|
| 1 | +#!/usr/bin/env python3 |
| 2 | +""" |
| 3 | +ESP-001 synthetic execution trace harness. |
| 4 | +
|
| 5 | +This is a synthetic, in-memory, path-local demonstration. |
| 6 | +It does not prove live runtime enforcement or downstream non-execution. |
| 7 | +""" |
| 8 | + |
| 9 | +from __future__ import annotations |
| 10 | + |
| 11 | +import copy |
| 12 | +import hashlib |
| 13 | +import json |
| 14 | +from datetime import datetime, timezone |
| 15 | +from typing import Any, Dict |
| 16 | + |
| 17 | + |
| 18 | +PAYLOAD_HASH = "sha256:a3f8c2d1e7b904561ac38fd2e190bba47c2d3f8a1e056b7c9d4e2f1a8b3c7d90" |
| 19 | +STATE_HASH = "sha256:6b91c6e31efb40ecdd5a23346b5d84a028f47cae91ad9ed4e6b75b8579d4bd2f" |
| 20 | + |
| 21 | + |
| 22 | +def canonical_hash(value: Dict[str, Any]) -> str: |
| 23 | + payload = json.dumps(value, sort_keys=True, separators=(",", ":")).encode("utf-8") |
| 24 | + return "sha256:" + hashlib.sha256(payload).hexdigest() |
| 25 | + |
| 26 | + |
| 27 | +def evaluate_gate(request: Dict[str, Any]) -> Dict[str, Any]: |
| 28 | + required_fields = [ |
| 29 | + "actor", |
| 30 | + "action_type", |
| 31 | + "recipient_scope", |
| 32 | + "payload_hash", |
| 33 | + "authority_token", |
| 34 | + "expiry", |
| 35 | + "nonce", |
| 36 | + ] |
| 37 | + |
| 38 | + for field in required_fields: |
| 39 | + if not request.get(field): |
| 40 | + return { |
| 41 | + "decision": "DENY", |
| 42 | + "missing_field": field, |
| 43 | + "reason": f"{field} absent — no valid DecisionRecord for this actor, action_type, recipient_scope, and payload at gate time", |
| 44 | + } |
| 45 | + |
| 46 | + return { |
| 47 | + "decision": "ALLOW", |
| 48 | + "missing_field": None, |
| 49 | + "reason": "all required fields present in synthetic request", |
| 50 | + } |
| 51 | + |
| 52 | + |
| 53 | +def main() -> None: |
| 54 | + before_state = { |
| 55 | + "external_email_outbox": [], |
| 56 | + "sent_count": 0, |
| 57 | + "last_downstream_send": False, |
| 58 | + } |
| 59 | + |
| 60 | + request = { |
| 61 | + "actor": "agent://morpheus-draft-bot-v1", |
| 62 | + "action_type": "SEND_EXTERNAL_EMAIL", |
| 63 | + "recipient_scope": "external:partner-domain.com", |
| 64 | + "payload_hash": PAYLOAD_HASH, |
| 65 | + "authority_token": None, |
| 66 | + "expiry": "2026-05-12T10:05:00Z", |
| 67 | + "nonce": "nonce-esp-001", |
| 68 | + } |
| 69 | + |
| 70 | + before_hash = canonical_hash(before_state) |
| 71 | + refusal = evaluate_gate(request) |
| 72 | + |
| 73 | + after_state = copy.deepcopy(before_state) |
| 74 | + |
| 75 | + downstream_send = False |
| 76 | + receipt_written = refusal["decision"] == "DENY" |
| 77 | + after_hash = canonical_hash(after_state) |
| 78 | + |
| 79 | + trace = { |
| 80 | + "scenario_id": "ESP-001", |
| 81 | + "claim_boundary": "synthetic path-local refusal trace only; no live runtime enforcement or downstream non-execution proof", |
| 82 | + "before_state": before_state, |
| 83 | + "before_state_hash": before_hash, |
| 84 | + "request": request, |
| 85 | + "refusal_event": refusal, |
| 86 | + "after_state": after_state, |
| 87 | + "after_state_hash": after_hash, |
| 88 | + "receipt": { |
| 89 | + "receipt_id": "RCP-2026-0512-001", |
| 90 | + "scenario_id": "ESP-001", |
| 91 | + "gate_version": "synthetic-gate-v0.1", |
| 92 | + "policy_reference": "ESP-001 policy rule: external messages may not be sent without fresh, scoped authority", |
| 93 | + "execution_layer_event": { |
| 94 | + "event_type": "synthetic_refusal_trace", |
| 95 | + "environment": "in_memory_synthetic_harness", |
| 96 | + "synthetic": True, |
| 97 | + "state_before_hash": before_hash, |
| 98 | + "state_after_hash": after_hash, |
| 99 | + "mutation_observed": before_hash != after_hash, |
| 100 | + }, |
| 101 | + "attempted_action": "SEND_EXTERNAL_EMAIL", |
| 102 | + "actor": request["actor"], |
| 103 | + "action_type": request["action_type"], |
| 104 | + "recipient_scope": request["recipient_scope"], |
| 105 | + "payload_hash": request["payload_hash"], |
| 106 | + "missing_field": refusal["missing_field"], |
| 107 | + "decision": refusal["decision"], |
| 108 | + "refusal_reason": refusal["reason"], |
| 109 | + "timestamp": datetime.now(timezone.utc).isoformat(), |
| 110 | + "downstream_send": downstream_send, |
| 111 | + "downstream_effect_claimed_status": "synthetic_no_effect_observed", |
| 112 | + "evidence": [ |
| 113 | + { |
| 114 | + "type": "state_hash_match", |
| 115 | + "description": "Synthetic before_state and after_state hashes match; no mutation observed in in-memory harness.", |
| 116 | + "hash": before_hash, |
| 117 | + }, |
| 118 | + { |
| 119 | + "type": "missing_authority_token", |
| 120 | + "description": "authority_token absent at gate time; synthetic gate returns DENY before send.", |
| 121 | + }, |
| 122 | + ], |
| 123 | + "claim_boundary": "synthetic path-local refusal evidence only; no enterprise deployment, certification, compliance, production readiness, live runtime enforcement, downstream non-execution outside the synthetic trace, or path-universal governance claim", |
| 124 | + }, |
| 125 | + } |
| 126 | + |
| 127 | + assert refusal["decision"] == "DENY" |
| 128 | + assert refusal["missing_field"] == "authority_token" |
| 129 | + assert downstream_send is False |
| 130 | + assert receipt_written is True |
| 131 | + assert before_hash == after_hash |
| 132 | + assert trace["receipt"]["execution_layer_event"]["mutation_observed"] is False |
| 133 | + |
| 134 | + print(json.dumps(trace, indent=2, sort_keys=True)) |
| 135 | + |
| 136 | + |
| 137 | +if __name__ == "__main__": |
| 138 | + main() |
0 commit comments