Skip to content

feat(agent-journal): witness provider fetch bytes#129

Merged
feniix merged 5 commits into
mainfrom
feat/agent-journal-provider-fetch-witness
Jul 13, 2026
Merged

feat(agent-journal): witness provider fetch bytes#129
feniix merged 5 commits into
mainfrom
feat/agent-journal-provider-fetch-witness

Conversation

@feniix

@feniix feniix commented Jul 13, 2026

Copy link
Copy Markdown
Owner

Summary

Adds an evaluation-only physical fetch witness for the frozen Pi 0.80.6 Codex SSE path. It allows exactly one request to the exact approved endpoint, snapshots native headers and request bytes before callbacks, bounds zstd decompression, and independently matches the decompressed logical body to the provider-filter receipt.

The safe receipt contains only an opaque attempt ID, endpoint/transport/encoding enums, counts, byte lengths, and SHA-256 digests. The forwarded request receives private body/header copies, validation failures never reach fetch, duplicate or reentrant requests invalidate the witness, and transport failures clear evidence and become terminal.

This remains a narrow infrastructure primitive. Extension-order, credentials/provider authenticity, attempt scheduling, a real Pi runner lifecycle, and full B3 acceptance remain deferred.

The pre-acceptance ledger is also reconciled through merged PR #128 without advancing the user gate.

Validation

  • RED: fetch-witness module absent
  • Security RED: overridable Headers object forwarded
  • Security RED: mutable caller body/headers forwarded after attestation
  • Security RED: URL/Headers confusion, callback reentry, transport-failure receipt, and non-Codex path acceptance
  • Security RED: callback-mutated header snapshot and concurrent first-result invalidation
  • Agent Journal suite: 297 tests passed
  • Coverage: 87.50% lines, 84.78% statements, 92.39% functions, 80.76% branches
  • npm run check:ci
  • MCP build and dry-run package leak scan
  • specdocs validation
  • independent correctness, security, and evaluation-integrity reviews: no blockers

Deferred infrastructure proof

  • extension allowlist/order attestation
  • credential and provider-authenticity evidence
  • attempt-state integration and schedule binding
  • authenticated four-process real-Pi lifecycle
  • full B3 acceptance

Compound Engineering
Pi

feniix added 5 commits July 13, 2026 13:31
Record the provider-context merge and successful main CI without
advancing the infrastructure acceptance gate.

RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts
Failure: ledger omitted merged PR 128.
Wrap the frozen Codex SSE fetch boundary, verify exactly one approved
request against the logical filter receipt, safely bound zstd decoding,
and retain only content-free logical and physical SHA-256 evidence.

RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-provider-fetch-witness.test.ts
Failure: provider fetch witness module was absent.

Security RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-provider-fetch-witness.test.ts -t Headers
Failure: a Headers subclass executed its overridden get method and was forwarded.
Forward private copies of the validated physical body and native headers
so caller-retained references cannot mutate bytes after attestation.

RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-provider-fetch-witness.test.ts -t private
Failure: fetch received the original mutable body and Headers references.
Bind exact endpoint paths, reject overridable URL and Headers objects,
block callback reentry before validation, clear receipts on transport
failure, and assert server-observed physical bytes against the receipt.
Also state that real Pi runner proof remains deferred.

RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-provider-fetch-witness.test.ts -t reentry
Failures: forged Headers and URL values forwarded, callback reentry sent twice, transport failure retained a receipt, and non-Codex paths were accepted.
Snapshot native headers before invoking receipt callbacks and reject an
in-flight first result when a concurrent duplicate terminally invalidates
the witness.

RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-provider-fetch-witness.test.ts -t snapshots
Failures: callback-mutated headers were forwarded and the first concurrent request resolved after duplicate invalidation.
@feniix
feniix merged commit 2d451ee into main Jul 13, 2026
2 checks passed
@feniix
feniix deleted the feat/agent-journal-provider-fetch-witness branch July 13, 2026 16:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant