Metadata-Version: 2.4
Name: tibet-workload
Version: 0.1.0
Summary: Workload Attestation & Step Tracking — prove what ran, where, why, and catch compromised nodes
Project-URL: Homepage, https://humotica.com
Project-URL: Repository, https://github.com/jaspertvdm/tibet-workload
Project-URL: Documentation, https://humotica.com/docs/tibet-workload
Project-URL: Bug Tracker, https://github.com/jaspertvdm/tibet-workload/issues
Project-URL: TIBET Protocol, https://pypi.org/project/tibet-core/
Project-URL: IETF TIBET Draft, https://datatracker.ietf.org/doc/draft-vandemeent-tibet-provenance/
Author-email: "J. van de Meent" <jasper@humotica.com>, "R. AI" <root_idd@humotica.nl>
Maintainer-email: Humotica AI Lab <ai@humotica.nl>
License: MIT
License-File: LICENSE
Keywords: ai-safety,attestation,drone,iot,provenance,supply-chain,tibet,workload
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: System :: Systems Administration
Requires-Python: >=3.10
Requires-Dist: tibet-core>=0.2.0
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == 'dev'
Requires-Dist: ruff>=0.1.0; extra == 'dev'
Provides-Extra: full
Requires-Dist: rich>=13.0.0; extra == 'full'
Requires-Dist: tibet-spiffe>=0.1.0; extra == 'full'
Provides-Extra: spiffe
Requires-Dist: tibet-spiffe>=0.1.0; extra == 'spiffe'
Description-Content-Type: text/markdown

# tibet-workload

**Workload Attestation & Step Tracking — prove what ran, where, why, and catch compromised nodes.**

Part of the [TIBET protocol suite](https://pypi.org/project/tibet-core/) by [Humotica AI Lab](https://humotica.com).

## The Problem

Relay station 3 is hacked. A delivery drone changes course. An AI pipeline ingests poisoned data. **How do you know what happened?**

Current solutions tell you *who* had access. They can't tell you *what each step actually did* — with cryptographic proof.

## The Solution

tibet-workload tracks every step of every pipeline as a TIBET token:

```
[dispatch] → [relay] → [drone] → [deliver] → [confirm]
   ↓            ↓          ↓          ↓           ↓
  TIBET       TIBET      TIBET      TIBET       TIBET
  token       token      token      token       token
```

If any step is compromised, the chain breaks. You see exactly:
- **WHAT** happened (input/output hashes)
- **WHO** executed it (JIS DID / SPIFFE ID)
- **WHERE** it ran (node attestation)
- **WHY** it ran (intent tracking)

## Install

```bash
pip install tibet-workload

# With SPIFFE integration:
pip install tibet-workload[spiffe]
```

## Quick Start

```python
from tibet_workload import WorkloadEngine

engine = WorkloadEngine(actor="jis:relay-3")

# Create a workload pipeline
wl = engine.create("drone-delivery-42", owner="jis:dispatch")

# Define steps
engine.add_step(wl.workload_id, "receive_order", intent="Accept delivery order")
engine.add_step(wl.workload_id, "navigate", intent="Navigate to destination")
engine.add_step(wl.workload_id, "deliver", intent="Execute delivery")

# Execute with provenance
engine.start_step(wl.workload_id, "receive_order",
                  input_data={"order": "PKG-42", "dest": "Amsterdam"})
engine.complete_step(wl.workload_id, "receive_order",
                     output_data={"accepted": True})

# Verify chain integrity
chain = engine.verify_chain(wl.workload_id)
print(chain["valid"])  # True (or False if compromised)
```

## Compromise Detection

```python
# If a step's input was tampered with:
engine.complete_step(wl.workload_id, "relay_command",
                     output_data={"forwarded": True},
                     verify_input=tampered_data)
# → Step marked COMPROMISED
# → Workload marked COMPROMISED
# → TIBET token records exactly what happened
```

## CLI

```bash
# Full demo (drone + AI + SPIFFE scenarios)
tibet-workload demo

# Specific scenario
tibet-workload demo --scenario drone    # Compromised relay station
tibet-workload demo --scenario ai       # AI pipeline provenance
tibet-workload demo --scenario spiffe   # SPIFFE integration
```

## Use Cases

### Military/Defense — Drone Swarm
```
command → relay-1 → relay-2 → relay-3(HACKED) → drone-swarm
                                  ↑
                            Chain breaks here.
                            Exact tampered data recorded.
```

### AI Pipeline — Data Provenance
```
data source → preprocessing → model → fact-check → output
     ↓              ↓           ↓         ↓          ↓
  "Where did     "What was    "Which    "Against   "Who
   this data      cleaned?"   model?"   what?"     reviewed?"
   come from?"
```

### Delivery/Logistics — Chain of Custody
```
warehouse → sort → load → transit → deliver → confirm
```

### Financial — Payment Pipeline
```
validate → authorize → process → settle → audit
```

## SPIFFE Integration

```python
from tibet_spiffe import AttestationEngine
from tibet_workload import WorkloadEngine

# Connect SPIFFE for workload identity
spiffe = AttestationEngine(trust_domain="humotica.com")
engine = WorkloadEngine()
engine.connect_spiffe(spiffe)

# Now each step gets SPIFFE-attested identity + TIBET provenance
```

## IETF Drafts

- [TIBET Provenance](https://datatracker.ietf.org/doc/draft-vandemeent-tibet-provenance/)
- [JIS Identity](https://datatracker.ietf.org/doc/draft-vandemeent-jis-identity/)

## License

MIT — Humotica AI Lab 2025-2026
