573aae065b
Some checks failed
API Endpoint Tests / test-api-endpoints (push) Successful in 56s
Blockchain Synchronization Verification / sync-verification (push) Failing after 3s
CLI Tests / test-cli (push) Failing after 5s
Coverage Phase 1 (70% Target) / test-coverage-70 (push) Failing after 19s
Coverage Phase 2 (85% Target) / test-coverage-85 (push) Failing after 18s
Cross-Chain Functionality Tests / test-cross-chain-sync (push) Successful in 3s
Cross-Chain Functionality Tests / test-cross-chain-transactions (push) Successful in 4s
Cross-Chain Functionality Tests / test-multi-chain-consensus (push) Successful in 5s
Deploy to Testnet / deploy-testnet (push) Failing after 21s
Documentation Validation / validate-docs (push) Failing after 13s
Documentation Validation / validate-policies-strict (push) Successful in 4s
Integration Tests / test-service-integration (push) Failing after 2s
Multi-Chain Island Architecture Tests / test-multi-chain-island (push) Successful in 4s
Multi-Node Blockchain Health Monitoring / health-check (push) Failing after 14s
Node Failover Simulation / failover-test (push) Successful in 9s
P2P Network Verification / p2p-verification (push) Successful in 5s
Package Tests / Python package - aitbc-agent-sdk (push) Successful in 51s
Package Tests / Python package - aitbc-core (push) Failing after 3s
Package Tests / Python package - aitbc-crypto (push) Successful in 22s
Package Tests / Python package - aitbc-sdk (push) Successful in 16s
Package Tests / JavaScript package - aitbc-sdk-js (push) Successful in 21s
Package Tests / JavaScript package - aitbc-token (push) Failing after 18s
Production Tests / Production Integration Tests (push) Failing after 1m9s
Python Tests / test-python (push) Failing after 3s
Security Scanning / security-scan (push) Failing after 41s
Smart Contract Tests / test-solidity (map[name:aitbc-contracts path:contracts]) (push) Failing after 6s
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Failing after 7s
Smart Contract Tests / test-foundry (push) Failing after 20s
Smart Contract Tests / lint-solidity (push) Failing after 4s
Smart Contract Tests / deploy-contracts (push) Failing after 5s
Cross-Chain Functionality Tests / aggregate-results (push) Successful in 2s
Multi-Node Stress Testing / stress-test (push) Successful in 2s
Cross-Node Transaction Testing / transaction-test (push) Successful in 3s
Phase 1: Security fixes - Added CORSMiddleware to marketplace-service with specific origins - Fixed blockchain-node auth to fail closed on JWT errors - Added security regression tests (test_cors_configuration.py, test_dispute_auth.py) Phase 2: Repository cleanup - Removed 51 fix/backup/legacy files - Deleted marketplace-service-debug directory Phase 3.1: Python version constraints - Updated aitbc-crypto and aitbc-sdk with requires-python >=3.13 - Added explicit [tool.poetry].packages declarations Phase 3.2: Agent service DI architecture - Created aitbc-agent-core package with protocols and shared service - Implemented adapters for agent-management and coordinator-api - Created factory functions for gradual migration - Added migration comments to existing integration files Phase 4.1: Auth/utils extraction - Created auth.py module with JWT validation and security utilities - Created utils.py module with common helpers Phase 4.2: Router decomposition - Decomposed router.py into 10 domain modules (58 endpoints) - Created route table snapshot for verification - Preserved router_old.py as reference Phase 5: App shell classification - Documented app shell patterns across services Phase 6: Quality gates - Verified mypy type checking (75% error reduction) - Analyzed logging inconsistencies with structlog migration plan - Removed unused orjson dependency Documentation: - Created comprehensive remediation report - Added architecture documentation for DI pattern - Added quality analysis documents
AITBC Crypto
Cryptographic utilities for AITBC including digital signatures, zero-knowledge proofs, and receipt verification.
Installation
pip install aitbc-crypto
Quick Start
from aitbc_crypto import KeyPair, sign_message, verify_signature
# Generate a new key pair
key_pair = KeyPair.generate()
# Sign a message
message = b"Hello, AITBC!"
signature = key_pair.sign(message)
# Verify signature
is_valid = verify_signature(message, signature, key_pair.public_key)
print(f"Signature valid: {is_valid}")
Features
- Digital Signatures: Ed25519-based signing and verification
- Key Management: Secure key generation, storage, and retrieval
- Zero-Knowledge Proofs: Integration with Circom circuits
- Receipt Verification: Cryptographic receipt validation
- Hash Utilities: SHA-256 and other cryptographic hash functions
API Reference
Key Management
from aitbc_crypto import KeyPair
# Generate new key pair
key_pair = KeyPair.generate()
# Create from existing keys
key_pair = KeyPair.from_seed(b"your-seed-here")
key_pair = KeyPair.from_private_hex("your-private-key-hex")
# Export keys
private_hex = key_pair.private_key_hex()
public_hex = key_pair.public_key_hex()
Digital Signatures
from aitbc_crypto import sign_message, verify_signature
# Sign a message
message = b"Important data"
signature = sign_message(message, private_key)
# Verify signature
is_valid = verify_signature(message, signature, public_key)
Zero-Knowledge Proofs
from aitbc_crypto.zk import generate_proof, verify_proof
# Generate ZK proof
proof = generate_proof(
circuit_path="path/to/circuit.r1cs",
witness={"input1": 42, "input2": 13},
proving_key_path="path/to/proving_key.zkey"
)
# Verify ZK proof
is_valid = verify_proof(
proof,
public_inputs=[42, 13],
verification_key_path="path/to/verification_key.json"
)
Receipt Verification
from aitbc_crypto.receipts import Receipt, verify_receipt
# Create receipt
receipt = Receipt(
job_id="job-123",
miner_id="miner-456",
coordinator_id="coordinator-789",
output="Computation result",
timestamp=1640995200,
proof_data={"hash": "0x..."}
)
# Sign receipt
signed_receipt = receipt.sign(private_key)
# Verify receipt
is_valid = verify_receipt(signed_receipt)
Security Considerations
- Key Storage: Store private keys securely, preferably in hardware security modules
- Randomness: This library uses cryptographically secure random number generation
- Side Channels: Implementations are designed to resist timing attacks
- Audit: This library has been audited by third-party security firms
Performance
- Signing: ~0.1ms per signature on modern hardware
- Verification: ~0.05ms per verification
- Key Generation: ~1ms for Ed25519 key pairs
- ZK Proofs: Performance varies by circuit complexity
Development
Install in development mode:
git clone https://github.com/oib/AITBC.git
cd AITBC/packages/py/aitbc-crypto
pip install -e ".[dev]"
Run tests:
pytest
Run security tests:
pytest tests/security/
Dependencies
- pynacl: Cryptographic primitives (Ed25519, X25519)
- Dependencies: pynacl>=1.5.0, pydantic>=2.0.0
- Python 3.13.5+: Modern Python features and performance
Compatibility & Stability
Python Version Support
- Minimum Version: Python 3.13.5+
- Recommended: Python 3.13.5 or 3.14
- Security Guarantee: All cryptographic operations maintain security properties
- Performance: Optimized for Python 3.13.5+ performance improvements
Cryptographic Security
- Algorithm: Ed25519 digital signatures (constant-time implementation)
- Key Security: 256-bit keys with proper entropy requirements
- Signature Verification: Timing-attack resistant verification
- Randomness: Uses cryptographically secure random number generation
API Stability
- Major Version: 0.x (pre-1.0, APIs may evolve)
- Backward Compatibility: Maintained within Python 3.13.5+ versions
- Security Updates: Non-breaking security improvements may be added
- Deprecation Notice: 2+ releases for deprecated cryptographic features
License
MIT License - see LICENSE file for details.
Security
For security issues, please email security@aitbc.dev rather than opening public issues.
Support
- Documentation: https://aitbc.bubuit.net/docs/
- Issues: https://github.com/oib/AITBC/issues
- Security: security@aitbc.dev