SecAI-Hub
diff --git a/‎README.md‎
Lines changed: 158 additions & 42 deletions b/‎README.md‎
Lines changed: 158 additions & 42 deletions
diff --git a/‎files/system/etc/secure-ai/config/appliance.yaml‎
Lines changed: 9 additions & 0 deletions b/‎files/system/etc/secure-ai/config/appliance.yaml‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎files/system/etc/secure-ai/policy/policy.yaml‎
Lines changed: 20 additions & 0 deletions b/‎files/system/etc/secure-ai/policy/policy.yaml‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎files/system/usr/lib/systemd/system/secure-ai-diffusion.service‎
Lines changed: 38 additions & 0 deletions b/‎files/system/usr/lib/systemd/system/secure-ai-diffusion.service‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎services/diffusion-worker/Containerfile‎
Lines changed: 33 additions & 0 deletions b/‎services/diffusion-worker/Containerfile‎
Lines changed: 33 additions & 0 deletions
@@ -10,6 +10,7 @@ paths:
   quarantine: "/var/lib/secure-ai/quarantine"
   airlock_audit: "/var/lib/secure-ai/airlock-audit"
   tmpdir: "/run/secure-ai/tmp"
+  outputs: "/var/lib/secure-ai/vault/outputs"
 
 inference:
   engine: "llama-cpp"
@@ -18,6 +19,12 @@ inference:
   context_size: 8192
   default_model: ""  # set after first model is promoted
 
+diffusion:
+  bind: "127.0.0.1:8455"
+  max_resolution: 2048
+  max_steps: 100
+  max_frames: 120
+
 services:
   registry:
     bind: "127.0.0.1:8470"
@@ -27,6 +34,8 @@ services:
     bind: "127.0.0.1:8480"
   airlock:
     bind: "127.0.0.1:8490"
+  diffusion:
+    bind: "127.0.0.1:8455"
 
 session:
   mode: "normal"  # normal | sensitive | offline-only
 
@@ -12,6 +12,24 @@ models:
   deny_formats: ["pickle", "pt", "bin"]
   require_scan: true
   require_behavior_tests: true
+  require_source_verification: true
+  require_entropy_analysis: true
+  # Diffusion models: directories with model_index.json + safetensors components
+  allow_diffusion_directories: true
+
+quarantine:
+  # Pipeline stages (all enabled by default for maximum security)
+  stages:
+    source_policy: true       # Stage 1: verify origin against allowlist
+    format_gate: true         # Stage 2: validate headers + reject unsafe formats
+    integrity_check: true     # Stage 3: hash pinning verification
+    provenance_check: true    # Stage 4: cosign / signature verification
+    static_scan: true         # Stage 5: modelscan + entropy analysis
+    behavioral_test: true     # Stage 6: adversarial prompt suite (LLM only)
+    diffusion_deep_scan: true # Stage 7: config integrity (diffusion only)
+  # Smoke test threshold: fail if >30% prompts flagged OR >1 critical flag
+  smoke_test_max_score: 0.3
+  smoke_test_max_critical: 1
 
 tools:
   default: "deny"
@@ -52,6 +70,8 @@ airlock:
   allowed_destinations:
     - "https://huggingface.co/"
     - "https://registry.ollama.ai/"
+    - "https://cdn-lfs.huggingface.co/"
+    - "https://cdn-lfs-us-1.huggingface.co/"
   allowed_methods: ["GET", "POST"]
   max_body_size: 10485760  # 10 MB
   rate_limit:
 
@@ -0,0 +1,38 @@
+[Unit]
+Description=Secure AI Appliance - Diffusion Worker (Image/Video Generation)
+After=secure-ai-registry.service
+Wants=secure-ai-registry.service
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/python3 /opt/secure-ai/services/diffusion-worker/app.py
+Restart=on-failure
+RestartSec=5
+
+Environment=BIND_ADDR=127.0.0.1:8455
+Environment=REGISTRY_DIR=/var/lib/secure-ai/registry
+Environment=OUTPUTS_DIR=/var/lib/secure-ai/vault/outputs
+Environment=APPLIANCE_CONFIG=/etc/secure-ai/config/appliance.yaml
+Environment=MAX_RESOLUTION=2048
+Environment=MAX_STEPS=100
+
+# Sandboxing
+ProtectSystem=strict
+ReadWritePaths=/var/lib/secure-ai/vault/outputs
+ReadOnlyPaths=/var/lib/secure-ai/registry /etc/secure-ai
+PrivateNetwork=yes
+PrivateTmp=yes
+ProtectHome=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectControlGroups=yes
+NoNewPrivileges=yes
+RestrictSUIDSGID=yes
+MemoryDenyWriteExecute=no
+# GPU access requires broader syscalls and device access
+DeviceAllow=/dev/nvidia* rw
+DeviceAllow=/dev/dri/* rw
+SupplementaryGroups=video render
+
+[Install]
+WantedBy=multi-user.target
@@ -0,0 +1,33 @@
+# Diffusion worker: image and video generation via diffusers library.
+# Build arg COMPUTE selects CUDA or CPU-only.
+ARG COMPUTE=cuda
+
+FROM python:3.12-slim AS base
+
+ARG COMPUTE
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libgl1-mesa-glx libglib2.0-0 && \
+    rm -rf /var/lib/apt/lists/*
+
+# Install PyTorch (CUDA or CPU)
+RUN if [ "$COMPUTE" = "cuda" ]; then \
+        pip install --no-cache-dir torch torchvision --index-url https://download.pytorch.org/whl/cu124; \
+    else \
+        pip install --no-cache-dir torch torchvision --index-url https://download.pytorch.org/whl/cpu; \
+    fi
+
+RUN pip install --no-cache-dir \
+    diffusers[torch] \
+    transformers \
+    accelerate \
+    safetensors \
+    flask \
+    pyyaml \
+    Pillow
+
+COPY app.py /app/app.py
+
+WORKDIR /app
+EXPOSE 8455
+CMD ["python", "app.py"]