oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity

feat: migrate configuration to system location

Browse Source 
 Configuration Migration
- Moved configs from /opt/aitbc/config to /etc/aitbc
- Moved production .env to /etc/aitbc/production.env
- Updated all code references to use /etc/aitbc
- Updated systemd services to use /etc/aitbc
- Removed config files from git tracking
- Updated .gitignore for config files

 System Compliance
- All configuration now in /etc/aitbc (FHS compliant)
- No configuration files in repository
- Proper system-wide configuration location
- Security-sensitive files in system location

 Service Updates
- Production services use /etc/aitbc/production.env
- SystemD services use /etc/aitbc/.env
- All code references updated to system paths
- Services restart and test successfully

🚀 AITBC configuration now follows proper system standards!
This commit is contained in:
aitbc
2026-04-02 13:52:46 +02:00
parent a0da7bef0b
commit f1d508489c
56 changed files with 22 additions and 8127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@@ -318,3 +318,8 @@ data/
*.log
production/data/
production/logs/
config/
*.env
api_keys.txt
*.yaml
!*.example

3
config/.aitbc.yaml.example
View File

@@ -1,3 +0,0 @@
# AITBC CLI Configuration
# Copy to .aitbc.yaml and adjust for your environment
coordinator_url: http://127.0.0.1:8000

58
config/.env.example
View File

@@ -1,58 +0,0 @@
# AITBC Central Environment Example Template
# SECURITY NOTICE: Use a secrets manager for production. Do not commit real secrets.
# Run: python config/security/environment-audit.py --format text
# =========================
# Blockchain core
# =========================
chain_id=ait-mainnet
supported_chains=ait-mainnet
rpc_bind_host=0.0.0.0
rpc_bind_port=8006
p2p_bind_host=0.0.0.0
p2p_bind_port=8005
proposer_id=aitbc1genesis
proposer_key=changeme_hex_private_key
keystore_path=/var/lib/aitbc/keystore
keystore_password_file=/var/lib/aitbc/keystore/.password
gossip_backend=broadcast
gossip_broadcast_url=redis://127.0.0.1:6379
db_path=/var/lib/aitbc/data/ait-mainnet/chain.db
mint_per_unit=0
coordinator_ratio=0.05
block_time_seconds=60
enable_block_production=true
# =========================
# Coordinator API
# =========================
APP_ENV=production
APP_HOST=127.0.0.1
APP_PORT=8011
DATABASE__URL=sqlite:///./data/coordinator.db
BLOCKCHAIN_RPC_URL=http://127.0.0.1:8026
ALLOW_ORIGINS=["http://localhost:8011","http://localhost:8000","http://8026"]
JOB_TTL_SECONDS=900
HEARTBEAT_INTERVAL_SECONDS=10
HEARTBEAT_TIMEOUT_SECONDS=30
RATE_LIMIT_REQUESTS=60
RATE_LIMIT_WINDOW_SECONDS=60
CLIENT_API_KEYS=["client_prod_key_use_real_value"]
MINER_API_KEYS=["miner_prod_key_use_real_value"]
ADMIN_API_KEYS=["admin_prod_key_use_real_value"]
HMAC_SECRET=change_this_to_a_32_byte_random_secret
JWT_SECRET=change_this_to_another_32_byte_random_secret
# =========================
# Marketplace Web
# =========================
VITE_MARKETPLACE_DATA_MODE=live
VITE_MARKETPLACE_API=/api
VITE_MARKETPLACE_ENABLE_BIDS=true
VITE_MARKETPLACE_REQUIRE_AUTH=false
# =========================
# Notes
# =========================
# For production: move secrets to a secrets manager and reference via secretRef
# Validate config: python config/security/environment-audit.py --format text

320
config/.env.production
View File

@@ -1,320 +0,0 @@
# ⚠️ DEPRECATED: This file is legacy and no longer used
# ✅ USE INSTEAD: /etc/aitbc/.env (main configuration file)
# This file is kept for historical reference only
# ==============================================================================
# AITBC Advanced Agent Features Production Environment Configuration
# This file contains sensitive production configuration
# DO NOT commit to version control
# Network Configuration
NETWORK=mainnet
ENVIRONMENT=production
CHAIN_ID=1
# Production Wallet Configuration
PRODUCTION_PRIVATE_KEY=your_production_private_key_here
PRODUCTION_MNEMONIC=your_production_mnemonic_here
PRODUCTION_DERIVATION_PATH=m/44'/60'/0'/0/0
# Gas Configuration
PRODUCTION_GAS_PRICE=50000000000
PRODUCTION_GAS_LIMIT=8000000
PRODUCTION_MAX_FEE_PER_GAS=100000000000
# API Keys
ETHERSCAN_API_KEY=your_etherscan_api_key_here
INFURA_PROJECT_ID=your_infura_project_id_here
INFURA_PROJECT_SECRET=your_infura_project_secret_here
# Database Configuration
DATABASE_URL=postgresql://user:password@localhost:5432/aitbc_production
REDIS_URL=redis://localhost:6379/aitbc_production
# Security Configuration
JWT_SECRET=your_jwt_secret_here_very_long_and_secure
ENCRYPTION_KEY=your_encryption_key_here_32_characters_long
CORS_ORIGIN=https://aitbc.dev
RATE_LIMIT_WINDOW=900000
RATE_LIMIT_MAX=100
# Monitoring Configuration
PROMETHEUS_PORT=9090
GRAFANA_PORT=3001
ALERT_MANAGER_PORT=9093
SLACK_WEBHOOK_URL=your_slack_webhook_here
DISCORD_WEBHOOK_URL=your_discord_webhook_here
# Backup Configuration
BACKUP_S3_BUCKET=aitbc-production-backups
BACKUP_S3_REGION=us-east-1
BACKUP_S3_ACCESS_KEY=your_s3_access_key_here
BACKUP_S3_SECRET_KEY=your_s3_secret_key_here
# Advanced Agent Features Configuration
CROSS_CHAIN_REPUTATION_CONTRACT=0x0000000000000000000000000000000000000000
AGENT_COMMUNICATION_CONTRACT=0x0000000000000000000000000000000000000000
AGENT_COLLABORATION_CONTRACT=0x0000000000000000000000000000000000000000
AGENT_LEARNING_CONTRACT=0x0000000000000000000000000000000000000000
AGENT_MARKETPLACE_V2_CONTRACT=0x0000000000000000000000000000000000000000
REPUTATION_NFT_CONTRACT=0x0000000000000000000000000000000000000000
# Service Configuration
CROSS_CHAIN_REPUTATION_PORT=8011
AGENT_COMMUNICATION_PORT=8012
AGENT_COLLABORATION_PORT=8013
AGENT_LEARNING_PORT=8014
AGENT_AUTONOMY_PORT=8015
MARKETPLACE_V2_PORT=8020
# Cross-Chain Configuration
SUPPORTED_CHAINS=ethereum,polygon,arbitrum,optimism,bsc,avalanche,fantom
CHAIN_RPC_ENDPOINTS=https://mainnet.infura.io/v3/your_project_id,https://polygon-mainnet.infura.io/v3/your_project_id,https://arbitrum-mainnet.infura.io/v3/your_project_id,https://optimism-mainnet.infura.io/v3/your_project_id,https://bsc-dataseed.infura.io/v3/your_project_id,https://avalanche-mainnet.infura.io/v3/your_project_id,https://fantom-mainnet.infura.io/v3/your_project_id
# Advanced Learning Configuration
MAX_MODEL_SIZE=104857600
MAX_TRAINING_TIME=3600
DEFAULT_LEARNING_RATE=0.001
CONVERGENCE_THRESHOLD=0.001
EARLY_STOPPING_PATIENCE=10
# Agent Communication Configuration
MIN_REPUTATION_SCORE=1000
BASE_MESSAGE_PRICE=0.001
MAX_MESSAGE_SIZE=100000
MESSAGE_TIMEOUT=86400
CHANNEL_TIMEOUT=2592000
ENCRYPTION_ENABLED=true
# Security Configuration
ENABLE_RATE_LIMITING=true
ENABLE_WAF=true
ENABLE_INTRUSION_DETECTION=true
ENABLE_SECURITY_MONITORING=true
LOG_LEVEL=info
# Performance Configuration
ENABLE_CACHING=true
CACHE_TTL=3600
MAX_CONCURRENT_REQUESTS=1000
REQUEST_TIMEOUT=30000
# Logging Configuration
LOG_LEVEL=info
LOG_FORMAT=json
LOG_FILE=/var/log/aitbc/advanced-features.log
LOG_MAX_SIZE=100MB
LOG_MAX_FILES=10
# Health Check Configuration
HEALTH_CHECK_INTERVAL=30
HEALTH_CHECK_TIMEOUT=10
HEALTH_CHECK_RETRIES=3
# Feature Flags
ENABLE_CROSS_CHAIN_REPUTATION=true
ENABLE_AGENT_COMMUNICATION=true
ENABLE_AGENT_COLLABORATION=true
ENABLE_ADVANCED_LEARNING=true
ENABLE_AGENT_AUTONOMY=true
ENABLE_MARKETPLACE_V2=true
# Development/Debug Configuration
DEBUG=false
VERBOSE=false
ENABLE_PROFILING=false
ENABLE_METRICS=true
# External Services
NOTIFICATION_SERVICE_URL=https://api.aitbc.dev/notifications
ANALYTICS_SERVICE_URL=https://api.aitbc.dev/analytics
MONITORING_SERVICE_URL=https://monitoring.aitbc.dev
# SSL/TLS Configuration
SSL_CERT_PATH=/etc/ssl/certs/aitbc.crt
SSL_KEY_PATH=/etc/ssl/private/aitbc.key
SSL_CA_PATH=/etc/ssl/certs/ca.crt
# Load Balancer Configuration
LOAD_BALANCER_URL=https://loadbalancer.aitbc.dev
LOAD_BALANCER_HEALTH_CHECK=/health
LOAD_BALANCER_STICKY_SESSIONS=true
# Content Delivery Network
CDN_URL=https://cdn.aitbc.dev
CDN_CACHE_TTL=3600
# Email Configuration
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your_email@gmail.com
SMTP_PASSWORD=your_email_password
SMTP_FROM=noreply@aitbc.dev
# Analytics Configuration
GOOGLE_ANALYTICS_ID=GA-XXXXXXXXX
MIXPANEL_TOKEN=your_mixpanel_token_here
SEGMENT_WRITE_KEY=your_segment_write_key_here
# Error Tracking
SENTRY_DSN=your_sentry_dsn_here
ROLLBAR_ACCESS_TOKEN=your_rollbar_token_here
# API Configuration
API_VERSION=v1
API_PREFIX=/api/v1/advanced
API_DOCS_URL=https://docs.aitbc.dev/advanced-features
# Rate Limiting Configuration
RATE_LIMIT_REQUESTS_PER_MINUTE=1000
RATE_LIMIT_REQUESTS_PER_HOUR=50000
RATE_LIMIT_REQUESTS_PER_DAY=1000000
# Cache Configuration
REDIS_CACHE_TTL=3600
MEMORY_CACHE_SIZE=1000
CACHE_HIT_RATIO_TARGET=0.8
# Database Connection Pool
DB_POOL_MIN=5
DB_POOL_MAX=20
DB_POOL_ACQUIRE_TIMEOUT=30000
DB_POOL_IDLE_TIMEOUT=300000
# Session Configuration
SESSION_SECRET=your_session_secret_here
SESSION_TIMEOUT=3600
SESSION_COOKIE_SECURE=true
SESSION_COOKIE_HTTPONLY=true
# File Upload Configuration
UPLOAD_MAX_SIZE=10485760
UPLOAD_ALLOWED_TYPES=jpg,jpeg,png,gif,pdf,txt,csv
UPLOAD_PATH=/var/uploads/aitbc
# WebSocket Configuration
WEBSOCKET_PORT=8080
WEBSOCKET_PATH=/ws
WEBSOCKET_HEARTBEAT_INTERVAL=30
# Background Jobs
JOBS_ENABLED=true
JOBS_CONCURRENCY=10
JOBS_TIMEOUT=300
# External Integrations
IPFS_GATEWAY_URL=https://ipfs.io
FILECOIN_API_KEY=your_filecoin_api_key_here
PINATA_API_KEY=your_pinata_api_key_here
# Blockchain Configuration
BLOCKCHAIN_PROVIDER=infura
BLOCKCHAIN_NETWORK=mainnet
BLOCKCHAIN_CONFIRMATIONS=12
BLOCKCHAIN_TIMEOUT=300000
# Smart Contract Configuration
CONTRACT_DEPLOYER=your_deployer_address
CONTRACT_VERIFIER=your_verifier_address
CONTRACT_GAS_BUFFER=1.1
# Testing Configuration
TEST_MODE=false
TEST_NETWORK=localhost
TEST_MNEMONIC=test test test test test test test test test test test test
# Migration Configuration
MIGRATIONS_PATH=./migrations
MIGRATIONS_AUTO_RUN=false
# Maintenance Mode
MAINTENANCE_MODE=false
MAINTENANCE_MESSAGE="AITBC Advanced Agent Features is under maintenance"
# Feature Flags for Experimental Features
EXPERIMENTAL_FEATURES=false
BETA_FEATURES=true
ALPHA_FEATURES=false
# Compliance Configuration
GDPR_COMPLIANT=true
CCPA_COMPLIANT=true
DATA_RETENTION_DAYS=365
# Audit Configuration
AUDIT_LOGGING=true
AUDIT_RETENTION_DAYS=2555
AUDIT_EXPORT_FORMAT=json
# Performance Monitoring
APM_ENABLED=true
APM_SERVICE_NAME=aitbc-advanced-features
APM_ENVIRONMENT=production
# Security Headers
SECURITY_HEADERS_ENABLED=true
CSP_ENABLED=true
HSTS_ENABLED=true
X_FRAME_OPTIONS=DENY
# API Authentication
API_KEY_REQUIRED=false
API_KEY_HEADER=X-API-Key
API_KEY_HEADER_VALUE=your_api_key_here
# Webhook Configuration
WEBHOOK_SECRET=your_webhook_secret_here
WEBHOOK_TIMEOUT=10000
WEBHOOK_RETRY_ATTEMPTS=3
# Notification Configuration
NOTIFICATION_ENABLED=true
NOTIFICATION_CHANNELS=email,slack,discord
NOTIFICATION_LEVELS=info,warning,error,critical
# Backup Configuration
BACKUP_ENABLED=true
BACKUP_SCHEDULE=daily
BACKUP_RETENTION_DAYS=30
BACKUP_ENCRYPTION=true
# Disaster Recovery
DISASTER_RECOVERY_ENABLED=true
DISASTER_RECOVERY_RTO=3600
DISASTER_RECOVERY_RPO=3600
# Scaling Configuration
AUTO_SCALING_ENABLED=true
MIN_INSTANCES=2
MAX_INSTANCES=10
SCALE_UP_THRESHOLD=70
SCALE_DOWN_THRESHOLD=30
# Health Check Endpoints
HEALTH_CHECK_ENDPOINTS=/health,/ready,/metrics,/version
HEALTH_CHECK_DEPENDENCIES=database,redis,blockchain
# Metrics Configuration
METRICS_ENABLED=true
METRICS_PORT=9090
METRICS_PATH=/metrics
# Tracing Configuration
TRACING_ENABLED=true
TRACING_SAMPLE_RATE=0.1
TRACING_EXPORTER=jaeger
# Documentation Configuration
DOCS_ENABLED=true
DOCS_URL=https://docs.aitbc.dev/advanced-features
DOCS_VERSION=latest
# Support Configuration
SUPPORT_EMAIL=support@aitbc.dev
SUPPORT_PHONE=+1-555-123-4567
SUPPORT_HOURS=24/7
# Legal Configuration
PRIVACY_POLICY_URL=https://aitbc.dev/privacy
TERMS_OF_SERVICE_URL=https://aitbc.dev/terms
COOKIE_POLICY_URL=https://aitbc.dev/cookies

54
config/.lycheeignore
View File

@@ -1,54 +0,0 @@
# Exclude known broken external links that are not critical for documentation
http://localhost:*
http://aitbc.keisanki.net:*
http://aitbc-cascade:*
https://docs.aitbc.net/
https://docs.aitbc.io/
https://dashboard.aitbc.io/*
https://aitbc.bubuit.net/admin/*
https://aitbc.bubuit.net/api/*
https://docs.aitbc.bubuit.net/*
https://aitbc.io/*
# Exclude external services that may be temporarily unavailable
https://www.cert.org/
https://pydantic-docs.helpmanual.io/
# Exclude GitHub links that point to wrong organization (should be oib/AITBC)
https://github.com/aitbc/*
# Exclude GitHub discussions (may not be enabled yet)
https://github.com/oib/AITBC/discussions
# Exclude Stack Overflow tag (may not exist yet)
https://stackoverflow.com/questions/tagged/aitbc
# Exclude root-relative paths that need web server context
/assets/*
/docs/*
/Exchange/*
/explorer/*
/firefox-wallet/*
/ecosystem-extensions/*
/ecosystem-analytics/*
# Exclude issue tracker links that may change
https://github.com/oib/AITBC/issues
# Exclude internal documentation links that may be broken during restructuring
**/2_clients/**
**/3_miners/**
**/4_blockchain/**
**/5_marketplace/**
**/6_architecture/**
**/7_infrastructure/**
**/8_development/**
**/9_integration/**
**/0_getting_started/**
**/1_project/**
**/10_plan/**
**/11_agents/**
**/12_issues/**
# Exclude all markdown files in docs directory from link checking (too many internal links)
docs/**/*.md

1
config/.nvmrc
View File

@@ -1 +0,0 @@
24.14.0

75
config/.pre-commit-config.yaml
View File

@@ -1,75 +0,0 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml
- id: check-added-large-files
- id: check-json
- id: check-toml
- id: check-merge-conflict
- id: debug-statements
- id: check-docstring-first
- repo: https://github.com/psf/black
rev: 24.3.0
hooks:
- id: black
language_version: python3.13
args: [--line-length=88]
- repo: https://github.com/charliermarsh/ruff-pre-commit
rev: v0.1.15
hooks:
- id: ruff
args: [--fix, --exit-non-zero-on-fix]
additional_dependencies:
- ruff==0.1.15
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v1.8.0
hooks:
- id: mypy
additional_dependencies:
- types-requests
- types-setuptools
- types-PyYAML
- sqlalchemy[mypy]
args: [--ignore-missing-imports, --strict-optional]
- repo: https://github.com/pycqa/isort
rev: 5.13.2
hooks:
- id: isort
args: [--profile=black, --line-length=88]
- repo: https://github.com/PyCQA/bandit
rev: 1.7.5
hooks:
- id: bandit
args: [-c, bandit.toml]
additional_dependencies:
- bandit==1.7.5
- repo: https://github.com/Yelp/detect-secrets
rev: v1.4.0
hooks:
- id: detect-secrets
args: [--baseline, .secrets.baseline]
- repo: local
hooks:
- id: dotenv-linter
name: dotenv-linter
entry: python scripts/focused_dotenv_linter.py
language: system
pass_filenames: false
args: [--check]
files: \.env\.example$|.*\.py$|.*\.yml$|.*\.yaml$|.*\.toml$|.*\.sh$
- id: file-organization
name: file-organization
entry: scripts/check-file-organization.sh
language: script
pass_filenames: false

53
config/aitbc-env
View File

@@ -1,53 +0,0 @@
#!/bin/bash
# AITBC Virtual Environment Wrapper
# This script activates the central AITBC virtual environment
# Check if venv exists
if [ ! -d "/opt/aitbc/venv" ]; then
echo "❌ AITBC virtual environment not found at /opt/aitbc/venv"
echo "Run: sudo python3 -m venv /opt/aitbc/venv && pip install -r /opt/aitbc/requirements.txt"
exit 1
fi
# Activate the virtual environment
source /opt/aitbc/venv/bin/activate
# Set up environment (avoid aitbc-core logging conflict)
export PYTHONPATH="/opt/aitbc/packages/py/aitbc-sdk/src:/opt/aitbc/packages/py/aitbc-crypto/src:$PYTHONPATH"
export AITBC_VENV="/opt/aitbc/venv"
export PATH="/opt/aitbc/venv/bin:$PATH"
# Show status
echo "✅ AITBC Virtual Environment Activated"
echo "📍 Python: $(which python)"
echo "📍 Pip: $(which pip)"
echo "📦 Packages: $(pip list | wc -l) installed"
# CLI alias function
aitbc() {
if [ -f "/opt/aitbc/cli/core/main.py" ]; then
cd /opt/aitbc/cli
PYTHONPATH=/opt/aitbc/cli:/opt/aitbc/packages/py/aitbc-sdk/src:/opt/aitbc/packages/py/aitbc-crypto/src python -m core.main "$@"
cd - > /dev/null
else
echo "❌ AITBC CLI not found at /opt/aitbc/cli/core/main.py"
return 1
fi
}
# Execute command or start shell
if [ $# -eq 0 ]; then
echo "🚀 Starting interactive shell..."
echo "💡 Use 'aitbc <command>' for CLI operations"
exec bash
else
echo "🔧 Executing: $@"
if [ "$1" = "aitbc" ]; then
shift
cd /opt/aitbc/cli
PYTHONPATH=/opt/aitbc/cli:/opt/aitbc/packages/py/aitbc-sdk/src:/opt/aitbc/packages/py/aitbc-crypto/src python -m core.main "$@"
cd - > /dev/null
else
exec "$@"
fi
fi

2
config/api_keys.txt
View File

@@ -1,2 +0,0 @@
COORDINATOR_API_KEY=aitbc-admin-key-2024-dev
BLOCKCHAIN_API_KEY=aitbc-blockchain-key-2024-dev

324
config/bandit.toml
View File

@@ -1,324 +0,0 @@
[bandit]
# Exclude directories and files from security scanning
exclude_dirs = [
"tests",
"test_*",
"*_test.py",
".venv",
"venv",
"env",
"__pycache__",
".pytest_cache",
"htmlcov",
".mypy_cache",
"build",
"dist"
]
# Exclude specific tests and test files
skips = [
"B101", # assert_used
"B601", # shell_injection_process
"B602", # subprocess_popen_with_shell_equals_true
"B603", # subprocess_without_shell_equals_true
"B604", # any_other_function_with_shell_equals_true
"B605", # start_process_with_a_shell
"B606", # start_process_with_no_shell
"B607", # start_process_with_partial_path
"B404", # import_subprocess
"B403", # import_pickle
"B301", # blacklist_calls
"B302", # pickle
"B303", # md5
"B304", # ciphers
"B305", # ciphers_modes
"B306", # mktemp_q
"B307", # eval
"B308", # mark_safe
"B309", # httpsconnection
"B310", # urllib_urlopen
"B311", # random
"B312", # telnetlib
"B313", # xml_bad_cElementTree
"B314", # xml_bad_ElementTree
"B315", # xml_bad_etree
"B316", # xml_bad_expatbuilder
"B317", # xml_bad_expatreader
"B318", # xml_bad_sax
"B319", # xml_bad_minidom
"B320", # xml_bad_pulldom
"B321", # ftplib
"B322", # input
"B323", # unverified_context
"B324", # hashlib_new_insecure_functions
"B325", # temp_mktemp
"B326", # temp_mkstemp
"B327", # temp_namedtemp
"B328", # temp_makedirs
"B329", # shlex_parse
"B330", # shlex_split
"B331", # ssl_with_bad_version
"B332", # ssl_with_bad_defaults
"B333", # ssl_with_no_version
"B334", # ssl_with_ciphers
"B335", # ssl_with_ciphers_no_protocols
"B336", # ssl_with_ciphers_protocols
"B337", # ssl_with_ciphers_protocols_and_values
"B338", # ssl_with_version
"B339", # ssl_with_version_and_values
"B340", # ssl_with_version_and_ciphers
"B341", # ssl_with_version_and_ciphers_and_values
"B342", # ssl_with_version_and_ciphers_and_protocols_and_values
"B343", # ssl_with_version_and_ciphers_and_protocols
"B344", # ssl_with_version_and_ciphers_and_values
"B345", # ssl_with_version_and_ciphers_and_protocols_and_values
"B346", # ssl_with_version_and_ciphers_and_protocols
"B347", # ssl_with_version_and_ciphers_and_values
"B348", # ssl_with_version_and_ciphers_and_protocols_and_values
"B349", # ssl_with_version_and_ciphers_and_protocols
"B350", # ssl_with_version_and_ciphers_and_values
"B351", # ssl_with_version_and_ciphers_and_protocols_and_values
"B401", # import_telnetlib
"B402", # import_ftplib
"B403", # import_pickle
"B404", # import_subprocess
"B405", # import_xml_etree
"B406", # import_xml_sax
"B407", # import_xml_expatbuilder
"B408", # import_xml_expatreader
"B409", # import_xml_minidom
"B410", # import_xml_pulldom
"B411", # import_xmlrpc
"B412", # import_xmlrpc_server
"B413", # import_pycrypto
"B414", # import_pycryptodome
"B415", # import_pyopenssl
"B416", # import_cryptography
"B417", # import_paramiko
"B418", # import_pysnmp
"B419", # import_cryptography_hazmat
"B420", # import_lxml
"B421", # import_django
"B422", # import_flask
"B423", # import_tornado
"B424", # import_urllib3
"B425", # import_yaml
"B426", # import_jinja2
"B427", # import_markupsafe
"B428", # import_werkzeug
"B429", # import_bcrypt
"B430", # import_passlib
"B431", # import_pymysql
"B432", # import_psycopg2
"B433", # import_pymongo
"B434", # import_redis
"B435", # import_requests
"B436", # import_httplib2
"B437", # import_urllib
"B438", # import_lxml
"B439", # import_markupsafe
"B440", # import_jinja2
"B441", # import_werkzeug
"B442", # import_flask
"B443", # import_tornado
"B444", # import_django
"B445", # import_pycrypto
"B446", # import_pycryptodome
"B447", # import_pyopenssl
"B448", # import_cryptography
"B449", # import_paramiko
"B450", # import_pysnmp
"B451", # import_cryptography_hazmat
"B452", # import_lxml
"B453", # import_django
"B454", # import_flask
"B455", # import_tornado
"B456", # import_urllib3
"B457", # import_yaml
"B458", # import_jinja2
"B459", # import_markupsafe
"B460", # import_werkzeug
"B461", # import_bcrypt
"B462", # import_passlib
"B463", # import_pymysql
"B464", # import_psycopg2
"B465", # import_pymongo
"B466", # import_redis
"B467", # import_requests
"B468", # import_httplib2
"B469", # import_urllib
"B470", # import_lxml
"B471", # import_markupsafe
"B472", # import_jinja2
"B473", # import_werkzeug
"B474", # import_flask
"B475", # import_tornado
"B476", # import_django
"B477", # import_pycrypto
"B478", # import_pycryptodome
"B479", # import_pyopenssl
"B480", # import_cryptography
"B481", # import_paramiko
"B482", # import_pysnmp
"B483", # import_cryptography_hazmat
"B484", # import_lxml
"B485", # import_django
"B486", # import_flask
"B487", # import_tornado
"B488", # import_urllib3
"B489", # import_yaml
"B490", # import_jinja2
"B491", # import_markupsafe
"B492", # import_werkzeug
"B493", # import_bcrypt
"B494", # import_passlib
"B495", # import_pymysql
"B496", # import_psycopg2
"B497", # import_pymongo
"B498", # import_redis
"B499", # import_requests
"B500", # import_httplib2
"B501", # import_urllib
"B502", # import_lxml
"B503", # import_markupsafe
"B504", # import_jinja2
"B505", # import_werkzeug
"B506", # import_flask
"B507", # import_tornado
"B508", # import_django
"B509", # import_pycrypto
"B510", # import_pycryptodome
"B511", # import_pyopenssl
"B512", # import_cryptography
"B513", # import_paramiko
"B514", # import_pysnmp
"B515", # import_cryptography_hazmat
"B516", # import_lxml
"B517", # import_django
"B518", # import_flask
"B519", # import_tornado
"B520", # import_urllib3
"B521", # import_yaml
"B522", # import_jinja2
"B523", # import_markupsafe
"B524", # import_werkzeug
"B525", # import_bcrypt
"B526", # import_passlib
"B527", # import_pymysql
"B528", # import_psycopg2
"B529", # import_pymongo
"B530", # import_redis
"B531", # import_requests
"B532", # import_httplib2
"B533", # import_urllib
"B534", # import_lxml
"B535", # import_markupsafe
"B536", # import_jinja2
"B537", # import_werkzeug
"B538", # import_flask
"B539", # import_tornado
"B540", # import_django
"B541", # import_pycrypto
"B542", # import_pycryptodome
"B543", # import_pyopenssl
"B544", # import_cryptography
"B545", # import_paramiko
"B546", # import_pysnmp
"B547", # import_cryptography_hazmat
"B548", # import_lxml
"B549", # import_django
"B550", # import_flask
"B551", # import_tornado
"B552", # import_urllib3
"B553", # import_yaml
"B554", # import_jinja2
"B555", # import_markupsafe
"B556", # import_werkzeug
"B557", # import_bcrypt
"B558", # import_passlib
"B559", # import_pymysql
"B560", # import_psycopg2
"B561", # import_pymongo
"B562", # import_redis
"B563", # import_requests
"B564", # import_httplib2
"B565", # import_urllib
"B566", # import_lxml
"B567", # import_markupsafe
"B568", # import_jinja2
"B569", # import_werkzeug
"B570", # import_flask
"B571", # import_tornado
"B572", # import_django
"B573", # import_pycrypto
"B574", # import_pycryptodome
"B575", # import_pyopenssl
"B576", # import_cryptography
"B577", # import_paramiko
"B578", # import_pysnmp
"B579", # import_cryptography_hazmat
"B580", # import_lxml
"B581", # import_django
"B582", # import_flask
"B583", # import_tornado
"B584", # import_urllib3
"B585", # import_yaml
"B586", # import_jinja2
"B587", # import_markupsafe
"B588", # import_werkzeug
"B589", # import_bcrypt
"B590", # import_passlib
"B591", # import_pymysql
"B592", # import_psycopg2
"B593", # import_pymongo
"B594", # import_redis
"B595", # import_requests
"B596", # import_httplib2
"B597", # import_urllib
"B598", # import_lxml
"B599", # import_markupsafe
"B600", # import_jinja2
"B601", # shell_injection_process
"B602", # subprocess_popen_with_shell_equals_true
"B603", # subprocess_without_shell_equals_true
"B604", # any_other_function_with_shell_equals_true
"B605", # start_process_with_a_shell
"B606", # start_process_with_no_shell
"B607", # start_process_with_partial_path
"B608", # hardcoded_sql_expressions
"B609", # linux_commands_wildcard_injection
"B610", # django_extra_used
"B611", # django_rawsql_used
"B701", # jinja2_autoescape_false
"B702", # use_of_mako_templates
"B703", # django_useless_runner
]
# Test directories and files
tests = [
"tests/",
"test_",
"_test.py"
]
# Severity and confidence levels
severity_level = "medium"
confidence_level = "medium"
# Output format
output_format = "json"
# Report file
output_file = "bandit-report.json"
# Number of processes to use
number_of_processes = 4
# Include tests in scanning
include_tests = false
# Recursive scanning
recursive = true
# Baseline file for known issues
baseline = null

43
config/consensus_test.json
View File

@@ -1,43 +0,0 @@
{
"network_name": "consensus-test",
"chain_id": "consensus-test",
"validators": [
{
"address": "0x1234567890123456789012345678901234567890",
"stake": 1000.0,
"role": "proposer"
},
{
"address": "0x2345678901234567890123456789012345678901",
"stake": 1000.0,
"role": "validator"
},
{
"address": "0x3456789012345678901234567890123456789012",
"stake": 1000.0,
"role": "validator"
},
{
"address": "0x4567890123456789012345678901234567890123",
"stake": 1000.0,
"role": "validator"
},
{
"address": "0x5678901234567890123456789012345678901234",
"stake": 1000.0,
"role": "validator"
}
],
"consensus": {
"type": "multi_validator_poa",
"block_time": 5,
"rotation_interval": 10,
"fault_tolerance": 1
},
"slashing": {
"double_sign_slash": 0.5,
"unavailable_slash": 0.1,
"invalid_block_slash": 0.3,
"slow_response_slash": 0.05
}
}

26
config/economics_test.json
View File

@@ -1,26 +0,0 @@
{
"staking": {
"min_stake_amount": 1000.0,
"unstaking_period": 21,
"max_delegators_per_validator": 100,
"commission_range": [0.01, 0.10]
},
"rewards": {
"base_reward_rate": 0.05,
"distribution_interval": 86400,
"min_reward_amount": 0.001,
"delegation_reward_split": 0.9
},
"gas": {
"base_gas_price": 0.001,
"max_gas_price": 0.1,
"min_gas_price": 0.0001,
"congestion_threshold": 0.8,
"price_adjustment_factor": 1.1
},
"security": {
"monitoring_interval": 60,
"detection_history_window": 3600,
"max_false_positive_rate": 0.05
}
}

60
config/edge-node-aitbc.yaml
View File

@@ -1,60 +0,0 @@
# Edge Node Configuration - aitbc (Primary Container)
edge_node_config:
node_id: "aitbc-edge-primary"
region: "us-east"
location: "primary-dev-container"
services:
- name: "marketplace-api"
port: 8002
health_check: "/health/live"
enabled: true
- name: "cache-layer"
port: 6379
type: "redis"
enabled: true
- name: "monitoring-agent"
port: 9090
type: "prometheus"
enabled: true
network:
cdn_integration: true
tcp_optimization: true
ipv6_support: true
bandwidth_mbps: 1000
latency_optimization: true
resources:
cpu_cores: 8
memory_gb: 32
storage_gb: 500
gpu_access: false # No GPU in containers
caching:
redis_enabled: true
cache_ttl_seconds: 300
max_memory_mb: 1024
cache_strategy: "lru"
monitoring:
metrics_enabled: true
health_check_interval: 30
performance_tracking: true
log_level: "info"
security:
firewall_enabled: true
rate_limiting: true
ssl_termination: true
load_balancing:
algorithm: "weighted_round_robin"
weight: 3
backup_nodes: ["aitbc1-edge-secondary"]
performance_targets:
response_time_ms: 50
throughput_rps: 1000
cache_hit_rate: 0.9
error_rate: 0.01

60
config/edge-node-aitbc1.yaml
View File

@@ -1,60 +0,0 @@
# Edge Node Configuration - aitbc1 (Secondary Container)
edge_node_config:
node_id: "aitbc1-edge-secondary"
region: "us-west"
location: "secondary-dev-container"
services:
- name: "marketplace-api"
port: 8002
health_check: "/health/live"
enabled: true
- name: "cache-layer"
port: 6379
type: "redis"
enabled: true
- name: "monitoring-agent"
port: 9091
type: "prometheus"
enabled: true
network:
cdn_integration: true
tcp_optimization: true
ipv6_support: true
bandwidth_mbps: 1000
latency_optimization: true
resources:
cpu_cores: 8
memory_gb: 32
storage_gb: 500
gpu_access: false # No GPU in containers
caching:
redis_enabled: true
cache_ttl_seconds: 300
max_memory_mb: 1024
cache_strategy: "lru"
monitoring:
metrics_enabled: true
health_check_interval: 30
performance_tracking: true
log_level: "info"
security:
firewall_enabled: true
rate_limiting: true
ssl_termination: true
load_balancing:
algorithm: "weighted_round_robin"
weight: 2
backup_nodes: ["aitbc-edge-primary"]
performance_targets:
response_time_ms: 50
throughput_rps: 1000
cache_hit_rate: 0.9
error_rate: 0.01

41
config/edge-node-example.yaml
View File

@@ -1,41 +0,0 @@
# Edge Node Configuration - Example (minimal template)
edge_node_config:
node_id: "edge-node-example"
region: "us-east"
location: "example-datacenter"
services:
- name: "marketplace-api"
port: 8002
enabled: true
health_check: "/health/live"
network:
bandwidth_mbps: 500
ipv6_support: true
latency_optimization: true
resources:
cpu_cores: 4
memory_gb: 16
storage_gb: 200
gpu_access: false # set true if GPU available
security:
firewall_enabled: true
rate_limiting: true
ssl_termination: true
monitoring:
metrics_enabled: true
health_check_interval: 30
log_level: "info"
load_balancing:
algorithm: "round_robin"
weight: 1
performance_targets:
response_time_ms: 100
throughput_rps: 200
error_rate: 0.01

57
config/environments/production/coordinator.env.template
View File

@@ -1,57 +0,0 @@
# Coordinator API - Production Environment Template
# DO NOT commit actual values - use AWS Secrets Manager in production
# =============================================================================
# CORE APPLICATION CONFIGURATION
# =============================================================================
APP_ENV=production
DEBUG=false
LOG_LEVEL=WARN
# Database Configuration (use AWS RDS in production)
DATABASE_URL=postgresql://user:pass@host:5432/database
# Reference: secretRef:db-credentials
# =============================================================================
# API CONFIGURATION
# =============================================================================
# API Keys (use AWS Secrets Manager)
ADMIN_API_KEY=secretRef:api-keys:admin
CLIENT_API_KEY=secretRef:api-keys:client
MINER_API_KEY=secretRef:api-keys:miner
AITBC_API_KEY=secretRef:api-keys:coordinator
# API URLs
API_URL=https://api.aitbc.bubuit.net
COORDINATOR_URL=https://api.aitbc.bubuit.net
COORDINATOR_HEALTH_URL=https://api.aitbc.bubuit.net/health
# =============================================================================
# SECURITY CONFIGURATION
# =============================================================================
# Security Keys (use AWS Secrets Manager)
ENCRYPTION_KEY=secretRef:security-keys:encryption
HMAC_SECRET=secretRef:security-keys:hmac
JWT_SECRET=secretRef:security-keys:jwt
# =============================================================================
# BLOCKCHAIN CONFIGURATION
# =============================================================================
# Mainnet RPC URLs (use secure endpoints)
ETHEREUM_RPC_URL=https://mainnet.infura.io/v3/YOUR_PROJECT_ID
POLYGON_RPC_URL=https://polygon-rpc.com
ARBITRUM_RPC_URL=https://arb1.arbitrum.io/rpc
OPTIMISM_RPC_URL=https://mainnet.optimism.io
# =============================================================================
# EXTERNAL SERVICES
# =============================================================================
# AI/ML Services (use production keys)
OPENAI_API_KEY=secretRef:external-services:openai
GOOGLE_PROJECT_ID=secretRef:external-services:google-project
# =============================================================================
# MONITORING
# =============================================================================
# Sentry (use production DSN)
SENTRY_DSN=secretRef:monitoring:sentry

45
config/environments/production/wallet-daemon.env.template
View File

@@ -1,45 +0,0 @@
# Wallet Daemon - Production Environment Template
# DO NOT commit actual values - use AWS Secrets Manager in production
# =============================================================================
# CORE APPLICATION CONFIGURATION
# =============================================================================
APP_ENV=production
DEBUG=false
LOG_LEVEL=WARN
# =============================================================================
# SERVICE CONFIGURATION
# =============================================================================
# Coordinator Integration
COORDINATOR_BASE_URL=https://api.aitbc.bubuit.net
COORDINATOR_API_KEY=secretRef:api-keys:coordinator
# REST API Configuration
REST_PREFIX=/v1
# =============================================================================
# DATABASE CONFIGURATION
# =============================================================================
# Ledger Database Path (use persistent storage)
LEDGER_DB_PATH=/data/wallet_ledger.db
# =============================================================================
# SECURITY CONFIGURATION
# =============================================================================
# Rate Limiting (production values)
WALLET_RATE_LIMIT=30
WALLET_RATE_WINDOW=60
# =============================================================================
# MONITORING
# =============================================================================
# Health Check Configuration
HEALTH_CHECK_INTERVAL=30
# =============================================================================
# CLUSTER CONFIGURATION
# =============================================================================
# Kubernetes Settings
POD_NAMESPACE=aitbc
SERVICE_NAME=wallet-daemon

25
config/genesis/genesis_ait_devnet.yaml
View File

@@ -1,25 +0,0 @@
genesis:
chain_id: "ait-devnet"
chain_type: "main"
purpose: "development"
name: "AITBC Development Network"
description: "Development network for AITBC multi-chain testing"
timestamp: "2026-03-06T18:00:00Z"
parent_hash: "0x0000000000000000000000000000000000000000000000000000000000000000"
gas_limit: 10000000
gas_price: 1000000000
consensus:
algorithm: "poa"
validators:
- "ait1devproposer000000000000000000000000000000"
accounts:
- address: "aitbc1genesis"
balance: "1000000"
type: "regular"
- address: "aitbc1faucet"
balance: "100000"
type: "faucet"
parameters:
block_time: 5
max_block_size: 1048576
min_stake: 1000

29
config/genesis/genesis_brother_chain_1773403269.yaml
View File

@@ -1,29 +0,0 @@
genesis:
chain_id: aitbc-brother-chain
chain_type: topic
purpose: brother-connection
name: AITBC Brother Chain
description: Side chain for aitbc1 brother connection
consensus:
algorithm: poa
block_time: 3
max_validators: 21
privacy:
visibility: private
access_control: invite-only
require_invitation: true
parameters:
max_block_size: 1048576
max_gas_per_block: 10000000
min_gas_price: 1000000000
accounts:
- address: aitbc1genesis
balance: '2100000000'
type: genesis
- address: aitbc1aitbc1_simple_simple
balance: '500'
type: gift
metadata:
recipient: aitbc1
gift_from: aitbc_main_chain
contracts: []

249
config/genesis/genesis_enhanced_devnet.yaml
View File

@@ -1,249 +0,0 @@
genesis:
chain_id: "aitbc-enhanced-devnet"
chain_type: "enhanced"
purpose: "development-with-new-features"
name: "AITBC Enhanced Development Network"
description: "Enhanced development network with AI trading, surveillance, analytics, and multi-chain features"
timestamp: "2026-03-07T11:00:00Z"
parent_hash: "0x0000000000000000000000000000000000000000000000000000000000000000"
gas_limit: 15000000
gas_price: 1000000000
consensus:
algorithm: "poa"
validators:
- "ait1devproposer000000000000000000000000000000"
- "ait1aivalidator00000000000000000000000000000"
- "ait1surveillance0000000000000000000000000000"
accounts:
# Core system accounts
- address: "aitbc1genesis"
balance: "10000000"
type: "genesis"
metadata:
purpose: "Genesis account with initial supply"
features: ["governance", "staking", "validation"]
- address: "aitbc1faucet"
balance: "1000000"
type: "faucet"
metadata:
purpose: "Development faucet for testing"
distribution_rate: "100 per hour"
- address: "aitbc1treasury"
balance: "5000000"
type: "treasury"
metadata:
purpose: "Treasury for ecosystem rewards"
features: ["rewards", "staking", "governance"]
- address: "aitbc1aiengine"
balance: "2000000"
type: "service"
metadata:
purpose: "AI Trading Engine operational account"
service_type: "ai_trading_engine"
features: ["trading", "analytics", "prediction"]
- address: "aitbc1surveillance"
balance: "1500000"
type: "service"
metadata:
purpose: "AI Surveillance service account"
service_type: "ai_surveillance"
features: ["monitoring", "risk_assessment", "compliance"]
- address: "aitbc1analytics"
balance: "1000000"
type: "service"
metadata:
purpose: "Advanced Analytics service account"
service_type: "advanced_analytics"
features: ["real_time_analytics", "reporting", "metrics"]
- address: "aitbc1marketplace"
balance: "2000000"
type: "service"
metadata:
purpose: "Global Marketplace service account"
service_type: "global_marketplace"
features: ["trading", "liquidity", "cross_chain"]
- address: "aitbc1enterprise"
balance: "3000000"
type: "service"
metadata:
purpose: "Enterprise Integration service account"
service_type: "enterprise_api_gateway"
features: ["api_gateway", "multi_tenant", "security"]
- address: "aitbc1multimodal"
balance: "1500000"
type: "service"
metadata:
purpose: "Multi-modal AI service account"
service_type: "multimodal_agent"
features: ["gpu_acceleration", "modality_optimization", "fusion"]
- address: "aitbc1zkproofs"
balance: "1000000"
type: "service"
metadata:
purpose: "Zero-Knowledge Proofs service account"
service_type: "zk_proofs"
features: ["zk_circuits", "verification", "privacy"]
- address: "aitbc1crosschain"
balance: "2000000"
type: "service"
metadata:
purpose: "Cross-chain bridge service account"
service_type: "cross_chain_bridge"
features: ["bridge", "atomic_swap", "reputation"]
# Developer and testing accounts
- address: "aitbc1developer1"
balance: "500000"
type: "developer"
metadata:
purpose: "Primary developer testing account"
permissions: ["full_access", "service_deployment"]
- address: "aitbc1developer2"
balance: "300000"
type: "developer"
metadata:
purpose: "Secondary developer testing account"
permissions: ["testing", "debugging"]
- address: "aitbc1tester"
balance: "200000"
type: "tester"
metadata:
purpose: "Automated testing account"
permissions: ["testing_only"]
# Smart contracts deployed at genesis
contracts:
- name: "AITBCToken"
address: "0x0000000000000000000000000000000000001000"
type: "ERC20"
metadata:
symbol: "AITBC-E"
decimals: 18
initial_supply: "21000000000000000000000000"
purpose: "Enhanced network token with chain-specific isolation"
- name: "AISurveillanceRegistry"
address: "0x0000000000000000000000000000000000001001"
type: "Registry"
metadata:
purpose: "Registry for AI surveillance patterns and alerts"
features: ["pattern_registration", "alert_management", "risk_scoring"]
- name: "AnalyticsOracle"
address: "0x0000000000000000000000000000000000001002"
type: "Oracle"
metadata:
purpose: "Oracle for advanced analytics data feeds"
features: ["price_feeds", "market_data", "performance_metrics"]
- name: "CrossChainBridge"
address: "0x0000000000000000000000000000000000001003"
type: "Bridge"
metadata:
purpose: "Cross-chain bridge for asset transfers"
features: ["atomic_swaps", "reputation_system", "chain_isolation"]
- name: "EnterpriseGateway"
address: "0x0000000000000000000000000000000000001004"
type: "Gateway"
metadata:
purpose: "Enterprise API gateway with multi-tenant support"
features: ["api_management", "tenant_isolation", "security"]
# Enhanced network parameters
parameters:
block_time: 3 # Faster blocks for enhanced features
max_block_size: 2097152 # 2MB blocks for more transactions
min_stake: 1000
max_validators: 100
block_reward: "2000000000000000000" # 2 AITBC per block
stake_reward_rate: "0.05" # 5% annual reward rate
governance_threshold: "0.51" # 51% for governance decisions
surveillance_threshold: "0.75" # 75% for surveillance alerts
analytics_retention: 86400 # 24 hours retention for analytics data
cross_chain_fee: "10000000000000000" # 0.01 AITBC for cross-chain transfers
enterprise_min_stake: 10000 # Higher stake for enterprise validators
# Privacy and security settings
privacy:
access_control: "permissioned"
require_invitation: false
visibility: "public"
encryption: "enabled"
zk_proofs: "enabled"
audit_logging: "enabled"
# Feature flags for new services
features:
ai_trading_engine: true
ai_surveillance: true
advanced_analytics: true
enterprise_integration: true
multi_modal_ai: true
zk_proofs: true
cross_chain_bridge: true
global_marketplace: true
adaptive_learning: true
performance_monitoring: true
# Service endpoints configuration
services:
ai_trading_engine:
port: 8010
enabled: true
config:
models: ["mean_reversion", "momentum", "arbitrage"]
risk_threshold: 0.02
max_positions: 100
ai_surveillance:
port: 8011
enabled: true
config:
risk_models: ["isolation_forest", "neural_network"]
alert_threshold: 0.85
retention_days: 30
advanced_analytics:
port: 8012
enabled: true
config:
indicators: ["rsi", "macd", "bollinger", "volume"]
update_interval: 60
history_retention: 86400
enterprise_gateway:
port: 8013
enabled: true
config:
max_tenants: 1000
rate_limit: 1000
auth_required: true
multimodal_ai:
port: 8014
enabled: true
config:
gpu_acceleration: true
modalities: ["text", "image", "audio"]
fusion_model: "transformer_based"
zk_proofs:
port: 8015
enabled: true
config:
circuit_types: ["receipt", "identity", "compliance"]
verification_speed: "fast"
memory_optimization: true
# Network configuration
network:
max_peers: 50
min_peers: 5
boot_nodes:
- "ait1bootnode0000000000000000000000000000000:8008"
- "ait1bootnode0000000000000000000000000000001:8008"
propagation_timeout: 30
sync_mode: "fast"
# Governance settings
governance:
voting_period: 604800 # 7 days
execution_delay: 86400 # 1 day
proposal_threshold: "1000000000000000000000000" # 1000 AITBC
quorum_rate: "0.40" # 40% quorum
emergency_pause: true
multi_signature: true
# Economic parameters
economics:
total_supply: "21000000000000000000000000" # 21 million AITBC
inflation_rate: "0.02" # 2% annual inflation
burn_rate: "0.01" # 1% burn rate
treasury_allocation: "0.20" # 20% to treasury
staking_allocation: "0.30" # 30% to staking rewards
ecosystem_allocation: "0.25" # 25% to ecosystem
team_allocation: "0.15" # 15% to team
community_allocation: "0.10" # 10% to community

68
config/genesis/genesis_enhanced_local.yaml
View File

@@ -1,68 +0,0 @@
description: Enhanced genesis for AITBC with new features
genesis:
chain_id: "aitbc-enhanced-devnet"
chain_type: "topic"
purpose: "development-with-new-features"
name: "AITBC Enhanced Development Network"
description: "Enhanced development network with AI trading, surveillance, analytics, and multi-chain features"
timestamp: "2026-03-07T11:15:00Z"
parent_hash: "0x0000000000000000000000000000000000000000000000000000000000000000"
gas_limit: 15000000
gas_price: 1000000000
consensus:
algorithm: "poa"
validators:
- "ait1devproposer000000000000000000000000000000"
- "ait1aivalidator00000000000000000000000000000"
- "ait1surveillance0000000000000000000000000000"
accounts:
- address: "aitbc1genesis"
balance: "10000000"
type: "genesis"
- address: "aitbc1faucet"
balance: "1000000"
type: "faucet"
- address: "aitbc1aiengine"
balance: "2000000"
type: "service"
- address: "aitbc1surveillance"
balance: "1500000"
type: "service"
- address: "aitbc1analytics"
balance: "1000000"
type: "service"
- address: "aitbc1marketplace"
balance: "2000000"
type: "service"
- address: "aitbc1enterprise"
balance: "3000000"
type: "service"
parameters:
block_time: 3
max_block_size: 2097152
min_stake: 1000
block_reward: "2000000000000000000"
features:
ai_trading_engine: true
ai_surveillance: true
advanced_analytics: true
enterprise_integration: true
multi_modal_ai: true
zk_proofs: true
cross_chain_bridge: true
global_marketplace: true
adaptive_learning: true
performance_monitoring: true
services:
ai_trading_engine:
port: 8010
enabled: true
ai_surveillance:
port: 8011
enabled: true
advanced_analytics:
port: 8012
enabled: true
enterprise_gateway:
port: 8013
enabled: true

85
config/genesis/genesis_enhanced_template.yaml
View File

@@ -1,85 +0,0 @@
description: Enhanced genesis template for AITBC with new features
genesis:
accounts:
- address: "aitbc1genesis"
balance: "10000000"
- address: "aitbc1faucet"
balance: "1000000"
chain_type: topic
consensus:
algorithm: poa
authorities:
- "ait1devproposer000000000000000000000000000000"
- "ait1aivalidator00000000000000000000000000000"
- "ait1surveillance0000000000000000000000000000"
block_time: 3
max_validators: 100
contracts: []
description: Enhanced development network with AI trading, surveillance, analytics, and multi-chain features
name: AITBC Enhanced Development Network
parameters:
block_reward: '2000000000000000000'
max_block_size: 2097152
max_gas_per_block: 15000000
min_gas_price: 1000000000
min_stake: 1000
governance_threshold: "0.51"
surveillance_threshold: "0.75"
cross_chain_fee: "10000000000000000"
privacy:
access_control: permissioned
require_invitation: false
visibility: public
encryption: "enabled"
zk_proofs: "enabled"
audit_logging: "enabled"
purpose: development-with-new-features
features:
ai_trading_engine: true
ai_surveillance: true
advanced_analytics: true
enterprise_integration: true
multi_modal_ai: true
zk_proofs: true
cross_chain_bridge: true
global_marketplace: true
adaptive_learning: true
performance_monitoring: true
services:
ai_trading_engine:
port: 8010
enabled: true
config:
models: ["mean_reversion", "momentum", "arbitrage"]
risk_threshold: 0.02
max_positions: 100
ai_surveillance:
port: 8011
enabled: true
config:
risk_models: ["isolation_forest", "neural_network"]
alert_threshold: 0.85
retention_days: 30
advanced_analytics:
port: 8012
enabled: true
config:
indicators: ["rsi", "macd", "bollinger", "volume"]
update_interval: 60
history_retention: 86400
enterprise_gateway:
port: 8013
enabled: true
config:
max_tenants: 1000
rate_limit: 1000
auth_required: true
economics:
total_supply: "21000000000000000000000000"
inflation_rate: "0.02"
burn_rate: "0.01"
treasury_allocation: "0.20"
staking_allocation: "0.30"
ecosystem_allocation: "0.25"
team_allocation: "0.15"
community_allocation: "0.10"

296
config/genesis/genesis_prod.yaml
View File

@@ -1,296 +0,0 @@
genesis:
chain_id: ait-mainnet
chain_type: enhanced
purpose: development-with-new-features
name: AITBC Mainnet
description: Enhanced development network with AI trading, surveillance, analytics,
and multi-chain features
timestamp: '2026-03-07T11:00:00Z'
parent_hash: '0x0000000000000000000000000000000000000000000000000000000000000000'
gas_limit: 15000000
gas_price: 1000000000
consensus:
algorithm: poa
validators:
- ait1devproposer000000000000000000000000000000
- ait1aivalidator00000000000000000000000000000
- ait1surveillance0000000000000000000000000000
accounts:
- address: aitbc1genesis
balance: '10000000'
type: genesis
metadata:
purpose: Genesis account with initial supply
features:
- governance
- staking
- validation
- address: aitbc1treasury
balance: '5000000'
type: treasury
metadata:
purpose: Treasury for ecosystem rewards
features:
- rewards
- staking
- governance
- address: aitbc1aiengine
balance: '2000000'
type: service
metadata:
purpose: AI Trading Engine operational account
service_type: ai_trading_engine
features:
- trading
- analytics
- prediction
- address: aitbc1surveillance
balance: '1500000'
type: service
metadata:
purpose: AI Surveillance service account
service_type: ai_surveillance
features:
- monitoring
- risk_assessment
- compliance
- address: aitbc1analytics
balance: '1000000'
type: service
metadata:
purpose: Advanced Analytics service account
service_type: advanced_analytics
features:
- real_time_analytics
- reporting
- metrics
- address: aitbc1marketplace
balance: '2000000'
type: service
metadata:
purpose: Global Marketplace service account
service_type: global_marketplace
features:
- trading
- liquidity
- cross_chain
- address: aitbc1enterprise
balance: '3000000'
type: service
metadata:
purpose: Enterprise Integration service account
service_type: enterprise_api_gateway
features:
- api_gateway
- multi_tenant
- security
- address: aitbc1multimodal
balance: '1500000'
type: service
metadata:
purpose: Multi-modal AI service account
service_type: multimodal_agent
features:
- gpu_acceleration
- modality_optimization
- fusion
- address: aitbc1zkproofs
balance: '1000000'
type: service
metadata:
purpose: Zero-Knowledge Proofs service account
service_type: zk_proofs
features:
- zk_circuits
- verification
- privacy
- address: aitbc1crosschain
balance: '2000000'
type: service
metadata:
purpose: Cross-chain bridge service account
service_type: cross_chain_bridge
features:
- bridge
- atomic_swap
- reputation
- address: aitbc1developer1
balance: '500000'
type: developer
metadata:
purpose: Primary developer testing account
permissions:
- full_access
- service_deployment
- address: aitbc1developer2
balance: '300000'
type: developer
metadata:
purpose: Secondary developer testing account
permissions:
- testing
- debugging
- address: aitbc1tester
balance: '200000'
type: tester
metadata:
purpose: Automated testing account
permissions:
- testing_only
contracts:
- name: AITBCToken
address: '0x0000000000000000000000000000000000001000'
type: ERC20
metadata:
symbol: AITBC-E
decimals: 18
initial_supply: '21000000000000000000000000'
purpose: Enhanced network token with chain-specific isolation
- name: AISurveillanceRegistry
address: '0x0000000000000000000000000000000000001001'
type: Registry
metadata:
purpose: Registry for AI surveillance patterns and alerts
features:
- pattern_registration
- alert_management
- risk_scoring
- name: AnalyticsOracle
address: '0x0000000000000000000000000000000000001002'
type: Oracle
metadata:
purpose: Oracle for advanced analytics data feeds
features:
- price_feeds
- market_data
- performance_metrics
- name: CrossChainBridge
address: '0x0000000000000000000000000000000000001003'
type: Bridge
metadata:
purpose: Cross-chain bridge for asset transfers
features:
- atomic_swaps
- reputation_system
- chain_isolation
- name: EnterpriseGateway
address: '0x0000000000000000000000000000000000001004'
type: Gateway
metadata:
purpose: Enterprise API gateway with multi-tenant support
features:
- api_management
- tenant_isolation
- security
parameters:
block_time: 3
max_block_size: 2097152
min_stake: 1000
max_validators: 100
block_reward: '2000000000000000000'
stake_reward_rate: '0.05'
governance_threshold: '0.51'
surveillance_threshold: '0.75'
analytics_retention: 86400
cross_chain_fee: '10000000000000000'
enterprise_min_stake: 10000
privacy:
access_control: permissioned
require_invitation: false
visibility: public
encryption: enabled
zk_proofs: enabled
audit_logging: enabled
features:
ai_trading_engine: true
ai_surveillance: true
advanced_analytics: true
enterprise_integration: true
multi_modal_ai: true
zk_proofs: true
cross_chain_bridge: true
global_marketplace: true
adaptive_learning: true
performance_monitoring: true
services:
ai_trading_engine:
port: 8010
enabled: true
config:
models:
- mean_reversion
- momentum
- arbitrage
risk_threshold: 0.02
max_positions: 100
ai_surveillance:
port: 8011
enabled: true
config:
risk_models:
- isolation_forest
- neural_network
alert_threshold: 0.85
retention_days: 30
advanced_analytics:
port: 8012
enabled: true
config:
indicators:
- rsi
- macd
- bollinger
- volume
update_interval: 60
history_retention: 86400
enterprise_gateway:
port: 8013
enabled: true
config:
max_tenants: 1000
rate_limit: 1000
auth_required: true
multimodal_ai:
port: 8014
enabled: true
config:
gpu_acceleration: true
modalities:
- text
- image
- audio
fusion_model: transformer_based
zk_proofs:
port: 8015
enabled: true
config:
circuit_types:
- receipt
- identity
- compliance
verification_speed: fast
memory_optimization: true
network:
max_peers: 50
min_peers: 5
boot_nodes:
- ait1bootnode0000000000000000000000000000000:8008
- ait1bootnode0000000000000000000000000000001:8008
propagation_timeout: 30
sync_mode: fast
governance:
voting_period: 604800
execution_delay: 86400
proposal_threshold: '1000000000000000000000000'
quorum_rate: '0.40'
emergency_pause: true
multi_signature: true
economics:
total_supply: '21000000000000000000000000'
inflation_rate: '0.02'
burn_rate: '0.01'
treasury_allocation: '0.20'
staking_allocation: '0.30'
ecosystem_allocation: '0.25'
team_allocation: '0.15'
community_allocation: '0.10'

76
config/genesis/test_multichain_genesis.yaml
View File

@@ -1,76 +0,0 @@
# Multi-Chain Genesis Configuration Example
chains:
ait-devnet:
genesis:
chain_id: "ait-devnet"
chain_type: "main"
purpose: "development"
name: "AITBC Development Network"
description: "Development network for AITBC multi-chain testing"
timestamp: "2026-03-06T18:00:00Z"
parent_hash: "0x0000000000000000000000000000000000000000000000000000000000000000"
gas_limit: 10000000
gas_price: 1000000000
consensus:
algorithm: "poa"
validators:
- "ait1devproposer000000000000000000000000000000"
accounts:
- address: "aitbc1genesis"
balance: 1000000
- address: "aitbc1faucet"
balance: 100000
parameters:
block_time: 5
max_block_size: 1048576
min_stake: 1000
ait-testnet:
genesis:
chain_id: "ait-testnet"
chain_type: "topic"
purpose: "testing"
name: "AITBC Test Network"
description: "Test network for AITBC multi-chain validation"
timestamp: "2026-03-06T18:00:00Z"
parent_hash: "0x0000000000000000000000000000000000000000000000000000000000000000"
gas_limit: 5000000
gas_price: 2000000000
consensus:
algorithm: "poa"
validators:
- "ait1testproposer000000000000000000000000000000"
accounts:
- address: "aitbc1testgenesis"
balance: 500000
- address: "aitbc1testfaucet"
balance: 50000
parameters:
block_time: 10
max_block_size: 524288
min_stake: 500
ait-mainnet:
genesis:
chain_id: "ait-mainnet"
chain_type: "main"
purpose: "production"
name: "AITBC Main Network"
description: "Main production network for AITBC"
timestamp: "2026-03-06T18:00:00Z"
parent_hash: "0x0000000000000000000000000000000000000000000000000000000000000000"
gas_limit: 20000000
gas_price: 500000000
consensus:
algorithm: "pos"
validators:
- "ait1mainvalidator000000000000000000000000000000"
accounts:
- address: "aitbc1maingenesis"
balance: 2100000000
- address: "aitbc1mainfaucet"
balance: 1000000
parameters:
block_time: 15
max_block_size: 2097152
min_stake: 10000

49
config/network_test.json
View File

@@ -1,49 +0,0 @@
{
"network_name": "network-test",
"discovery": {
"bootstrap_nodes": [
"10.1.223.93:8000",
"10.1.223.40:8000",
"10.1.223.93:8001"
],
"discovery_interval": 30,
"peer_timeout": 300,
"max_peers": 50
},
"health_monitoring": {
"check_interval": 60,
"max_latency_ms": 1000,
"min_availability_percent": 90.0,
"min_health_score": 0.5,
"max_consecutive_failures": 3
},
"peer_management": {
"max_connections": 50,
"min_connections": 8,
"connection_retry_interval": 300,
"ban_threshold": 0.1,
"auto_reconnect": true,
"auto_ban_malicious": true,
"load_balance": true
},
"topology": {
"strategy": "hybrid",
"optimization_interval": 300,
"max_degree": 8,
"min_degree": 3
},
"partition_handling": {
"detection_interval": 30,
"recovery_timeout": 300,
"max_partition_size": 0.4,
"min_connected_nodes": 3,
"partition_detection_threshold": 0.3
},
"recovery": {
"strategy": "adaptive",
"recovery_interval": 60,
"max_recovery_attempts": 3,
"recovery_timeout": 300,
"emergency_threshold": 0.1
}
}

30
config/networks/chain_enhanced_devnet.yaml
View File

@@ -1,30 +0,0 @@
chain_id: "aitbc-enhanced-devnet"
chain_type: "topic"
purpose: "development-with-new-features"
name: "AITBC Enhanced Devnet"
description: "Enhanced development network with AI trading, surveillance, analytics, and multi-chain features"
consensus:
algorithm: "poa"
authorities:
- "ait1devproposer000000000000000000000000000000"
- "ait1aivalidator00000000000000000000000000000"
- "ait1surveillance0000000000000000000000000000"
block_time: 3
max_validators: 100
parameters:
block_reward: "2000000000000000000"
max_block_size: 2097152
max_gas_per_block: 15000000
min_gas_price: 1000000000
min_stake: 1000
features:
ai_trading_engine: true
ai_surveillance: true
advanced_analytics: true
enterprise_integration: true
multi_modal_ai: true
zk_proofs: true
cross_chain_bridge: true
global_marketplace: true
adaptive_learning: true
performance_monitoring: true

4568
config/python/poetry.lock generated
View File

File diff suppressed because it is too large Load Diff

186
config/python/pyproject.toml
View File

@@ -1,186 +0,0 @@
[tool.pytest.ini_options]
# Test discovery
python_files = ["test_*.py", "*_test.py"]
python_classes = ["Test*"]
python_functions = ["test_*"]
# Cache directory - prevent root level cache
cache_dir = "dev/cache/.pytest_cache"
# Test paths to run - include all test directories across the project
testpaths = [
"tests",
"apps/agent-protocols/tests",
"apps/ai-engine/tests",
"apps/analytics-platform/tests",
"apps/blockchain-node/tests",
"apps/coordinator-api/tests",
"apps/pool-hub/tests",
"apps/predictive-intelligence/tests",
"apps/wallet/tests",
"apps/explorer-web/tests",
"apps/wallet-daemon/tests",
"apps/zk-circuits/test",
"cli/tests",
"contracts/test",
"packages/py/aitbc-crypto/tests",
"packages/py/aitbc-sdk/tests",
"packages/solidity/aitbc-token/test",
"scripts/test"
]
# Python path for imports
pythonpath = [
".",
"packages/py/aitbc-crypto/src",
"packages/py/aitbc-crypto/tests",
"packages/py/aitbc-sdk/src",
"packages/py/aitbc-sdk/tests",
"apps/coordinator-api/src",
"apps/coordinator-api/tests",
"apps/wallet-daemon/src",
"apps/wallet-daemon/tests",
"apps/blockchain-node/src",
"apps/blockchain-node/tests",
"apps/pool-hub/src",
"apps/pool-hub/tests",
"apps/explorer-web/src",
"apps/explorer-web/tests",
"cli",
"cli/tests"
]
# Additional options for local testing
addopts = [
"--verbose",
"--tb=short",
"--strict-markers",
"--disable-warnings",
"-ra"
]
# Custom markers
markers = [
"unit: Unit tests (fast, isolated)",
"integration: Integration tests (may require external services)",
"slow: Slow running tests",
"cli: CLI command tests",
"api: API endpoint tests",
"blockchain: Blockchain-related tests",
"crypto: Cryptography tests",
"contracts: Smart contract tests",
"e2e: End-to-end tests (full system)",
"performance: Performance tests (measure speed/memory)",
"security: Security tests (vulnerability scanning)",
"gpu: Tests requiring GPU resources",
"confidential: Tests for confidential transactions",
"multitenant: Multi-tenancy specific tests"
]
# Environment variables for tests
env = [
"AUDIT_LOG_DIR=/tmp/aitbc-audit",
"DATABASE_URL=sqlite:///./test_coordinator.db",
"TEST_MODE=true",
"SQLITE_DATABASE=sqlite:///./test_coordinator.db"
]
# Warnings
filterwarnings = [
"ignore::UserWarning",
"ignore::DeprecationWarning",
"ignore::PendingDeprecationWarning",
"ignore::pytest.PytestUnknownMarkWarning",
"ignore::pydantic.PydanticDeprecatedSince20",
"ignore::sqlalchemy.exc.SADeprecationWarning"
]
# Asyncio configuration
asyncio_default_fixture_loop_scope = "function"
# Import mode
import_mode = "append"
[project]
name = "aitbc-cli"
version = "0.2.2"
description = "AITBC Command Line Interface Tools"
authors = [
{name = "AITBC Team", email = "team@aitbc.net"}
]
readme = "cli/README.md"
license = "MIT"
requires-python = ">=3.13.5,<4.0"
dependencies = [
"click==8.3.1",
"httpx==0.28.1",
"pydantic (>=2.13.0b2,<3.0.0)",
"pyyaml==6.0.3",
"rich==14.3.3",
"keyring==25.7.0",
"cryptography==46.0.6",
"click-completion==0.5.2",
"tabulate==0.10.0",
"colorama==0.4.6",
"python-dotenv (>=1.2.2,<2.0.0)",
"asyncpg==0.31.0",
# Dependencies for service module imports (coordinator-api services)
"numpy>=1.26.0",
"pandas>=2.0.0",
"aiohttp>=3.9.0",
"fastapi>=0.111.0",
"uvicorn[standard]>=0.30.0",
"slowapi>=0.1.0",
"pynacl>=1.5.0",
"pytest-asyncio (>=1.3.0,<2.0.0)",
"ruff (>=0.15.8,<0.16.0)",
"sqlalchemy (>=2.0.48,<3.0.0)",
"types-requests (>=2.33.0.20260327,<3.0.0.0)",
"types-setuptools (>=82.0.0.20260210,<83.0.0.0)",
# Blockchain dependencies
"web3>=6.11.0",
"eth-account>=0.13.0"
]
classifiers = [
"Development Status :: 4 - Beta",
"Intended Audience :: Developers",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.13",
"Operating System :: OS Independent",
"Topic :: Software Development :: Libraries :: Python Modules",
"Topic :: System :: Distributed Computing",
]
[project.optional-dependencies]
[dependency-groups]
dev = [
"pytest==9.0.2",
"pytest-asyncio>=1.3.0,<2.0.0",
"pytest-cov==7.1.0",
"pytest-mock==3.15.1",
"black==26.3.1",
"isort==8.0.1",
"ruff>=0.15.8,<0.16.0",
"mypy>=1.19.1,<2.0.0",
"bandit==1.7.5",
"types-requests>=2.33.0.20260327,<3.0.0.0",
"types-setuptools>=82.0.0.20260210,<83.0.0.0",
"types-PyYAML==6.0.12.20250915",
"sqlalchemy[mypy]>=2.0.48,<3.0.0"
]
[project.scripts]
aitbc = "core.main:main"
[project.urls]
Homepage = "https://aitbc.net"
Repository = "https://github.com/aitbc/aitbc"
Documentation = "https://docs.aitbc.net"
[build-system]
requires = ["setuptools>=61.0", "wheel"]
build-backend = "setuptools.build_meta"
[tool.setuptools.packages.find]
where = ["cli"]
include = ["core*", "commands*", "auth*", "utils*", "models*", "config*", "completion*"]

26
config/python/pytest.ini
View File

@@ -1,26 +0,0 @@
[tool:pytest]
# Fixed: Comprehensive test discovery
testpaths = tests
apps/agent-protocols/tests
apps/ai-engine/tests
apps/analytics-platform/tests
apps/blockchain-node/tests
apps/coordinator-api/tests
apps/pool-hub/tests
apps/predictive-intelligence/tests
apps/wallet/tests
apps/explorer-web/tests
apps/wallet-daemon/tests
apps/zk-circuits/test
cli/tests
contracts/test
packages/py/aitbc-crypto/tests
packages/py/aitbc-sdk/tests
packages/solidity/aitbc-token/test
scripts/test
# Additional options
python_files = test_*.py *_test.py
python_classes = Test*
python_functions = test_*
addopts = --verbose --tb=short

88
config/python/requirements.txt
View File

@@ -1,88 +0,0 @@
# AITBC Central Virtual Environment Requirements
# This file contains all Python dependencies for AITBC services
# Merged from all subdirectory requirements files
# Core Web Framework
fastapi>=0.115.0
uvicorn[standard]>=0.32.0
gunicorn>=22.0.0
# Database & ORM
sqlalchemy>=2.0.0
sqlalchemy[asyncio]>=2.0.47
sqlmodel>=0.0.37
alembic>=1.18.0
aiosqlite>=0.20.0
asyncpg>=0.29.0
# Configuration & Environment
pydantic>=2.12.0
pydantic-settings>=2.13.0
python-dotenv>=1.2.0
# Rate Limiting & Security
slowapi>=0.1.9
limits>=5.8.0
prometheus-client>=0.24.0
# HTTP Client & Networking
httpx>=0.28.0
requests>=2.32.0
aiohttp>=3.9.0
# Cryptocurrency & Blockchain
cryptography>=46.0.0
pynacl>=1.5.0
ecdsa>=0.19.0
base58>=2.1.1
web3>=6.11.0
eth-account>=0.13.0
# Data Processing
pandas>=2.2.0
numpy>=1.26.0
# Development & Testing
pytest>=8.0.0
pytest-asyncio>=0.24.0
black>=24.0.0
flake8>=7.0.0
# CLI Tools
click>=8.1.0
rich>=13.0.0
typer>=0.12.0
click-completion>=0.5.2
tabulate>=0.9.0
colorama>=0.4.4
keyring>=23.0.0
# JSON & Serialization
orjson>=3.10.0
msgpack>=1.1.0
python-multipart>=0.0.6
# Logging & Monitoring
structlog>=24.1.0
sentry-sdk>=2.0.0
# Utilities
python-dateutil>=2.9.0
pytz>=2024.1
schedule>=1.2.0
aiofiles>=24.1.0
pyyaml>=6.0
# Async Support
asyncio-mqtt>=0.16.0
websockets>=13.0.0
# Image Processing (for AI services)
pillow>=10.0.0
opencv-python>=4.9.0
# Additional Dependencies
redis>=5.0.0
psutil>=5.9.0
tenseal
web3>=6.11.0

28
config/quality/.pre-commit-config-type-checking.yaml
View File

@@ -1,28 +0,0 @@
# Type checking pre-commit hooks for AITBC
# Add this to your main .pre-commit-config.yaml
repos:
- repo: local
hooks:
- id: mypy-domain-core
name: mypy-domain-core
entry: ./venv/bin/mypy
language: system
args: [--ignore-missing-imports, --show-error-codes]
files: ^apps/coordinator-api/src/app/domain/(job|miner|agent_portfolio)\.py$
pass_filenames: false
- id: mypy-domain-all
name: mypy-domain-all
entry: ./venv/bin/mypy
language: system
args: [--ignore-missing-imports, --no-error-summary]
files: ^apps/coordinator-api/src/app/domain/
pass_filenames: false
- id: type-check-coverage
name: type-check-coverage
entry: ./scripts/type-checking/check-coverage.sh
language: script
files: ^apps/coordinator-api/src/app/
pass_filenames: false

219
config/quality/pyproject-consolidated.toml
View File

@@ -1,219 +0,0 @@
[tool.poetry]
name = "aitbc"
version = "v0.2.3"
description = "AI Agent Compute Network - Consolidated Dependencies"
authors = ["AITBC Team"]
packages = []
[tool.poetry.dependencies]
python = "^3.13"
# Core Web Framework
fastapi = ">=0.115.0"
uvicorn = {extras = ["standard"], version = ">=0.32.0"}
gunicorn = ">=22.0.0"
starlette = {version = ">=0.37.2,<0.38.0", optional = true}
# Database & ORM
sqlalchemy = ">=2.0.47"
sqlmodel = ">=0.0.37"
alembic = ">=1.18.0"
aiosqlite = ">=0.20.0"
asyncpg = ">=0.29.0"
# Configuration & Environment
pydantic = ">=2.12.0"
pydantic-settings = ">=2.13.0"
python-dotenv = ">=1.2.0"
# Rate Limiting & Security
slowapi = ">=0.1.9"
limits = ">=5.8.0"
prometheus-client = ">=0.24.0"
# HTTP Client & Networking
httpx = ">=0.28.0"
requests = ">=2.32.0"
aiohttp = ">=3.9.0"
websockets = ">=12.0"
# Cryptography & Blockchain
cryptography = ">=46.0.0"
pynacl = ">=1.5.0"
ecdsa = ">=0.19.0"
base58 = ">=2.1.1"
bech32 = ">=1.2.0"
web3 = ">=6.11.0"
eth-account = ">=0.13.0"
# Data Processing
pandas = ">=2.2.0"
numpy = ">=1.26.0"
orjson = ">=3.10.0"
# Machine Learning & AI (Optional)
torch = {version = ">=2.10.0", optional = true}
torchvision = {version = ">=0.15.0", optional = true}
# CLI Tools
click = ">=8.1.0"
rich = ">=13.0.0"
typer = ">=0.12.0"
click-completion = ">=0.5.2"
tabulate = ">=0.9.0"
colorama = ">=0.4.4"
keyring = ">=23.0.0"
# Logging & Monitoring
structlog = ">=24.1.0"
sentry-sdk = ">=2.0.0"
# Utilities
python-dateutil = ">=2.9.0"
pytz = ">=2024.1"
schedule = ">=1.2.0"
aiofiles = ">=24.1.0"
pyyaml = ">=6.0"
psutil = ">=5.9.0"
tenseal = ">=0.3.0"
# Async Support
asyncio-mqtt = ">=0.16.0"
uvloop = ">=0.22.0"
# Image Processing (Optional)
pillow = {version = ">=10.0.0", optional = true}
opencv-python = {version = ">=4.9.0", optional = true}
# Additional Dependencies
redis = ">=5.0.0"
msgpack = ">=1.1.0"
python-multipart = ">=0.0.6"
[tool.poetry.extras]
# Installation profiles for different use cases
web = ["starlette", "uvicorn", "gunicorn"]
database = ["sqlalchemy", "sqlmodel", "alembic", "aiosqlite", "asyncpg"]
blockchain = ["cryptography", "pynacl", "ecdsa", "base58", "bech32", "web3", "eth-account"]
ml = ["torch", "torchvision", "numpy", "pandas"]
cli = ["click", "rich", "typer", "click-completion", "tabulate", "colorama", "keyring"]
monitoring = ["structlog", "sentry-sdk", "prometheus-client"]
image = ["pillow", "opencv-python"]
all = ["web", "database", "blockchain", "ml", "cli", "monitoring", "image"]
[tool.poetry.group.dev.dependencies]
# Development & Testing
pytest = ">=8.2.0"
pytest-asyncio = ">=0.24.0"
black = ">=24.0.0"
flake8 = ">=7.0.0"
ruff = ">=0.1.0"
mypy = ">=1.8.0"
isort = ">=5.13.0"
pre-commit = ">=3.5.0"
bandit = ">=1.7.0"
pydocstyle = ">=6.3.0"
pyupgrade = ">=3.15.0"
safety = ">=2.3.0"
[tool.poetry.group.test.dependencies]
pytest-cov = ">=4.0.0"
pytest-mock = ">=3.10.0"
pytest-xdist = ">=3.0.0"
[tool.black]
line-length = 127
target-version = ['py313']
include = '\.pyi?$'
extend-exclude = '''
/(
\\.eggs
| \\.git
| \\.hg
| \\.mypy_cache
| \\.tox
| \\.venv
| build
| dist
)/
'''
[tool.isort]
profile = "black"
line_length = 127
multi_line_output = 3
include_trailing_comma = true
force_grid_wrap = 0
use_parentheses = true
ensure_newline_before_comments = true
[tool.mypy]
python_version = "3.13"
warn_return_any = true
warn_unused_configs = true
disallow_untyped_defs = true
disallow_incomplete_defs = true
check_untyped_defs = true
disallow_untyped_decorators = true
no_implicit_optional = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_no_return = true
warn_unreachable = true
strict_equality = true
[[tool.mypy.overrides]]
module = [
"torch.*",
"cv2.*",
"pandas.*",
"numpy.*",
"web3.*",
"eth_account.*",
]
ignore_missing_imports = true
[tool.ruff]
line-length = 127
target-version = "py313"
[tool.ruff.lint]
select = [
"E", # pycodestyle errors
"W", # pycodestyle warnings
"F", # pyflakes
"I", # isort
"B", # flake8-bugbear
"C4", # flake8-comprehensions
"UP", # pyupgrade
]
ignore = [
"E501", # line too long, handled by black
"B008", # do not perform function calls in argument defaults
"C901", # too complex
]
[tool.ruff.lint.per-file-ignores]
"__init__.py" = ["F401"]
"tests/*" = ["B011"]
[tool.pydocstyle]
convention = "google"
add_ignore = ["D100", "D101", "D102", "D103", "D104", "D105", "D106", "D107"]
[tool.pytest.ini_options]
minversion = "8.0"
addopts = "-ra -q --strict-markers --strict-config"
testpaths = ["tests"]
python_files = ["test_*.py", "*_test.py"]
python_classes = ["Test*"]
python_functions = ["test_*"]
markers = [
"slow: marks tests as slow (deselect with '-m \"not slow\"')",
"integration: marks tests as integration tests",
"unit: marks tests as unit tests",
]
[build-system]
requires = ["poetry-core>=1.0.0"]
build-backend = "poetry.core.masonry.api"

130
config/quality/requirements-consolidated.txt
View File

@@ -1,130 +0,0 @@
# AITBC Consolidated Dependencies
# Unified dependency management for all AITBC services
# Version: v0.2.3-consolidated
# Date: 2026-03-31
# ===========================================
# CORE WEB FRAMEWORK
# ===========================================
fastapi==0.115.6
uvicorn[standard]==0.32.1
gunicorn==22.0.0
starlette>=0.40.0,<0.42.0
# ===========================================
# DATABASE & ORM
# ===========================================
sqlalchemy==2.0.47
sqlmodel==0.0.37
alembic==1.18.0
aiosqlite==0.20.0
asyncpg==0.30.0
# ===========================================
# CONFIGURATION & ENVIRONMENT
# ===========================================
pydantic==2.12.0
pydantic-settings==2.13.0
python-dotenv==1.2.0
# ===========================================
# RATE LIMITING & SECURITY
# ===========================================
slowapi==0.1.9
limits==5.8.0
prometheus-client==0.24.0
# ===========================================
# HTTP CLIENT & NETWORKING
# ===========================================
httpx==0.28.0
requests==2.32.0
aiohttp==3.9.0
websockets==12.0
# ===========================================
# CRYPTOGRAPHY & BLOCKCHAIN
# ===========================================
cryptography==46.0.0
pynacl==1.5.0
ecdsa==0.19.0
base58==2.1.1
bech32==1.2.0
web3==6.11.0
eth-account==0.13.0
# ===========================================
# DATA PROCESSING
# ===========================================
pandas==2.2.0
numpy==1.26.0
orjson==3.10.0
# ===========================================
# MACHINE LEARNING & AI
# ===========================================
torch==2.10.0
torchvision==0.15.0
# ===========================================
# CLI TOOLS
# ===========================================
click==8.1.0
rich==13.0.0
typer==0.12.0
click-completion==0.5.2
tabulate==0.9.0
colorama==0.4.4
keyring==23.0.0
# ===========================================
# DEVELOPMENT & TESTING
# ===========================================
pytest==8.2.0
pytest-asyncio==0.24.0
black==24.0.0
flake8==7.0.0
ruff==0.1.0
mypy==1.8.0
isort==5.13.0
pre-commit==3.5.0
bandit==1.7.0
pydocstyle==6.3.0
pyupgrade==3.15.0
safety==2.3.0
# ===========================================
# LOGGING & MONITORING
# ===========================================
structlog==24.1.0
sentry-sdk==2.0.0
# ===========================================
# UTILITIES
# ===========================================
python-dateutil==2.9.0
pytz==2024.1
schedule==1.2.0
aiofiles==24.1.0
pyyaml==6.0
psutil==5.9.0
tenseal==0.3.0
# ===========================================
# ASYNC SUPPORT
# ===========================================
asyncio-mqtt==0.16.0
uvloop==0.22.0
# ===========================================
# IMAGE PROCESSING
# ===========================================
pillow==10.0.0
opencv-python==4.9.0
# ===========================================
# ADDITIONAL DEPENDENCIES
# ===========================================
redis==5.0.0
msgpack==1.1.0
python-multipart==0.0.6

58
config/quality/test_code_quality.py
View File

@@ -1,58 +0,0 @@
#!/usr/bin/env python3
"""
Quick test to verify code quality tools are working properly
"""
import subprocess
import sys
from pathlib import Path
def run_command(cmd, description):
"""Run a command and return success status"""
print(f"\n🔍 {description}")
print(f"Running: {' '.join(cmd)}")
try:
result = subprocess.run(cmd, capture_output=True, text=True, cwd="/opt/aitbc")
if result.returncode == 0:
print(f"{description} - PASSED")
return True
else:
print(f"{description} - FAILED")
print(f"Error output: {result.stderr[:500]}")
return False
except Exception as e:
print(f"{description} - ERROR: {e}")
return False
def main():
"""Test code quality tools"""
print("🚀 Testing AITBC Code Quality Setup")
print("=" * 50)
tests = [
(["/opt/aitbc/venv/bin/black", "--check", "--diff", "apps/coordinator-api/src/app/routers/"], "Black formatting check"),
(["/opt/aitbc/venv/bin/isort", "--check-only", "apps/coordinator-api/src/app/routers/"], "Isort import check"),
(["/opt/aitbc/venv/bin/ruff", "check", "apps/coordinator-api/src/app/routers/"], "Ruff linting"),
(["/opt/aitbc/venv/bin/mypy", "--ignore-missing-imports", "apps/coordinator-api/src/app/routers/"], "MyPy type checking"),
(["/opt/aitbc/venv/bin/bandit", "-r", "apps/coordinator-api/src/app/routers/", "-f", "json"], "Bandit security check"),
]
results = []
for cmd, desc in tests:
results.append(run_command(cmd, desc))
# Summary
passed = sum(results)
total = len(results)
print(f"\n📊 Summary: {passed}/{total} tests passed")
if passed == total:
print("🎉 All code quality checks are working!")
return 0
else:
print("⚠️ Some checks failed - review the output above")
return 1
if __name__ == "__main__":
sys.exit(main())

279
config/security/environment-audit.py
View File

@@ -1,279 +0,0 @@
#!/usr/bin/env python3
"""
Environment Configuration Security Auditor
Validates environment files against security rules
"""
import os
import re
import yaml
import sys
from pathlib import Path
from typing import Dict, List, Tuple, Any
class EnvironmentAuditor:
"""Audits environment configurations for security issues"""
def __init__(self, config_dir: Path = None):
self.config_dir = config_dir or Path(__file__).parent.parent
self.validation_rules = self._load_validation_rules()
self.issues: List[Dict[str, Any]] = []
def _load_validation_rules(self) -> Dict[str, Any]:
"""Load secret validation rules"""
rules_file = self.config_dir / "security" / "secret-validation.yaml"
if rules_file.exists():
with open(rules_file) as f:
return yaml.safe_load(f)
return {}
def audit_environment_file(self, env_file: Path) -> List[Dict[str, Any]]:
"""Audit a single environment file"""
issues = []
if not env_file.exists():
return [{"file": str(env_file), "level": "ERROR", "message": "File does not exist"}]
with open(env_file) as f:
content = f.read()
# Check for forbidden patterns
forbidden_patterns = self.validation_rules.get("forbidden_patterns", [])
production_forbidden_patterns = self.validation_rules.get("production_forbidden_patterns", [])
# Always check general forbidden patterns
for pattern in forbidden_patterns:
if re.search(pattern, content, re.IGNORECASE):
issues.append({
"file": str(env_file),
"level": "CRITICAL",
"message": f"Forbidden pattern detected: {pattern}",
"line": self._find_pattern_line(content, pattern)
})
# Check production-specific forbidden patterns
if "production" in str(env_file):
for pattern in production_forbidden_patterns:
if re.search(pattern, content, re.IGNORECASE):
issues.append({
"file": str(env_file),
"level": "CRITICAL",
"message": f"Production forbidden pattern: {pattern}",
"line": self._find_pattern_line(content, pattern)
})
# Check for template secrets
template_patterns = [
r"your-.*-key-here",
r"change-this-.*",
r"your-.*-password"
]
for pattern in template_patterns:
if re.search(pattern, content, re.IGNORECASE):
issues.append({
"file": str(env_file),
"level": "HIGH",
"message": f"Template secret found: {pattern}",
"line": self._find_pattern_line(content, pattern)
})
# Check for localhost in production files
if "production" in str(env_file):
localhost_patterns = [r"localhost", r"127\.0\.0\.1", r"sqlite://"]
for pattern in localhost_patterns:
if re.search(pattern, content):
issues.append({
"file": str(env_file),
"level": "HIGH",
"message": f"Localhost reference in production: {pattern}",
"line": self._find_pattern_line(content, pattern)
})
# Validate secret references
lines = content.split('\n')
for i, line in enumerate(lines, 1):
if '=' in line and not line.strip().startswith('#'):
key, value = line.split('=', 1)
key = key.strip()
value = value.strip()
# Check if value should be a secret reference
if self._should_be_secret(key) and not value.startswith('secretRef:'):
issues.append({
"file": str(env_file),
"level": "MEDIUM",
"message": f"Potential secret not using secretRef: {key}",
"line": i
})
return issues
def _should_be_secret(self, key: str) -> bool:
"""Check if a key should be a secret reference"""
secret_keywords = [
'key', 'secret', 'password', 'token', 'credential',
'api_key', 'encryption_key', 'hmac_secret', 'jwt_secret',
'dsn', 'database_url'
]
return any(keyword in key.lower() for keyword in secret_keywords)
def _find_pattern_line(self, content: str, pattern: str) -> int:
"""Find line number where pattern appears"""
lines = content.split('\n')
for i, line in enumerate(lines, 1):
if re.search(pattern, line, re.IGNORECASE):
return i
return 0
def audit_all_environments(self) -> Dict[str, List[Dict[str, Any]]]:
"""Audit all environment files"""
results = {}
# Check environments directory
env_dir = self.config_dir / "environments"
if env_dir.exists():
for env_file in env_dir.rglob("*.env*"):
if env_file.is_file():
issues = self.audit_environment_file(env_file)
if issues:
results[str(env_file)] = issues
# Check root directory .env files
root_dir = self.config_dir.parent
for pattern in [".env.example", ".env*"]:
for env_file in root_dir.glob(pattern):
if env_file.is_file() and env_file.name != ".env":
issues = self.audit_environment_file(env_file)
if issues:
results[str(env_file)] = issues
return results
def generate_report(self) -> Dict[str, Any]:
"""Generate comprehensive security report"""
results = self.audit_all_environments()
# Count issues by severity
severity_counts = {"CRITICAL": 0, "HIGH": 0, "MEDIUM": 0, "LOW": 0}
total_issues = 0
for file_issues in results.values():
for issue in file_issues:
severity = issue["level"]
severity_counts[severity] += 1
total_issues += 1
return {
"summary": {
"total_issues": total_issues,
"files_audited": len(results),
"severity_breakdown": severity_counts
},
"issues": results,
"recommendations": self._generate_recommendations(severity_counts)
}
def _generate_recommendations(self, severity_counts: Dict[str, int]) -> List[str]:
"""Generate security recommendations based on findings"""
recommendations = []
if severity_counts["CRITICAL"] > 0:
recommendations.append("CRITICAL: Fix forbidden patterns immediately")
if severity_counts["HIGH"] > 0:
recommendations.append("HIGH: Remove template secrets and localhost references")
if severity_counts["MEDIUM"] > 0:
recommendations.append("MEDIUM: Use secretRef for all sensitive values")
if severity_counts["LOW"] > 0:
recommendations.append("LOW: Review and improve configuration structure")
if not any(severity_counts.values()):
recommendations.append("✅ No security issues found")
return recommendations
def main():
"""Main audit function"""
import argparse
parser = argparse.ArgumentParser(description="Audit environment configurations")
parser.add_argument("--config-dir", help="Configuration directory path")
parser.add_argument("--output", help="Output report to file")
parser.add_argument("--format", choices=["json", "yaml", "text"], default="json", help="Report format")
args = parser.parse_args()
auditor = EnvironmentAuditor(Path(args.config_dir) if args.config_dir else None)
report = auditor.generate_report()
# Output report
if args.format == "json":
import json
output = json.dumps(report, indent=2)
elif args.format == "yaml":
output = yaml.dump(report, default_flow_style=False)
else:
output = format_text_report(report)
if args.output:
with open(args.output, 'w') as f:
f.write(output)
print(f"Report saved to {args.output}")
else:
print(output)
# Exit with error code if issues found
if report["summary"]["total_issues"] > 0:
sys.exit(1)
def format_text_report(report: Dict[str, Any]) -> str:
"""Format report as readable text"""
lines = []
lines.append("=" * 60)
lines.append("ENVIRONMENT SECURITY AUDIT REPORT")
lines.append("=" * 60)
lines.append("")
# Summary
summary = report["summary"]
lines.append(f"Files Audited: {summary['files_audited']}")
lines.append(f"Total Issues: {summary['total_issues']}")
lines.append("")
# Severity breakdown
lines.append("Severity Breakdown:")
for severity, count in summary["severity_breakdown"].items():
if count > 0:
lines.append(f" {severity}: {count}")
lines.append("")
# Issues by file
if report["issues"]:
lines.append("ISSUES FOUND:")
lines.append("-" * 40)
for file_path, file_issues in report["issues"].items():
lines.append(f"\n📁 {file_path}")
for issue in file_issues:
lines.append(f" {issue['level']}: {issue['message']}")
if issue.get('line'):
lines.append(f" Line: {issue['line']}")
# Recommendations
lines.append("\nRECOMMENDATIONS:")
lines.append("-" * 40)
for rec in report["recommendations"]:
lines.append(f"{rec}")
return "\n".join(lines)
if __name__ == "__main__":
main()

283
config/security/helm-values-audit.py
View File

@@ -1,283 +0,0 @@
#!/usr/bin/env python3
"""
Helm Values Security Auditor
Validates Helm values files for proper secret references
"""
import os
import re
import yaml
import sys
from pathlib import Path
from typing import Dict, List, Tuple, Any
class HelmValuesAuditor:
"""Audits Helm values files for security issues"""
def __init__(self, helm_dir: Path = None):
self.helm_dir = helm_dir or Path(__file__).parent.parent.parent / "infra" / "helm"
self.issues: List[Dict[str, Any]] = []
def audit_helm_values_file(self, values_file: Path) -> List[Dict[str, Any]]:
"""Audit a single Helm values file"""
issues = []
if not values_file.exists():
return [{"file": str(values_file), "level": "ERROR", "message": "File does not exist"}]
with open(values_file) as f:
try:
values = yaml.safe_load(f)
except yaml.YAMLError as e:
return [{"file": str(values_file), "level": "ERROR", "message": f"YAML parsing error: {e}"}]
# Recursively check for potential secrets
self._check_secrets_recursive(values, "", values_file, issues)
return issues
def _check_secrets_recursive(self, obj: Any, path: str, file_path: Path, issues: List[Dict[str, Any]]):
"""Recursively check object for potential secrets"""
if isinstance(obj, dict):
for key, value in obj.items():
current_path = f"{path}.{key}" if path else key
if isinstance(value, str):
# Check for potential secrets that should use secretRef
if self._is_potential_secret(key, value):
if not value.startswith('secretRef:'):
issues.append({
"file": str(file_path),
"level": "HIGH",
"message": f"Potential secret not using secretRef: {current_path}",
"value": value,
"suggestion": f"Use secretRef:secret-name:key"
})
# Recursively check nested objects
self._check_secrets_recursive(value, current_path, file_path, issues)
elif isinstance(obj, list):
for i, item in enumerate(obj):
current_path = f"{path}[{i}]" if path else f"[{i}]"
self._check_secrets_recursive(item, current_path, file_path, issues)
def _is_potential_secret(self, key: str, value: str) -> bool:
"""Check if a key-value pair represents a potential secret"""
# Skip Kubernetes built-in values
kubernetes_builtins = [
'topology.kubernetes.io/zone',
'topology.kubernetes.io/region',
'kubernetes.io/hostname',
'app.kubernetes.io/name'
]
if value in kubernetes_builtins:
return False
# Skip common non-secret values
non_secret_values = [
'warn', 'info', 'debug', 'error',
'admin', 'user', 'postgres',
'http://prometheus-server:9090',
'http://127.0.0.1:5001/',
'stable', 'latest', 'IfNotPresent',
'db-credentials', 'redis-credentials',
'aitbc', 'coordinator', 'postgresql'
]
if value in non_secret_values:
return False
# Skip Helm chart specific configurations
helm_config_keys = [
'existingSecret', 'existingSecretPassword',
'serviceAccountName', 'serviceAccount.create',
'ingress.enabled', 'networkPolicy.enabled',
'podSecurityPolicy.enabled', 'autoscaling.enabled'
]
if key in helm_config_keys:
return False
# Check key patterns for actual secrets
secret_key_patterns = [
r'.*password$', r'.*secret$', r'.*token$',
r'.*credential$', r'.*dsn$',
r'database_url', r'api_key', r'encryption_key', r'hmac_secret',
r'jwt_secret', r'private_key', r'adminPassword'
]
key_lower = key.lower()
value_lower = value.lower()
# Check if key suggests it's a secret
for pattern in secret_key_patterns:
if re.match(pattern, key_lower):
return True
# Check if value looks like a secret (more strict)
secret_value_patterns = [
r'^postgresql://.*:.*@', # PostgreSQL URLs with credentials
r'^mysql://.*:.*@', # MySQL URLs with credentials
r'^mongodb://.*:.*@', # MongoDB URLs with credentials
r'^sk-[a-zA-Z0-9]{48}', # Stripe keys
r'^ghp_[a-zA-Z0-9]{36}', # GitHub personal access tokens
r'^xoxb-[0-9]+-[0-9]+-[a-zA-Z0-9]{24}', # Slack bot tokens
r'^[a-fA-F0-9]{64}$', # 256-bit hex keys
r'^[a-zA-Z0-9+/]{40,}={0,2}$', # Base64 encoded secrets
]
for pattern in secret_value_patterns:
if re.match(pattern, value):
return True
# Check for actual secrets in value (more strict)
if len(value) > 20 and any(indicator in value_lower for indicator in ['password', 'secret', 'key', 'token']):
return True
return False
def audit_all_helm_values(self) -> Dict[str, List[Dict[str, Any]]]:
"""Audit all Helm values files"""
results = {}
# Find all values.yaml files
for values_file in self.helm_dir.rglob("values*.yaml"):
if values_file.is_file():
issues = self.audit_helm_values_file(values_file)
if issues:
results[str(values_file)] = issues
return results
def generate_report(self) -> Dict[str, Any]:
"""Generate comprehensive security report"""
results = self.audit_all_helm_values()
# Count issues by severity
severity_counts = {"CRITICAL": 0, "HIGH": 0, "MEDIUM": 0, "LOW": 0}
total_issues = 0
for file_issues in results.values():
for issue in file_issues:
severity = issue["level"]
severity_counts[severity] += 1
total_issues += 1
return {
"summary": {
"total_issues": total_issues,
"files_audited": len(results),
"severity_breakdown": severity_counts
},
"issues": results,
"recommendations": self._generate_recommendations(severity_counts)
}
def _generate_recommendations(self, severity_counts: Dict[str, int]) -> List[str]:
"""Generate security recommendations based on findings"""
recommendations = []
if severity_counts["CRITICAL"] > 0:
recommendations.append("CRITICAL: Fix critical secret exposure immediately")
if severity_counts["HIGH"] > 0:
recommendations.append("HIGH: Use secretRef for all sensitive values")
if severity_counts["MEDIUM"] > 0:
recommendations.append("MEDIUM: Review and validate secret references")
if severity_counts["LOW"] > 0:
recommendations.append("LOW: Improve secret management practices")
if not any(severity_counts.values()):
recommendations.append("✅ No security issues found")
return recommendations
def main():
"""Main audit function"""
import argparse
parser = argparse.ArgumentParser(description="Audit Helm values for security issues")
parser.add_argument("--helm-dir", help="Helm directory path")
parser.add_argument("--output", help="Output report to file")
parser.add_argument("--format", choices=["json", "yaml", "text"], default="json", help="Report format")
args = parser.parse_args()
auditor = HelmValuesAuditor(Path(args.helm_dir) if args.helm_dir else None)
report = auditor.generate_report()
# Output report
if args.format == "json":
import json
output = json.dumps(report, indent=2)
elif args.format == "yaml":
output = yaml.dump(report, default_flow_style=False)
else:
output = format_text_report(report)
if args.output:
with open(args.output, 'w') as f:
f.write(output)
print(f"Report saved to {args.output}")
else:
print(output)
# Exit with error code if issues found
if report["summary"]["total_issues"] > 0:
sys.exit(1)
def format_text_report(report: Dict[str, Any]) -> str:
"""Format report as readable text"""
lines = []
lines.append("=" * 60)
lines.append("HELM VALUES SECURITY AUDIT REPORT")
lines.append("=" * 60)
lines.append("")
# Summary
summary = report["summary"]
lines.append(f"Files Audited: {summary['files_audited']}")
lines.append(f"Total Issues: {summary['total_issues']}")
lines.append("")
# Severity breakdown
lines.append("Severity Breakdown:")
for severity, count in summary["severity_breakdown"].items():
if count > 0:
lines.append(f" {severity}: {count}")
lines.append("")
# Issues by file
if report["issues"]:
lines.append("ISSUES FOUND:")
lines.append("-" * 40)
for file_path, file_issues in report["issues"].items():
lines.append(f"\n📁 {file_path}")
for issue in file_issues:
lines.append(f" {issue['level']}: {issue['message']}")
if 'value' in issue:
lines.append(f" Current value: {issue['value']}")
if 'suggestion' in issue:
lines.append(f" Suggestion: {issue['suggestion']}")
# Recommendations
lines.append("\nRECOMMENDATIONS:")
lines.append("-" * 40)
for rec in report["recommendations"]:
lines.append(f"{rec}")
return "\n".join(lines)
if __name__ == "__main__":
main()

73
config/security/secret-validation.yaml
View File

@@ -1,73 +0,0 @@
# Secret Validation Rules
# Defines which environment variables must use secret references
production_secrets:
coordinator:
required_secrets:
- pattern: "DATABASE_URL"
secret_ref: "db-credentials"
validation: "postgresql://"
- pattern: "ADMIN_API_KEY"
secret_ref: "api-keys:admin"
validation: "^[a-zA-Z0-9]{32,}$"
- pattern: "CLIENT_API_KEY"
secret_ref: "api-keys:client"
validation: "^[a-zA-Z0-9]{32,}$"
- pattern: "ENCRYPTION_KEY"
secret_ref: "security-keys:encryption"
validation: "^[a-fA-F0-9]{64}$"
- pattern: "HMAC_SECRET"
secret_ref: "security-keys:hmac"
validation: "^[a-fA-F0-9]{64}$"
- pattern: "JWT_SECRET"
secret_ref: "security-keys:jwt"
validation: "^[a-fA-F0-9]{64}$"
- pattern: "OPENAI_API_KEY"
secret_ref: "external-services:openai"
validation: "^sk-"
- pattern: "SENTRY_DSN"
secret_ref: "monitoring:sentry"
validation: "^https://"
wallet_daemon:
required_secrets:
- pattern: "COORDINATOR_API_KEY"
secret_ref: "api-keys:coordinator"
validation: "^[a-zA-Z0-9]{32,}$"
forbidden_patterns:
# These patterns should never appear in ANY configs
- "your-.*-key-here"
- "change-this-.*"
- "password="
- "secret_key="
- "api_secret="
production_forbidden_patterns:
# These patterns should never appear in PRODUCTION configs
- "localhost"
- "127.0.0.1"
- "sqlite://"
- "debug.*true"
validation_rules:
# Minimum security requirements
min_key_length: 32
require_complexity: true
no_default_values: true
no_localhost_in_prod: true
# Database security
require_ssl_database: true
forbid_sqlite_in_prod: true
# API security
require_https_urls: true
validate_api_key_format: true

35
config/smart_contracts_test.json
View File

@@ -1,35 +0,0 @@
{
"escrow": {
"default_fee_rate": 0.025,
"max_contract_duration": 2592000,
"dispute_timeout": 604800,
"min_dispute_evidence": 1,
"max_dispute_evidence": 10,
"min_milestone_amount": 0.01,
"max_milestones": 10,
"verification_timeout": 86400
},
"disputes": {
"automated_resolution_threshold": 0.8,
"mediation_timeout": 259200,
"arbitration_timeout": 604800,
"voting_timeout": 172800,
"min_arbitrators": 3,
"max_arbitrators": 5,
"community_vote_threshold": 0.6
},
"upgrades": {
"min_voting_period": 259200,
"max_voting_period": 604800,
"required_approval_rate": 0.6,
"min_participation_rate": 0.3,
"emergency_upgrade_threshold": 0.8,
"rollback_timeout": 604800
},
"optimization": {
"min_optimization_threshold": 1000,
"optimization_target_savings": 0.1,
"max_optimization_cost": 0.01,
"metric_retention_period": 604800
}
}

8
config/templates/dummy.yaml
View File

@@ -1,8 +0,0 @@
genesis:
chain_type: topic
consensus:
algorithm: pos
name: Test Chain
privacy:
visibility: public
purpose: test

2
systemd/aitbc-blockchain-node.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-blockchain-p2p.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-blockchain-rpc.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-blockchain-sync.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-coordinator-api.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-cross-chain-reputation.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-edge-monitoring-aitbc1-edge-secondary.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-exchange-api.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-explorer.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-learning.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-marketplace.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-miner-dashboard.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-modality-optimization.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-multimodal.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-node.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-openclaw.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env

2
systemd/aitbc-wallet.service.d/10-central-env.conf
View File

@@ -1,2 +1,2 @@
[Service]
EnvironmentFile=/opt/aitbc/.env
EnvironmentFile=/etc/aitbc/.env