firewall

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2026 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package firewall implements the Knowledge Firewall for P2P queries. Default policy is deny-all — explicit rules must be added to allow access.

Package firewall implements the Knowledge Firewall for P2P queries.

Index

Constants

View Source 
const WildcardAll = "*"

WildcardAll matches all peers or all tools.

Variables

View Source 
var (
	ErrRateLimitExceeded       = errors.New("rate limit exceeded")
	ErrGlobalRateLimitExceeded = errors.New("global rate limit exceeded")
	ErrQueryDenied             = errors.New("query denied by firewall rule")
	ErrNoMatchingAllowRule     = errors.New("query denied: no matching allow rule")
)

Sentinel errors for firewall decisions.

Functions

func ValidateRule 

func ValidateRule(rule ACLRule) error

ValidateRule checks whether an ACL rule is safe to add. It rejects overly permissive allow rules (wildcard peer + wildcard tools).

Types

type ACLAction 

type ACLAction string

ACLAction identifies the action of an ACL rule. 

const (
	// ACLActionAllow permits matching queries.
	ACLActionAllow ACLAction = "allow"

	// ACLActionDeny blocks matching queries.
	ACLActionDeny ACLAction = "deny"
)

func (ACLAction) Valid 

func (a ACLAction) Valid() bool

Valid reports whether a is a known ACL action.

type ACLRule 

type ACLRule struct {
	// PeerDID is the peer this rule applies to (WildcardAll for all peers).
	PeerDID string `json:"peerDid"`

	// Action is ACLActionAllow or ACLActionDeny.
	Action ACLAction `json:"action"`

	// Tools lists tool name patterns (supports * wildcard).
	Tools []string `json:"tools"`

	// RateLimit is max requests per minute (0 = unlimited).
	RateLimit int `json:"rateLimit"`
}

ACLRule defines an access control rule.

type AttestationResult 

type AttestationResult struct {
	Proof        []byte
	PublicInputs []byte
	CircuitID    string
	Scheme       string
}

AttestationResult holds a structured ZK attestation proof from the prover.

type Firewall 

type Firewall struct {
	// contains filtered or unexported fields
}

Firewall enforces access control and response sanitization for P2P queries.

func New 

func New(rules []ACLRule, logger *zap.SugaredLogger) *Firewall

New creates a new Firewall with deny-all default policy.

func (*Firewall) AddRule 

func (f *Firewall) AddRule(rule ACLRule) error

AddRule validates and adds a new ACL rule. Returns an error if the rule is overly permissive (e.g. allow * with all tools).

func (*Firewall) AttestResponse 

func (f *Firewall) AttestResponse(responseHash, agentDIDHash []byte) (*AttestationResult, error)

AttestResponse generates a ZK attestation proof for a response.

func (*Firewall) FilterQuery 

func (f *Firewall) FilterQuery(ctx context.Context, peerDID, toolName string) error

FilterQuery checks if a query from the given peer is allowed.

func (*Firewall) RemoveRule 

func (f *Firewall) RemoveRule(peerDID string) int

RemoveRule removes ACL rules matching the peer DID.

func (*Firewall) Rules 

func (f *Firewall) Rules() []ACLRule

Rules returns a copy of current rules.

func (*Firewall) SanitizeResponse 

func (f *Firewall) SanitizeResponse(response map[string]interface{}) map[string]interface{}

SanitizeResponse removes sensitive internal data from a response.

func (*Firewall) SetOwnerShield 

func (f *Firewall) SetOwnerShield(shield *OwnerShield)

SetOwnerShield sets the owner data protection shield.

func (*Firewall) SetReputationChecker 

func (f *Firewall) SetReputationChecker(fn ReputationChecker, minScore float64)

SetReputationChecker sets the reputation checker and minimum trust score.

func (*Firewall) SetZKAttestFunc 

func (f *Firewall) SetZKAttestFunc(fn ZKAttestFunc)

SetZKAttestFunc sets the ZK attestation function for response signing.

type OwnerProtectionConfig 

type OwnerProtectionConfig struct {
	OwnerName          string   `json:"ownerName"`
	OwnerEmail         string   `json:"ownerEmail"`
	OwnerPhone         string   `json:"ownerPhone"`
	ExtraTerms         []string `json:"extraTerms,omitempty"`
	BlockConversations bool     `json:"blockConversations"`
}

OwnerProtectionConfig configures owner data protection.

type OwnerShield 

type OwnerShield struct {
	// contains filtered or unexported fields
}

OwnerShield prevents owner personal data from leaking via P2P responses. No amount of USDC can bypass this layer.

func NewOwnerShield 

func NewOwnerShield(cfg OwnerProtectionConfig, logger *zap.SugaredLogger) *OwnerShield

NewOwnerShield creates a new OwnerShield from the given config.

func (*OwnerShield) ContainsOwnerData 

func (s *OwnerShield) ContainsOwnerData(text string) bool

ContainsOwnerData checks if the text contains any owner data.

func (*OwnerShield) ScanAndRedact 

func (s *OwnerShield) ScanAndRedact(response map[string]interface{}) (map[string]interface{}, []string)

ScanAndRedact recursively walks the response map and redacts owner data. It returns the redacted map and a list of redacted field paths.

type ReputationChecker 

type ReputationChecker func(ctx context.Context, peerDID string) (float64, error)

ReputationChecker returns a trust score for a peer DID.

type ZKAttestFunc 

type ZKAttestFunc func(responseHash, agentDIDHash []byte) (*AttestationResult, error)

ZKAttestFunc generates a ZK attestation proof for a response.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.