Metadata-Version: 2.4
Name: efsf
Version: 0.2.0
Summary: Ephemeral-First Security Framework - Security through transience
Author: EFSF Contributors
License: Apache-2.0
Project-URL: Homepage, https://github.com/efsf/efsf
Project-URL: Documentation, https://github.com/efsf/efsf#readme
Project-URL: Repository, https://github.com/efsf/efsf
Project-URL: Issues, https://github.com/efsf/efsf/issues
Keywords: security,privacy,ephemeral,encryption,ttl,crypto-shredding,compliance,gdpr,data-protection
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Classifier: Topic :: Security :: Cryptography
Classifier: Typing :: Typed
Requires-Python: >=3.9
Description-Content-Type: text/markdown
Requires-Dist: cryptography>=41.0.0
Requires-Dist: typing_extensions>=4.0.0
Provides-Extra: redis
Requires-Dist: redis>=4.0.0; extra == "redis"
Provides-Extra: all
Requires-Dist: redis>=4.0.0; extra == "all"
Provides-Extra: dev
Requires-Dist: pytest>=7.0.0; extra == "dev"
Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21.0; extra == "dev"
Requires-Dist: black>=23.0.0; extra == "dev"
Requires-Dist: mypy>=1.0.0; extra == "dev"
Requires-Dist: isort>=5.12.0; extra == "dev"
Requires-Dist: ruff>=0.1.0; extra == "dev"
Requires-Dist: redis>=4.0.0; extra == "dev"

# EFSF Python SDK

The official Python SDK for the Ephemeral-First Security Framework.

## Installation

```bash
# Basic installation
pip install efsf

# With Redis backend support
pip install efsf[redis]

# With all optional dependencies
pip install efsf[all]
```

## Quick Start

```python
from efsf import EphemeralStore, DataClassification

# Create a store (defaults to in-memory for development)
store = EphemeralStore()

# Store sensitive data with automatic TTL and encryption
record = store.put(
    data={"user_id": "123", "ssn": "xxx-xx-xxxx"},
    ttl="30m",  # Destroyed in 30 minutes
    classification=DataClassification.PII,
)

print(f"Stored record: {record.id}")
print(f"Expires at: {record.expires_at}")

# Retrieve while valid
data = store.get(record.id)
print(f"Retrieved: {data}")

# Check remaining time
remaining = store.ttl(record.id)
print(f"Time remaining: {remaining}")

# Manually destroy early
certificate = store.destroy(record.id)
print(f"Destruction certificate: {certificate.certificate_id}")
```

## Using Redis Backend

```python
from efsf import EphemeralStore

store = EphemeralStore(
    backend="redis://localhost:6379/0",
    default_ttl="1h",
    attestation=True,
)

# Redis provides native TTL enforcement
record = store.put({"session": "data"}, ttl="15m")
```

## Sealed Execution

```python
from efsf import sealed

@sealed(attestation=True)
def process_payment(card_number: str, amount: float) -> str:
    """
    All local variables are destroyed when this function returns.
    A destruction certificate is automatically generated.
    """
    # Process payment...
    return f"payment_id_{hash(card_number) % 10000}"

result = process_payment("4111-1111-1111-1111", 99.99)
# card_number is now destroyed from memory
```

## Data Classifications

| Classification | Default TTL | Max TTL | Use Case |
|---------------|-------------|---------|----------|
| TRANSIENT | 1 hour | 24 hours | Session tokens, OTPs |
| SHORT_LIVED | 1 day | 7 days | Shopping carts, temp files |
| RETENTION_BOUND | 90 days | 7 years | Invoices, audit logs |
| PERSISTENT | None | None | Legal holds (requires justification) |

## Destruction Certificates

Every destroyed record can have a cryptographically signed certificate:

```python
from efsf import EphemeralStore

store = EphemeralStore(attestation=True)
record = store.put({"sensitive": "data"}, ttl="1m")

# Wait for expiration or destroy manually
certificate = store.destroy(record.id)

# Certificate contains:
print(certificate.to_json())
# {
#   "certificate_id": "uuid",
#   "resource": {"type": "ephemeral_data", "id": "record-id", ...},
#   "destruction": {"method": "crypto_shred", "timestamp": "...", ...},
#   "chain_of_custody": {...},
#   "signature": "base64-signature"
# }
```

## Development

```bash
# Clone the repo
git clone https://github.com/efsf/efsf.git
cd efsf/sdk/python

# Install dev dependencies
pip install -e ".[dev]"

# Run tests
pytest

# Run tests with Redis (requires running Redis)
pytest --redis-url redis://localhost:6379

# Type checking
mypy efsf/

# Formatting
black efsf/ tests/
```

## License

Apache 2.0
