HRI-LOCK-VALIDATION.PY

import hmac
import hashlib
from datetime import datetime

class HRILockValidator:
    """Validate hardware attribution via cryptographic signatures"""
    
    # Hardware registry (locked)
    HARDWARE_SECRETS = {
        "loihi2": "loihi2_neuromorphic_2026",
        "coral": "coral_tpu_2026",
        "ionq": "ionq_forte_2026"
    }
    
    # Compatibility matrix
    COMPATIBILITY = {
        "loihi2": {"Rust": 1.0, "C++": 1.0, "Python": 1.0, "Go": 0.5},
        "coral": {"Rust": 1.0, "C++": 1.0, "Python": 1.0, "Go": 1.0, "Java": 0.5},
        "ionq": {"Rust": 1.0, "C++": 1.0, "Python": 1.0, "Go": 1.0, "Java": 1.0}
    }
    
    @staticmethod
    def generate_signature(hardware_id: str, language: str, timestamp: str) -> str:
        """Generate HRI lock signature"""
        secret = HRILockValidator.HARDWARE_SECRETS.get(hardware_id)
        if not secret:
            raise ValueError(f"Unknown hardware: {hardware_id}")
        
        message = f"{hardware_id}:{language}:{timestamp}"
        signature = hmac.new(
            secret.encode(),
            message.encode(),
            hashlib.sha256
        ).hexdigest()
        
        return signature
    
    @staticmethod
    def verify_signature(hardware_id: str, language: str, timestamp: str, 
                        provided_signature: str) -> bool:
        """Verify HRI lock signature"""
        expected_signature = HRILockValidator.generate_signature(
            hardware_id, language, timestamp
        )
        return expected_signature == provided_signature
    
    @staticmethod
    def check_compatibility(hardware_id: str, language: str) -> tuple:
        """Check language-hardware compatibility"""
        compatibility_score = HRILockValidator.COMPATIBILITY.get(
            hardware_id, {}
        ).get(language, 0.0)
        
        if compatibility_score == 1.0:
            return True, "✅ FULLY COMPATIBLE"
        elif compatibility_score == 0.5:
            return True, "⚠️ PARTIALLY COMPATIBLE (warning)"
        else:
            return False, "❌ INCOMPATIBLE (blocked)"
    
    @staticmethod
    def validate_hri_lock(output: dict) -> dict:
        """Complete HRI lock validation"""
        hardware_id = output.get("hardware_lock")
        language = output.get("language")
        timestamp = output.get("timestamp")
        signature = output.get("signature")
        
        # Verify signature
        if not HRILockValidator.verify_signature(
            hardware_id, language, timestamp, signature
        ):
            return {
                "valid": False,
                "reason": "❌ INVALID SIGNATURE",
                "action": "REJECT"
            }
        
        # Check compatibility
        compatible, message = HRILockValidator.check_compatibility(
            hardware_id, language
        )
        
        if not compatible:
            return {
                "valid": False,
                "reason": message,
                "action": "REJECT"
            }
        
        return {
            "valid": True,
            "hardware": hardware_id,
            "language": language,
            "compatibility": message,
            "action": "APPROVE"
        }