test_provenance.py
python
sha256:660fcac1df3ab28f61862e961890bd2ca8b754fa0242079d93ca1e25037ec8a6
chore(tests): add docstring to tests/__init__.py so rc14 tr…
Human
26 days ago
| 1 | """Tests for muse.core.provenance — AgentIdentity, Ed25519 signing.""" |
| 2 | |
| 3 | import base64 |
| 4 | import datetime |
| 5 | |
| 6 | import pytest |
| 7 | from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey |
| 8 | from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat |
| 9 | |
| 10 | from muse.core.provenance import ( |
| 11 | AgentIdentity, |
| 12 | encode_public_key, |
| 13 | make_agent_identity, |
| 14 | provenance_payload, |
| 15 | public_key_fingerprint, |
| 16 | sign_commit_ed25519, |
| 17 | sign_commit_record, |
| 18 | verify_commit_ed25519, |
| 19 | ) |
| 20 | from muse.core.store import CommitRecord |
| 21 | |
| 22 | |
| 23 | def _gen_key() -> Ed25519PrivateKey: |
| 24 | return Ed25519PrivateKey.generate() |
| 25 | |
| 26 | |
| 27 | def _pub_bytes(key: Ed25519PrivateKey) -> bytes: |
| 28 | return key.public_key().public_bytes(Encoding.Raw, PublicFormat.Raw) |
| 29 | |
| 30 | |
| 31 | # --------------------------------------------------------------------------- |
| 32 | # AgentIdentity factory |
| 33 | # --------------------------------------------------------------------------- |
| 34 | |
| 35 | |
| 36 | class TestMakeAgentIdentity: |
| 37 | def test_required_fields_present(self) -> None: |
| 38 | identity = make_agent_identity( |
| 39 | agent_id="test-agent", |
| 40 | model_id="gpt-5", |
| 41 | toolchain_id="muse-v2", |
| 42 | ) |
| 43 | assert identity["agent_id"] == "test-agent" |
| 44 | assert identity.get("model_id") == "gpt-5" |
| 45 | assert identity.get("toolchain_id") == "muse-v2" |
| 46 | |
| 47 | def test_prompt_hash_is_hex(self) -> None: |
| 48 | identity = make_agent_identity( |
| 49 | agent_id="a", |
| 50 | model_id="m", |
| 51 | toolchain_id="t", |
| 52 | prompt="system: you are a music agent", |
| 53 | ) |
| 54 | prompt_hash = identity.get("prompt_hash", "") |
| 55 | assert isinstance(prompt_hash, str) |
| 56 | assert len(prompt_hash) == 64 |
| 57 | assert all(c in "0123456789abcdef" for c in prompt_hash) |
| 58 | |
| 59 | def test_no_prompt_gives_no_hash_key(self) -> None: |
| 60 | identity = make_agent_identity(agent_id="a", model_id="m", toolchain_id="t") |
| 61 | assert identity.get("prompt_hash", "") == "" |
| 62 | |
| 63 | def test_execution_context_hash_populated(self) -> None: |
| 64 | identity = make_agent_identity( |
| 65 | agent_id="a", |
| 66 | model_id="m", |
| 67 | toolchain_id="t", |
| 68 | execution_context='{"env": "ci", "version": "1.2.3"}', |
| 69 | ) |
| 70 | ec_hash = identity.get("execution_context_hash", "") |
| 71 | assert isinstance(ec_hash, str) |
| 72 | assert len(ec_hash) == 64 |
| 73 | |
| 74 | |
| 75 | # --------------------------------------------------------------------------- |
| 76 | # Ed25519 signing / verification |
| 77 | # --------------------------------------------------------------------------- |
| 78 | |
| 79 | |
| 80 | class TestEd25519Signing: |
| 81 | def test_sign_and_verify_succeed(self) -> None: |
| 82 | key = _gen_key() |
| 83 | payload = provenance_payload("abc123def456" * 4) |
| 84 | sig = sign_commit_ed25519(payload, key) |
| 85 | pub_bytes = _pub_bytes(key) |
| 86 | assert verify_commit_ed25519(payload, sig, pub_bytes) |
| 87 | |
| 88 | def test_wrong_key_fails(self) -> None: |
| 89 | key1 = _gen_key() |
| 90 | key2 = _gen_key() |
| 91 | payload = provenance_payload("abc123") |
| 92 | sig = sign_commit_ed25519(payload, key1) |
| 93 | assert not verify_commit_ed25519(payload, sig, _pub_bytes(key2)) |
| 94 | |
| 95 | def test_wrong_payload_fails(self) -> None: |
| 96 | key = _gen_key() |
| 97 | sig = sign_commit_ed25519(provenance_payload("commit-a"), key) |
| 98 | assert not verify_commit_ed25519(provenance_payload("commit-b"), sig, _pub_bytes(key)) |
| 99 | |
| 100 | def test_tampered_signature_fails(self) -> None: |
| 101 | key = _gen_key() |
| 102 | payload = provenance_payload("abc") |
| 103 | sig = sign_commit_ed25519(payload, key) |
| 104 | # Flip a byte in the middle of the base64url string. |
| 105 | sig_bytes = bytearray(base64.urlsafe_b64decode(sig + "==")) |
| 106 | sig_bytes[32] ^= 0xFF |
| 107 | tampered = base64.urlsafe_b64encode(bytes(sig_bytes)).rstrip(b"=").decode() |
| 108 | assert not verify_commit_ed25519(payload, tampered, _pub_bytes(key)) |
| 109 | |
| 110 | def test_signature_is_base64url_string(self) -> None: |
| 111 | key = _gen_key() |
| 112 | sig = sign_commit_ed25519(provenance_payload("test-commit"), key) |
| 113 | assert isinstance(sig, str) |
| 114 | # Ed25519 signature is 64 bytes → 86 base64url chars (no padding) |
| 115 | assert len(sig) == 86 |
| 116 | |
| 117 | def test_empty_signature_fails(self) -> None: |
| 118 | key = _gen_key() |
| 119 | assert not verify_commit_ed25519(provenance_payload("x"), "", _pub_bytes(key)) |
| 120 | |
| 121 | def test_garbage_signature_fails(self) -> None: |
| 122 | key = _gen_key() |
| 123 | assert not verify_commit_ed25519(provenance_payload("x"), "!!not-base64!!", _pub_bytes(key)) |
| 124 | |
| 125 | def test_truncated_signature_fails(self) -> None: |
| 126 | key = _gen_key() |
| 127 | payload = provenance_payload("commit-x") |
| 128 | sig = sign_commit_ed25519(payload, key) |
| 129 | assert not verify_commit_ed25519(payload, sig[:40], _pub_bytes(key)) |
| 130 | |
| 131 | def test_different_keys_produce_different_sigs(self) -> None: |
| 132 | key1 = _gen_key() |
| 133 | key2 = _gen_key() |
| 134 | payload = provenance_payload("same-commit") |
| 135 | assert sign_commit_ed25519(payload, key1) != sign_commit_ed25519(payload, key2) |
| 136 | |
| 137 | |
| 138 | # --------------------------------------------------------------------------- |
| 139 | # Public key helpers |
| 140 | # --------------------------------------------------------------------------- |
| 141 | |
| 142 | |
| 143 | class TestPublicKeyHelpers: |
| 144 | def test_fingerprint_is_16_hex_chars(self) -> None: |
| 145 | key = _gen_key() |
| 146 | fp = public_key_fingerprint(_pub_bytes(key)) |
| 147 | assert isinstance(fp, str) |
| 148 | assert len(fp) == 16 |
| 149 | assert all(c in "0123456789abcdef" for c in fp) |
| 150 | |
| 151 | def test_fingerprint_is_deterministic(self) -> None: |
| 152 | key = _gen_key() |
| 153 | pub = _pub_bytes(key) |
| 154 | assert public_key_fingerprint(pub) == public_key_fingerprint(pub) |
| 155 | |
| 156 | def test_different_keys_different_fingerprints(self) -> None: |
| 157 | k1, k2 = _gen_key(), _gen_key() |
| 158 | assert public_key_fingerprint(_pub_bytes(k1)) != public_key_fingerprint(_pub_bytes(k2)) |
| 159 | |
| 160 | def test_encode_public_key_returns_32_bytes_and_b64(self) -> None: |
| 161 | key = _gen_key() |
| 162 | raw_bytes, b64 = encode_public_key(key) |
| 163 | assert len(raw_bytes) == 32 |
| 164 | assert isinstance(b64, str) |
| 165 | # No padding |
| 166 | assert "=" not in b64 |
| 167 | # Decodes back to same bytes |
| 168 | assert base64.urlsafe_b64decode(b64 + "=") == raw_bytes |
| 169 | |
| 170 | |
| 171 | # --------------------------------------------------------------------------- |
| 172 | # sign_commit_record |
| 173 | # --------------------------------------------------------------------------- |
| 174 | |
| 175 | |
| 176 | class TestSignCommitRecord: |
| 177 | def test_sign_commit_record_returns_three_tuple(self) -> None: |
| 178 | key = _gen_key() |
| 179 | commit_id = "deadbeef" * 8 |
| 180 | result = sign_commit_record(commit_id, "test-agent", key) |
| 181 | assert result is not None |
| 182 | sig, pub_b64, fprint = result |
| 183 | assert sig != "" |
| 184 | assert pub_b64 != "" |
| 185 | assert len(fprint) == 16 |
| 186 | |
| 187 | def test_sign_commit_record_verifiable(self) -> None: |
| 188 | key = _gen_key() |
| 189 | commit_id = "cafebabe" * 8 |
| 190 | agent_id = "verify-agent" |
| 191 | result = sign_commit_record(commit_id, agent_id, key, model_id="claude-sonnet-4-6") |
| 192 | assert result is not None |
| 193 | sig, pub_b64, _ = result |
| 194 | pub_bytes = base64.urlsafe_b64decode(pub_b64 + "=") |
| 195 | payload = provenance_payload(commit_id, agent_id=agent_id, model_id="claude-sonnet-4-6") |
| 196 | assert verify_commit_ed25519(payload, sig, pub_bytes) |
| 197 | |
| 198 | def test_sign_commit_record_public_key_matches_private(self) -> None: |
| 199 | key = _gen_key() |
| 200 | result = sign_commit_record("aabbccdd" * 8, "agent", key) |
| 201 | assert result is not None |
| 202 | _, pub_b64, _ = result |
| 203 | raw, expected_b64 = encode_public_key(key) |
| 204 | assert pub_b64 == expected_b64 |
File History
5 commits
sha256:660fcac1df3ab28f61862e961890bd2ca8b754fa0242079d93ca1e25037ec8a6
chore(tests): add docstring to tests/__init__.py so rc14 tr…
Human
26 days ago
sha256:d8316ffae901be06347e16ab55be11868eb519dd16ade3e8aa16a99e662f7e62
baseline: rc14 re-baseline after rc3 store corruption recovery
Human
patch
26 days ago
sha256:50d413a635f57761c3fce1f70251b957b6423821525bf330747ef4007339222e
Merge branch 'dev' into main
Human
29 days ago
sha256:fb67fed5a4d3e40de84bdd163de94ef1386570bef1dd1a020a732c8a038962ce
Merge branch 'dev' into main
Human
48 days ago
sha256:1c4b3e3a9a1f300774c3ee662b572a698d5fd405bf765a71e6011a2e9c3eaaaa
feat: Muse — version control for the agent era
Human
100 days ago