rezabarkhordary commited on
Commit
f85d589
·
verified ·
1 Parent(s): 95626ac

Upload 3 files

Browse files
Files changed (3) hide show
  1. app.py +47 -0
  2. requirements.txt +1 -0
  3. sovereign_core.py +140 -0
app.py ADDED
@@ -0,0 +1,47 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ import json
2
+ import gradio as gr
3
+
4
+ from sovereign_core import (
5
+ ENGINE_NAME,
6
+ SovereignFingerprint,
7
+ generate_attestation,
8
+ generate_integrity_certificate,
9
+ verify_attestation,
10
+ verify_certificate,
11
+ )
12
+
13
+
14
+ def run_sentinel(engine_name: str):
15
+ engine = engine_name.strip() or ENGINE_NAME
16
+
17
+ fpgen = SovereignFingerprint(engine)
18
+ _, fp_value = fpgen.export()
19
+
20
+ att = generate_attestation(fp_value)
21
+ cert = generate_integrity_certificate(fp_value, att)
22
+
23
+ att_ok = verify_attestation(att)
24
+ cert_ok = verify_certificate(cert)
25
+
26
+ result = {
27
+ "engine": engine,
28
+ "fingerprint": fp_value,
29
+ "attestation": att,
30
+ "certificate": cert,
31
+ "verify_attestation": att_ok,
32
+ "verify_certificate": cert_ok,
33
+ }
34
+
35
+ return json.dumps(result, indent=4)
36
+
37
+
38
+ demo = gr.Interface(
39
+ fn=run_sentinel,
40
+ inputs=gr.Textbox(label="Engine name", value=ENGINE_NAME),
41
+ outputs=gr.Code(label="Sovereign Security Snapshot (JSON)", language="json"),
42
+ title="AI Sovereign Sentinel – Integrity Engine",
43
+ description="Generates a sovereign fingerprint, attestation, and integrity certificate, then verifies the full chain."
44
+ )
45
+
46
+ if __name__ == "__main__":
47
+ demo.launch(share=True)
requirements.txt ADDED
@@ -0,0 +1 @@
 
 
1
+ gradio>=4.0.0
sovereign_core.py ADDED
@@ -0,0 +1,140 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ import os
2
+ import json
3
+ import time
4
+ import uuid
5
+ import hashlib
6
+
7
+
8
+ ENGINE_NAME = "AI_Sovereign_Sentinel_Core_v1"
9
+ AUTHORITY_NAME = "DataClear Sovereign Authority"
10
+
11
+
12
+ class SovereignFingerprint:
13
+ """
14
+ Minimal fingerprint generator for AI Sovereign Sentinel.
15
+ Creates a JSON file with engine, fingerprint and issued_at.
16
+ """
17
+ def __init__(self, engine: str, output: str = "sovereign_fingerprint.json"):
18
+ self.engine = engine
19
+ self.output = output
20
+
21
+ def _build(self):
22
+ issued_at = int(time.time())
23
+ base = f"{self.engine}|{issued_at}"
24
+ fp_hash = hashlib.sha256(base.encode()).hexdigest()
25
+ return {
26
+ "engine": self.engine,
27
+ "fingerprint": fp_hash,
28
+ "issued_at": issued_at,
29
+ "version": "1.0",
30
+ }
31
+
32
+ def export(self):
33
+ fp = self._build()
34
+ with open(self.output, "w") as f:
35
+ json.dump(fp, f, indent=4)
36
+ return self.output, fp["fingerprint"]
37
+
38
+
39
+ class SovereignValidator:
40
+ """
41
+ Simple registry to bind engine name → fingerprint string.
42
+ Stored in sovereign_registry.json
43
+ """
44
+ def __init__(self, path: str = "sovereign_registry.json"):
45
+ self.path = path
46
+ if os.path.exists(self.path):
47
+ with open(self.path, "r") as f:
48
+ self.registry = json.load(f)
49
+ else:
50
+ self.registry = {}
51
+
52
+ def register(self, engine: str, fingerprint: str) -> bool:
53
+ self.registry[engine] = {
54
+ "fingerprint": fingerprint,
55
+ "registered_at": int(time.time()),
56
+ }
57
+ with open(self.path, "w") as f:
58
+ json.dump(self.registry, f, indent=4)
59
+ return True
60
+
61
+ def validate(self, engine: str, fingerprint: str) -> bool:
62
+ entry = self.registry.get(engine)
63
+ if not entry:
64
+ return False
65
+ return entry.get("fingerprint") == fingerprint
66
+
67
+
68
+ def attestation_signature(att: dict) -> str:
69
+ """
70
+ Unified, stable signature generation for attestation objects.
71
+ """
72
+ base = f"{att['attestation_id']}|{att['issued_at']}|{att['fingerprint']}|{att['issuer']}|{att['version']}"
73
+ return hashlib.sha256(base.encode()).hexdigest()
74
+
75
+
76
+ def generate_attestation(fp):
77
+ """
78
+ Create a signed attestation for a given fingerprint (dict or string).
79
+ """
80
+ if isinstance(fp, dict):
81
+ fp_value = fp.get("fingerprint", "")
82
+ else:
83
+ fp_value = fp
84
+
85
+ att = {
86
+ "attestation_id": str(uuid.uuid4()),
87
+ "issued_at": int(time.time()),
88
+ "fingerprint": fp_value,
89
+ "issuer": AUTHORITY_NAME,
90
+ "version": "1.0",
91
+ }
92
+
93
+ att["signature"] = attestation_signature(att)
94
+ return att
95
+
96
+
97
+ def verify_attestation(att: dict) -> bool:
98
+ expected = attestation_signature(att)
99
+ return expected == att.get("signature")
100
+
101
+
102
+ def generate_integrity_certificate(fp, att, output: str = "sovereign_certificate.json"):
103
+ """
104
+ Bundle fingerprint + attestation into a single integrity certificate file.
105
+ """
106
+ if isinstance(fp, dict):
107
+ fp_value = fp.get("fingerprint", "")
108
+ else:
109
+ fp_value = fp
110
+
111
+ cert = {
112
+ "engine": ENGINE_NAME,
113
+ "fingerprint": fp_value,
114
+ "issued_at": att["issued_at"],
115
+ "attestation": att,
116
+ "certificate_version": "1.0",
117
+ "authority": AUTHORITY_NAME,
118
+ }
119
+
120
+ with open(output, "w") as f:
121
+ json.dump(cert, f, indent=4)
122
+
123
+ return cert
124
+
125
+
126
+ def verify_certificate(cert: dict) -> bool:
127
+ """
128
+ High-level check over the full certificate.
129
+ """
130
+ if cert.get("engine") != ENGINE_NAME:
131
+ return False
132
+
133
+ if cert.get("authority") != AUTHORITY_NAME:
134
+ return False
135
+
136
+ att = cert.get("attestation", {})
137
+ if not verify_attestation(att):
138
+ return False
139
+
140
+ return True