_with_seal(
140
+ artifact_type="validation_report_bundle",
141
+ obj=report,
142
+ seal=seal,
143
+ )
144
+
145
+ # ------------------------------------------------------------------
146
+ # Capacity
147
+ # ------------------------------------------------------------------
148
+ def verify_capacity_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
149
+ seal = bundle.get("crypto_seal")
150
+ report = bundle.get("report")
151
+
152
+ if not isinstance(seal, dict):
153
+ return {
154
+ "ok": False,
155
+ "artifact_type": "capacity_report_bundle",
156
+ "verified": False,
157
+ "error": "missing_capacity_crypto_seal",
158
+ }
159
+
160
+ if not isinstance(report, dict):
161
+ return {
162
+ "ok": False,
163
+ "artifact_type": "capacity_report_bundle",
164
+ "verified": False,
165
+ "error": "missing_capacity_report",
166
+ }
167
+
168
+ return self._verify_object_with_seal(
169
+ artifact_type="capacity_report_bundle",
170
+ obj=report,
171
+ seal=seal,
172
+ )
173
+
174
+ # ------------------------------------------------------------------
175
+ # SLA
176
+ # ------------------------------------------------------------------
177
+ def verify_sla_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
178
+ seal = bundle.get("crypto_seal")
179
+ profile = bundle.get("sla_profile")
180
+
181
+ if not isinstance(seal, dict):
182
+ return {
183
+ "ok": False,
184
+ "artifact_type": "sla_profile_bundle",
185
+ "verified": False,
186
+ "error": "missing_sla_crypto_seal",
187
+ }
188
+
189
+ if not isinstance(profile, dict):
190
+ return {
191
+ "ok": False,
192
+ "artifact_type": "sla_profile_bundle",
193
+ "verified": False,
194
+ "error": "missing_sla_profile",
195
+ }
196
+
197
+ return self._verify_object_with_seal(
198
+ artifact_type="sla_profile_bundle",
199
+ obj=profile,
200
+ seal=seal,
201
+ )
202
+
203
+ def verify_sla_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
204
+ inner = bundle.get("bundle")
205
+ if not isinstance(inner, dict):
206
+ return {
207
+ "ok": False,
208
+ "artifact_type": "sla_report_bundle",
209
+ "verified": False,
210
+ "error": "missing_inner_sla_bundle",
211
+ }
212
+
213
+ verified = self.verify_sla_profile_bundle(inner)
214
+ return {
215
+ "ok": bool(verified.get("ok")),
216
+ "artifact_type": "sla_report_bundle",
217
+ "verified": bool(verified.get("verified")),
218
+ "inner_verification": verified,
219
+ }
220
+
221
+ # ------------------------------------------------------------------
222
+ # Fail-safe
223
+ # ------------------------------------------------------------------
224
+ def verify_fail_safe_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
225
+ seal = bundle.get("crypto_seal")
226
+ profile = bundle.get("fail_safe_profile")
227
+
228
+ if not isinstance(seal, dict):
229
+ return {
230
+ "ok": False,
231
+ "artifact_type": "fail_safe_profile_bundle",
232
+ "verified": False,
233
+ "error": "missing_fail_safe_crypto_seal",
234
+ }
235
+
236
+ if not isinstance(profile, dict):
237
+ return {
238
+ "ok": False,
239
+ "artifact_type": "fail_safe_profile_bundle",
240
+ "verified": False,
241
+ "error": "missing_fail_safe_profile",
242
+ }
243
+
244
+ return self._verify_object_with_seal(
245
+ artifact_type="fail_safe_profile_bundle",
246
+ obj=profile,
247
+ seal=seal,
248
+ )
249
+
250
+ def verify_fail_safe_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
251
+ inner = bundle.get("bundle")
252
+ if not isinstance(inner, dict):
253
+ return {
254
+ "ok": False,
255
+ "artifact_type": "fail_safe_report_bundle",
256
+ "verified": False,
257
+ "error": "missing_inner_fail_safe_bundle",
258
+ }
259
+
260
+ verified = self.verify_fail_safe_profile_bundle(inner)
261
+ return {
262
+ "ok": bool(verified.get("ok")),
263
+ "artifact_type": "fail_safe_report_bundle",
264
+ "verified": bool(verified.get("verified")),
265
+ "inner_verification": verified,
266
+ }
267
+
268
+ # ------------------------------------------------------------------
269
+ # Deployment
270
+ # ------------------------------------------------------------------
271
+ def verify_deployment_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
272
+ seal = bundle.get("crypto_seal")
273
+ profile = bundle.get("deployment_profile")
274
+
275
+ if not isinstance(seal, dict):
276
+ return {
277
+ "ok": False,
278
+ "artifact_type": "deployment_profile_bundle",
279
+ "verified": False,
280
+ "error": "missing_deployment_crypto_seal",
281
+ }
282
+
283
+ if not isinstance(profile, dict):
284
+ return {
285
+ "ok": False,
286
+ "artifact_type": "deployment_profile_bundle",
287
+ "verified": False,
288
+ "error": "missing_deployment_profile",
289
+ }
290
+
291
+ return self._verify_object_with_seal(
292
+ artifact_type="deployment_profile_bundle",
293
+ obj=profile,
294
+ seal=seal,
295
+ )
296
+
297
+ def verify_deployment_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
298
+ inner = bundle.get("bundle")
299
+ if not isinstance(inner, dict):
300
+ return {
301
+ "ok": False,
302
+ "artifact_type": "deployment_report_bundle",
303
+ "verified": False,
304
+ "error": "missing_inner_deployment_bundle",
305
+ }
306
+
307
+ verified = self.verify_deployment_profile_bundle(inner)
308
+ return {
309
+ "ok": bool(verified.get("ok")),
310
+ "artifact_type": "deployment_report_bundle",
311
+ "verified": bool(verified.get("verified")),
312
+ "inner_verification": verified,
313
+ }
314
+
315
+ # ------------------------------------------------------------------
316
+ # Role / Scope
317
+ # ------------------------------------------------------------------
318
+ def verify_role_scope_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
319
+ seal = bundle.get("crypto_seal")
320
+ profile = bundle.get("role_scope_profile")
321
+
322
+ if not isinstance(seal, dict):
323
+ return {
324
+ "ok": False,
325
+ "artifact_type": "role_scope_profile_bundle",
326
+ "verified": False,
327
+ "error": "missing_role_scope_crypto_seal",
328
+ }
329
+
330
+ if not isinstance(profile, dict):
331
+ return {
332
+ "ok": False,
333
+ "artifact_type": "role_scope_profile_bundle",
334
+ "verified": False,
335
+ "error": "missing_role_scope_profile",
336
+ }
337
+
338
+ return self._verify_object_with_seal(
339
+ artifact_type="role_scope_profile_bundle",
340
+ obj=profile,
341
+ seal=seal,
342
+ )
343
+
344
+ def verify_role_scope_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
345
+ inner = bundle.get("bundle")
346
+ if not isinstance(inner, dict):
347
+ return {
348
+ "ok": False,
349
+ "artifact_type": "role_scope_report_bundle",
350
+ "verified": False,
351
+ "error": "missing_inner_role_scope_bundle",
352
+ }
353
+
354
+ verified = self.verify_role_scope_profile_bundle(inner)
355
+ return {
356
+ "ok": bool(verified.get("ok")),
357
+ "artifact_type": "role_scope_report_bundle",
358
+ "verified": bool(verified.get("verified")),
359
+ "inner_verification": verified,
360
+ }
361
+
362
+ # ------------------------------------------------------------------
363
+ # Control Plane
364
+ # ------------------------------------------------------------------
365
+ def verify_control_plane_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
366
+ seal = bundle.get("crypto_seal")
367
+ profile = bundle.get("control_plane_profile")
368
+
369
+ if not isinstance(seal, dict):
370
+ return {
371
+ "ok": False,
372
+ "artifact_type": "control_plane_profile_bundle",
373
+ "verified": False,
374
+ "error": "missing_control_plane_crypto_seal",
375
+ }
376
+
377
+ if not isinstance(profile, dict):
378
+ return {
379
+ "ok": False,
380
+ "artifact_type": "control_plane_profile_bundle",
381
+ "verified": False,
382
+ "error": "missing_control_plane_profile",
383
+ }
384
+
385
+ return self._verify_object_with_seal(
386
+ artifact_type="control_plane_profile_bundle",
387
+ obj=profile,
388
+ seal=seal,
389
+ )
390
+
391
+ def verify_control_plane_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
392
+ inner = bundle.get("bundle")
393
+ if not isinstance(inner, dict):
394
+ return {
395
+ "ok": False,
396
+ "artifact_type": "control_plane_report_bundle",
397
+ "verified": False,
398
+ "error": "missing_inner_control_plane_bundle",
399
+ }
400
+
401
+ verified = self.verify_control_plane_profile_bundle(inner)
402
+ return {
403
+ "ok": bool(verified.get("ok")),
404
+ "artifact_type": "control_plane_report_bundle",
405
+ "verified": bool(verified.get("verified")),
406
+ "inner_verification": verified,
407
+ }
408
+
409
+ # ------------------------------------------------------------------
410
+ # Generic manifest bundle
411
+ # ------------------------------------------------------------------
412
+ def verify_manifest_bundle(
413
+ self,
414
+ bundle: Dict[str, Any],
415
+ artifact_type: str = "manifest_bundle",
416
+ ) -> Dict[str, Any]:
417
+ manifest_bundle = bundle.get("manifest_bundle")
418
+ if not isinstance(manifest_bundle, dict):
419
+ return {
420
+ "ok": False,
421
+ "artifact_type": artifact_type,
422
+ "verified": False,
423
+ "error": "missing_manifest_bundle",
424
+ }
425
+
426
+ manifest = manifest_bundle.get("manifest")
427
+ seal = manifest_bundle.get("seal")
428
+
429
+ if not isinstance(manifest, dict):
430
+ return {
431
+ "ok": False,
432
+ "artifact_type": artifact_type,
433
+ "verified": False,
434
+ "error": "missing_manifest_object",
435
+ }
436
+
437
+ if not isinstance(seal, dict):
438
+ return {
439
+ "ok": False,
440
+ "artifact_type": artifact_type,
441
+ "verified": False,
442
+ "error": "missing_manifest_seal",
443
+ }
444
+
445
+ return self._verify_object_with_seal(
446
+ artifact_type=artifact_type,
447
+ obj=manifest,
448
+ seal=seal,
449
+ )
450
+
451
+ def verify_validation_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
452
+ return self.verify_manifest_bundle(bundle=bundle, artifact_type="validation_manifest_bundle")
453
+
454
+ def verify_capacity_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
455
+ return self.verify_manifest_bundle(bundle=bundle, artifact_type="capacity_manifest_bundle")
456
+
457
+ # ------------------------------------------------------------------
458
+ # Technical identity
459
+ # ------------------------------------------------------------------
460
+ def verify_technical_identity_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
461
+ identity = bundle.get("technical_identity")
462
+ if not isinstance(identity, dict):
463
+ return {
464
+ "ok": False,
465
+ "artifact_type": "technical_identity_bundle",
466
+ "verified": False,
467
+ "error": "missing_technical_identity",
468
+ }
469
+
470
+ seal = identity.get("crypto_seal")
471
+ if not isinstance(seal, dict):
472
+ return {
473
+ "ok": False,
474
+ "artifact_type": "technical_identity_bundle",
475
+ "verified": False,
476
+ "error": "missing_technical_identity_seal",
477
+ }
478
+
479
+ identity_obj = dict(identity)
480
+ identity_obj.pop("crypto_seal", None)
481
+ identity_obj.pop("sealed", None)
482
+
483
+ identity_verification = self._verify_object_with_seal(
484
+ artifact_type="technical_identity",
485
+ obj=identity_obj,
486
+ seal=seal,
487
+ )
488
+
489
+ nested_checks: List[Dict[str, Any]] = []
490
+
491
+ runtime_result = bundle.get("runtime_result")
492
+ if isinstance(runtime_result, dict):
493
+ nested_checks.append(self.verify_runtime_result_bundle(runtime_result))
494
+
495
+ benchmark_bundle = bundle.get("benchmark_bundle")
496
+ if isinstance(benchmark_bundle, dict):
497
+ nested_checks.append(self.verify_benchmark_bundle(benchmark_bundle))
498
+
499
+ manifest_bundle = bundle.get("manifest_bundle")
500
+ if isinstance(manifest_bundle, dict):
501
+ nested_checks.append(self.verify_manifest_bundle({"manifest_bundle": manifest_bundle}))
502
+
503
+ validation_bundle = bundle.get("validation_bundle")
504
+ if isinstance(validation_bundle, dict):
505
+ if "report" in validation_bundle and "crypto_seal" in validation_bundle:
506
+ nested_checks.append(self.verify_validation_report_bundle(validation_bundle))
507
+ elif "manifest_bundle" in validation_bundle:
508
+ nested_checks.append(self.verify_validation_manifest_bundle(validation_bundle))
509
+
510
+ capacity_bundle = bundle.get("capacity_bundle")
511
+ if isinstance(capacity_bundle, dict):
512
+ if "report" in capacity_bundle and "crypto_seal" in capacity_bundle:
513
+ nested_checks.append(self.verify_capacity_report_bundle(capacity_bundle))
514
+ elif "manifest_bundle" in capacity_bundle:
515
+ nested_checks.append(self.verify_capacity_manifest_bundle(capacity_bundle))
516
+
517
+ sla_bundle = bundle.get("sla_bundle")
518
+ if isinstance(sla_bundle, dict):
519
+ if "sla_profile" in sla_bundle and "crypto_seal" in sla_bundle:
520
+ nested_checks.append(self.verify_sla_profile_bundle(sla_bundle))
521
+ elif "bundle" in sla_bundle:
522
+ nested_checks.append(self.verify_sla_report_bundle(sla_bundle))
523
+
524
+ fail_safe_bundle = bundle.get("fail_safe_bundle")
525
+ if isinstance(fail_safe_bundle, dict):
526
+ if "fail_safe_profile" in fail_safe_bundle and "crypto_seal" in fail_safe_bundle:
527
+ nested_checks.append(self.verify_fail_safe_profile_bundle(fail_safe_bundle))
528
+ elif "bundle" in fail_safe_bundle:
529
+ nested_checks.append(self.verify_fail_safe_report_bundle(fail_safe_bundle))
530
+
531
+ deployment_bundle = bundle.get("deployment_bundle")
532
+ if isinstance(deployment_bundle, dict):
533
+ if "deployment_profile" in deployment_bundle and "crypto_seal" in deployment_bundle:
534
+ nested_checks.append(self.verify_deployment_profile_bundle(deployment_bundle))
535
+ elif "bundle" in deployment_bundle:
536
+ nested_checks.append(self.verify_deployment_report_bundle(deployment_bundle))
537
+
538
+ role_scope_bundle = bundle.get("role_scope_bundle")
539
+ if isinstance(role_scope_bundle, dict):
540
+ if "role_scope_profile" in role_scope_bundle and "crypto_seal" in role_scope_bundle:
541
+ nested_checks.append(self.verify_role_scope_profile_bundle(role_scope_bundle))
542
+ elif "bundle" in role_scope_bundle:
543
+ nested_checks.append(self.verify_role_scope_report_bundle(role_scope_bundle))
544
+
545
+ control_plane_bundle = bundle.get("control_plane_bundle")
546
+ if isinstance(control_plane_bundle, dict):
547
+ if "control_plane_profile" in control_plane_bundle and "crypto_seal" in control_plane_bundle:
548
+ nested_checks.append(self.verify_control_plane_profile_bundle(control_plane_bundle))
549
+ elif "bundle" in control_plane_bundle:
550
+ nested_checks.append(self.verify_control_plane_report_bundle(control_plane_bundle))
551
+
552
+ all_nested_ok = all(bool(x.get("verified")) for x in nested_checks) if nested_checks else True
553
+
554
+ return {
555
+ "ok": bool(identity_verification.get("ok")) and all_nested_ok,
556
+ "artifact_type": "technical_identity_bundle",
557
+ "verified": bool(identity_verification.get("verified")) and all_nested_ok,
558
+ "technical_identity_verification": identity_verification,
559
+ "nested_verifications": nested_checks,
560
+ }
561
+
562
+ # ------------------------------------------------------------------
563
+ # Auto-detect
564
+ # ------------------------------------------------------------------
565
+ def verify_auto(self, obj: Dict[str, Any]) -> Dict[str, Any]:
566
+ if "technical_identity" in obj:
567
+ return self.verify_technical_identity_bundle(obj)
568
+
569
+ if "bundle" in obj and isinstance(obj.get("bundle"), dict):
570
+ inner = obj["bundle"]
571
+ if "sla_profile" in inner and "crypto_seal" in inner:
572
+ return self.verify_sla_report_bundle(obj)
573
+ if "fail_safe_profile" in inner and "crypto_seal" in inner:
574
+ return self.verify_fail_safe_report_bundle(obj)
575
+ if "deployment_profile" in inner and "crypto_seal" in inner:
576
+ return self.verify_deployment_report_bundle(obj)
577
+ if "role_scope_profile" in inner and "crypto_seal" in inner:
578
+ return self.verify_role_scope_report_bundle(obj)
579
+ if "control_plane_profile" in inner and "crypto_seal" in inner:
580
+ return self.verify_control_plane_report_bundle(obj)
581
+
582
+ if "report" in obj and "crypto_seal" in obj:
583
+ report = obj.get("report")
584
+ if isinstance(report, dict):
585
+ suite_name = str(report.get("suite_name", "")).lower()
586
+ benchmark_name = str(report.get("benchmark_name", "")).lower()
587
+ probe_name = str(report.get("probe_name", "")).lower()
588
+
589
+ if "false positive" in suite_name or "validation" in suite_name:
590
+ return self.verify_validation_report_bundle(obj)
591
+ if "benchmark" in benchmark_name:
592
+ return self.verify_benchmark_bundle(obj)
593
+ if "capacity" in probe_name:
594
+ return self.verify_capacity_report_bundle(obj)
595
+
596
+ if "sla_profile" in obj and "crypto_seal" in obj:
597
+ return self.verify_sla_profile_bundle(obj)
598
+
599
+ if "fail_safe_profile" in obj and "crypto_seal" in obj:
600
+ return self.verify_fail_safe_profile_bundle(obj)
601
+
602
+ if "deployment_profile" in obj and "crypto_seal" in obj:
603
+ return self.verify_deployment_profile_bundle(obj)
604
+
605
+ if "role_scope_profile" in obj and "crypto_seal" in obj:
606
+ return self.verify_role_scope_profile_bundle(obj)
607
+
608
+ if "control_plane_profile" in obj and "crypto_seal" in obj:
609
+ return self.verify_control_plane_profile_bundle(obj)
610
+
611
+ if "manifest_bundle" in obj:
612
+ manifest_bundle = obj.get("manifest_bundle") or {}
613
+ manifest = manifest_bundle.get("manifest") if isinstance(manifest_bundle, dict) else {}
614
+ manifest_type = ""
615
+ if isinstance(manifest, dict):
616
+ manifest_type = str(manifest.get("manifest_type", "")).lower()
617
+
618
+ if "validation" in manifest_type:
619
+ return self.verify_validation_manifest_bundle(obj)
620
+ if "capacity" in manifest_type:
621
+ return self.verify_capacity_manifest_bundle(obj)
622
+ return self.verify_manifest_bundle(obj)
623
+
624
+ if "crypto_seal" in obj:
625
+ return self.verify_runtime_result_bundle(obj)
626
+
627
+ return {
628
+ "ok": False,
629
+ "verified": False,
630
+ "artifact_type": "unknown",
631
+ "error": "could_not_detect_artifact_type",
632
+ }
633
+
634
+ def verify_file(self, path: str) -> Dict[str, Any]:
635
+ obj = _load_json(path)
636
+ result = self.verify_auto(obj)
637
+ result["source_file"] = path
638
+ return result
639
+
640
+ # ------------------------------------------------------------------
641
+ # Summary
642
+ # ------------------------------------------------------------------
643
+ def summarize(self, result: Dict[str, Any]) -> Dict[str, Any]:
644
+ artifact_type = result.get("artifact_type", "unknown")
645
+ verified = bool(result.get("verified", False))
646
+
647
+ summary = {
648
+ "artifact_type": artifact_type,
649
+ "verified": verified,
650
+ "status": "VALID" if verified else "INVALID",
651
+ }
652
+
653
+ if result.get("source_file"):
654
+ summary["source_file"] = result["source_file"]
655
+
656
+ verification = result.get("verification", {}) or {}
657
+ if isinstance(verification, dict):
658
+ if verification.get("object_digest"):
659
+ summary["object_digest"] = verification["object_digest"]
660
+ if verification.get("seal_digest"):
661
+ summary["seal_digest"] = verification["seal_digest"]
662
+
663
+ if artifact_type in {
664
+ "sla_report_bundle",
665
+ "fail_safe_report_bundle",
666
+ "deployment_report_bundle",
667
+ "role_scope_report_bundle",
668
+ "control_plane_report_bundle",
669
+ }:
670
+ inner = result.get("inner_verification", {}) or {}
671
+ summary["inner_verified"] = bool(inner.get("verified", False))
672
+
673
+ if artifact_type == "technical_identity_bundle":
674
+ tiv = result.get("technical_identity_verification", {}) or {}
675
+ nested = result.get("nested_verifications", []) or []
676
+ summary["technical_identity_verified"] = bool(
677
+ (tiv.get("verification") or {}).get("verified", tiv.get("verified", False))
678
+ )
679
+ summary["nested_verified_count"] = sum(1 for x in nested if x.get("verified"))
680
+ summary["nested_total"] = len(nested)
681
+
682
+ return summary
683
+
684
+
685
+ VERIFIER = SovereignExternalVerifierV8()
686
+
687
+
688
+ def verify_artifact_file_v8(path: str) -> Dict[str, Any]:
689
+ return VERIFIER.verify_file(path)
690
+
691
+
692
+ def summarize_verification_v8(result: Dict[str, Any]) -> Dict[str, Any]:
693
+ return VERIFIER.summarize(result)
694
+
695
+
696
+ def _build_arg_parser() -> argparse.ArgumentParser:
697
+ parser = argparse.ArgumentParser(
698
+ description="Extended independent verifier v8 for Sovereign bank-grade artifacts."
699
+ )
700
+ parser.add_argument(
701
+ "--file",
702
+ required=True,
703
+ help="Path to JSON artifact file to verify.",
704
+ )
705
+ parser.add_argument(
706
+ "--summary-only",
707
+ action="store_true",
708
+ help="Print only compact summary instead of full verification result.",
709
+ )
710
+ return parser
711
+
712
+
713
+ if __name__ == "__main__":
714
+ parser = _build_arg_parser()
715
+ args = parser.parse_args()
716
+
717
+ verification = verify_artifact_file_v8(args.file)
718
+
719
+ if args.summary_only:
720
+ print(json.dumps(summarize_verification_v8(verification), ensure_ascii=False, indent=2))
721
+ else:
722
+ print(json.dumps(verification, ensure_ascii=False, indent=2))
723
+