rezabarkhordary commited on
Commit
c2110aa
·
verified ·
1 Parent(s): 14e015e

Create sovereign_external_verifier_v7.py

Browse files
Files changed (1) hide show
  1. sovereign_external_verifier_v7.py +662 -0
sovereign_external_verifier_v7.py ADDED
@@ -0,0 +1,662 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+
2
+ # sovereign_external_verifier_v7.py
3
+ from __future__ import annotations
4
+
5
+ import argparse
6
+ import json
7
+ from pathlib import Path
8
+ from typing import Any, Dict, List, Optional
9
+
10
+ from sovereign_crypto_seal import SovereignCryptoSeal
11
+
12
+
13
+ def _load_json(path: str) -> Dict[str, Any]:
14
+ p = Path(path)
15
+ if not p.exists():
16
+ raise FileNotFoundError(f"File not found: {path}")
17
+ data = json.loads(p.read_text(encoding="utf-8"))
18
+ if not isinstance(data, dict):
19
+ raise ValueError(f"JSON root must be an object: {path}")
20
+ return data
21
+
22
+
23
+ class SovereignExternalVerifierV7:
24
+ """
25
+ Extended independent verifier for Sovereign artifacts.
26
+
27
+ Supported artifact families:
28
+ - runtime result bundles
29
+ - benchmark bundles
30
+ - validation report bundles
31
+ - validation manifest bundles
32
+ - capacity report bundles
33
+ - capacity manifest bundles
34
+ - SLA/profile bundles
35
+ - fail-safe profile/report bundles
36
+ - deployment profile/report bundles
37
+ - role/scope profile/report bundles
38
+ - generic manifest bundles
39
+ - technical identity bundles with nested verification
40
+ """
41
+
42
+ def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None:
43
+ self.sealer = sealer or SovereignCryptoSeal()
44
+
45
+ # ------------------------------------------------------------------
46
+ # Core verification helper
47
+ # ------------------------------------------------------------------
48
+ def _verify_object_with_seal(
49
+ self,
50
+ *,
51
+ artifact_type: str,
52
+ obj: Dict[str, Any],
53
+ seal: Dict[str, Any],
54
+ ) -> Dict[str, Any]:
55
+ verified = self.sealer.verify_object(obj, seal)
56
+ return {
57
+ "ok": bool(verified.get("ok")),
58
+ "artifact_type": artifact_type,
59
+ "verified": bool(verified.get("verified")),
60
+ "verification": verified,
61
+ }
62
+
63
+ # ------------------------------------------------------------------
64
+ # Runtime result
65
+ # ------------------------------------------------------------------
66
+ def verify_runtime_result_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
67
+ seal = bundle.get("crypto_seal")
68
+ if not isinstance(seal, dict):
69
+ return {
70
+ "ok": False,
71
+ "artifact_type": "runtime_result",
72
+ "verified": False,
73
+ "error": "missing_runtime_crypto_seal",
74
+ }
75
+
76
+ obj = dict(bundle)
77
+ obj.pop("crypto_seal", None)
78
+ obj.pop("sealed", None)
79
+
80
+ return self._verify_object_with_seal(
81
+ artifact_type="runtime_result",
82
+ obj=obj,
83
+ seal=seal,
84
+ )
85
+
86
+ # ------------------------------------------------------------------
87
+ # Benchmark
88
+ # ------------------------------------------------------------------
89
+ def verify_benchmark_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
90
+ seal = bundle.get("crypto_seal")
91
+ report = bundle.get("report")
92
+
93
+ if not isinstance(seal, dict):
94
+ return {
95
+ "ok": False,
96
+ "artifact_type": "benchmark_bundle",
97
+ "verified": False,
98
+ "error": "missing_benchmark_crypto_seal",
99
+ }
100
+
101
+ if not isinstance(report, dict):
102
+ return {
103
+ "ok": False,
104
+ "artifact_type": "benchmark_bundle",
105
+ "verified": False,
106
+ "error": "missing_benchmark_report",
107
+ }
108
+
109
+ return self._verify_object_with_seal(
110
+ artifact_type="benchmark_bundle",
111
+ obj=report,
112
+ seal=seal,
113
+ )
114
+
115
+ # ------------------------------------------------------------------
116
+ # Validation
117
+ # ------------------------------------------------------------------
118
+ def verify_validation_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
119
+ seal = bundle.get("crypto_seal")
120
+ report = bundle.get("report")
121
+
122
+ if not isinstance(seal, dict):
123
+ return {
124
+ "ok": False,
125
+ "artifact_type": "validation_report_bundle",
126
+ "verified": False,
127
+ "error": "missing_validation_crypto_seal",
128
+ }
129
+
130
+ if not isinstance(report, dict):
131
+ return {
132
+ "ok": False,
133
+ "artifact_type": "validation_report_bundle",
134
+ "verified": False,
135
+ "error": "missing_validation_report",
136
+ }
137
+
138
+ return self._verify_object_with_seal(
139
+ artifact_type="validation_report_bundle",
140
+ obj=report,
141
+ seal=seal,
142
+ )
143
+
144
+ # ------------------------------------------------------------------
145
+ # Capacity
146
+ # ------------------------------------------------------------------
147
+ def verify_capacity_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
148
+ seal = bundle.get("crypto_seal")
149
+ report = bundle.get("report")
150
+
151
+ if not isinstance(seal, dict):
152
+ return {
153
+ "ok": False,
154
+ "artifact_type": "capacity_report_bundle",
155
+ "verified": False,
156
+ "error": "missing_capacity_crypto_seal",
157
+ }
158
+
159
+ if not isinstance(report, dict):
160
+ return {
161
+ "ok": False,
162
+ "artifact_type": "capacity_report_bundle",
163
+ "verified": False,
164
+ "error": "missing_capacity_report",
165
+ }
166
+
167
+ return self._verify_object_with_seal(
168
+ artifact_type="capacity_report_bundle",
169
+ obj=report,
170
+ seal=seal,
171
+ )
172
+
173
+ # ------------------------------------------------------------------
174
+ # SLA
175
+ # ------------------------------------------------------------------
176
+ def verify_sla_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
177
+ seal = bundle.get("crypto_seal")
178
+ profile = bundle.get("sla_profile")
179
+
180
+ if not isinstance(seal, dict):
181
+ return {
182
+ "ok": False,
183
+ "artifact_type": "sla_profile_bundle",
184
+ "verified": False,
185
+ "error": "missing_sla_crypto_seal",
186
+ }
187
+
188
+ if not isinstance(profile, dict):
189
+ return {
190
+ "ok": False,
191
+ "artifact_type": "sla_profile_bundle",
192
+ "verified": False,
193
+ "error": "missing_sla_profile",
194
+ }
195
+
196
+ return self._verify_object_with_seal(
197
+ artifact_type="sla_profile_bundle",
198
+ obj=profile,
199
+ seal=seal,
200
+ )
201
+
202
+ def verify_sla_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
203
+ inner = bundle.get("bundle")
204
+ if not isinstance(inner, dict):
205
+ return {
206
+ "ok": False,
207
+ "artifact_type": "sla_report_bundle",
208
+ "verified": False,
209
+ "error": "missing_inner_sla_bundle",
210
+ }
211
+
212
+ verified = self.verify_sla_profile_bundle(inner)
213
+ return {
214
+ "ok": bool(verified.get("ok")),
215
+ "artifact_type": "sla_report_bundle",
216
+ "verified": bool(verified.get("verified")),
217
+ "inner_verification": verified,
218
+ }
219
+
220
+ # ------------------------------------------------------------------
221
+ # Fail-safe
222
+ # ------------------------------------------------------------------
223
+ def verify_fail_safe_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
224
+ seal = bundle.get("crypto_seal")
225
+ profile = bundle.get("fail_safe_profile")
226
+
227
+ if not isinstance(seal, dict):
228
+ return {
229
+ "ok": False,
230
+ "artifact_type": "fail_safe_profile_bundle",
231
+ "verified": False,
232
+ "error": "missing_fail_safe_crypto_seal",
233
+ }
234
+
235
+ if not isinstance(profile, dict):
236
+ return {
237
+ "ok": False,
238
+ "artifact_type": "fail_safe_profile_bundle",
239
+ "verified": False,
240
+ "error": "missing_fail_safe_profile",
241
+ }
242
+
243
+ return self._verify_object_with_seal(
244
+ artifact_type="fail_safe_profile_bundle",
245
+ obj=profile,
246
+ seal=seal,
247
+ )
248
+
249
+ def verify_fail_safe_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
250
+ inner = bundle.get("bundle")
251
+ if not isinstance(inner, dict):
252
+ return {
253
+ "ok": False,
254
+ "artifact_type": "fail_safe_report_bundle",
255
+ "verified": False,
256
+ "error": "missing_inner_fail_safe_bundle",
257
+ }
258
+
259
+ verified = self.verify_fail_safe_profile_bundle(inner)
260
+ return {
261
+ "ok": bool(verified.get("ok")),
262
+ "artifact_type": "fail_safe_report_bundle",
263
+ "verified": bool(verified.get("verified")),
264
+ "inner_verification": verified,
265
+ }
266
+
267
+ # ------------------------------------------------------------------
268
+ # Deployment
269
+ # ------------------------------------------------------------------
270
+ def verify_deployment_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
271
+ seal = bundle.get("crypto_seal")
272
+ profile = bundle.get("deployment_profile")
273
+
274
+ if not isinstance(seal, dict):
275
+ return {
276
+ "ok": False,
277
+ "artifact_type": "deployment_profile_bundle",
278
+ "verified": False,
279
+ "error": "missing_deployment_crypto_seal",
280
+ }
281
+
282
+ if not isinstance(profile, dict):
283
+ return {
284
+ "ok": False,
285
+ "artifact_type": "deployment_profile_bundle",
286
+ "verified": False,
287
+ "error": "missing_deployment_profile",
288
+ }
289
+
290
+ return self._verify_object_with_seal(
291
+ artifact_type="deployment_profile_bundle",
292
+ obj=profile,
293
+ seal=seal,
294
+ )
295
+
296
+ def verify_deployment_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
297
+ inner = bundle.get("bundle")
298
+ if not isinstance(inner, dict):
299
+ return {
300
+ "ok": False,
301
+ "artifact_type": "deployment_report_bundle",
302
+ "verified": False,
303
+ "error": "missing_inner_deployment_bundle",
304
+ }
305
+
306
+ verified = self.verify_deployment_profile_bundle(inner)
307
+ return {
308
+ "ok": bool(verified.get("ok")),
309
+ "artifact_type": "deployment_report_bundle",
310
+ "verified": bool(verified.get("verified")),
311
+ "inner_verification": verified,
312
+ }
313
+
314
+ # ------------------------------------------------------------------
315
+ # Role / Scope
316
+ # ------------------------------------------------------------------
317
+ def verify_role_scope_profile_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
318
+ seal = bundle.get("crypto_seal")
319
+ profile = bundle.get("role_scope_profile")
320
+
321
+ if not isinstance(seal, dict):
322
+ return {
323
+ "ok": False,
324
+ "artifact_type": "role_scope_profile_bundle",
325
+ "verified": False,
326
+ "error": "missing_role_scope_crypto_seal",
327
+ }
328
+
329
+ if not isinstance(profile, dict):
330
+ return {
331
+ "ok": False,
332
+ "artifact_type": "role_scope_profile_bundle",
333
+ "verified": False,
334
+ "error": "missing_role_scope_profile",
335
+ }
336
+
337
+ return self._verify_object_with_seal(
338
+ artifact_type="role_scope_profile_bundle",
339
+ obj=profile,
340
+ seal=seal,
341
+ )
342
+
343
+ def verify_role_scope_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
344
+ inner = bundle.get("bundle")
345
+ if not isinstance(inner, dict):
346
+ return {
347
+ "ok": False,
348
+ "artifact_type": "role_scope_report_bundle",
349
+ "verified": False,
350
+ "error": "missing_inner_role_scope_bundle",
351
+ }
352
+
353
+ verified = self.verify_role_scope_profile_bundle(inner)
354
+ return {
355
+ "ok": bool(verified.get("ok")),
356
+ "artifact_type": "role_scope_report_bundle",
357
+ "verified": bool(verified.get("verified")),
358
+ "inner_verification": verified,
359
+ }
360
+
361
+ # ------------------------------------------------------------------
362
+ # Generic manifest bundle
363
+ # ------------------------------------------------------------------
364
+ def verify_manifest_bundle(
365
+ self,
366
+ bundle: Dict[str, Any],
367
+ artifact_type: str = "manifest_bundle",
368
+ ) -> Dict[str, Any]:
369
+ manifest_bundle = bundle.get("manifest_bundle")
370
+ if not isinstance(manifest_bundle, dict):
371
+ return {
372
+ "ok": False,
373
+ "artifact_type": artifact_type,
374
+ "verified": False,
375
+ "error": "missing_manifest_bundle",
376
+ }
377
+
378
+ manifest = manifest_bundle.get("manifest")
379
+ seal = manifest_bundle.get("seal")
380
+
381
+ if not isinstance(manifest, dict):
382
+ return {
383
+ "ok": False,
384
+ "artifact_type": artifact_type,
385
+ "verified": False,
386
+ "error": "missing_manifest_object",
387
+ }
388
+
389
+ if not isinstance(seal, dict):
390
+ return {
391
+ "ok": False,
392
+ "artifact_type": artifact_type,
393
+ "verified": False,
394
+ "error": "missing_manifest_seal",
395
+ }
396
+
397
+ return self._verify_object_with_seal(
398
+ artifact_type=artifact_type,
399
+ obj=manifest,
400
+ seal=seal,
401
+ )
402
+
403
+ def verify_validation_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
404
+ return self.verify_manifest_bundle(bundle=bundle, artifact_type="validation_manifest_bundle")
405
+
406
+ def verify_capacity_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
407
+ return self.verify_manifest_bundle(bundle=bundle, artifact_type="capacity_manifest_bundle")
408
+
409
+ # ------------------------------------------------------------------
410
+ # Technical identity
411
+ # ------------------------------------------------------------------
412
+ def verify_technical_identity_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
413
+ identity = bundle.get("technical_identity")
414
+ if not isinstance(identity, dict):
415
+ return {
416
+ "ok": False,
417
+ "artifact_type": "technical_identity_bundle",
418
+ "verified": False,
419
+ "error": "missing_technical_identity",
420
+ }
421
+
422
+ seal = identity.get("crypto_seal")
423
+ if not isinstance(seal, dict):
424
+ return {
425
+ "ok": False,
426
+ "artifact_type": "technical_identity_bundle",
427
+ "verified": False,
428
+ "error": "missing_technical_identity_seal",
429
+ }
430
+
431
+ identity_obj = dict(identity)
432
+ identity_obj.pop("crypto_seal", None)
433
+ identity_obj.pop("sealed", None)
434
+
435
+ identity_verification = self._verify_object_with_seal(
436
+ artifact_type="technical_identity",
437
+ obj=identity_obj,
438
+ seal=seal,
439
+ )
440
+
441
+ nested_checks: List[Dict[str, Any]] = []
442
+
443
+ runtime_result = bundle.get("runtime_result")
444
+ if isinstance(runtime_result, dict):
445
+ nested_checks.append(self.verify_runtime_result_bundle(runtime_result))
446
+
447
+ benchmark_bundle = bundle.get("benchmark_bundle")
448
+ if isinstance(benchmark_bundle, dict):
449
+ nested_checks.append(self.verify_benchmark_bundle(benchmark_bundle))
450
+
451
+ manifest_bundle = bundle.get("manifest_bundle")
452
+ if isinstance(manifest_bundle, dict):
453
+ nested_checks.append(self.verify_manifest_bundle({"manifest_bundle": manifest_bundle}))
454
+
455
+ validation_bundle = bundle.get("validation_bundle")
456
+ if isinstance(validation_bundle, dict):
457
+ if "report" in validation_bundle and "crypto_seal" in validation_bundle:
458
+ nested_checks.append(self.verify_validation_report_bundle(validation_bundle))
459
+ elif "manifest_bundle" in validation_bundle:
460
+ nested_checks.append(self.verify_validation_manifest_bundle(validation_bundle))
461
+
462
+ capacity_bundle = bundle.get("capacity_bundle")
463
+ if isinstance(capacity_bundle, dict):
464
+ if "report" in capacity_bundle and "crypto_seal" in capacity_bundle:
465
+ nested_checks.append(self.verify_capacity_report_bundle(capacity_bundle))
466
+ elif "manifest_bundle" in capacity_bundle:
467
+ nested_checks.append(self.verify_capacity_manifest_bundle(capacity_bundle))
468
+
469
+ sla_bundle = bundle.get("sla_bundle")
470
+ if isinstance(sla_bundle, dict):
471
+ if "sla_profile" in sla_bundle and "crypto_seal" in sla_bundle:
472
+ nested_checks.append(self.verify_sla_profile_bundle(sla_bundle))
473
+ elif "bundle" in sla_bundle:
474
+ nested_checks.append(self.verify_sla_report_bundle(sla_bundle))
475
+
476
+ fail_safe_bundle = bundle.get("fail_safe_bundle")
477
+ if isinstance(fail_safe_bundle, dict):
478
+ if "fail_safe_profile" in fail_safe_bundle and "crypto_seal" in fail_safe_bundle:
479
+ nested_checks.append(self.verify_fail_safe_profile_bundle(fail_safe_bundle))
480
+ elif "bundle" in fail_safe_bundle:
481
+ nested_checks.append(self.verify_fail_safe_report_bundle(fail_safe_bundle))
482
+
483
+ deployment_bundle = bundle.get("deployment_bundle")
484
+ if isinstance(deployment_bundle, dict):
485
+ if "deployment_profile" in deployment_bundle and "crypto_seal" in deployment_bundle:
486
+ nested_checks.append(self.verify_deployment_profile_bundle(deployment_bundle))
487
+ elif "bundle" in deployment_bundle:
488
+ nested_checks.append(self.verify_deployment_report_bundle(deployment_bundle))
489
+
490
+ role_scope_bundle = bundle.get("role_scope_bundle")
491
+ if isinstance(role_scope_bundle, dict):
492
+ if "role_scope_profile" in role_scope_bundle and "crypto_seal" in role_scope_bundle:
493
+ nested_checks.append(self.verify_role_scope_profile_bundle(role_scope_bundle))
494
+ elif "bundle" in role_scope_bundle:
495
+ nested_checks.append(self.verify_role_scope_report_bundle(role_scope_bundle))
496
+
497
+ all_nested_ok = all(bool(x.get("verified")) for x in nested_checks) if nested_checks else True
498
+
499
+ return {
500
+ "ok": bool(identity_verification.get("ok")) and all_nested_ok,
501
+ "artifact_type": "technical_identity_bundle",
502
+ "verified": bool(identity_verification.get("verified")) and all_nested_ok,
503
+ "technical_identity_verification": identity_verification,
504
+ "nested_verifications": nested_checks,
505
+ }
506
+
507
+ # ------------------------------------------------------------------
508
+ # Auto-detect
509
+ # ------------------------------------------------------------------
510
+ def verify_auto(self, obj: Dict[str, Any]) -> Dict[str, Any]:
511
+ if "technical_identity" in obj:
512
+ return self.verify_technical_identity_bundle(obj)
513
+
514
+ if "bundle" in obj and isinstance(obj.get("bundle"), dict):
515
+ inner = obj["bundle"]
516
+ if "sla_profile" in inner and "crypto_seal" in inner:
517
+ return self.verify_sla_report_bundle(obj)
518
+ if "fail_safe_profile" in inner and "crypto_seal" in inner:
519
+ return self.verify_fail_safe_report_bundle(obj)
520
+ if "deployment_profile" in inner and "crypto_seal" in inner:
521
+ return self.verify_deployment_report_bundle(obj)
522
+ if "role_scope_profile" in inner and "crypto_seal" in inner:
523
+ return self.verify_role_scope_report_bundle(obj)
524
+
525
+ if "report" in obj and "crypto_seal" in obj:
526
+ report = obj.get("report")
527
+ if isinstance(report, dict):
528
+ suite_name = str(report.get("suite_name", "")).lower()
529
+ benchmark_name = str(report.get("benchmark_name", "")).lower()
530
+ probe_name = str(report.get("probe_name", "")).lower()
531
+
532
+ if "false positive" in suite_name or "validation" in suite_name:
533
+ return self.verify_validation_report_bundle(obj)
534
+ if "benchmark" in benchmark_name:
535
+ return self.verify_benchmark_bundle(obj)
536
+ if "capacity" in probe_name:
537
+ return self.verify_capacity_report_bundle(obj)
538
+
539
+ if "sla_profile" in obj and "crypto_seal" in obj:
540
+ return self.verify_sla_profile_bundle(obj)
541
+
542
+ if "fail_safe_profile" in obj and "crypto_seal" in obj:
543
+ return self.verify_fail_safe_profile_bundle(obj)
544
+
545
+ if "deployment_profile" in obj and "crypto_seal" in obj:
546
+ return self.verify_deployment_profile_bundle(obj)
547
+
548
+ if "role_scope_profile" in obj and "crypto_seal" in obj:
549
+ return self.verify_role_scope_profile_bundle(obj)
550
+
551
+ if "manifest_bundle" in obj:
552
+ manifest_bundle = obj.get("manifest_bundle") or {}
553
+ manifest = manifest_bundle.get("manifest") if isinstance(manifest_bundle, dict) else {}
554
+ manifest_type = ""
555
+ if isinstance(manifest, dict):
556
+ manifest_type = str(manifest.get("manifest_type", "")).lower()
557
+
558
+ if "validation" in manifest_type:
559
+ return self.verify_validation_manifest_bundle(obj)
560
+ if "capacity" in manifest_type:
561
+ return self.verify_capacity_manifest_bundle(obj)
562
+ return self.verify_manifest_bundle(obj)
563
+
564
+ if "crypto_seal" in obj:
565
+ return self.verify_runtime_result_bundle(obj)
566
+
567
+ return {
568
+ "ok": False,
569
+ "verified": False,
570
+ "artifact_type": "unknown",
571
+ "error": "could_not_detect_artifact_type",
572
+ }
573
+
574
+ def verify_file(self, path: str) -> Dict[str, Any]:
575
+ obj = _load_json(path)
576
+ result = self.verify_auto(obj)
577
+ result["source_file"] = path
578
+ return result
579
+
580
+ # ------------------------------------------------------------------
581
+ # Summary
582
+ # ------------------------------------------------------------------
583
+ def summarize(self, result: Dict[str, Any]) -> Dict[str, Any]:
584
+ artifact_type = result.get("artifact_type", "unknown")
585
+ verified = bool(result.get("verified", False))
586
+
587
+ summary = {
588
+ "artifact_type": artifact_type,
589
+ "verified": verified,
590
+ "status": "VALID" if verified else "INVALID",
591
+ }
592
+
593
+ if result.get("source_file"):
594
+ summary["source_file"] = result["source_file"]
595
+
596
+ verification = result.get("verification", {}) or {}
597
+ if isinstance(verification, dict):
598
+ if verification.get("object_digest"):
599
+ summary["object_digest"] = verification["object_digest"]
600
+ if verification.get("seal_digest"):
601
+ summary["seal_digest"] = verification["seal_digest"]
602
+
603
+ if artifact_type in {
604
+ "sla_report_bundle",
605
+ "fail_safe_report_bundle",
606
+ "deployment_report_bundle",
607
+ "role_scope_report_bundle",
608
+ }:
609
+ inner = result.get("inner_verification", {}) or {}
610
+ summary["inner_verified"] = bool(inner.get("verified", False))
611
+
612
+ if artifact_type == "technical_identity_bundle":
613
+ tiv = result.get("technical_identity_verification", {}) or {}
614
+ nested = result.get("nested_verifications", []) or []
615
+ summary["technical_identity_verified"] = bool(
616
+ (tiv.get("verification") or {}).get("verified", tiv.get("verified", False))
617
+ )
618
+ summary["nested_verified_count"] = sum(1 for x in nested if x.get("verified"))
619
+ summary["nested_total"] = len(nested)
620
+
621
+ return summary
622
+
623
+
624
+ VERIFIER = SovereignExternalVerifierV7()
625
+
626
+
627
+ def verify_artifact_file_v7(path: str) -> Dict[str, Any]:
628
+ return VERIFIER.verify_file(path)
629
+
630
+
631
+ def summarize_verification_v7(result: Dict[str, Any]) -> Dict[str, Any]:
632
+ return VERIFIER.summarize(result)
633
+
634
+
635
+ def _build_arg_parser() -> argparse.ArgumentParser:
636
+ parser = argparse.ArgumentParser(
637
+ description="Extended independent verifier v7 for Sovereign bank-grade artifacts."
638
+ )
639
+ parser.add_argument(
640
+ "--file",
641
+ required=True,
642
+ help="Path to JSON artifact file to verify.",
643
+ )
644
+ parser.add_argument(
645
+ "--summary-only",
646
+ action="store_true",
647
+ help="Print only compact summary instead of full verification result.",
648
+ )
649
+ return parser
650
+
651
+
652
+ if __name__ == "__main__":
653
+ parser = _build_arg_parser()
654
+ args = parser.parse_args()
655
+
656
+ verification = verify_artifact_file_v7(args.file)
657
+
658
+ if args.summary_only:
659
+ print(json.dumps(summarize_verification_v7(verification), ensure_ascii=False, indent=2))
660
+ else:
661
+ print(json.dumps(verification, ensure_ascii=False, indent=2))
662
+