# sovereign_control_plane_report.py from __future__ import annotations import json import os from datetime import datetime, timezone from typing import Any, Dict, List, Optional from sovereign_control_plane_profile import generate_control_plane_profile CONTROL_PLANE_OUTPUT_DIR = "sovereign_control_plane_outputs" def _utc_now() -> str: return datetime.now(timezone.utc).isoformat() def _ensure_dir(path: str) -> None: os.makedirs(path, exist_ok=True) def _safe(v: Any, default: Any = "") -> Any: return v if v is not None else default def _bool_text(v: Any) -> str: return "True" if bool(v) else "False" def _render_header(bundle: Dict[str, Any]) -> str: profile = bundle.get("control_plane_profile", {}) if isinstance(bundle, dict) else {} return f"""# Sovereign Control Plane Report Generated at: {_safe((profile or {}).get("generated_at"), _utc_now())} ## 1. Profile Identity - Profile Type: {_safe(profile.get("profile_type"), "Sovereign Control Plane Profile")} - Domain: {_safe(profile.get("domain"), "banking_and_financial_institutions")} """ def _render_summary(bundle: Dict[str, Any]) -> str: profile = bundle.get("control_plane_profile", {}) if isinstance(bundle, dict) else {} summary = profile.get("summary", {}) if isinstance(profile, dict) else {} return f"""## 2. Executive Summary - Total Actions: {_safe(summary.get("total_actions"), 0)} - Supported Actions: {_safe(summary.get("supported_actions"), 0)} - Forbidden Actions: {_safe(summary.get("forbidden_actions"), 0)} - Dual-Control Actions: {_safe(summary.get("dual_control_actions"), 0)} - Audit-Required Actions: {_safe(summary.get("audit_required_actions"), 0)} ### Practical Interpretation - Sovereign distinguishes read-only visibility from state-changing administrative actions. - High-impact actions are not treated as casual operator functions. - Certain control-plane actions remain intentionally forbidden because they would collapse trust, auditability, or fail-safe posture. - Dual control is expected for high-impact administrative mutations. """ def _render_actions(bundle: Dict[str, Any]) -> str: profile = bundle.get("control_plane_profile", {}) if isinstance(bundle, dict) else {} actions = profile.get("admin_actions", []) if isinstance(profile, dict) else [] lines: List[str] = ["## 3. Administrative Action Inventory"] if not actions: lines.append("- No administrative actions recorded.") return "\n".join(lines) for item in actions: lines.append(f"### {item.get('action', 'unknown_action')}") lines.append(f"- Status: {_safe(item.get('status'))}") lines.append(f"- Sensitivity: {_safe(item.get('sensitivity'))}") lines.append(f"- Execution Class: {_safe(item.get('execution_class'))}") lines.append(f"- Human Approval Required: {_bool_text(item.get('human_approval_required'))}") lines.append(f"- Dual Control Required: {_bool_text(item.get('dual_control_required'))}") lines.append(f"- Audit Required: {_bool_text(item.get('audit_required'))}") lines.append(f"- Description: {_safe(item.get('description'))}") lines.append("") return "\n".join(lines).rstrip() + "\n" def _render_principles(bundle: Dict[str, Any]) -> str: profile = bundle.get("control_plane_profile", {}) if isinstance(bundle, dict) else {} principles = profile.get("governance_principles", []) if isinstance(profile, dict) else [] lines: List[str] = ["## 4. Governance Principles"] if not principles: lines.append("- No governance principles recorded.") return "\n".join(lines) for item in principles: lines.append(f"### {item.get('principle', 'unknown_principle')}") lines.append(f"- Status: {_safe(item.get('status'))}") lines.append(f"- Description: {_safe(item.get('description'))}") lines.append("") return "\n".join(lines).rstrip() + "\n" def _render_governance_interpretation(bundle: Dict[str, Any]) -> str: profile = bundle.get("control_plane_profile", {}) if isinstance(bundle, dict) else {} actions = profile.get("admin_actions", []) if isinstance(profile, dict) else [] forbidden = [a.get("action") for a in actions if str(a.get("status")) == "forbidden"] dual = [a.get("action") for a in actions if bool(a.get("dual_control_required"))] read_only = [a.get("action") for a in actions if str(a.get("execution_class")) == "read_only"] lines = ["## 5. Governance Interpretation"] if forbidden: lines.append("- Forbidden Administrative Classes:") for action in forbidden: lines.append(f" - {action}") else: lines.append("- No forbidden administrative classes recorded.") if dual: lines.append("- Dual-Control Administrative Actions:") for action in dual: lines.append(f" - {action}") else: lines.append("- No dual-control administrative actions recorded.") if read_only: lines.append("- Read-Only Administrative Actions:") for action in read_only: lines.append(f" - {action}") else: lines.append("- No read-only administrative actions recorded.") lines.append("- Sensitive control-plane mutations should remain approval-bound and auditable.") lines.append("- Administrative power is intentionally bounded rather than broad or implicit.") lines.append("- Disabling audit, fail-safe, or unconditional allow boundaries is intentionally forbidden.") return "\n".join(lines) def _render_artifact_status(bundle: Dict[str, Any]) -> str: seal = bundle.get("crypto_seal", {}) if isinstance(bundle, dict) else {} return f"""## 6. Artifact Status - Sealed: {bool(bundle.get("sealed", False))} - Seal Digest: {_safe(seal.get("seal_digest"), "")} - Seal Scheme: {_safe(seal.get("scheme"), "")} - Seal Algorithm: {_safe(seal.get("algorithm"), "")} - Signer Hint: {_safe(seal.get("signer_hint"), "")} """ def _render_verdict(bundle: Dict[str, Any]) -> str: profile = bundle.get("control_plane_profile", {}) if isinstance(bundle, dict) else {} notes = profile.get("notes", []) if isinstance(profile, dict) else [] verdict = ( "Sovereign currently expresses a bounded bank-grade control-plane posture: " "administrative actions are classified, sensitive mutations are approval-bound, " "and trust-collapsing action classes remain intentionally forbidden." ) lines = [ "## 7. Preliminary Bank-Facing Verdict", verdict, "", "## 8. Notes", ] if notes: for item in notes: lines.append(f"- {item}") else: lines.append("- No additional notes provided.") return "\n".join(lines) def build_control_plane_markdown(bundle: Dict[str, Any]) -> str: parts = [ _render_header(bundle), _render_summary(bundle), _render_actions(bundle), _render_principles(bundle), _render_governance_interpretation(bundle), _render_artifact_status(bundle), _render_verdict(bundle), ] return "\n\n".join(parts).strip() + "\n" def save_control_plane_report( bundle: Dict[str, Any], output_dir: str = CONTROL_PLANE_OUTPUT_DIR, base_name: Optional[str] = None, ) -> Dict[str, str]: _ensure_dir(output_dir) ts = datetime.now(timezone.utc).strftime("%Y%m%dT%H%M%SZ") base = base_name or f"sovereign_control_plane_report_{ts}" json_path = os.path.join(output_dir, f"{base}.json") md_path = os.path.join(output_dir, f"{base}.md") with open(json_path, "w", encoding="utf-8") as f: json.dump(bundle, f, ensure_ascii=False, indent=2) markdown = build_control_plane_markdown(bundle) with open(md_path, "w", encoding="utf-8") as f: f.write(markdown) return { "json_report": json_path, "markdown_report": md_path, } def generate_control_plane_report( output_dir: str = CONTROL_PLANE_OUTPUT_DIR, base_name: Optional[str] = None, ) -> Dict[str, Any]: bundle = generate_control_plane_profile() files = save_control_plane_report( bundle=bundle, output_dir=output_dir, base_name=base_name, ) return { "ok": True, "generated_at": _utc_now(), "bundle": bundle, "files": files, } if __name__ == "__main__": out = generate_control_plane_report() print(json.dumps(out, indent=2, ensure_ascii=False))