diff --git a/.github/workflows/telemetry_gate.yml b/.github/workflows/telemetry_gate.yml index f07f7c2ac..e5914f97b 100644 --- a/.github/workflows/telemetry_gate.yml +++ b/.github/workflows/telemetry_gate.yml @@ -19,21 +19,19 @@ jobs: with: go-version: '1.26' - - name: Build telemetry_replay + - name: Build phoenix-runtime run: | - cd 14_experiments/telemetry_replay - go build -o telemetry_replay main.go + cd phoenix_os + go build -o ../build/phoenix-runtime main.go - - name: Run Telemetry Gate + - name: Run Deterministic Replay Gate run: | - ./14_experiments/telemetry_replay/telemetry_replay \ - --file 09_telemetry/replay_events_large.jsonl \ - --rate 1000 \ - --out results/telemetry_gate - - - name: Upload Artifacts - if: always() - uses: actions/upload-artifact@v4 - with: - name: telemetry-gate-results - path: results/telemetry_gate/ + HASH1=$(./build/phoenix-runtime 2>&1 | grep 'Deterministic output hash' | awk '{print $NF}') + HASH2=$(./build/phoenix-runtime 2>&1 | grep 'Deterministic output hash' | awk '{print $NF}') + echo "Run 1 hash: $HASH1" + echo "Run 2 hash: $HASH2" + if [ "$HASH1" != "$HASH2" ]; then + echo "DETERMINISM VIOLATION: Hashes do not match!" + exit 1 + fi + echo "✓ Replay determinism verified: $HASH1" diff --git a/00_program_management/roadmap/main_roadmap.md b/00_program_management/roadmap/main_roadmap.md index 3dfe1abca..27b0808cd 100644 --- a/00_program_management/roadmap/main_roadmap.md +++ b/00_program_management/roadmap/main_roadmap.md @@ -1,59 +1,101 @@ -# Phoenix Master Architecture & Roadmap (5-7 Year Plan) - -## Core Principle -`Physics + Mathematics + Security + Operating Systems = Phoenix` - -## Master System Stack (GTOS Model) -- **L7:** Autonomous Security Layer (Multi-Agent Swarm) -- **L6:** Phoenix Sentinel Engine (Thermodynamics & Disorder) -- **L5:** Game Theory & Control Dynamics (Nash, Stackelberg, VCG) -- **L4:** Graph Intelligence (Incident DAGs) -- **L3:** Mathematical Telemetry (Entropy, Signals) -- **L2:** Kernel Telemetry Runtime (eBPF) -- **L1:** Hardware / Hypervisor - -## Strict Execution Order (Do Not Deviate) -1. **Math Foundations:** (Information Theory, Entropy, KL Divergence) -> *Currently Executing* -2. **Telemetry:** (eBPF, Math Filters, State Engine) -3. **Graphs:** (DAGs, Shortest Path, Community Detection) -4. **Control:** (PID, Adaptive Response) -5. **Physics:** (Disorder, Thermodynamics, Dynamics) -6. **Game Theory (GTOS):** (Nash, VCG, Stackelberg, Shapley, ESS) -7. **Kernel:** (Physics Hooks, Adaptive Scheduler) -8. **Autonomous OS:** (AI, Multi-agent execution) - -## Phase A: Mathematical Core (Months 1-6) -- **A1:** Information Theory (Phoenix Monitor, KL Detector) -- **A2:** Graph Mathematics (Incident DAGs) -- **A3:** Optimization Theory (Minimizing containment cost) - -## Phase B: Physics Layer (Months 6-12) -- **B1:** Statistical Physics (Security Disorder Index - SDI) -- **B2:** Dynamical Systems (Trajectory drift) -- **B3:** Signal Processing (FFT, Wavelets for chaos detection) - -## Phase C: Game Theory Layer (GTOS Implementation) (Months 12-20) -- **G1:** Resource Allocation Games (Nash Scheduling) -- **G2:** Mechanism Design (VCG Resource Allocation) -- **G3:** Zero-Sum Security Games (Minimax Defense) -- **G4:** Stackelberg Defense (Adaptive Policies) -- **G5:** Cooperative Games (Shapley Value Accounting) -- **G6:** Evolutionary Security (Stable Detection) -- **G7:** Auction-based QoS (Vickrey Routing) -- **G8:** Multi-Agent Swarm Integration - -## Kernel Roadmap (Year 1-4) -- **Year 1:** Resource Games, VCG Allocator, Fairness Metrics. -- **Year 2:** Security Games, Stackelberg Defense, Bayesian Inference. -- **Year 3:** Shapley Cache, Auction QoS, ESS Defense. -- **Year 4:** Game Scheduler, Adaptive Kernel, Autonomous Policies. - -## Phase D: Control Layer (Months 20-25) -- **D1:** PID Containment (Throttle -> Isolate -> Snapshot) - -## Phase E: Kernel Integration (Months 25-37) -- **E1:** Physics/Game-aware Scheduler -- **E2:** Energy/Entropy tracking memory allocation - -## Phase F: Autonomous Phoenix (Months 37+) -- Full LLM/Graph reasoning runtime. +# PhoenixOS: Master Execution Roadmap + +## Project Definition +**PhoenixOS** is a **Deterministic Cybernetic Security Runtime** running on Linux. It focuses on mathematically reproducible replay, bounded control, and telemetry-first validation. + +## Core Axioms +1. **Determinism is sacred.** +2. **Replay is authoritative.** +3. **AI is advisory.** +4. **Control must remain bounded.** +5. **Telemetry correctness > AI sophistication.** +6. **Never scale instability.** + +--- + +## Phase A: Core Product (Stages 0–4) +*Focus: Deterministic single-node cybernetic security runtime.* + +### Stage 0: Foundation Stabilization +* **Goal:** Architectural coherence. +* **Deliverables:** RFC system, repository structure, FSM model, `DETERMINISM.md`. +* **Exit Criteria:** No major architectural contradictions remain. + +### Stage 1: Deterministic Replay Runtime (ACTIVE) +* **Goal:** Mathematically reproducible single-node replay. +* **Systems:** Replay engine, Event bus, Ledger, FSM, TCS, Drift engine. +* **Features:** Logical time, Canonical serialization, Stable hashing, Bounded queues. +* **Exit Criteria:** Replay hashes are byte-for-byte identical across runs. + +### Stage 2: Real Telemetry Runtime +* **Goal:** Replace simulated data with real Linux eBPF/XDP telemetry. +* **Build:** Phoenix Guard, Kernel adapters, Telemetry collectors. +* **Exit Criteria:** Stable single-node telemetry replay. + +### Stage 3: Immutable Runtime Image +* **Goal:** Boot Phoenix as a minimal immutable environment. +* **Build:** LinuxKit appliance, Minimal kernel, Immutable initrd, PID1 Warden. +* **Exit Criteria:** Phoenix runtime boots as a standalone immutable appliance. + +### Stage 4: Constrained Actuation +* **Goal:** Safe, bounded autonomous response. +* **Systems:** Warden FSM, Actuation budgets, Cooldowns, Rate limits. +* **Allowed Actions:** Log, Throttle, Socket block, Process isolate. +* **Exit Criteria:** No state oscillation under adversarial stress. + +--- + +## Phase B: Advanced Platform (Stages 5–8) +*Focus: Distributed, forensic-grade enterprise observability.* + +### Stage 5: Evidence & Replay Infrastructure +* **Goal:** Forensic-grade replay DAGs and cross-session provenance. +* **Features:** Causal linking, Event provenance, Hash chains. +* **Exit Criteria:** Replay becomes the authoritative system truth. + +### Stage 6: Graph Runtime +* **Goal:** Transform telemetry into temporal causality structures. +* **Systems:** Process DAG, Node graph, Attack chains. +* **Exit Criteria:** Stable attack graph reconstruction. + +### Stage 7: Distributed Telemetry +* **Goal:** Multi-node observability using vector clocks. +* **Features:** Event replication, Global replay, Distributed evidence. +* **Exit Criteria:** Cross-node deterministic replay succeeds. + +### Stage 8: Cloud Runtime +* **Goal:** Cluster orchestration and immutable deployment fleet. +* **Build:** Scheduler, Policy distribution, Image rollout. +* **Exit Criteria:** Phoenix nodes are manageable as a fleet. + +--- + +## Phase C: Cybernetic Research (Stages 9–12) +*Focus: Advanced reasoning, state estimation, and automated strategic defense.* + +### Stage 9: Advisory AI Layer +* **Goal:** Explainable AI correlation and ranking (Advisory only). +* **Allowed Tasks:** Summaries, Policy suggestions, Replay explanation. +* **Exit Criteria:** AI outputs are strictly bounded and explainable. + +### Stage 10: Physics + Control Theory +* **Goal:** Formal system-state estimation. +* **Concepts:** Entropy, Variance (Welford's), Kalman filters, Signal processing. +* **Exit Criteria:** Physics layer measurably improves detection. + +### Stage 11: Game Theory Runtime +* **Goal:** Strategic bounded defense planning. +* **Build:** Resource allocation games, Stackelberg defense, Decoy placement. +* **Exit Criteria:** Algorithmic defense decisions outperform heuristics. + +### Stage 12: Cybernetic Runtime +* **Goal:** Full closed-loop bounded defense system. +* **Properties:** Observable, Bounded, Reversible, Deterministic. +* **Exit Criteria:** Stable and autonomous under adversarial stress. + +--- + +## Phase D: Optional Evolution (Stage 13) +### Stage 13: Research OS +* **Focus:** Custom schedulers, hardware isolation (SGX/SEV), microkernel experiments. +* **Status:** Pure OS research, not required for core project success. diff --git a/02_docs/decisions/ADR-002-swarm-restructuring.md b/02_docs/decisions/ADR-002-swarm-restructuring.md new file mode 100644 index 000000000..02034a814 --- /dev/null +++ b/02_docs/decisions/ADR-002-swarm-restructuring.md @@ -0,0 +1,23 @@ +# ADR-002: Swarm Logic Restructuring + +## Status + +Proposed. + +## Context + +The `phoenix_os/agents/internal/swarm` package contained mixed concerns, causing package collisions and potential circular dependencies between the Warden (actuation) and the Arbiter (reasoning). + +## Decision + +Restructure `phoenix_os/agents/internal/swarm` into sub-packages to encapsulate agent logic and governance. + +- Move entry point/agent logic to `phoenix_os/agents/internal/swarm/agent`. +- Move governance logic to `phoenix_os/agents/internal/swarm/governance`. + +## Consequences + +- Resolves package collisions. +- Eliminates circular dependencies between Warden and Arbiter. +- Improves code maintainability and modularity. +- Aligns with the Phoenix Matrix separation of concerns. diff --git a/02_docs/rfc/RFC-010_arbiter_warden_interface.md b/02_docs/rfc/RFC-010_arbiter_warden_interface.md new file mode 100644 index 000000000..dbb5783f3 --- /dev/null +++ b/02_docs/rfc/RFC-010_arbiter_warden_interface.md @@ -0,0 +1,45 @@ +# RFC-010: Arbiter-Warden Control Interface + +**Status:** Draft (Revised) +**Review Date:** 2026-05-22 +**Author:** Documentation Evolution Agent +**Target Subsystem:** L5/L5.5 Control Loop + +## 1. Objective +Define a rigid, state-aware, and failure-safe interface between the L5.5 Strategic Policy Arbiter and the L5 Actuation Warden. The system must adhere to the principle: **Every autonomous action must be observable, explainable, reversible, and bounded.** + +## 2. Interface Formalization +The interface shall be modeled as a restricted Finite State Machine with mandatory policy constraints: + +```text +Arbiter (Goal) -> Policy Constraint Layer -> Warden (Action) +``` + +### 2.1 Actuation Classes (Risk Tiers) +All actions must be categorized: +* **CLASS 0 (Observe):** Data gathering only. +* **CLASS 1 (Log/Alert):** Informational only. +* **CLASS 2 (Throttle):** Resource constraints (e.g., process limit). +* **CLASS 3 (Local Isolate):** Local process/container isolation. +* **CLASS 4 (Cluster Isolate):** Distributed node isolation (Requires consensus). +* **CLASS 5 (Kernel Emergency):** Direct kernel intervention (Requires high-confidence quorum). + +### 2.2 Safety Guardrails & Telemetry Confidence +* **Telemetry Confidence Score (TCS):** Arbiter actions are gated by a calculated TCS (based on packet loss, drift, queue pressure, etc.). High-risk classes (3+) require TCS > threshold. +* **Actuation Budgeting:** Enforce hard limits on CPU, Network, Isolation, and AI inference budgets consumed by security actions to prevent self-DoS. +* **Simulation-before-Execution:** High-risk actions (Class 4+) must pass through a shadow simulation to predict impact before real-world execution. + +## 3. Failure Modes, Recovery & Distributed Coordination +* **Distributed Consensus:** Cross-node actions (Class 4+) require leader-validated quorum to prevent fragmentation and split-brain scenarios. +* **Recovery Semantics:** Reintegration requires validated evidence of safety (e.g., threat cleared, state stable) before moving back to `SAFE` state. +* **Communication Loss:** Fail-closed (maintain current state). + +## 4. Implementation Sequencing +1. Define Protocol Buffer definition (Class + Action + Constraints). +2. Implement Safety Layer (Validation logic + TCS check). +3. Implement Budgeting and Rate-limiting. +4. Integrate with Warden FSM (starting with SAFE -> WATCH -> SUSPICIOUS). + +## 5. Risks +- Undefined failure modes leading to cluster-wide self-DoS. +- Latency added to the Fast-Path by safety checks. diff --git a/02_docs/rfc/RFC-011_telemetry_confidence.md b/02_docs/rfc/RFC-011_telemetry_confidence.md new file mode 100644 index 000000000..0552f9898 --- /dev/null +++ b/02_docs/rfc/RFC-011_telemetry_confidence.md @@ -0,0 +1,21 @@ +# RFC-011: Telemetry Confidence Model (TCS) + +**Status:** Draft +**Goal:** Define a mathematical model to quantify the fidelity of incoming telemetry streams, providing a "trust threshold" for autonomous control logic. + +## 1. Mathematical Model +The Telemetry Confidence Score ($T_C$) is defined as: +$$ T_C = w_1(1 - P_{loss}) + w_2(1 - J_{norm}) + w_3(E_{sig}) $$ + +Weights: +* $w_1 = 0.4$ (Event Loss Sensitivity) +* $w_2 = 0.3$ (Jitter Sensitivity) +* $w_3 = 0.3$ (Structural Entropy) + +## 2. Thresholds +* **$T_C \ge 0.85$:** System `TRUSTED`. Autonomous actions authorized. +* **$0.60 \le T_C < 0.85$:** System `DEGRADED`. Arbiter restricted to Class 0-2 actions only. +* **$T_C < 0.60$:** System `UNTRUSTED`. Arbiter enters fail-safe mode; human intervention required. + +## 3. Implementation +The TCS engine calculates these metrics over a sliding window of the last $N$ telemetry events. diff --git a/02_docs/rfc/roadmap_control_loop_pipeline.md b/02_docs/rfc/roadmap_control_loop_pipeline.md new file mode 100644 index 000000000..e4282300c --- /dev/null +++ b/02_docs/rfc/roadmap_control_loop_pipeline.md @@ -0,0 +1,14 @@ +# Roadmap: Control Loop RFC Pipeline + +This pipeline establishes the necessary specifications for building a robust, cybernetic control system for PhoenixOS, prioritized by the Telemetry-First Core Executable Strategy. + +| RFC ID | Title | Objective | Phase | +| :--- | :--- | :--- | :--- | +| RFC-011 | Telemetry Confidence Model | Define TCS metrics and fidelity requirements. | 1 | +| RFC-015 | Evidence Integrity Model | Specify SHA-256 ledger interactions. | 1 | +| RFC-014 | Replay & Simulation Runtime | Detail shadow simulation architecture. | 1 | +| RFC-010 | Arbiter-Warden Control Interface | Formalize safe actuation and control constraints. | 2 | +| RFC-012 | Warden FSM Specification | Detail SAFE -> WATCH -> SUSPICIOUS FSM states. | 2 | +| RFC-016 | Actuation Budget System | Define hard limits for safety-critical budget management. | 2 | +| RFC-013 | Distributed Isolation Protocol | Define consensus and quorum for cluster actions. | 3 | +| RFC-017 | Recovery & Reintegration Semantics | Specify trust-rebuilding and quarantine exit protocols. | 3 | diff --git a/06_ai/agents/Arbiter_SI_Research.md b/06_ai/agents/Arbiter_SI_Research.md new file mode 100644 index 000000000..669002267 --- /dev/null +++ b/06_ai/agents/Arbiter_SI_Research.md @@ -0,0 +1,23 @@ +# Research: Importance Scoring (SI) for Phoenix Arbiter + +## Objective +Develop a mathematical framework to dynamically calculate the Importance Score ($S_I$) to differentiate between routine system noise and adversarial lateral movement. + +## Proposed Formula Framework: The Multiplicative Model +$$ S_I = \min\left(1.0, \left( C_N \times G_S \right) \cdot e^{k \cdot F_A} \right) $$ + +- **Baseline Threat ($C_N \times G_S$):** The inherent risk is the severity of the event multiplied by the value of the node. +- **Compounding Factor ($e^{k \cdot F_A}$):** $F_A$ (Historical Frequency) acts as an exponential growth modifier, where $k$ is a tuning constant derived from the Phoenix Sentinel's thermodynamic entropy state. + +## Variable Mapping Table + +| Variable | Definition | Source in Phoenix OS | +| --- | --- | --- | +| **$C_N$** | Node Criticality (0.1 to 1.0) | Static YAML config injected via Cloud Control Plane. | +| **$G_S$** | Cgroup Severity (0.1 to 1.0) | eBPF cgroup/connect4 hook payload + PID context. | +| **$F_A$** | Historical Frequency (0.0 to 1.0) | Phoenix Monitor in-memory time-series window (e.g., last 60s). | + +## Next Steps +1. Map out data sources for $C_N, F_A, G_S$ within the existing Telemetry/Trace framework. +2. Define the normalization functions for each variable (0.0 to 1.0). +3. Draft a simulation plan to test the $S_I$ sensitivity to synthetic attack patterns vs. normal operation. diff --git a/ALGORITHM_MAP.md b/ALGORITHM_MAP.md new file mode 100644 index 000000000..9b7063e8f --- /dev/null +++ b/ALGORITHM_MAP.md @@ -0,0 +1,41 @@ +# PhoenixOS: Algorithm & Model Map + +This document maps the project's evolution stages to specific algorithms and mathematical models. + +## 1. Determinism & Evidence (Stages 1 & 5) +* **Canonical Serialization:** Sorted key ordering and stable float representation (e.g., Canonical JSON) to ensure identical hashes for identical data. +* **Merkle DAGs:** Structured evidence ledger allowing parallel event branching with a single root hash for system state verification. +* **Lamport Logical Clocks:** Causal event ordering replacing non-deterministic wall-clock time in replay traces. + +## 2. Signal Processing & Physics (Stage 10) +* **Welford’s Online Algorithm:** $O(1)$ memory, numerically stable running variance and standard deviation calculation for telemetry streams. +* **EWMA (Exponentially Weighted Moving Average):** Bounded, predictable smoothing of noisy telemetry signals. +* **Shannon Entropy:** $H(X) = -\sum P(x) \log_2 P(x)$ to detect packed malware or encrypted exfiltration. +* **Kalman Filters:** Real-time system-state estimation to isolate signals from background OS noise and detect telemetry spoofing. + +## 3. Constrained Control & Actuation (Stages 4 & 12) +* **PID Control (Proportional-Integral-Derivative):** Smooth, non-oscillatory throttling of system resources based on anomaly magnitude and persistence. +* **Token/Leaky Bucket:** Strict mathematical bounds on data egress and process execution rates during suspicious states. + +## 4. Graph & Causality Runtime (Stage 6) +* **Temporal Graph Traversal:** Time-respecting pathfinding ($t_1 < t_2$) to reconstruct valid attack chains. +* **Personalized PageRank:** Propagating risk scores through the process lineage and network DAG to identify blast radius. + +## 5. Strategic Defense & Game Theory (Stage 11) +* **Bayesian Inference:** Updating attacker profiles and intent probabilities as new telemetry evidence is replayed. +* **Stackelberg Security Games:** Solving for optimal defensive allocations (probes, decoys, isolation) against a rational, observing adversary. + +## Stage-Algorithm Alignment Matrix + +| Stage | Key Algorithms / Models | +| :--- | :--- | +| **1: Det. Replay** | Lamport Clocks, Canonical Serialization, Stable Hashing, Bounded FIFO | +| **2: Real Telemetry** | eBPF-Ringbuf, EWMA Rate-Estimators, Little’s Law Queue Design | +| **4: Actuation** | PID Control, Token Bucket, Warden FSM | +| **5: Evidence** | Hash Chains, Merkle-DAGs, LTL Runtime Verification | +| **6: Graphs** | DAG Traversal, BFS/DFS, PageRank-Centrality, Cycle Detection | +| **7: Distributed** | Vector Clocks, CRDTs, Gossip/Consensus-lite | +| **9: Advisory AI** | Isolation Forest, Autoencoders (Anomaly), Graph Embeddings | +| **10: Physics** | Kalman Filters, Shannon Entropy, Welford's Algorithm | +| **11: Game Theory** | Stackelberg Games, Bayesian Games, LP/IP Optimization | +| **12: Cybernetic** | Closed-loop Bounded Policy, SMT-based Model Checking | diff --git a/CHANGELOG_RESEARCH.md b/CHANGELOG_RESEARCH.md new file mode 100644 index 000000000..ea3d750dd --- /dev/null +++ b/CHANGELOG_RESEARCH.md @@ -0,0 +1,10 @@ +# CHANGELOG_RESEARCH + +This log tracks evolution and research synthesis across the documentation repository. + +## 2026-05-22 +- **Analyzed Files:** `GEMINI.md`, `README.md`, `PHOENIX_TASKS.md`, `docs/meta/repository_document_map.md`, `docs/meta/knowledge_graph.md`. +- **Conflicts Detected:** None in core foundational files. +- **New Concepts:** Mapped the 7-layer stack, Security Disorder Index (SDI), and established the knowledge graph structure. +- **Architectural Evolution:** Initial audit of foundation layer complete. +- **Unresolved Issues:** Arbiter/Warden interface clarification needed. diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..60bf80522 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,32 @@ +# Stage 1: The Linux Compilation Bridge +FROM golang:1.22-alpine AS builder + +# Install LLVM, Clang, and Linux headers required for eBPF +RUN apk add --no-cache clang llvm make libbpf-dev linux-headers + +WORKDIR /phoenix + +# Copy the entire source tree +COPY . . + +# Compile the C eBPF hooks into bytecode +RUN clang -O2 -g -target bpf -D__TARGET_ARCH_x86 + -I/usr/include + -c phoenix_os/warden/ebpf/src/egress_policy.c -o egress_policy.o + +RUN clang -O2 -g -target bpf -D__TARGET_ARCH_x86 + -I/usr/include + -c phoenix_os/warden/ebpf/src/xdp_ingress.c -o xdp_ingress.o + +# Compile the Go Warden Orchestrator (statically linked) +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 + go build -ldflags="-w -s" -o phoenix-warden phoenix_os/warden/ebpf/orchestrator/main.go + +# Stage 2: The Minimalist Execution Layer +FROM scratch +COPY --from=builder /phoenix/phoenix-warden /phoenix-warden +COPY --from=builder /phoenix/egress_policy.o /egress_policy.o +COPY --from=builder /phoenix/xdp_ingress.o /xdp_ingress.o + +# Set the Go binary as the absolute entrypoint +ENTRYPOINT ["/phoenix-warden"] diff --git a/GEMINI.md b/GEMINI.md index 871ef7b20..2784e6335 100644 --- a/GEMINI.md +++ b/GEMINI.md @@ -3,10 +3,19 @@ This file contains foundational mandates for the PhoenixOS project. ## 1. Project Identity -**Project Name:** PhoenixOS (Autonomous CyberAI Operating System) +**Project Name:** PhoenixOS +**Definition:** Deterministic Cybernetic Security Runtime (running on Linux). **Core Philosophy:** Security as a thermodynamic state. Autonomous "quenching" of disorder via the Phoenix Matrix. -## 2. The 7-Layer Stack (Phoenix Matrix) +## 2. Six Immutable Axioms +1. **Determinism is sacred.** No reliance on non-deterministic primitives (unordered maps, race-dependent ordering). +2. **Replay is authoritative.** Replay governs semantics; logs, metrics, and AI-outputs are secondary. +3. **AI is advisory.** AI informs, but never directly controls kernel or actuation FSM. +4. **Control must remain bounded.** Actuation is rate-limited, isolated, and reversible. +5. **Telemetry correctness > AI sophistication.** Precise, replayable telemetry is the foundation. +6. **Never scale instability.** Single-node stability must be achieved before distributed scaling. + +## 3. The 7-Layer Stack (Phoenix Matrix) 1. **L7: Swarm Coordination (Phoenix Nexus):** Distributed consensus (PoA + Reputation). 2. **L6: System Physics (Phoenix Sentinel):** Thermodynamic SDI monitoring. 3. **L5.5: Strategic Policy (Phoenix Arbiter):** Game-theoretic policy (Stackelberg). diff --git a/README.md b/README.md index fe233312c..4a3bec590 100644 --- a/README.md +++ b/README.md @@ -1,40 +1,36 @@ -# PhoenixOS (Autonomous CyberAI Operating System) +# PhoenixOS ![Phoenix Logo](assets/Phoenix/logo_simple.svg) -PhoenixOS is a security-focused operating system project built from scratch and as a custom Linux derivative. It implements a unified **Mathematical-Physical-Game Architecture** to achieve autonomous system integrity and self-healing defense. - -## Core Vision: The Phoenix Matrix -Unlike traditional operating systems that rely on passive signatures, PhoenixOS treats system security as a thermodynamic state. It uses real-time telemetry to compute a **Security Disorder Index (SDI)** and employs game-theoretic controllers to autonomously "quench" threats before they reach a cascading failure point. - -## System Services (The 7-Layer Stack) -- **L7: Swarm coordination** (**Phoenix Nexus**) - Distributed consensus and MARL. -- **L6: System Physics** (**Phoenix Sentinel**) - Thermodynamic SDI monitoring. -- **L5.5: Strategic Policy** (**Phoenix Arbiter**) - Stackelberg Security Games. -- **L5: Actuation & Control** (**Phoenix Warden**) - PID/FSM process feedback loops. -- **L4: Graph Intelligence** (**Phoenix Trace**) - Causal process lineage DAGs. -- **L3: Telemetry Math** (**Phoenix Monitor**) - Shannon entropy and Kalman filters. -- **L2: Kernel Runtime** (**Phoenix Kernel**) - eBPF probes and ring buffers. -- **L1: Platform Integrity** (**Phoenix Guard**) - Kernel-level Fast Path enforcement. +**PhoenixOS** is a **Deterministic Cybernetic Security Runtime** running on Linux. It implements a unified **Mathematical-Physical-Game Architecture** to achieve autonomous system integrity and self-healing defense through mathematically reproducible replay and bounded control. + +## Core Axioms +1. **Determinism is sacred.** +2. **Replay is authoritative.** +3. **AI is advisory.** +4. **Control must remain bounded.** +5. **Telemetry correctness > AI sophistication.** +6. **Never scale instability.** + +## The Phoenix Matrix (7-Layer Stack) +- **L7: Swarm Coordination (Phoenix Nexus):** Distributed consensus and replication. +- **L6: System Physics (Phoenix Sentinel):** Thermodynamic SDI monitoring. +- **L5.5: Strategic Policy (Phoenix Arbiter):** Game-theoretic planning (Stackelberg). +- **L5: Actuation & Control (Phoenix Warden):** Bounded FSM/PID controllers. +- **L4: Graph Intelligence (Phoenix Trace):** Causal process lineage DAGs. +- **L3: Telemetry Math (Phoenix Monitor):** Signal processing and drift detection. +- **L2: Kernel Runtime (Phoenix Kernel):** eBPF/XDP telemetry ingestion. +- **L1: Platform Integrity (Phoenix Guard):** <100ms Fast-Path enforcement. ## P0 Foundations (Verified Evidence) -- **Phoenix Ledger:** Every autonomous action is backed by a verifiable, content-addressable evidence chain (SHA-256). -- **Fast Path Enforcement:** Critical threats (e.g., ransomware encryption) are blocked in **<100ms** by bypassing strategic layers. - -## Implementation Status -- **Phoenix Bus (L3):** 10M+ events/sec throughput (**STABLE**) -- **Phoenix Monitor (L3):** Shannon/KL entropy analysis (**STABLE**) -- **Phoenix Trace (L4):** Lineage DAG construction (**STABLE**) -- **Phoenix Sentinel (L6):** SDI thermodynamic calculation (**STABLE**) -- **Phoenix Ledger (Evidence):** Cryptographic hash-chained audit trail (**COMPLETED**) -- **Phoenix Guard (L1):** eBPF Fast Path detection and blocking (**COMPLETED**) -- **Phoenix Nexus (L7):** Gossip-based swarm synchronization (**IN PROGRESS**) +- **Phoenix Ledger:** Every action is backed by a verifiable Merkle-DAG evidence chain. +- **Deterministic Replay:** Mathematically identical execution traces across boot sessions. -## Document Index +## Project Resources +- [**Master Execution Roadmap**](00_program_management/roadmap/main_roadmap.md) - The 12-stage path to a mature runtime. +- [**Algorithm & Model Map**](ALGORITHM_MAP.md) - Mathematical primitives by stage. +- [**GEMINI.md**](GEMINI.md) - Core instructions and engineering axioms. - [PHOENIX_TASKS.md](PHOENIX_TASKS.md) - Active task list and progress. -- [PHOENIX_PROBLEMS.md](PHOENIX_PROBLEMS.md) - Gap analysis and architectural blockers. -- [PHOENIX_SOLUTIONS.md](PHOENIX_SOLUTIONS.md) - Mathematical and systemic bridges. -- [MASTER_DEPENDENCY_GRAPH.md](MASTER_DEPENDENCY_GRAPH.md) - Global architecture DAG. ## Quick Start (Simulation) ```sh diff --git a/__pycache__/conftest.cpython-313-pytest-9.0.3.pyc b/__pycache__/conftest.cpython-313-pytest-9.0.3.pyc new file mode 100644 index 000000000..564407456 Binary files /dev/null and b/__pycache__/conftest.cpython-313-pytest-9.0.3.pyc differ diff --git a/conftest.py b/conftest.py new file mode 100644 index 000000000..ca9356c82 --- /dev/null +++ b/conftest.py @@ -0,0 +1,5 @@ +import sys +import os + +# Ensure the root directory is in sys.path so 'agents' and 'guard_runtime' can be imported. +sys.path.insert(0, os.path.abspath(os.path.dirname(__file__))) diff --git a/docs/EVENT_SCHEMA.md b/docs/EVENT_SCHEMA.md new file mode 100644 index 000000000..d680a9542 --- /dev/null +++ b/docs/EVENT_SCHEMA.md @@ -0,0 +1,46 @@ +# PhoenixOS Telemetry Event Schema + +## Philosophy +This document freezes the telemetry schema contract. The Phoenix Bus, Trace, and Monitor layers rely exclusively on this deterministic schema. The schema must never be evolved ad hoc. + +## JSON Schema Definition + +Every event emitted by `phoenix-guard` (or the Replay Harness acting as the Guard Adapter) must conform to this schema. + +```json +{ + "seq_id": 12421, + "monotonic_ns": 18273645123, + "wall_time_unix": 1710000000, + "source": "guard.exec", + "host_id": "node-01", + "pid": 812, + "tid": 812, + "uid": 1000, + "gid": 1000, + "event_type": "process.exec", + "severity": 0.42, + "payload": {}, + "prev_hash": "...", + "hash": "..." +} +``` + +## Field Definitions +- `seq_id` (Integer): Global monotonic sequence ID injected by the Guard adapter. +- `monotonic_ns` (Integer): The trusted monotonic clock time of the event (used strictly for replay ordering). +- `wall_time_unix` (Integer): Wall-clock time of the event (untrusted, informational only). +- `source` (String): The origin of the event (e.g., `guard.exec`, `guard.fs`). +- `host_id` (String): Identity of the host machine. +- `pid` (Integer): Process ID. +- `tid` (Integer): Thread ID. +- `uid` (Integer): User ID. +- `gid` (Integer): Group ID. +- `event_type` (String): Bounded event type (e.g., `process.exec`, `fs.read`, `net.connect`). +- `severity` (Float): Initial pre-calculated heuristic severity score (0.0 to 1.0). +- `payload` (Object): Context-specific properties (e.g., paths, IP addresses). +- `prev_hash` (String): Cryptographic link to the preceding event hash. +- `hash` (String): SHA-256 hash of this event's fields + `prev_hash`. + +## Isomorphic Guarantees +Whether an event originates from native eBPF probes or the `JSONL` Replay harness, it must undergo mapping into this exact structure before entering `phoenix-bus`. The Bus and Trace layers do not know the underlying origin type. diff --git a/docs/SECURITY_BOUNDARIES.md b/docs/SECURITY_BOUNDARIES.md new file mode 100644 index 000000000..53eaae0ab --- /dev/null +++ b/docs/SECURITY_BOUNDARIES.md @@ -0,0 +1,32 @@ +# PhoenixOS Security Boundaries & Trust Model + +## Philosophy +This document explicitly defines the trust boundaries between PhoenixOS subsystems. It dictates which components are authoritative, which are advisory, and the assumptions regarding adversary capabilities. + +## Trust Boundaries + +### 1. Telemetry Source (Guard) +- **Status**: **Trusted** (Kernel eBPF) / **Semi-Trusted** (Userspace Adapter) +- **Assumption**: Events retrieved from kernel space (eBPF) are assumed to be a true representation of system execution state. +- **Forgery Resistance**: If an adversary gains ring-0 execution, the telemetry stream cannot be trusted. Phoenix relies on the Linux kernel's internal boundaries for primary event fidelity. + +### 2. The Internal Event Bus (phoenix-bus) +- **Status**: **Trusted Boundary** +- **Assumption**: Data on the internal bus is sequentially monotonic. Memory access to the bus is restricted to the Phoenix runtime. + +### 3. Trace Storage (phoenix-trace) +- **Status**: **Trusted but Verifiable** +- **Assumption**: The SQLite WAL database is stored securely. However, the integrity of the data is verified continuously via the `hash` and `prev_hash` chain. +- **Replay Attack Resistance**: The `monotonic_ns` field paired with the SHA-256 hash-chain ensures that an adversary cannot reorder, drop, or inject historical events into the SQLite store without invalidating the chain. + +### 4. Monitor Anomaly Engine (phoenix-monitor) +- **Status**: **Advisory Only** +- **Assumption**: The Monitor's Kalman Filter and EWMA scores are purely mathematical evaluations. It has **no authority** to mutate system state, block processes, or write to the primary Trace store. It merely emits `telemetry.scored` messages to the Warden. + +### 5. Control Layer (phoenix-warden) +- **Status**: **Authoritative** +- **Assumption**: The Warden FSM is the single source of truth for mitigation states (`NORMAL`, `SUSPICIOUS`, `CONTAINED`). Only the Warden can issue actions back to the Guard. + +## Future Mitigations +- Implementation of signed telemetry via userspace enclave. +- Tamper-evident network replication of the hash chain. diff --git a/docs/meta/document_evolution_timeline.md b/docs/meta/document_evolution_timeline.md new file mode 100644 index 000000000..d31feaa06 --- /dev/null +++ b/docs/meta/document_evolution_timeline.md @@ -0,0 +1,7 @@ +# Document Evolution Timeline + +| Date | Phase | Action | +| :--- | :--- | :--- | +| 2026-05-22 | Phase 1 | Repository Discovery & Mapping | +| 2026-05-22 | Phase 2 | Knowledge Graph Extraction | +| 2026-05-22 | Phase 3 | Core Validation (`GEMINI.md`) | diff --git a/docs/meta/knowledge_graph.md b/docs/meta/knowledge_graph.md new file mode 100644 index 000000000..13b666336 --- /dev/null +++ b/docs/meta/knowledge_graph.md @@ -0,0 +1,26 @@ +# Knowledge Graph: PhoenixOS + +This graph represents the core architectural concepts and subsystems of PhoenixOS. + +## Core Pillars +* **Mathematical-Physical-Game Architecture:** Treating security as a thermodynamic state. +* **The Phoenix Matrix (7-Layer Stack):** + * **L7: Swarm Coordination (Phoenix Nexus):** PoA + Reputation consensus. + * **L6: System Physics (Phoenix Sentinel):** Thermodynamic SDI monitoring. + * **L5.5: Strategic Policy (Phoenix Arbiter):** Stackelberg Security Games. + * **L5: Actuation & Control (Phoenix Warden):** PID/FSM feedback loops. + * **L4: Graph Intelligence (Phoenix Trace):** Causal process lineage DAGs. + * **L3: Telemetry Math (Phoenix Monitor):** Signal processing (Entropy + Kalman). + * **L2: Kernel Runtime (Phoenix Kernel):** eBPF probes and ring buffers. + * **L1: Platform Integrity (Phoenix Guard):** <100ms Fast-Path enforcement. + +## Telemetry and Evidence Systems +* **Phoenix Ledger:** Content-addressable evidence chain (SHA-256). +* **Security Disorder Index (SDI):** Thermodynamic measure of system threats. +* **Shannon Entropy / Kalman Filters:** Noise reduction in telemetry. + +## System Relationships +* `Monitor (L3)` provides telemetry to `Sentinel (L6)` and `Trace (L4)`. +* `Arbiter (L5.5)` utilizes `Sentinel (L6)` data for policy decisions. +* `Warden (L5)` executes decisions from `Arbiter (L5.5)`. +* `Guard (L1)` provides low-latency blocking for critical threats detected by `Monitor (L3)` or others. diff --git a/docs/meta/repository_document_map.md b/docs/meta/repository_document_map.md new file mode 100644 index 000000000..ec8f04848 --- /dev/null +++ b/docs/meta/repository_document_map.md @@ -0,0 +1,19 @@ +# Repository Document Map + +This map provides a high-level overview of the documentation, research, and planning files in the PhoenixOS repository. + +## Categorization + +| Category | Description | Primary Locations | +| :--- | :--- | :--- | +| **Foundational** | Core project identity, mandates, roadmap | `GEMINI.md`, `README.md`, `PHOENIX_*.md` | +| **Research** | Stage-based research, labs, experiments | `01_research/`, `04_datasets/` | +| **Architecture** | System design, specs, RFCs | `02_docs/architecture/`, `02_docs/rfc/` | +| **Management** | Milestones, risks, tasks, reports | `00_program_management/` | +| **Telemetry/AI** | Telemetry runtime, AI brain, ML | `06_ai/`, `09_telemetry/`, `07_security/` | + +## Summary of Scanned Files + +*Total Files Analyzed (Markdown): 452* + +(Detailed file-level metadata will be generated in Phase 3 Validation Reports.) diff --git a/docs/meta/scope_singularity_mitigation.md b/docs/meta/scope_singularity_mitigation.md new file mode 100644 index 000000000..01bc93e9c --- /dev/null +++ b/docs/meta/scope_singularity_mitigation.md @@ -0,0 +1,22 @@ +# Scope Singularity Mitigation: The Core Executable Strategy + +To prevent project stall and ensure architectural stability, PhoenixOS will prioritize the development of a **Telemetry-First Executable Core** before expanding into higher-order control and reasoning layers. + +## The Core Executable Subset +The project will focus exclusively on the following subsystems until full stabilization: + +1. **Telemetry Runtime:** High-throughput, reliable event capture (eBPF). +2. **Evidence Ledger:** Verifiable, immutable hash-chaining of system events. +3. **Replay & Simulation Runtime:** Ability to reconstruct causal state from the ledger. +4. **Graph Lineage Runtime:** Real-time construction of process/network dependency DAGs. + +## Phased Expansion Roadmap +Only upon the stabilization of the above core will development shift to the next layer: + +* **Phase 1 (Stabilization):** Telemetry + Evidence + Replay + Graph Lineage. +* **Phase 2 (Control):** Safe Actuation + FSM Constraints + Budgeting. +* **Phase 3 (Orchestration):** Distributed Consensus + Cloud Scheduler. +* **Phase 4 (Reasoning):** AI Reasoning + Planning + Simulation. +* **Phase 5 (Physics/Games):** Physics-inspired modeling + Game-theory optimization. + +This strict layering prevents scope creep and ensures that each subsystem is built on a proven, observable foundation. diff --git a/docs/reports/GEMINI_validation.md b/docs/reports/GEMINI_validation.md new file mode 100644 index 000000000..ea7c90906 --- /dev/null +++ b/docs/reports/GEMINI_validation.md @@ -0,0 +1,32 @@ +# Validation Report: GEMINI.md + +## Summary +The `GEMINI.md` document is the foundational source of truth for the PhoenixOS project. It accurately defines the 7-layer stack, the core philosophy, and the current active phase. + +## Key Concepts +- 7-Layer Phoenix Matrix +- Security as a thermodynamic state +- Mandatory Engineering Rules + +## Problems Found +- None major. The definitions are internally consistent with the `README.md` and `PHOENIX_TASKS.md`. + +## Severity Levels +- N/A + +## Missing Research +- The document could benefit from more detailed definitions of how L5.5 (Arbiter) integrates with L6 (Sentinel) for game-theoretic policy. + +## Recommended Updates +- Add a diagram of the 7-layer stack in Markdown format for clarity. +- Clarify the relationship between `L5.5 Arbiter` and `L5 Warden`. + +## Cross-file References +- References `PHOENIX_TASKS.md` for status. +- References `README.md` for vision. + +## Risks if Unchanged +- Minor risk of confusion for new developers regarding the Arbiter/Warden interface. + +## Migration Notes +- None. diff --git a/go.work b/go.work index b9e69fbdd..14ccf9961 100644 --- a/go.work +++ b/go.work @@ -1,34 +1,3 @@ -go 1.26 +go 1.26.0 -use ( - ./06_ai - ./07_security - ./09_telemetry - ./10_kernel - ./14_experiments/sentinel_mvp - ./14_experiments/telemetry_replay - ./agents - ./custom/control_plane - ./phoenix_os/agents/external/benchmark - ./phoenix_os/agents/external/build - ./phoenix_os/agents/external/common - ./phoenix_os/agents/external/intel - ./phoenix_os/agents/external/research - ./phoenix_os/agents/internal/common - ./phoenix_os/agents/internal/game/marl - ./phoenix_os/agents/internal/healer - ./phoenix_os/agents/internal/optimizer - ./phoenix_os/agents/internal/security - ./phoenix_os/agents/internal/swarm - ./phoenix_os/agents/internal/swarm/governance - ./phoenix_os/arbiter - ./phoenix_os/bus - ./phoenix_os/common - ./phoenix_os/guard - ./phoenix_os/ledger - ./phoenix_os/monitor - ./phoenix_os/nexus - ./phoenix_os/sentinel - ./phoenix_os/trace - ./phoenix_os/warden -) +use ./phoenix_os diff --git a/guard_runtime/__pycache__/__init__.cpython-313.pyc b/guard_runtime/__pycache__/__init__.cpython-313.pyc new file mode 100644 index 000000000..00556028d Binary files /dev/null and b/guard_runtime/__pycache__/__init__.cpython-313.pyc differ diff --git a/guard_runtime/__pycache__/daemon.cpython-313.pyc b/guard_runtime/__pycache__/daemon.cpython-313.pyc new file mode 100644 index 000000000..7cd105356 Binary files /dev/null and b/guard_runtime/__pycache__/daemon.cpython-313.pyc differ diff --git a/phoenix_os.yml b/phoenix_os.yml new file mode 100644 index 000000000..131387ad2 --- /dev/null +++ b/phoenix_os.yml @@ -0,0 +1,54 @@ +# ============================================================================== +# PHOENIX CYBER-AI-OS: LinuxKit Assembly Specification +# ============================================================================== + +kernel: + # Use a modern kernel with native WireGuard and advanced eBPF support + image: linuxkit/kernel:6.6.13 + cmdline: "console=ttyS0 console=tty0 page_poison=1 security=lockdown cgroup_no_v1=all systemd.unified_cgroup_hierarchy=1" + +init: + # The absolute minimum binaries required to boot and run containers + - linuxkit/init:v1.0.0-rc6 + - linuxkit/runc:v1.0.0-rc6 + - linuxkit/containerd:v1.0.0-rc6 + +onboot: + # 1. Mount the BPF virtual filesystem (Required for map pinning and tracking) + - name: mount-bpf + image: linuxkit/mount:v1.0.0-rc6 + command: ["/bin/mount", "-t", "bpf", "bpf", "/sys/fs/bpf"] + + # 2. Mount cgroups v2 (Required for our cgroup/connect4 eBPF hook) + - name: mount-cgroup + image: linuxkit/mount:v1.0.0-rc6 + command: ["/bin/mount", "-t", "cgroup2", "none", "/sys/fs/cgroup"] + + # 3. Bring up the loopback and local networking so XDP has interfaces to attach to + - name: dhcpcd + image: linuxkit/dhcpcd:v1.0.0-rc6 + command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] + +services: + # ============================================================================ + # THE WARDEN: Cybernetic Control Plane + # ============================================================================ + - name: phoenix-warden + # This refers to the container image you built via Docker containing your Go/C code + image: local/phoenix-warden:latest + capabilities: + # Strict Least-Privilege Matrix for the Warden + - CAP_SYS_ADMIN # Required to attach BPF programs to cgroups + - CAP_NET_ADMIN # Required to configure WireGuard interfaces and attach XDP + - CAP_BPF # Required to load maps and BPF bytecode into the kernel + - CAP_PERFMON # Required for high-precision bpf_ktime_get_ns() profiling + binds: + # Expose the host's raw kernel pathways directly into the Warden's namespace + - /sys/fs/cgroup:/sys/fs/cgroup + - /sys/fs/bpf:/sys/fs/bpf + - /sys/class/net:/sys/class/net + - /dev:/dev + - /lib/modules:/lib/modules + net: host # Must operate in the root network namespace to control global routing + pid: host # Must see all processes to assign cgroup identities + ipc: host # Shared memory access diff --git a/phoenix_os/INVARIANTS.md b/phoenix_os/INVARIANTS.md new file mode 100644 index 000000000..59e680eef --- /dev/null +++ b/phoenix_os/INVARIANTS.md @@ -0,0 +1,52 @@ +# PhoenixOS: Cybernetic State & Time Invariants + +This document specifies the formal mathematical and systems invariants required to guarantee 100% deterministic replayability and state stability in the PhoenixOS Phase 1 runtime. + +--- + +## 1. Core Invariants + +### I1: Pure Input-Output Determinism +$$\text{Replay}(S_0, E_{1..N}) \implies S_N$$ +Given an identical initial system state $S_0$ and an identical sequence of telemetry events $E_{1..N}$, the final state $S_N$ must be byte-for-byte identical across runs. + +### I2: Reproducible Cryptographic Ledger +$$\text{Hash}(\text{Ledger}_A) = \text{Hash}(\text{Ledger}_B)$$ +Two executions replaying the same input events must produce an identical SHA-256 hash-chain verification root in the Evidence Ledger. Any variance in ordering, content, or count violates this invariant. + +### I3: Deterministic FSM Transitions +$$\delta(S_k, e) \to S_{k+1}$$ +The Warden Finite-State Machine state transitions must be a pure function of the logical event sequence and current state. Transition times must be evaluated solely against logical event timestamps, bypassing host scheduling jitters. + +### I4: Zero Wall-Clock Dependency +$$\frac{\partial S}{\partial t_{\text{system}}} = 0$$ +No component in the active execution path may call `time.Now()`, `time.NewTicker()`, or any wall-clock timer. All logical time progresses strictly inline as a data field of the telemetry stream (`EventTimeUnix` / `WallTimeUnix`). + +### I5: Ordered Serialization +All persisted states and payload messages must use strict, stable serialization. Struct-to-JSON serialization must guarantee field ordering. Map iteration (`map[string]interface{}`) must never be serialized or hashed without canonicalization. + +### I6: Deterministic Iteration +No state update or hash generation may rely on Go's non-deterministic map iteration. Collections requiring iteration must be stored in slices or sorted keys map wrappers. + +### I7: Bounded Queues +All internal event channels must enforce backpressure or deterministic drop/sampling strategies. Queue sizes are bounded to prevent tail latency inflation or memory exhaustion. + +### I8: Bounded Memory Space +The active working set size of the sliding window and FSM cache must remain bounded: +$$\lim_{t \to \infty} \text{Memory}(t) \le M_{\text{limit}}$$ +Historical states and events older than the defined sliding window duration (60s) must be pruned deterministically inline. + +### I9: Restart-Safe Reproducibility +The runtime must produce the same ledger hash-chain regardless of whether it is run continuously or halted and resumed (via deterministic transaction replay from the SQLite WAL storage). + +--- + +## 2. Invariant Verification Matrix + +| Invariant | Subsystem | Enforcement Mechanism | Verification Method | +| :--- | :--- | :--- | :--- | +| **I1 / I2** | Global / Ledger | Flat-struct hashing, sequential validation | Multi-run hash matching against `test_events.jsonl` | +| **I3 / I4** | Warden FSM | Logical Unix timestamps passed in event data | Hysteresis verification via simulated event timeline | +| **I5 / I6** | Ledger / Serialization | Struct-based parsing, no raw map-hashing | Compilation constraints & code review audits | +| **I7 / I8** | Event Bus / TCS | Bounded channels, inline window pruning | Out-of-memory checks, event throughput stress tests | +| **I9** | Trace / WAL | SQLite journal_mode=WAL, unique SeqID constraint | Database integrity checks and replay validation | diff --git a/phoenix_os/agents/external/README.md b/phoenix_os/agents/external/README.md deleted file mode 100644 index 5f0df707a..000000000 --- a/phoenix_os/agents/external/README.md +++ /dev/null @@ -1,25 +0,0 @@ -# PhoenixOS Layer 1: External Agents - -Layer 1 agents interact with the outside world. They are the "sensory and creative" organs of the OS. They NEVER touch the kernel directly; instead, they populate the research, intelligence, and experimental layers that the internal OS services consume. - -## Agents - -### 1. Research Agent (`agents/external/research/`) -- **Purpose:** Discovery and theorizing. -- **Owns:** Math models, physics notes, game theory papers. -- **Outputs:** `01_research/`, `02_docs/`. - -### 2. Threat Intel Agent (`agents/external/intel/`) -- **Purpose:** External threat awareness. -- **Owns:** MITRE TTPs, malware feeds, IOCs. -- **Outputs:** `07_security/feeds/`. - -### 3. Benchmark Agent (`agents/external/benchmark/`) -- **Purpose:** Empirical validation. -- **Owns:** Performance metrics, replay datasets, regression scoring. -- **Outputs:** `14_experiments/`. - -### 4. Build Agent (`agents/external/build/`) -- **Purpose:** System synthesis. -- **Owns:** CI/CD, QEMU, VM artifacts. -- **Outputs:** `build/`, `reports/`. diff --git a/phoenix_os/agents/external/benchmark/bench_log.json b/phoenix_os/agents/external/benchmark/bench_log.json deleted file mode 100644 index 286ef58c4..000000000 --- a/phoenix_os/agents/external/benchmark/bench_log.json +++ /dev/null @@ -1 +0,0 @@ -{"agent_id":"bench-01","action":"RUN_REPLAY","target":"14_experiments/R001/results.json","timestamp":"2026-05-21T16:46:32.45017+05:30"} diff --git a/phoenix_os/agents/external/benchmark/benchmark_agent.go b/phoenix_os/agents/external/benchmark/benchmark_agent.go deleted file mode 100644 index fd6cbca9b..000000000 --- a/phoenix_os/agents/external/benchmark/benchmark_agent.go +++ /dev/null @@ -1,19 +0,0 @@ -package main - -import ( - "fmt" - "time" - "phoenix/agents/external/common" -) - -func main() { - fmt.Println("Phoenix Benchmark Agent Online") - task := common.AgentTask{ - AgentID: "bench-01", - Action: "RUN_REPLAY", - Target: "14_experiments/R001/results.json", - Timestamp: time.Now(), - } - common.LogAction(task, "bench_log.json") - fmt.Printf("Benchmarking: %s\n", task.Target) -} diff --git a/phoenix_os/agents/external/benchmark/go.mod b/phoenix_os/agents/external/benchmark/go.mod deleted file mode 100644 index 70260a3d0..000000000 --- a/phoenix_os/agents/external/benchmark/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/external/benchmark - -go 1.25.0 - -replace phoenix/agents/external/common => ../common - -require phoenix/agents/external/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/external/build/go.mod b/phoenix_os/agents/external/build/go.mod deleted file mode 100644 index 505c72255..000000000 --- a/phoenix_os/agents/external/build/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/external/build - -go 1.25.0 - -replace phoenix/agents/external/common => ../common - -require phoenix/agents/external/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/external/common/common.go b/phoenix_os/agents/external/common/common.go deleted file mode 100644 index 9f7c39316..000000000 --- a/phoenix_os/agents/external/common/common.go +++ /dev/null @@ -1,27 +0,0 @@ -package common - -import ( - "encoding/json" - "fmt" - "os" - "time" -) - -type AgentTask struct { - AgentID string `json:"agent_id"` - Action string `json:"action"` - Target string `json:"target"` - Timestamp time.Time `json:"timestamp"` -} - -func LogAction(task AgentTask, logPath string) error { - f, err := os.OpenFile(logPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) - if err != nil { - return err - } - defer f.Close() - - data, _ := json.Marshal(task) - fmt.Fprintln(f, string(data)) - return nil -} diff --git a/phoenix_os/agents/external/common/go.mod b/phoenix_os/agents/external/common/go.mod deleted file mode 100644 index d3eb484d3..000000000 --- a/phoenix_os/agents/external/common/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/agents/external/common - -go 1.25.0 diff --git a/phoenix_os/agents/external/intel/go.mod b/phoenix_os/agents/external/intel/go.mod deleted file mode 100644 index d82b953d5..000000000 --- a/phoenix_os/agents/external/intel/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/external/intel - -go 1.25.0 - -replace phoenix/agents/external/common => ../common - -require phoenix/agents/external/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/external/intel/intel_agent.go b/phoenix_os/agents/external/intel/intel_agent.go deleted file mode 100644 index a480be6fa..000000000 --- a/phoenix_os/agents/external/intel/intel_agent.go +++ /dev/null @@ -1,19 +0,0 @@ -package main - -import ( - "fmt" - "time" - "phoenix/agents/external/common" -) - -func main() { - fmt.Println("Phoenix Threat Intel Agent Online") - task := common.AgentTask{ - AgentID: "intel-01", - Action: "FETCH_FEED", - Target: "07_security/feeds/mitre_vfs_attack.json", - Timestamp: time.Now(), - } - common.LogAction(task, "intel_log.json") - fmt.Printf("Updating Feed: %s\n", task.Target) -} diff --git a/phoenix_os/agents/external/intel/intel_log.json b/phoenix_os/agents/external/intel/intel_log.json deleted file mode 100644 index 036d1d011..000000000 --- a/phoenix_os/agents/external/intel/intel_log.json +++ /dev/null @@ -1 +0,0 @@ -{"agent_id":"intel-01","action":"FETCH_FEED","target":"07_security/feeds/mitre_vfs_attack.json","timestamp":"2026-05-21T16:46:32.230569+05:30"} diff --git a/phoenix_os/agents/external/research/go.mod b/phoenix_os/agents/external/research/go.mod deleted file mode 100644 index 380c555d8..000000000 --- a/phoenix_os/agents/external/research/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/external/research - -go 1.25.0 - -replace phoenix/agents/external/common => ../common - -require phoenix/agents/external/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/external/research/research_agent.go b/phoenix_os/agents/external/research/research_agent.go deleted file mode 100644 index e045bbca7..000000000 --- a/phoenix_os/agents/external/research/research_agent.go +++ /dev/null @@ -1,19 +0,0 @@ -package main - -import ( - "fmt" - "time" - "phoenix/agents/external/common" -) - -func main() { - fmt.Println("Phoenix Research Agent Online") - task := common.AgentTask{ - AgentID: "research-01", - Action: "INGEST_PAPER", - Target: "01_research/foundations/information_theory.md", - Timestamp: time.Now(), - } - common.LogAction(task, "research_log.json") - fmt.Printf("Researching: %s\n", task.Target) -} diff --git a/phoenix_os/agents/external/research/research_log.json b/phoenix_os/agents/external/research/research_log.json deleted file mode 100644 index 724990c1b..000000000 --- a/phoenix_os/agents/external/research/research_log.json +++ /dev/null @@ -1 +0,0 @@ -{"agent_id":"research-01","action":"INGEST_PAPER","target":"01_research/foundations/information_theory.md","timestamp":"2026-05-21T16:44:12.832211+05:30"} diff --git a/phoenix_os/agents/internal/README.md b/phoenix_os/agents/internal/README.md deleted file mode 100644 index c75806caa..000000000 --- a/phoenix_os/agents/internal/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# PhoenixOS Layer 2: Internal Orchestrators - -Layer 2 agents manage the internal health and strategic coordination of PhoenixOS. Unlike Layer 1 (External), these agents have direct read-access to the Phoenix Bus and can issue commands to the Phoenix Warden (Actuation). - -## Agents - -### 1. Swarm Coordinator (`agents/internal/swarm/`) -- **Purpose:** Multi-agent coordination and node consensus. -- **Owns:** MARL (Multi-Agent Reinforcement Learning) state, swarm logic. -- **Inputs:** `phoenix_os/bus` (all telemetry). -- **Outputs:** Coordinated defense tasks. - -### 2. Resource Optimizer (`agents/internal/optimizer/`) -- **Purpose:** Economic resource allocation. -- **Owns:** VCG Auctions, performance vs. security trade-offs. -- **Inputs:** System load, threat temperature (SDI). -- **Outputs:** Resource priority updates. - -### 3. Self-Healer (`agents/internal/healer/`) -- **Purpose:** Automated recovery and system restoration. -- **Owns:** Rollback triggers, container/service restarts. -- **Inputs:** Phoenix Sentinel alerts (L6). -- **Outputs:** Recovery actions. diff --git a/phoenix_os/agents/internal/common/common.go b/phoenix_os/agents/internal/common/common.go deleted file mode 100644 index 31c483f5a..000000000 --- a/phoenix_os/agents/internal/common/common.go +++ /dev/null @@ -1,19 +0,0 @@ -package common - -import ( - "encoding/json" - "fmt" - "time" -) - -type InternalCommand struct { - Source string `json:"source"` - Command string `json:"command"` - Params interface{} `json:"params"` - Timestamp time.Time `json:"timestamp"` -} - -func DispatchCommand(cmd InternalCommand) { - data, _ := json.Marshal(cmd) - fmt.Printf("[PHOENIX_CMD] %s\n", string(data)) -} diff --git a/phoenix_os/agents/internal/common/go.mod b/phoenix_os/agents/internal/common/go.mod deleted file mode 100644 index 1246b8cd7..000000000 --- a/phoenix_os/agents/internal/common/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/agents/internal/common - -go 1.25.0 diff --git a/phoenix_os/agents/internal/control/main.go b/phoenix_os/agents/internal/control/main.go deleted file mode 100644 index 0e4ae4660..000000000 --- a/phoenix_os/agents/internal/control/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "fmt" - "time" -) - -func main() { - fmt.Println("Phoenix Control Agent Online") - // Skeleton for Finite-State Controller (SAFE -> COMPROMISED) - for { - time.Sleep(10 * time.Second) - } -} diff --git a/phoenix_os/agents/internal/forensics/main.go b/phoenix_os/agents/internal/forensics/main.go deleted file mode 100644 index 8a6017fec..000000000 --- a/phoenix_os/agents/internal/forensics/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "fmt" - "time" -) - -func main() { - fmt.Println("Phoenix Forensics Agent Online") - // Skeleton for snapshot capture and ledger chaining - for { - time.Sleep(10 * time.Second) - } -} diff --git a/phoenix_os/agents/internal/game/main.go b/phoenix_os/agents/internal/game/main.go deleted file mode 100644 index 3f2c476c1..000000000 --- a/phoenix_os/agents/internal/game/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "fmt" - "time" -) - -func main() { - fmt.Println("Phoenix Game Agent Online") - // Skeleton for Stackelberg policy engine - for { - time.Sleep(10 * time.Second) - } -} diff --git a/phoenix_os/agents/internal/game/marl/go.mod b/phoenix_os/agents/internal/game/marl/go.mod deleted file mode 100644 index 5b6c92679..000000000 --- a/phoenix_os/agents/internal/game/marl/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/agents/game/marl - -go 1.25.0 diff --git a/phoenix_os/agents/internal/game/marl/stability.go b/phoenix_os/agents/internal/game/marl/stability.go deleted file mode 100644 index 7b87bfd1a..000000000 --- a/phoenix_os/agents/internal/game/marl/stability.go +++ /dev/null @@ -1,77 +0,0 @@ -package marl - -import ( - "sync" - "time" -) - -// StabilityController enforces action limits and cooling periods for MARL agents. -type StabilityController struct { - mu sync.RWMutex - actionDebt float64 - lastAction time.Time - cooldown time.Duration - maxContainment float64 - decayRate float64 // Debt reduction per second - lastDecay time.Time -} - -// NewStabilityController initializes a controller with defined limits and decay rate. -<<<<<<< HEAD -func NewStabilityController(cooldown time.Duration, maxContainment float64, decayRate float64, now time.Time) *StabilityController { -======= -func NewStabilityController(cooldown time.Duration, maxContainment float64, decayRate float64) *StabilityController { - now := time.Now() ->>>>>>> origin/main - return &StabilityController{ - cooldown: cooldown, - maxContainment: maxContainment, - decayRate: decayRate, - lastDecay: now, - } -} - -// applyDecay reduces the action debt based on elapsed time. Must be called with lock held. -func (sc *StabilityController) applyDecay(now time.Time) { - elapsed := now.Sub(sc.lastDecay).Seconds() - if elapsed > 0 { - reduction := elapsed * sc.decayRate - sc.actionDebt -= reduction - if sc.actionDebt < 0 { - sc.actionDebt = 0 - } - sc.lastDecay = now - } -} - -// TryRecordAction atomically checks if an action is allowed and records it if so. -// It also applies time-based decay to the action debt. -func (sc *StabilityController) TryRecordAction(cost float64, now time.Time) bool { - sc.mu.Lock() - defer sc.mu.Unlock() - - sc.applyDecay(now) - - // Check Cooldown - if now.Sub(sc.lastAction) < sc.cooldown { - return false - } - - // Check Containment Rate (Action Debt) - if sc.actionDebt+cost > sc.maxContainment { - return false - } - - sc.actionDebt += cost - sc.lastAction = now - return true -} - -// GetActionDebt returns the current action debt (mainly for testing/monitoring). -func (sc *StabilityController) GetActionDebt(now time.Time) float64 { - sc.mu.Lock() - defer sc.mu.Unlock() - sc.applyDecay(now) - return sc.actionDebt -} - diff --git a/phoenix_os/agents/internal/game/marl/stability_test.go b/phoenix_os/agents/internal/game/marl/stability_test.go deleted file mode 100644 index 50d77a11e..000000000 --- a/phoenix_os/agents/internal/game/marl/stability_test.go +++ /dev/null @@ -1,78 +0,0 @@ -package marl - -import ( - "testing" - "time" -) - -func TestStability(t *testing.T) { -<<<<<<< HEAD - start := time.Now() - // 100ms cooldown, 1.0 max containment, decay 0.0 per sec (for testing strict limits) - sc := NewStabilityController(100*time.Millisecond, 1.0, 0.0, start) -======= - // 100ms cooldown, 1.0 max containment, decay 0.0 per sec (for testing strict limits) - sc := NewStabilityController(100*time.Millisecond, 1.0, 0.0) - - start := time.Now() ->>>>>>> origin/main - - // First action should pass - if !sc.TryRecordAction(0.5, start) { - t.Error("Expected action to be allowed") - } - - // Immediate second action should fail due to cooldown - if sc.TryRecordAction(0.1, start.Add(10*time.Millisecond)) { - t.Error("Expected action to be throttled due to cooldown") - } - - // Advance time past cooldown - afterCooldown := start.Add(150 * time.Millisecond) - - // Should pass if under containment limit - if !sc.TryRecordAction(0.4, afterCooldown) { - t.Error("Expected action to be allowed after cooldown") - } - - // Should fail if exceeding limit - if sc.TryRecordAction(0.2, afterCooldown.Add(150*time.Millisecond)) { - t.Error("Expected action to be throttled due to containment limit") - } -} - -func TestStabilityDecay(t *testing.T) { -<<<<<<< HEAD - start := time.Now() - // Decay 1.0 per second - sc := NewStabilityController(100*time.Millisecond, 1.0, 1.0, start) - -======= - // Decay 1.0 per second - sc := NewStabilityController(100*time.Millisecond, 1.0, 1.0) - - start := time.Now() ->>>>>>> origin/main - - // Max out containment - sc.TryRecordAction(1.0, start) - -<<<<<<< HEAD - // Should fail (debt decays by 0.15 to 0.85, adding 0.2 makes it 1.05 > 1.0) - if sc.TryRecordAction(0.2, start.Add(150*time.Millisecond)) { -======= - // Should fail - if sc.TryRecordAction(0.1, start.Add(150*time.Millisecond)) { ->>>>>>> origin/main - t.Error("Expected action to be throttled due to containment limit") - } - - // Advance time by 0.5s, debt should decay by 0.5 - afterDecay := start.Add(500 * time.Millisecond) - - // Should pass now that debt has decayed - if !sc.TryRecordAction(0.4, afterDecay) { - t.Error("Expected action to be allowed after debt decay") - } -} - diff --git a/phoenix_os/agents/internal/graph/main.go b/phoenix_os/agents/internal/graph/main.go deleted file mode 100644 index ae6cc55e2..000000000 --- a/phoenix_os/agents/internal/graph/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "fmt" - "time" -) - -func main() { - fmt.Println("Phoenix Graph Agent Online") - // Skeleton for causal lineage DAG updates - for { - time.Sleep(10 * time.Second) - } -} diff --git a/phoenix_os/agents/internal/healer/go.mod b/phoenix_os/agents/internal/healer/go.mod deleted file mode 100644 index 877b8a60b..000000000 --- a/phoenix_os/agents/internal/healer/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/internal/healer - -go 1.25.0 - -replace phoenix/agents/internal/common => ../common - -require phoenix/agents/internal/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/internal/healer/healer_agent.go b/phoenix_os/agents/internal/healer/healer_agent.go deleted file mode 100644 index e1d510113..000000000 --- a/phoenix_os/agents/internal/healer/healer_agent.go +++ /dev/null @@ -1,20 +0,0 @@ -package main - -import ( - "fmt" - "time" - "phoenix/agents/internal/common" -) - -func main() { - fmt.Println("Phoenix Self-Healer Online") - - // Simulate Rollback - cmd := common.InternalCommand{ - Source: "self-healer", - Command: "RESTORE_SNAPSHOT", - Params: map[string]string{"target": "container-01", "version": "v1.0.2"}, - Timestamp: time.Now(), - } - common.DispatchCommand(cmd) -} diff --git a/phoenix_os/agents/internal/optimizer/go.mod b/phoenix_os/agents/internal/optimizer/go.mod deleted file mode 100644 index 96a2b8654..000000000 --- a/phoenix_os/agents/internal/optimizer/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/internal/optimizer - -go 1.25.0 - -replace phoenix/agents/internal/common => ../common - -require phoenix/agents/internal/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/internal/optimizer/optimizer_agent.go b/phoenix_os/agents/internal/optimizer/optimizer_agent.go deleted file mode 100644 index ccbb3fbda..000000000 --- a/phoenix_os/agents/internal/optimizer/optimizer_agent.go +++ /dev/null @@ -1,20 +0,0 @@ -package main - -import ( - "fmt" - "time" - "phoenix/agents/internal/common" -) - -func main() { - fmt.Println("Phoenix Resource Optimizer Online") - - // Simulate VCG Auction - cmd := common.InternalCommand{ - Source: "resource-opt", - Command: "ALLOCATE_CPU", - Params: map[string]float64{"priority_weight": 0.85}, - Timestamp: time.Now(), - } - common.DispatchCommand(cmd) -} diff --git a/phoenix_os/agents/internal/physics/main.go b/phoenix_os/agents/internal/physics/main.go deleted file mode 100644 index f612e3f43..000000000 --- a/phoenix_os/agents/internal/physics/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "fmt" - "time" -) - -func main() { - fmt.Println("Phoenix Physics Agent Online") - // Skeleton for thermodynamic SDI monitoring - for { - time.Sleep(10 * time.Second) - } -} diff --git a/phoenix_os/agents/internal/security/go.mod b/phoenix_os/agents/internal/security/go.mod deleted file mode 100644 index cb1d3dc6c..000000000 --- a/phoenix_os/agents/internal/security/go.mod +++ /dev/null @@ -1,5 +0,0 @@ -module phoenix/agents/internal/security - -go 1.25.0 - -replace phoenix/security => ../../../07_security diff --git a/phoenix_os/agents/internal/security/reputation.go b/phoenix_os/agents/internal/security/reputation.go deleted file mode 100644 index 3a61dbeba..000000000 --- a/phoenix_os/agents/internal/security/reputation.go +++ /dev/null @@ -1,30 +0,0 @@ -package security - -import "sync" - -// ReputationManager tracks the trustworthiness of nodes in the swarm. -type ReputationManager struct { - mu sync.RWMutex - Reputation map[string]float64 -} - -// NewReputationManager initializes with default scores. -func NewReputationManager() *ReputationManager { - return &ReputationManager{ - Reputation: make(map[string]float64), - } -} - -// Deduct reduces a node's reputation score for suspicious behavior. -func (rm *ReputationManager) Deduct(nodeID string, amount float64) { - rm.mu.Lock() - defer rm.mu.Unlock() - rm.Reputation[nodeID] -= amount -} - -// GetScore returns the current reputation of a node. -func (rm *ReputationManager) GetScore(nodeID string) float64 { - rm.mu.RLock() - defer rm.mu.RUnlock() - return rm.Reputation[nodeID] -} diff --git a/phoenix_os/agents/internal/security/reputation_test.go b/phoenix_os/agents/internal/security/reputation_test.go deleted file mode 100644 index 780a96806..000000000 --- a/phoenix_os/agents/internal/security/reputation_test.go +++ /dev/null @@ -1,14 +0,0 @@ -package security - -import "testing" - -func TestReputationDeduction(t *testing.T) { - rm := NewReputationManager() - rm.Reputation["node-1"] = 1.0 - - rm.Deduct("node-1", 0.2) - score := rm.GetScore("node-1") - if score != 0.8 { - t.Errorf("Expected 0.8, got %f", score) - } -} diff --git a/phoenix_os/agents/internal/swarm/go.mod b/phoenix_os/agents/internal/swarm/go.mod deleted file mode 100644 index 5f6aad97b..000000000 --- a/phoenix_os/agents/internal/swarm/go.mod +++ /dev/null @@ -1,7 +0,0 @@ -module phoenix/agents/internal/swarm - -go 1.25.0 - -replace phoenix/agents/internal/common => ../common - -require phoenix/agents/internal/common v0.0.0-00010101000000-000000000000 diff --git a/phoenix_os/agents/internal/swarm/governance/go.mod b/phoenix_os/agents/internal/swarm/governance/go.mod deleted file mode 100644 index 79c332758..000000000 --- a/phoenix_os/agents/internal/swarm/governance/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/agents/internal/swarm/governance - -go 1.25.0 diff --git a/phoenix_os/agents/internal/swarm/governance/governance.go b/phoenix_os/agents/internal/swarm/governance/governance.go deleted file mode 100644 index 2c79f062b..000000000 --- a/phoenix_os/agents/internal/swarm/governance/governance.go +++ /dev/null @@ -1,31 +0,0 @@ -package governance - -import ( - "sync" -) - -// Policy defines the rules for swarm node participation. -type Policy struct { - MinReputation float64 - QuorumSize int -} - -// SwarmGovernor enforces governance policies on the node network. -type SwarmGovernor struct { - mu sync.RWMutex - Policy Policy -} - -// NewSwarmGovernor initializes the governor with a policy. -func NewSwarmGovernor(policy Policy) *SwarmGovernor { - return &SwarmGovernor{ - Policy: policy, - } -} - -// ValidateProposal checks if a node is authorized to participate in consensus. -func (sg *SwarmGovernor) ValidateProposal(nodeReputation float64) bool { - sg.mu.RLock() - defer sg.mu.RUnlock() - return nodeReputation >= sg.Policy.MinReputation -} diff --git a/phoenix_os/agents/internal/swarm/governance/governance_test.go b/phoenix_os/agents/internal/swarm/governance/governance_test.go deleted file mode 100644 index c2c66dfda..000000000 --- a/phoenix_os/agents/internal/swarm/governance/governance_test.go +++ /dev/null @@ -1,16 +0,0 @@ -package governance - -import "testing" - -func TestGovernance(t *testing.T) { - policy := Policy{MinReputation: 0.7, QuorumSize: 3} - gov := NewSwarmGovernor(policy) - - if gov.ValidateProposal(0.8) == false { - t.Error("Proposal should be accepted for compliant reputation") - } - - if gov.ValidateProposal(0.5) == true { - t.Error("Proposal should be rejected for low reputation") - } -} diff --git a/phoenix_os/agents/internal/swarm/swarm_agent.go b/phoenix_os/agents/internal/swarm/swarm_agent.go deleted file mode 100644 index 7b3945816..000000000 --- a/phoenix_os/agents/internal/swarm/swarm_agent.go +++ /dev/null @@ -1,20 +0,0 @@ -package main - -import ( - "fmt" - "time" - "phoenix/agents/internal/common" -) - -func main() { - fmt.Println("Phoenix Swarm Coordinator Online") - - // Simulate consensus check - cmd := common.InternalCommand{ - Source: "swarm-coord", - Command: "SYNC_NODES", - Params: map[string]int{"nodes": 5}, - Timestamp: time.Now(), - } - common.DispatchCommand(cmd) -} diff --git a/phoenix_os/agents/internal/telemetry/main.go b/phoenix_os/agents/internal/telemetry/main.go deleted file mode 100644 index acf0c2b65..000000000 --- a/phoenix_os/agents/internal/telemetry/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "fmt" - "time" -) - -func main() { - fmt.Println("Phoenix Telemetry Agent Online") - // Skeleton for bus subscription and math filter application - for { - time.Sleep(10 * time.Second) - } -} diff --git a/phoenix_os/arbiter/README.md b/phoenix_os/arbiter/README.md deleted file mode 100644 index cbbb3ac8c..000000000 --- a/phoenix_os/arbiter/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Phoenix Arbiter (Strategic Decision & Policy) - -Game-theoretic policy engine for PhoenixOS. - -## Purpose -Selects the optimal monitoring and response strategies using Stackelberg Security Games (SSG) to minimize attacker utility. - -## Validation Gates -- [ ] Nash/SSE verification < 1ms. -- [ ] Strategy convergence for adaptive attackers. -- [ ] Policy validity against known threat profiles. diff --git a/phoenix_os/arbiter/RFC.md b/phoenix_os/arbiter/RFC.md deleted file mode 100644 index 71482cf25..000000000 --- a/phoenix_os/arbiter/RFC.md +++ /dev/null @@ -1,13 +0,0 @@ -# RFC: Phoenix Arbiter - -## 1. Description -Phoenix Arbiter provides L5.5 strategic intelligence. It uses the global system state (SDI, Trace) as input to a payoff matrix. - -## 2. Specification -- **Algorithm:** Strong Stackelberg Equilibrium (SSE) solver. -- **Output:** Mixed-strategy probability distribution for monitoring targets. - -## 3. Interface -```go -func SolveSSE(payoffs PayoffMatrix) Strategy -``` diff --git a/phoenix_os/arbiter/artifacts/phoenix_arbiter b/phoenix_os/arbiter/artifacts/phoenix_arbiter deleted file mode 100755 index 5690c2cf3..000000000 Binary files a/phoenix_os/arbiter/artifacts/phoenix_arbiter and /dev/null differ diff --git a/phoenix_os/arbiter/build.sh b/phoenix_os/arbiter/build.sh deleted file mode 100644 index 5d3d01b63..000000000 --- a/phoenix_os/arbiter/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -set -e -echo "Building Phoenix Arbiter..." -mkdir -p artifacts -go build -o artifacts/phoenix_arbiter ./src/*.go -echo "Build complete." diff --git a/phoenix_os/arbiter/consensus.go b/phoenix_os/arbiter/consensus.go deleted file mode 100644 index bb9e03bea..000000000 --- a/phoenix_os/arbiter/consensus.go +++ /dev/null @@ -1,59 +0,0 @@ -package arbiter - -import ( - "sync" - "time" - - "phoenix/agents/internal/swarm" -) - -type Vote struct { - NodeID string - Decision bool - Confidence float64 -} - -type ConsensusEngine struct { - mu sync.Mutex - reputation *swarm.ReputationStore - votes []Vote - threshold float64 -} - -func NewConsensusEngine(rep *swarm.ReputationStore, threshold float64) *ConsensusEngine { - return &ConsensusEngine{ - reputation: rep, - votes: make([]Vote, 0), - threshold: threshold, - } -} - -func (e *ConsensusEngine) SubmitVote(v Vote) { - e.mu.Lock() - defer e.mu.Unlock() - e.votes = append(e.votes, v) -} - -func (e *ConsensusEngine) EvaluateQuorum() bool { - e.mu.Lock() - defer e.mu.Unlock() - - var weightedTotal float64 - var totalReputation float64 - - for _, v := range e.votes { - rep := e.reputation.GetReputation(v.NodeID) - if rep == 0 { rep = 1.0 } // Default minimal rep - - if v.Decision { - weightedTotal += rep * v.Confidence - } - totalReputation += rep - } - - if totalReputation == 0 { - return false - } - - return (weightedTotal / totalReputation) > e.threshold -} diff --git a/phoenix_os/arbiter/consensus_test.go b/phoenix_os/arbiter/consensus_test.go deleted file mode 100644 index 58a8b32f0..000000000 --- a/phoenix_os/arbiter/consensus_test.go +++ /dev/null @@ -1,23 +0,0 @@ -package arbiter - -import ( - "phoenix/agents/internal/swarm" - "testing" -) - -func TestConsensusEngine(t *testing.T) { - rep := swarm.NewReputationStore() - rep.UpdateReputation("node1", 10.0) // High trust - rep.UpdateReputation("node2", 1.0) // Low trust - - engine := NewConsensusEngine(rep, 0.5) - - // High trust node votes true - engine.SubmitVote(Vote{"node1", true, 0.9}) - // Low trust node votes false - engine.SubmitVote(Vote{"node2", false, 0.9}) - - if !engine.EvaluateQuorum() { - t.Error("Expected quorum to be true based on high trust node") - } -} diff --git a/phoenix_os/arbiter/go.mod b/phoenix_os/arbiter/go.mod deleted file mode 100644 index 22be29322..000000000 --- a/phoenix_os/arbiter/go.mod +++ /dev/null @@ -1 +0,0 @@ -module phoenix/arbiter diff --git a/phoenix_os/arbiter/src/arbiter.go b/phoenix_os/arbiter/src/arbiter.go deleted file mode 100644 index efe4b8022..000000000 --- a/phoenix_os/arbiter/src/arbiter.go +++ /dev/null @@ -1,74 +0,0 @@ -package main - -import ( - "fmt" -) - -// Payoff represents (Defender, Attacker) utilities -type Payoff struct { - D, A float64 -} - -// PayoffMatrix for a 2x2 game -type PayoffMatrix [][]Payoff - -// Node represents a participant in the swarm -type Node struct { - ID string - Reputation float64 - Authorized bool -} - -// Arbiter handles quorum and reputation -type Arbiter struct { - Nodes []Node - QuorumThreshold float64 -} - -// CalculateQuorum validates quorum based on reputation -func (a *Arbiter) CalculateQuorum(votes map[string]bool) bool { - var totalReputation float64 - var positiveReputation float64 - for _, node := range a.Nodes { - if !node.Authorized { - continue - } - totalReputation += node.Reputation - if vote, ok := votes[node.ID]; ok && vote { - positiveReputation += node.Reputation - } - } - if totalReputation == 0 { - return false - } - return (positiveReputation / totalReputation) >= a.QuorumThreshold -} - -func SolveMiniMax(m PayoffMatrix) int { - // Simple pure strategy minimax for demonstration - bestDefenderAction := 0 - maxMinVal := -1e9 - - for i := range m { - minAttackerVal := 1e9 - for j := range m[i] { - if m[i][j].A < minAttackerVal { - minAttackerVal = m[i][j].A - } - } - if minAttackerVal > maxMinVal { - maxMinVal = minAttackerVal - bestDefenderAction = i - } - } - return bestDefenderAction -} - -func main() { - // Boot check - matrix := PayoffMatrix{ - {{1, -1}, {-1, 1}}, - {{-1, 1}, {1, -1}}, - } - fmt.Printf("Best Action: %d\n", SolveMiniMax(matrix)) -} diff --git a/phoenix_os/arbiter/src/arbiter_test.go b/phoenix_os/arbiter/src/arbiter_test.go deleted file mode 100644 index f1862a773..000000000 --- a/phoenix_os/arbiter/src/arbiter_test.go +++ /dev/null @@ -1,38 +0,0 @@ -package main - -import ( - "testing" -) - -func TestCalculateQuorum(t *testing.T) { - arbiter := Arbiter{ - Nodes: []Node{ - {"node1", 1.0, true}, - {"node2", 2.0, true}, - {"node3", 1.0, false}, - }, - QuorumThreshold: 0.6, - } - - votes := map[string]bool{ - "node1": true, - "node2": false, - "node3": true, - } - - // Reputation: node1=1, node2=2, total=3 - // Positive: node1=1, node2=0, total=1 - // 1/3 = 0.33 < 0.6 => false - if arbiter.CalculateQuorum(votes) { - t.Errorf("Expected false for 0.33 threshold") - } - - votes2 := map[string]bool{ - "node1": true, - "node2": true, - } - // (1+2)/3 = 1.0 >= 0.6 => true - if !arbiter.CalculateQuorum(votes2) { - t.Errorf("Expected true for 1.0 threshold") - } -} diff --git a/phoenix_os/arbiter/test.sh b/phoenix_os/arbiter/test.sh deleted file mode 100644 index a8e907165..000000000 --- a/phoenix_os/arbiter/test.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -e -echo "Testing Phoenix Arbiter..." -go test -v ./src/*.go -echo "Tests complete." diff --git a/phoenix_os/bus/bus.go b/phoenix_os/bus/bus.go new file mode 100644 index 000000000..bdda49c66 --- /dev/null +++ b/phoenix_os/bus/bus.go @@ -0,0 +1,87 @@ +package bus + +import ( + "encoding/json" + "fmt" + "sync" +) + +const ( + QueueCapacity = 65536 + HighWatermark = 0.85 + CriticalWatermark = 0.95 +) + +// TelemetryEvent structure matching EVENT_SCHEMA.md +type TelemetryEvent struct { + SeqID int64 `json:"seq_id"` + MonotonicNs int64 `json:"monotonic_ns"` + WallTimeUnix int64 `json:"wall_time_unix"` + Source string `json:"source"` + HostID string `json:"host_id"` + PID int `json:"pid"` + TID int `json:"tid"` + UID int `json:"uid"` + GID int `json:"gid"` + EventType string `json:"event_type"` + Severity float64 `json:"severity"` + Payload json.RawMessage `json:"payload"` + PrevHash string `json:"prev_hash"` + Hash string `json:"hash"` +} + +type Bus struct { + mu sync.RWMutex + subscribers map[string][]chan TelemetryEvent + Dropped int64 + Sampled int64 +} + +func NewBus() *Bus { + return &Bus{ + subscribers: make(map[string][]chan TelemetryEvent), + } +} + +func (b *Bus) Subscribe(topic string) chan TelemetryEvent { + b.mu.Lock() + defer b.mu.Unlock() + ch := make(chan TelemetryEvent, QueueCapacity) + b.subscribers[topic] = append(b.subscribers[topic], ch) + return ch +} + +func (b *Bus) Publish(topic string, event TelemetryEvent) { + b.mu.RLock() + subs, ok := b.subscribers[topic] + b.mu.RUnlock() + + if !ok { + return + } + + for _, ch := range subs { + fillRatio := float64(len(ch)) / float64(QueueCapacity) + + if fillRatio >= CriticalWatermark { + if event.Severity < 0.8 { + b.Dropped++ + continue + } + } + + if fillRatio >= HighWatermark && fillRatio < CriticalWatermark { + if event.Severity < 0.5 && event.SeqID%2 == 0 { + b.Sampled++ + continue + } + } + + select { + case ch <- event: + default: + b.Dropped++ + fmt.Printf("[BUS EMERGENCY] Queue at 100%%. Dropping seq %d\n", event.SeqID) + } + } +} diff --git a/phoenix_os/bus/go.mod b/phoenix_os/bus/go.mod deleted file mode 100644 index 1c18859cd..000000000 --- a/phoenix_os/bus/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/telemetry/bus - -go 1.25.0 diff --git a/phoenix_os/common/go.mod b/phoenix_os/common/go.mod deleted file mode 100644 index 4f0d07a91..000000000 --- a/phoenix_os/common/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/common - -go 1.25.0 diff --git a/phoenix_os/go.mod b/phoenix_os/go.mod index 6105e1265..520d64970 100644 --- a/phoenix_os/go.mod +++ b/phoenix_os/go.mod @@ -1,3 +1,5 @@ module github.com/fallofpheonix/phoenix_os go 1.26 + +require github.com/mattn/go-sqlite3 v1.14.44 diff --git a/phoenix_os/go.sum b/phoenix_os/go.sum new file mode 100644 index 000000000..cf1e56148 --- /dev/null +++ b/phoenix_os/go.sum @@ -0,0 +1,2 @@ +github.com/mattn/go-sqlite3 v1.14.44 h1:3VSe+xafpbzsLbdr2AWlAZk9yRHiBhTBakioXaCKTF8= +github.com/mattn/go-sqlite3 v1.14.44/go.mod h1:pjEuOr8IwzLJP2MfGeTb0A35jauH+C2kbHKBr7yXKVQ= diff --git a/phoenix_os/guard/go.mod b/phoenix_os/guard/go.mod deleted file mode 100644 index b8d910f66..000000000 --- a/phoenix_os/guard/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/guard - -go 1.25.0 diff --git a/phoenix_os/guard/guard.go b/phoenix_os/guard/guard.go new file mode 100644 index 000000000..28ea3a771 --- /dev/null +++ b/phoenix_os/guard/guard.go @@ -0,0 +1,122 @@ +package guard + +import ( + "bufio" + "encoding/json" + "math/rand" + "os" + "time" + + "github.com/fallofpheonix/phoenix_os/bus" +) + +type ReplayMode int + +const ( + ModeExact ReplayMode = 0 + ModeAccelerated ReplayMode = 1 + ModeSaturation ReplayMode = 2 + ModeFault ReplayMode = 3 +) + +type GuardAdapter struct { + Bus *bus.Bus + sourceFile string + mode ReplayMode + speedFactor float64 +} + +func NewGuardAdapter(b *bus.Bus, file string, mode ReplayMode, speed float64) *GuardAdapter { + return &GuardAdapter{ + Bus: b, + sourceFile: file, + mode: mode, + speedFactor: speed, + } +} + +// Legacy test_events.jsonl structures +type oldPayload struct { + EntropyScore float64 `json:"entropy_score"` +} +type oldEvent struct { + Timestamp string `json:"timestamp"` + EventID string `json:"event_id"` + EventType string `json:"event_type"` + HostID string `json:"host_id"` + PID int `json:"pid"` + UID int `json:"uid"` + GID int `json:"gid"` + Payload oldPayload `json:"payload"` +} + +func (g *GuardAdapter) Start() (int64, error) { + file, err := os.Open(g.sourceFile) + if err != nil { + return 0, err + } + defer file.Close() + + scanner := bufio.NewScanner(file) + var prevMono int64 + var seqID int64 + + for scanner.Scan() { + seqID++ + var old oldEvent + if err := json.Unmarshal(scanner.Bytes(), &old); err != nil { + continue + } + + var wallUnix int64 + if t, err := time.Parse(time.RFC3339Nano, old.Timestamp); err == nil { + wallUnix = t.Unix() + } else { + wallUnix = 1700000000 + seqID + } + + event := bus.TelemetryEvent{ + SeqID: seqID, + MonotonicNs: seqID * 1000000, + WallTimeUnix: wallUnix, + Source: "guard.mock", + HostID: old.HostID, + PID: old.PID, + TID: old.PID, + UID: old.UID, + GID: old.GID, + EventType: old.EventType, + Severity: old.Payload.EntropyScore, + Payload: []byte("{}"), + Hash: "mock-hash", + PrevHash: "mock-prev", + } + + // Replay timing + if prevMono != 0 { + diff := event.MonotonicNs - prevMono + if diff > 0 { + switch g.mode { + case ModeExact: + time.Sleep(time.Duration(diff)) + case ModeAccelerated: + time.Sleep(time.Duration(float64(diff) / g.speedFactor)) + case ModeSaturation: + // no sleep + case ModeFault: + roll := rand.Float64() + if roll < 0.05 { + continue + } else if roll < 0.10 { + time.Sleep(time.Duration(diff) * 10) + } + } + } + } + prevMono = event.MonotonicNs + + g.Bus.Publish("telemetry.raw", event) + } + + return seqID, scanner.Err() +} diff --git a/phoenix_os/kernel/README.md b/phoenix_os/kernel/README.md deleted file mode 100644 index c3e46c460..000000000 --- a/phoenix_os/kernel/README.md +++ /dev/null @@ -1,15 +0,0 @@ -# Phoenix Kernel (L1/L2) - -The foundational telemetry and enforcement layer of PhoenixOS. - -## Purpose -Provides low-overhead system visibility and security enforcement using eBPF and LSM hooks. - -## Performance Budget -- **Trace Latency:** < 500 ns per event. -- **CPU Overhead:** < 1% total system usage. - -## Validation Gates -- [ ] eBPF verification success. -- [ ] Atomic map updates. -- [ ] Zero packet/event loss in ring buffer. diff --git a/phoenix_os/kernel/RFC.md b/phoenix_os/kernel/RFC.md deleted file mode 100644 index e7d0fe518..000000000 --- a/phoenix_os/kernel/RFC.md +++ /dev/null @@ -1,15 +0,0 @@ -# RFC: Phoenix Kernel - -## 1. Description -The Phoenix Kernel module handles in-kernel event capture (L2) and policy enforcement (L1). It acts as the primary data source for the Phoenix Bus. - -## 2. Specification -- **Probes:** `tracepoints` for syscalls, `kprobes` for internal kernel functions. -- **Enforcement:** `LSM` hooks (Linux Security Modules) for mandatory access control. -- **Communication:** `BPF_MAP_TYPE_RINGBUF` for high-speed event export. - -## 3. Security -All BPF programs are verified by the kernel verifier to ensure: -- No infinite loops. -- No invalid memory access. -- Bounded execution time. diff --git a/phoenix_os/kernel/artifacts/phoenix_kernel b/phoenix_os/kernel/artifacts/phoenix_kernel deleted file mode 100755 index ce4d9d961..000000000 Binary files a/phoenix_os/kernel/artifacts/phoenix_kernel and /dev/null differ diff --git a/phoenix_os/kernel/build.sh b/phoenix_os/kernel/build.sh deleted file mode 100644 index e5ee3bf99..000000000 --- a/phoenix_os/kernel/build.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -set -e -echo "Building Phoenix Kernel Service..." -mkdir -p artifacts -# In a real environment: clang -O2 -target bpf -c ebpf/phoenix_trace.c -o artifacts/phoenix_trace.o -go build -o artifacts/phoenix_kernel ./src/loader.go -echo "Build complete." diff --git a/phoenix_os/kernel/ebpf/phoenix_trace.c b/phoenix_os/kernel/ebpf/phoenix_trace.c deleted file mode 100644 index ff17266f8..000000000 --- a/phoenix_os/kernel/ebpf/phoenix_trace.c +++ /dev/null @@ -1,32 +0,0 @@ -#include -#include - -struct event_t { - __u32 pid; - __u32 ppid; - char comm[16]; -}; - -struct { - __uint(type, BPF_MAP_TYPE_RINGBUF); - __uint(max_entries, 256 * 1024); -} events SEC(".maps"); - -SEC("tracepoint/syscalls/sys_enter_execve") -int trace_execve(void *ctx) { - struct event_t *e; - - e = bpf_ringbuf_reserve(&events, sizeof(*e), 0); - if (!e) { - return 0; - } - - e->pid = bpf_get_current_pid_tgid() >> 32; - // Simplification for prototype - bpf_get_current_comm(&e->comm, sizeof(e->comm)); - - bpf_ringbuf_submit(e, 0); - return 0; -} - -char _license[] SEC("license") = "GPL"; diff --git a/phoenix_os/kernel/go.mod b/phoenix_os/kernel/go.mod deleted file mode 100644 index d7db151c2..000000000 --- a/phoenix_os/kernel/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/kernel - -go 1.25.0 diff --git a/phoenix_os/kernel/schema.json b/phoenix_os/kernel/schema.json deleted file mode 100644 index e69de29bb..000000000 diff --git a/phoenix_os/kernel/src/loader.go b/phoenix_os/kernel/src/loader.go deleted file mode 100644 index eab05995a..000000000 --- a/phoenix_os/kernel/src/loader.go +++ /dev/null @@ -1,38 +0,0 @@ -package main - -import ( - "fmt" -) - -// In a real environment, we would use cilium/ebpf to load the ELF -// For this model, we simulate the loader and ring buffer ingestion. - -type KernelEvent struct { - PID uint32 - Comm string -} - -type KernelService struct { - Events chan KernelEvent -} - -func NewKernelService() *KernelService { - return &KernelService{ - Events: make(chan KernelEvent, 100), - } -} - -func (k *KernelService) SimulateTrace(pid uint32, comm string) { - k.Events <- KernelEvent{PID: pid, Comm: comm} -} - -func main() { - fmt.Println("Phoenix Kernel Service starting...") - k := NewKernelService() - - // Simulate eBPF event capture - k.SimulateTrace(1234, "bash") - - evt := <-k.Events - fmt.Printf("Captured In-Kernel Event: PID=%d Comm=%s\n", evt.PID, evt.Comm) -} diff --git a/phoenix_os/ledger/go.mod b/phoenix_os/ledger/go.mod deleted file mode 100644 index d074a4457..000000000 --- a/phoenix_os/ledger/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/ledger - -go 1.25.0 diff --git a/phoenix_os/ledger/ledger.go b/phoenix_os/ledger/ledger.go new file mode 100644 index 000000000..0f8303f9e --- /dev/null +++ b/phoenix_os/ledger/ledger.go @@ -0,0 +1,73 @@ +package ledger + +import ( + "crypto/sha256" + "encoding/binary" + "fmt" +) + +type LedgerEntry struct { + SeqID int64 + ActionID string + CauseID string + Payload []byte + PrevHash []byte + Hash []byte +} + +type Ledger struct { + Entries []LedgerEntry + counter int64 +} + +func (l *Ledger) AddEntry(actionID, causeID string, payload []byte) error { + prevHash := make([]byte, 32) + if len(l.Entries) > 0 { + prevHash = l.Entries[len(l.Entries)-1].Hash + } + + entry := LedgerEntry{ + SeqID: l.counter, + ActionID: actionID, + CauseID: causeID, + Payload: payload, + PrevHash: prevHash, + } + l.counter++ + + h := sha256.New() + binary.Write(h, binary.BigEndian, entry.SeqID) + h.Write([]byte(entry.ActionID)) + h.Write([]byte(entry.CauseID)) + h.Write(entry.PrevHash) + h.Write(entry.Payload) + + entry.Hash = h.Sum(nil) + l.Entries = append(l.Entries, entry) + return nil +} + +func (l *Ledger) Verify() error { + var prev []byte + for i, entry := range l.Entries { + if i > 0 { + if string(entry.PrevHash) != string(prev) { + return fmt.Errorf("hash chain broken at entry %d", i) + } + } + + h := sha256.New() + binary.Write(h, binary.BigEndian, entry.SeqID) + h.Write([]byte(entry.ActionID)) + h.Write([]byte(entry.CauseID)) + h.Write(entry.PrevHash) + h.Write(entry.Payload) + + computed := h.Sum(nil) + if string(computed) != string(entry.Hash) { + return fmt.Errorf("invalid hash at entry %d", i) + } + prev = entry.Hash + } + return nil +} diff --git a/phoenix_os/main.go b/phoenix_os/main.go new file mode 100644 index 000000000..fadae82ff --- /dev/null +++ b/phoenix_os/main.go @@ -0,0 +1,179 @@ +package main + +import ( + "crypto/sha256" + "encoding/json" + "fmt" + "log" + "os" + "sync" + "time" + + "github.com/fallofpheonix/phoenix_os/bus" + "github.com/fallofpheonix/phoenix_os/guard" + "github.com/fallofpheonix/phoenix_os/ledger" + "github.com/fallofpheonix/phoenix_os/monitor" + "github.com/fallofpheonix/phoenix_os/tcs" + "github.com/fallofpheonix/phoenix_os/trace" + "github.com/fallofpheonix/phoenix_os/warden" +) + +// LedgerWorker drains the evidence channel asynchronously without blocking the fast-path +func LedgerWorker(payloadChan <-chan tcs.ActuationPayload, evLedger *ledger.Ledger) { + for p := range payloadChan { + data, _ := json.Marshal(p) + if err := evLedger.AddEntry(p.ActionID, p.CauseID, data); err != nil { + log.Printf("[LEDGER ERROR] %v", err) + } + } +} + +func main() { + fmt.Println("==================================================") + fmt.Println("✦ PHOENIX CYBERNETIC SECURITY RUNTIME") + fmt.Println("==================================================") + + // ── 1. Event Bus ────────────────────────────────────────────── + b := bus.NewBus() + rawCh := b.Subscribe("telemetry.raw") + scoredCh := b.Subscribe("telemetry.scored") + wardenActionCh := b.Subscribe("warden.action") + + // ── 2. Evidence Ledger (async, channel-based) ───────────────── + evLedger := &ledger.Ledger{} + payloadChan := make(chan tcs.ActuationPayload, 100000) + + var ledgerWg sync.WaitGroup + ledgerWg.Add(1) + go func() { + defer ledgerWg.Done() + LedgerWorker(payloadChan, evLedger) + }() + + // ── 3. TCS Sliding Window (60s window) ──────────────────────── + telemetryWindow := tcs.NewSlidingWindow(60 * time.Second) + fmt.Println("[BOOT] TCS Sliding Window initialized (60s window)") + + // ── 4. Degradation Monitor (circuit breaker) ────────────────── + degMon := tcs.NewDegradationMonitor(telemetryWindow, payloadChan) + fmt.Println("[BOOT] Degradation Monitor active (threshold: 0.85)") + + // ── 5. Trace Storage (SQLite WAL) ───────────────────────────── + dbPath := "/tmp/phoenix_trace.db" + _ = os.Remove(dbPath) + traceStore, err := trace.NewTraceStorage(dbPath, rawCh) + if err != nil { + log.Fatalf("[FATAL] Trace storage init failed: %v", err) + } + traceStore.StartWriter() + fmt.Println("[BOOT] Trace WAL storage ready") + + // ── 6. Monitor (EWMA + Linear Kalman) ───────────────────────── + monInCh := b.Subscribe("telemetry.raw") + mon := monitor.NewMonitorService(monInCh, b) + mon.Start() + fmt.Println("[BOOT] Monitor engine started (EWMA + Kalman)") + + // ── 7. Warden FSM (authoritative, hysteresis-backed) ───────── + wardenInCh := make(chan monitor.DriftScore, 100) + + var wardenWg sync.WaitGroup + wardenWg.Add(1) + w := warden.NewWarden(wardenInCh, b) + go func() { + defer wardenWg.Done() + for score := range wardenInCh { + w.Evaluate(score) + } + }() + fmt.Println("[BOOT] Warden FSM active (hysteresis: 30s dwell)") + + // ── 8. Guard Replay Adapter ─────────────────────────────────── + eventsFile := "/Users/fallofpheonix/os/test_events.jsonl" + fmt.Println("[BOOT] Starting Guard Adapter (Saturation Mode)") + guardAdapter := guard.NewGuardAdapter(b, eventsFile, guard.ModeSaturation, 1.0) + + totalEvents, err := guardAdapter.Start() + if err != nil { + log.Fatalf("[FATAL] Guard failed: %v", err) + } + fmt.Printf("[REPLAY] Replayed %d events successfully\n", totalEvents) + + // ── 9. Drain and Process Pipeline ────────────────────────────── + // Read and process events from scoredCh until all totalEvents are scored. + var wg sync.WaitGroup + wg.Add(1) + go func() { + defer wg.Done() + for ev := range scoredCh { + var score monitor.DriftScore + if err := json.Unmarshal(ev.Payload, &score); err == nil { + wardenInCh <- score + + // Feed scored events into TCS as synthetic telemetry deterministically + telemetryWindow.AddEvent(tcs.TelemetryEvent{ + Timestamp: time.Unix(score.WallTimeUnix, 0), + SequenceID: uint64(score.EventID), + JitterNS: 0, + }) + + // Synchronously evaluate degradation monitor + tcsScore := telemetryWindow.Evaluate() + degMon.Evaluate(tcsScore) + + if score.EventID == totalEvents { + break + } + } + } + }() + + // Wait for scored channel processing loop to finish + wg.Wait() + close(wardenInCh) + + // Wait for Warden FSM processing to finish + wardenWg.Wait() + + // Drain any remaining warden actions and log them to the Ledger + for { + select { + case ev := <-wardenActionCh: + payloadChan <- tcs.ActuationPayload{ + ActionID: fmt.Sprintf("WARDEN-FSM-%d", ev.SeqID), + CauseID: "FSM-TRANSITION", + TargetIP: 0, + Action: string(ev.Payload), + } + default: + goto DRAINED + } + } +DRAINED: + + // Wait for LedgerWorker to finish draining + close(payloadChan) + ledgerWg.Wait() + + // Verify Ledger integrity + if verr := evLedger.Verify(); verr != nil { + fmt.Printf("[LEDGER] INTEGRITY VIOLATION: %v\n", verr) + } else { + fmt.Printf("[LEDGER] Hash-chain verified (%d entries)\n", len(evLedger.Entries)) + } + + // Print final TCS score + finalTCS := telemetryWindow.Evaluate() + fmt.Printf("[TCS] Final Telemetry Confidence Score: %.4f\n", finalTCS) + + // Compute deterministic output hash for replay reproducibility proof + outputHash := sha256.New() + for _, entry := range evLedger.Entries { + outputHash.Write(entry.Hash[:]) + } + fmt.Printf("[REPLAY] Deterministic output hash: %x\n", outputHash.Sum(nil)) + + fmt.Println("==================================================") + fmt.Println("✦ RUNTIME HALTED") + fmt.Println("==================================================") +} diff --git a/phoenix_os/monitor/entropy.go b/phoenix_os/monitor/entropy.go index 9125e1ac1..5733dc0ba 100644 --- a/phoenix_os/monitor/entropy.go +++ b/phoenix_os/monitor/entropy.go @@ -1,4 +1,4 @@ -package entropy_engine +package monitor import ( "math" diff --git a/phoenix_os/monitor/entropy_test.go b/phoenix_os/monitor/entropy_test.go index 141e81cd5..fb5ab9966 100644 --- a/phoenix_os/monitor/entropy_test.go +++ b/phoenix_os/monitor/entropy_test.go @@ -1,4 +1,4 @@ -package entropy_engine +package monitor import ( "encoding/json" diff --git a/phoenix_os/monitor/go.mod b/phoenix_os/monitor/go.mod deleted file mode 100644 index 0b786b1fd..000000000 --- a/phoenix_os/monitor/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/monitor - -go 1.25.0 diff --git a/phoenix_os/monitor/monitor b/phoenix_os/monitor/monitor new file mode 100755 index 000000000..a3e596539 Binary files /dev/null and b/phoenix_os/monitor/monitor differ diff --git a/phoenix_os/monitor/monitor.go b/phoenix_os/monitor/monitor.go new file mode 100644 index 000000000..ff9d6e2df --- /dev/null +++ b/phoenix_os/monitor/monitor.go @@ -0,0 +1,127 @@ +package monitor + +import ( + "encoding/json" + "math" + + "github.com/fallofpheonix/phoenix_os/bus" +) + +// DriftScore represents the anomaly evaluation of an event +type DriftScore struct { + EventID int64 `json:"seq_id"` + OriginalScore float64 `json:"original_score"` + SmoothedScore float64 `json:"smoothed_score"` + Baseline float64 `json:"baseline"` + ZScore float64 `json:"z_score"` + DriftScore float64 `json:"drift_score"` // Kalman innovation score + WallTimeUnix int64 `json:"wall_time_unix"` +} + +// KalmanFilter implements a basic one-dimensional Kalman filter for state estimation and anomaly detection. +type KalmanFilter struct { + q float64 // process noise covariance + r float64 // measurement noise covariance + p float64 // estimation error covariance + k float64 // kalman gain + x float64 // state estimate +} + +// NewKalmanFilter creates a filter instance. +func NewKalmanFilter(q, r, p, initialValue float64) *KalmanFilter { + return &KalmanFilter{q: q, r: r, p: p, x: initialValue} +} + +// Predict performs the time-update step (prediction). +func (kf *KalmanFilter) Predict() (float64, float64) { + return kf.x, kf.p + kf.q +} + +// Update incorporates a new measurement into the filter state. +func (kf *KalmanFilter) Update(measurement float64) float64 { + kf.p = kf.p + kf.q + denominator := kf.p + kf.r + if denominator == 0 { + return kf.x + } + kf.k = kf.p / denominator + kf.x = kf.x + kf.k*(measurement-kf.x) + kf.p = (1 - kf.k) * kf.p + return kf.x +} + +// CheckDrift compares a measurement against the predicted state. +func (kf *KalmanFilter) CheckDrift(measurement float64) float64 { + predX, predP := kf.Predict() + innovation := measurement - predX + innovationCov := predP + kf.r + if innovationCov <= 0 { + return 0 + } + return math.Abs(innovation) / math.Sqrt(innovationCov) +} + +// MonitorService observes the bus and applies EWMA + Kalman +type MonitorService struct { + busCh chan bus.TelemetryEvent + outBus *bus.Bus + kalman *KalmanFilter + ewma float64 + alpha float64 + varEWMA float64 +} + +func NewMonitorService(inCh chan bus.TelemetryEvent, outBus *bus.Bus) *MonitorService { + return &MonitorService{ + busCh: inCh, + outBus: outBus, + kalman: NewKalmanFilter(0.01, 0.1, 1.0, 0.0), + alpha: 0.05, + } +} + +func (m *MonitorService) Start() { + go func() { + for event := range m.busCh { + raw := event.Severity + + // 1. Calculate drift score before update + drift := m.kalman.CheckDrift(raw) + + // 2. Update filter + smoothed := m.kalman.Update(raw) + + // 3. EWMA + diff := smoothed - m.ewma + m.ewma += m.alpha * diff + m.varEWMA = (1 - m.alpha) * (m.varEWMA + m.alpha*diff*diff) + + stddev := math.Sqrt(m.varEWMA) + var zscore float64 + if stddev > 0.001 { + zscore = (smoothed - m.ewma) / stddev + } + + score := DriftScore{ + EventID: event.SeqID, + OriginalScore: raw, + SmoothedScore: smoothed, + Baseline: m.ewma, + ZScore: zscore, + DriftScore: drift, + WallTimeUnix: event.WallTimeUnix, + } + + payloadBytes, _ := json.Marshal(score) + + m.outBus.Publish("telemetry.scored", bus.TelemetryEvent{ + SeqID: event.SeqID, + WallTimeUnix: event.WallTimeUnix, + Source: "phoenix.monitor", + EventType: "monitor.score", + Severity: raw, + Payload: payloadBytes, + }) + } + }() +} diff --git a/phoenix_os/nexus/README.md b/phoenix_os/nexus/README.md deleted file mode 100644 index 119ab4fae..000000000 --- a/phoenix_os/nexus/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Phoenix Nexus (Swarm Consensus) - -The multi-node synchronization layer for PhoenixOS. - -## Purpose -Enables a cluster of PhoenixOS nodes to share threat intelligence and reach consensus on containment actions. - -## Validation Gates -- [ ] Multi-node state consistency. -- [ ] Convergence time < 100ms. -- [ ] Byzantine fault tolerance (basic). diff --git a/phoenix_os/nexus/RFC.md b/phoenix_os/nexus/RFC.md deleted file mode 100644 index d7b554b61..000000000 --- a/phoenix_os/nexus/RFC.md +++ /dev/null @@ -1,15 +0,0 @@ -# RFC: Phoenix Nexus - -## 1. Description -Phoenix Nexus provides L7 swarm coordination. It uses a gossip-style protocol to propagate "Security Disorder Index" (SDI) values and "Arbiter" policies across the network. - -## 2. Specification -- **Protocol:** UDP-based Gossip. -- **State:** Conflict-free Replicated Data Types (CRDTs). -- **Consensus:** Quorum-based validation for critical containment actions. - -## 3. Interface -```go -func PropagateState(sdi float64, nodeID string) -func RequestConsensus(action string) bool -``` diff --git a/phoenix_os/nexus/artifacts/phoenix_nexus b/phoenix_os/nexus/artifacts/phoenix_nexus deleted file mode 100755 index bab8dc848..000000000 Binary files a/phoenix_os/nexus/artifacts/phoenix_nexus and /dev/null differ diff --git a/phoenix_os/nexus/build.sh b/phoenix_os/nexus/build.sh deleted file mode 100644 index 7c5dfca5e..000000000 --- a/phoenix_os/nexus/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -set -e -echo "Building Phoenix Nexus..." -mkdir -p artifacts -go build -o artifacts/phoenix_nexus ./src/*.go -echo "Build complete." diff --git a/phoenix_os/nexus/go.mod b/phoenix_os/nexus/go.mod deleted file mode 100644 index aa070dc3e..000000000 --- a/phoenix_os/nexus/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/nexus - -go 1.25.0 diff --git a/phoenix_os/nexus/schema.json b/phoenix_os/nexus/schema.json deleted file mode 100644 index e69de29bb..000000000 diff --git a/phoenix_os/nexus/src/nexus.go b/phoenix_os/nexus/src/nexus.go deleted file mode 100644 index a3aece113..000000000 --- a/phoenix_os/nexus/src/nexus.go +++ /dev/null @@ -1,62 +0,0 @@ -package main - -import ( - "fmt" - "sync" - "time" -) - -type NodeState struct { - NodeID string `json:"node_id"` - SDI float64 `json:"sdi"` - Timestamp time.Time `json:"timestamp"` -} - -type Nexus struct { - mu sync.RWMutex - Cluster map[string]NodeState - SelfID string -} - -func NewNexus(id string) *Nexus { - return &Nexus{ - Cluster: make(map[string]NodeState), - SelfID: id, - } -} - -func (n *Nexus) UpdateCluster(state NodeState) { - n.mu.Lock() - defer n.mu.Unlock() - - // CRDT-like logic: only update if the new state is fresher - if current, exists := n.Cluster[state.NodeID]; !exists || state.Timestamp.After(current.Timestamp) { - n.Cluster[state.NodeID] = state - } -} - -func (n *Nexus) GetGlobalSDI() float64 { - n.mu.RLock() - defer n.mu.RUnlock() - - var total float64 - for _, s := range n.Cluster { - total += s.SDI - } - if len(n.Cluster) == 0 { return 0 } - return total / float64(len(n.Cluster)) -} - -func main() { - fmt.Println("Phoenix Nexus Online") - nexus := NewNexus("node-alpha") - - // Simulate receiving state from node-beta - nexus.UpdateCluster(NodeState{ - NodeID: "node-beta", - SDI: 0.85, - Timestamp: time.Now(), - }) - - fmt.Printf("Global Cluster SDI: %f\n", nexus.GetGlobalSDI()) -} diff --git a/phoenix_os/nexus/src/nexus_test.go b/phoenix_os/nexus/src/nexus_test.go deleted file mode 100644 index c1e2679e1..000000000 --- a/phoenix_os/nexus/src/nexus_test.go +++ /dev/null @@ -1,21 +0,0 @@ -package main - -import ( - "testing" - "time" -) - -func TestNexusConsensus(t *testing.T) { - nexus := NewNexus("node-01") - - s1 := NodeState{NodeID: "node-01", SDI: 0.2, Timestamp: time.Now()} - s2 := NodeState{NodeID: "node-02", SDI: 0.8, Timestamp: time.Now()} - - nexus.UpdateCluster(s1) - nexus.UpdateCluster(s2) - - avg := nexus.GetGlobalSDI() - if avg != 0.5 { - t.Errorf("Expected average SDI 0.5, got %f", avg) - } -} diff --git a/phoenix_os/nexus/test.sh b/phoenix_os/nexus/test.sh deleted file mode 100644 index ffee034f4..000000000 --- a/phoenix_os/nexus/test.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -e -echo "Testing Phoenix Nexus..." -go test -v ./src/*.go -echo "Tests complete." diff --git a/phoenix_os/sentinel/README.md b/phoenix_os/sentinel/README.md deleted file mode 100644 index 937d97296..000000000 --- a/phoenix_os/sentinel/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Phoenix Sentinel (System Integrity & Physics) - -Thermodynamic monitoring for PhoenixOS. - -## Purpose -Calculates the global Security Disorder Index (SDI) and models container stability using the Ising model. - -## Validation Gates -- [ ] Correctness of entropy (SDI) on microstates. -- [ ] Predictive phase-transition detection > 90%. -- [ ] Calculation latency < 1ms. diff --git a/phoenix_os/sentinel/RFC.md b/phoenix_os/sentinel/RFC.md deleted file mode 100644 index bb67df434..000000000 --- a/phoenix_os/sentinel/RFC.md +++ /dev/null @@ -1,14 +0,0 @@ -# RFC: Phoenix Phoenix - -## 1. Description -Phoenix Phoenix provides L6 physical telemetry. It processes the aggregate state of the system to determine overall "health" or "disorder". - -## 2. Specification -- **Model:** Ising Spin Lattice. -- **Metric:** Security Disorder Index (SDI). - -## 3. Interface -```go -func CalculateSDI(states []int8) float64 -func PredictTransition(history []float64) bool -``` diff --git a/phoenix_os/sentinel/artifacts/phoenix_sentinel b/phoenix_os/sentinel/artifacts/phoenix_sentinel deleted file mode 100755 index 8939e0786..000000000 Binary files a/phoenix_os/sentinel/artifacts/phoenix_sentinel and /dev/null differ diff --git a/phoenix_os/sentinel/build.sh b/phoenix_os/sentinel/build.sh deleted file mode 100644 index e07b6ac08..000000000 --- a/phoenix_os/sentinel/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -set -e -echo "Building Phoenix Sentinel..." -mkdir -p artifacts -go build -o artifacts/phoenix_sentinel ./src/*.go -echo "Build complete." diff --git a/phoenix_os/sentinel/go.mod b/phoenix_os/sentinel/go.mod deleted file mode 100644 index 6115bfb29..000000000 --- a/phoenix_os/sentinel/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/phoenix - -go 1.25.0 diff --git a/phoenix_os/sentinel/src/sentinel.go b/phoenix_os/sentinel/src/sentinel.go deleted file mode 100644 index 0f9778c29..000000000 --- a/phoenix_os/sentinel/src/sentinel.go +++ /dev/null @@ -1,29 +0,0 @@ -package main - -import ( - "math" -) - -type StateVector []int8 - -func CalculateSDI(states StateVector) float64 { - if len(states) == 0 { return 0 } - counts := make(map[int8]int) - for _, s := range states { - counts[s]++ - } - var sdi float64 - n := float64(len(states)) - for _, count := range counts { - p := float64(count) / n - if p > 0 { - sdi -= p * math.Log(p) - } - } - return sdi -} - -func main() { - // Boot check - CalculateSDI(StateVector{1, -1}) -} diff --git a/phoenix_os/sentinel/src/sentinel_test.go b/phoenix_os/sentinel/src/sentinel_test.go deleted file mode 100644 index 0ea10679b..000000000 --- a/phoenix_os/sentinel/src/sentinel_test.go +++ /dev/null @@ -1,11 +0,0 @@ -package main - -import "testing" - -func TestSDI(t *testing.T) { - states := StateVector{1, 1, 1, 1} - sdi := CalculateSDI(states) - if sdi != 0 { - t.Errorf("Expected 0 SDI for pure state, got %f", sdi) - } -} diff --git a/phoenix_os/sentinel/test.sh b/phoenix_os/sentinel/test.sh deleted file mode 100644 index c8614ca47..000000000 --- a/phoenix_os/sentinel/test.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -e -echo "Testing Phoenix Sentinel..." -go test -v ./src/*.go -echo "Tests complete." diff --git a/phoenix_os/sentinel/tests/physics_test.go b/phoenix_os/sentinel/tests/physics_test.go deleted file mode 100644 index ce82fe3da..000000000 --- a/phoenix_os/sentinel/tests/physics_test.go +++ /dev/null @@ -1,40 +0,0 @@ -package physics - -import ( - "math" - "testing" -) - -func TestCalculateSDI(t *testing.T) { - t.Run("PureState", func(t *testing.T) { - states := StateVector{1, 1, 1, 1} - sdi := CalculateSDI(states) - if sdi != 0 { - t.Errorf("Expected 0 SDI for pure state, got %f", sdi) - } - }) - - t.Run("MixedState", func(t *testing.T) { - states := StateVector{1, -1} - sdi := CalculateSDI(states) - expected := - (0.5 * math.Log(0.5) + 0.5 * math.Log(0.5)) - if math.Abs(sdi-expected) > 0.0001 { - t.Errorf("Expected %f, got %f", expected, sdi) - } - }) -} - -func BenchmarkCalculateSDI(b *testing.B) { - states := make(StateVector, 100) - for i := range states { - if i%2 == 0 { - states[i] = 1 - } else { - states[i] = -1 - } - } - b.ResetTimer() - for i := 0; i < b.N; i++ { - CalculateSDI(states) - } -} diff --git a/phoenix_os/tcs/degradation.go b/phoenix_os/tcs/degradation.go new file mode 100644 index 000000000..ed5b451f3 --- /dev/null +++ b/phoenix_os/tcs/degradation.go @@ -0,0 +1,74 @@ +package tcs + +import ( + "fmt" + "log" +) + +// ActuationPayload represents an evidence payload for the Ledger +type ActuationPayload struct { + ActionID string + CauseID string + TargetIP uint32 + Action string +} + +// DegradationMonitor watches TCS and triggers state changes via circuit breaker +type DegradationMonitor struct { + window *SlidingWindow + payloadChan chan<- ActuationPayload + threshold float64 + isDegraded bool + transitionCount int +} + +// NewDegradationMonitor creates the circuit breaker +func NewDegradationMonitor(window *SlidingWindow, payloadChan chan<- ActuationPayload) *DegradationMonitor { + return &DegradationMonitor{ + window: window, + payloadChan: payloadChan, + threshold: 0.85, + isDegraded: false, + transitionCount: 0, + } +} + +// Evaluate checks the current score and triggers transitions synchronously +func (d *DegradationMonitor) Evaluate(score float64) { + // Circuit Breaker: Trip into DEGRADED state + if score < d.threshold && !d.isDegraded { + d.isDegraded = true + d.transitionCount++ + log.Printf("[TCS] WARNING: Score dropped to %.2f. ENTERING DEGRADED STATE. Suspending autonomous enforcement.", score) + + select { + case d.payloadChan <- ActuationPayload{ + ActionID: fmt.Sprintf("STATE-DEGRADE-%d", d.transitionCount), + CauseID: "TCS-THRESHOLD-VIOLATION", + TargetIP: 0, + Action: "ENTER_DEGRADED_MODE", + }: + default: + log.Println("[TCS] CRITICAL: Ledger channel saturated during DEGRADED transition.") + } + + return + } + + // Circuit Breaker: Recover to NORMAL state + if score >= d.threshold && d.isDegraded { + d.isDegraded = false + d.transitionCount++ + log.Printf("[TCS] RECOVERY: Score restored to %.2f. Resuming NORMAL state.", score) + + select { + case d.payloadChan <- ActuationPayload{ + ActionID: fmt.Sprintf("STATE-RECOVER-%d", d.transitionCount), + CauseID: "TCS-THRESHOLD-RESTORED", + TargetIP: 0, + Action: "ENTER_NORMAL_MODE", + }: + default: + } + } +} diff --git a/phoenix_os/tcs/tcs.go b/phoenix_os/tcs/tcs.go new file mode 100644 index 000000000..c91cb952e --- /dev/null +++ b/phoenix_os/tcs/tcs.go @@ -0,0 +1,117 @@ +package tcs + +import ( + "sync" + "time" +) + +// TelemetryEvent represents a raw signal from the kernel or network +type TelemetryEvent struct { + Timestamp time.Time + SequenceID uint64 + Payload []byte + JitterNS uint64 // Delta from expected arrival +} + +// SlidingWindow bounds telemetry memory to prevent unbounded growth +type SlidingWindow struct { + mu sync.RWMutex + events []TelemetryEvent + WindowSize time.Duration + lastSeqID uint64 + droppedPkts uint64 + latestTime time.Time +} + +// NewSlidingWindow creates a bounded telemetry window +func NewSlidingWindow(windowSize time.Duration) *SlidingWindow { + return &SlidingWindow{ + WindowSize: windowSize, + } +} + +// AddEvent injects a new telemetry payload into the window +func (w *SlidingWindow) AddEvent(e TelemetryEvent) { + w.mu.Lock() + defer w.mu.Unlock() + + // Detect dropped packets via sequence gaps + if w.lastSeqID > 0 && e.SequenceID > w.lastSeqID+1 { + w.droppedPkts += (e.SequenceID - w.lastSeqID - 1) + } + w.lastSeqID = e.SequenceID + if e.Timestamp.After(w.latestTime) { + w.latestTime = e.Timestamp + } + w.events = append(w.events, e) + w.prune(w.latestTime) +} + +// Evaluate calculates the Telemetry Confidence Score (0.0 to 1.0) +// Formula: T_C = w1*(1 - P_loss) + w2*(1 - J_norm) +func (w *SlidingWindow) Evaluate() float64 { + w.mu.RLock() + defer w.mu.RUnlock() + + if len(w.events) == 0 { + return 0.0 // No data = zero confidence + } + + // 1. Loss Rate (P_loss) + totalExpected := w.events[len(w.events)-1].SequenceID - w.events[0].SequenceID + var lossRate float64 + if totalExpected > 0 { + lossRate = float64(w.droppedPkts) / float64(totalExpected) + } + if lossRate > 1.0 { + lossRate = 1.0 + } + + // 2. Normalized Jitter (J_norm) + var totalJitter uint64 + for _, e := range w.events { + totalJitter += e.JitterNS + } + avgJitter := float64(totalJitter) / float64(len(w.events)) + + // Normalize: 50ms jitter = fully degraded + jNorm := avgJitter / 50_000_000.0 + if jNorm > 1.0 { + jNorm = 1.0 + } + + // 3. Weighted TCS: 70% loss, 30% jitter + w1, w2 := 0.7, 0.3 + tcs := (w1 * (1.0 - lossRate)) + (w2 * (1.0 - jNorm)) + + return tcs +} + +func (w *SlidingWindow) prune(now time.Time) { + if len(w.events) == 0 { + return + } + + cutoff := now.Add(-w.WindowSize) + splitIdx := 0 + foundValid := false + + for i, e := range w.events { + if e.Timestamp.After(cutoff) { + splitIdx = i + foundValid = true + break + } + } + + if !foundValid { + w.events = nil + w.droppedPkts = 0 + return + } + + if splitIdx > 0 { + w.events = w.events[splitIdx:] + w.droppedPkts = w.droppedPkts / 2 // Decay historical loss + } +} diff --git a/phoenix_os/telemetry/serialization/go.mod b/phoenix_os/telemetry/serialization/go.mod deleted file mode 100644 index a9f3e6144..000000000 --- a/phoenix_os/telemetry/serialization/go.mod +++ /dev/null @@ -1,10 +0,0 @@ -module phoenix/telemetry/serialization - -go 1.25.0 - -require github.com/segmentio/encoding v0.5.4 - -require ( - github.com/segmentio/asm v1.1.3 // indirect - golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 // indirect -) diff --git a/phoenix_os/telemetry/serialization/go.sum b/phoenix_os/telemetry/serialization/go.sum deleted file mode 100644 index 0c88e6dc9..000000000 --- a/phoenix_os/telemetry/serialization/go.sum +++ /dev/null @@ -1,6 +0,0 @@ -github.com/segmentio/asm v1.1.3 h1:WM03sfUOENvvKexOLp+pCqgb/WDjsi7EK8gIsICtzhc= -github.com/segmentio/asm v1.1.3/go.mod h1:Ld3L4ZXGNcSLRg4JBsZ3//1+f/TjYl0Mzen/DQy1EJg= -github.com/segmentio/encoding v0.5.4 h1:OW1VRern8Nw6ITAtwSZ7Idrl3MXCFwXHPgqESYfvNt0= -github.com/segmentio/encoding v0.5.4/go.mod h1:HS1ZKa3kSN32ZHVZ7ZLPLXWvOVIiZtyJnO1gPH1sKt0= -golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 h1:WecRHqgE09JBkh/584XIE6PMz5KKE/vER4izNUi30AQ= -golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/phoenix_os/telemetry/serialization/optimizer.go b/phoenix_os/telemetry/serialization/optimizer.go deleted file mode 100644 index 06697e2ed..000000000 --- a/phoenix_os/telemetry/serialization/optimizer.go +++ /dev/null @@ -1,11 +0,0 @@ -package serialization - -import ( - "encoding/json" - "github.com/segmentio/encoding/json" // Utilizing high-performance JSON encoder -) - -// OptimizedMarshaler replaces standard library JSON encoding with high-perf alternatives. -func OptimizedMarshaler(v interface{}) ([]byte, error) { - return json.Marshal(v) -} diff --git a/phoenix_os/telemetry/serialization/optimizer_test.go b/phoenix_os/telemetry/serialization/optimizer_test.go deleted file mode 100644 index c7b5b6b24..000000000 --- a/phoenix_os/telemetry/serialization/optimizer_test.go +++ /dev/null @@ -1,21 +0,0 @@ -package serialization - -import ( - "testing" -) - -type TestStruct struct { - ID int `json:"id"` - Value string `json:"value"` -} - -func TestOptimizer(t *testing.T) { - data := TestStruct{ID: 1, Value: "test"} - encoded, err := OptimizedMarshaler(data) - if err != nil { - t.Fatalf("Failed to marshal: %v", err) - } - if string(encoded) == "" { - t.Error("Marshaled data is empty") - } -} diff --git a/phoenix_os/trace/go.mod b/phoenix_os/trace/go.mod deleted file mode 100644 index 3262c8ee2..000000000 --- a/phoenix_os/trace/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/trace - -go 1.25.0 diff --git a/phoenix_os/trace/tests/process_graphs_test.go b/phoenix_os/trace/tests/process_graphs_test.go deleted file mode 100644 index 051f6b944..000000000 --- a/phoenix_os/trace/tests/process_graphs_test.go +++ /dev/null @@ -1,44 +0,0 @@ -package process_graphs - -import ( - "testing" -) - -func TestGraphLineage(t *testing.T) { - g := NewGraph() - g.AddNode("root", Process) - g.AddNode("child", Process) - g.AddNode("grandchild", Process) - - g.AddEdge("root", "child") - g.AddEdge("child", "grandchild") - - lineage := g.GetLineage("root") - if len(lineage) != 3 { - t.Errorf("Expected lineage length 3, got %d", len(lineage)) - } -} - -func BenchmarkGraphInsertion(b *testing.B) { - g := NewGraph() - for i := 0; i < b.N; i++ { - id := string(rune(i)) - g.AddNode(id, Process) - } -} - -func BenchmarkGraphTraversal(b *testing.B) { - g := NewGraph() - g.AddNode("0", Process) - for i := 1; i <= 15; i++ { - from := string(rune(i - 1)) - to := string(rune(i)) - g.AddNode(to, Process) - g.AddEdge(from, to) - } - - b.ResetTimer() - for i := 0; i < b.N; i++ { - _ = g.GetLineage("0") - } -} diff --git a/phoenix_os/trace/trace.go b/phoenix_os/trace/trace.go new file mode 100644 index 000000000..b03217035 --- /dev/null +++ b/phoenix_os/trace/trace.go @@ -0,0 +1,74 @@ +package trace + +import ( + "database/sql" + "fmt" + "log" + + "github.com/fallofpheonix/phoenix_os/bus" + _ "github.com/mattn/go-sqlite3" +) + +type TraceStorage struct { + db *sql.DB + busCh chan bus.TelemetryEvent +} + +func NewTraceStorage(dbPath string, busCh chan bus.TelemetryEvent) (*TraceStorage, error) { + db, err := sql.Open("sqlite3", dbPath) + if err != nil { + return nil, err + } + + pragmas := []string{ + "PRAGMA journal_mode=WAL;", + "PRAGMA synchronous=NORMAL;", + "PRAGMA temp_store=MEMORY;", + "PRAGMA mmap_size=268435456;", + "PRAGMA cache_size=-200000;", + } + for _, p := range pragmas { + if _, err := db.Exec(p); err != nil { + return nil, fmt.Errorf("failed to set %s: %v", p, err) + } + } + + schema := `CREATE TABLE IF NOT EXISTS events ( + seq_id INTEGER PRIMARY KEY, + monotonic_ns INTEGER NOT NULL, + wall_timestamp INTEGER NOT NULL, + source TEXT NOT NULL, + pid INTEGER, + event_type TEXT NOT NULL, + payload BLOB NOT NULL, + prev_hash TEXT NOT NULL, + hash TEXT NOT NULL + );` + if _, err := db.Exec(schema); err != nil { + return nil, fmt.Errorf("failed to create schema: %v", err) + } + + return &TraceStorage{db: db, busCh: busCh}, nil +} + +func (t *TraceStorage) StartWriter() { + go func() { + stmt, err := t.db.Prepare(`INSERT INTO events (seq_id, monotonic_ns, wall_timestamp, source, pid, event_type, payload, prev_hash, hash) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`) + if err != nil { + log.Fatalf("[TRACE] Failed to prepare statement: %v", err) + } + defer stmt.Close() + + for event := range t.busCh { + _, err := stmt.Exec( + event.SeqID, event.MonotonicNs, event.WallTimeUnix, + event.Source, event.PID, event.EventType, + event.Payload, event.PrevHash, event.Hash, + ) + if err != nil { + log.Printf("[TRACE ERROR] Failed to write event %d: %v", event.SeqID, err) + } + } + }() +} diff --git a/phoenix_os/warden/go.mod b/phoenix_os/warden/go.mod deleted file mode 100644 index 9efe174f5..000000000 --- a/phoenix_os/warden/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module phoenix/warden - -go 1.25.0 diff --git a/phoenix_os/warden/warden.go b/phoenix_os/warden/warden.go new file mode 100644 index 000000000..567a51f06 --- /dev/null +++ b/phoenix_os/warden/warden.go @@ -0,0 +1,93 @@ +package warden + +import ( + "fmt" + + "github.com/fallofpheonix/phoenix_os/bus" + "github.com/fallofpheonix/phoenix_os/monitor" +) + +type SystemState string + +const ( + StateNormal SystemState = "NORMAL" + StateSuspicious SystemState = "SUSPICIOUS" + StateContained SystemState = "CONTAINED" + StateRecovery SystemState = "RECOVERY" +) + +type Warden struct { + State SystemState + SuspThresh float64 + ContThresh float64 + RecovThresh float64 + DwellTime int64 // seconds + inCh chan monitor.DriftScore + outBus *bus.Bus + lastElevated int64 // unix seconds +} + +func NewWarden(inCh chan monitor.DriftScore, outBus *bus.Bus) *Warden { + return &Warden{ + State: StateNormal, + SuspThresh: 2.0, + ContThresh: 4.0, + RecovThresh: 1.0, + DwellTime: 30, // 30 seconds + inCh: inCh, + outBus: outBus, + } +} + +func (w *Warden) Start() { + go func() { + for score := range w.inCh { + w.Evaluate(score) + } + }() +} + +func (w *Warden) Evaluate(score monitor.DriftScore) { + now := score.WallTimeUnix + z := score.ZScore + oldState := w.State + + // Escalate immediately + if z >= w.ContThresh { + w.State = StateContained + w.lastElevated = now + } else if z >= w.SuspThresh && w.State == StateNormal { + w.State = StateSuspicious + w.lastElevated = now + } + + // De-escalate with hysteresis (dwell time) + if w.State == StateContained && z < w.RecovThresh { + if now - w.lastElevated > w.DwellTime { + w.State = StateRecovery + w.lastElevated = now + } + } else if w.State == StateRecovery && z < w.SuspThresh { + if now - w.lastElevated > w.DwellTime { + w.State = StateNormal + } + } else if w.State == StateSuspicious && z < w.SuspThresh { + if now - w.lastElevated > w.DwellTime { + w.State = StateNormal + } + } else if z >= w.SuspThresh { + w.lastElevated = now + } + + if oldState != w.State { + fmt.Printf("[WARDEN] FSM Transition: %s -> %s (Z-Score: %.2f)\n", oldState, w.State, z) + actionPayload := []byte(fmt.Sprintf(`{"action":"transition","state":"%s"}`, w.State)) + w.outBus.Publish("warden.action", bus.TelemetryEvent{ + SeqID: score.EventID, + Source: "phoenix.warden", + EventType: "fsm.transition", + Severity: 1.0, + Payload: actionPayload, + }) + } +} diff --git a/tests/__pycache__/test_guard_daemon.cpython-313-pytest-9.0.3.pyc b/tests/__pycache__/test_guard_daemon.cpython-313-pytest-9.0.3.pyc new file mode 100644 index 000000000..2bc3733e4 Binary files /dev/null and b/tests/__pycache__/test_guard_daemon.cpython-313-pytest-9.0.3.pyc differ