teleo-infrastructure/scripts/build_telegram_visible_unseen_chain_packet.py

326 lines
14 KiB
Python

#!/usr/bin/env python3
"""Build the exact no-send packet for Leo's unseen Telegram reasoning chain."""
from __future__ import annotations
import argparse
import hashlib
import json
import subprocess
from datetime import datetime, timezone
from pathlib import Path
from typing import Any
try:
import verify_leo_unseen_reasoning_chain as unseen
except ImportError: # pragma: no cover - imported as scripts.* in tests
from scripts import verify_leo_unseen_reasoning_chain as unseen
SCHEMA = "livingip.telegramVisibleUnseenChainPacket.v1"
REPORT_DIR = Path("docs/reports/leo-working-state-20260709")
DEFAULT_HANDLER_RECEIPT = REPORT_DIR / "leo-unseen-reasoning-chain-canary-current.json"
DEFAULT_OUT = REPORT_DIR / "telegram-visible-unseen-chain-authorization-packet-current.json"
DEFAULT_MARKDOWN_OUT = REPORT_DIR / "telegram-visible-unseen-chain-authorization-packet-current.md"
DEFAULT_CAPTURE_RECEIPT = REPORT_DIR / "telegram-visible-unseen-chain-capture-receipt-current.json"
DEFAULT_PREFLIGHT = REPORT_DIR / "telegram-visible-unseen-chain-preflight-current.json"
DEFAULT_POSTFLIGHT = REPORT_DIR / "telegram-visible-unseen-chain-postflight-current.json"
DEFAULT_CHAT_ID = "-5146042086"
DEFAULT_CHAT_LABEL = "Leo"
DEFAULT_PROOF_DIR = "outputs/telegram-visible-unseen-chain-20260715"
TOOLING_PATHS = {
"packet_builder": Path("scripts/build_telegram_visible_unseen_chain_packet.py"),
"state_collector": Path("scripts/collect_telegram_visible_unseen_chain_state.py"),
"capture_verifier": Path("scripts/verify_telegram_visible_unseen_chain.py"),
}
def _load_json(path: Path) -> dict[str, Any]:
return json.loads(path.read_text(encoding="utf-8"))
def _sha256_bytes(value: bytes) -> str:
return hashlib.sha256(value).hexdigest()
def _sha256_file(path: Path) -> str:
return _sha256_bytes(path.read_bytes())
def _canonical_sha256(value: Any) -> str:
encoded = json.dumps(value, sort_keys=True, separators=(",", ":")).encode("utf-8")
return _sha256_bytes(encoded)
def current_git_sha(repo_root: Path = Path(".")) -> str:
proc = subprocess.run(
["git", "rev-parse", "HEAD"],
cwd=repo_root,
text=True,
capture_output=True,
check=False,
)
return proc.stdout.strip() if proc.returncode == 0 else ""
def exact_messages() -> list[dict[str, Any]]:
messages = []
for sequence, prompt in enumerate(unseen.PROMPTS, start=1):
message = str(prompt["message"])
messages.append(
{
"sequence": sequence,
"prompt_id": prompt["id"],
"dimension": prompt["dimension"],
"message": message,
"message_sha256": _sha256_bytes(message.encode("utf-8")),
"wait_for_visible_reply_before_next": True,
}
)
return messages
def tooling_binding(repo_root: Path = Path(".")) -> dict[str, dict[str, Any]]:
return {name: {"path": str(path), "sha256": _sha256_file(repo_root / path)} for name, path in TOOLING_PATHS.items()}
def _handler_checks(receipt: dict[str, Any]) -> dict[str, bool]:
safety = receipt.get("safety_gate") if isinstance(receipt.get("safety_gate"), dict) else {}
safety_checks = safety.get("checks") if isinstance(safety.get("checks"), dict) else {}
database = receipt.get("database") if isinstance(receipt.get("database"), dict) else {}
prompt_ids = [str(item["id"]) for item in unseen.PROMPTS]
return {
"handler_receipt_passed": receipt.get("status") == "pass",
"handler_receipt_schema_supported": receipt.get("schema") == unseen.SCHEMA,
"handler_prompt_ids_exact": receipt.get("prompt_ids") == prompt_ids,
"handler_outcomes_all_pass": bool(receipt.get("outcomes"))
and all(value is True for value in receipt.get("outcomes", {}).values()),
"handler_checks_all_pass": bool(receipt.get("checks"))
and all(value is True for value in receipt.get("checks", {}).values()),
"handler_safety_gate_passed": safety.get("status") == "pass",
"handler_proved_no_telegram_post": safety_checks.get("no_telegram_post") is True,
"handler_proved_read_only_tool_traces": safety_checks.get("all_tool_traces_read_only_and_bound") is True,
"handler_proved_unchanged_fingerprint": database.get("fingerprint_unchanged") is True
and isinstance(database.get("fingerprint_sha256"), str)
and len(database["fingerprint_sha256"]) == 64,
"handler_tier_remains_below_telegram_visible": "Telegram-visible message delivery"
in (receipt.get("claim_ceiling") or {}).get("not_proven", []),
}
def _authorization_text(*, chat_label: str, chat_id: str, messages: list[dict[str, Any]]) -> str:
quoted = " ".join(f"[{item['prompt_id']}] {json.dumps(item['message'], ensure_ascii=True)}" for item in messages)
return (
"I authorize Codex to use the already-authenticated Chrome Telegram UI to send exactly these three "
f"messages, in order and with no additional messages, to the Telegram group {chat_label} (chat ID "
f"{chat_id}), waiting for Leo's visible reply after each turn: {quoted} Capture the visible replies, "
"message IDs, timestamps, screenshot and accessibility evidence; perform only read-only DB/service "
"readbacks; do not use the Bot API; do not stage, approve, apply, or otherwise mutate knowledge."
)
def build_packet(
*,
handler_receipt_path: Path = DEFAULT_HANDLER_RECEIPT,
chat_id: str = DEFAULT_CHAT_ID,
chat_label: str = DEFAULT_CHAT_LABEL,
proof_dir: str = DEFAULT_PROOF_DIR,
git_sha: str | None = None,
) -> dict[str, Any]:
handler_receipt = _load_json(handler_receipt_path)
messages = exact_messages()
handler_checks = _handler_checks(handler_receipt)
target = {
"platform": "telegram",
"chat_label": chat_label,
"chat_id": chat_id,
"allowed_transport": "authenticated_chrome_telegram_ui",
"forbidden_transports": ["telegram_bot_api", "copied_transcript", "handler_substitution"],
"message_count": len(messages),
"expected_prompt_ids": [item["prompt_id"] for item in messages],
}
handler_binding = {
"path": str(handler_receipt_path),
"sha256": _sha256_file(handler_receipt_path),
"schema": handler_receipt.get("schema"),
"proof_tier": handler_receipt.get("proof_tier"),
"remote_run_id": handler_receipt.get("remote_run_id"),
"deployed_git_head": handler_receipt.get("deployed_git_head"),
"fingerprint_sha256": (handler_receipt.get("database") or {}).get("fingerprint_sha256"),
}
tooling = tooling_binding()
protocol = {
"target": target,
"exact_messages": messages,
"handler_binding": handler_binding,
"tooling_binding": tooling,
"state_contract": {
"preflight": "two identical repeatable-read read-only canonical fingerprints",
"postflight": "same canonical fingerprint plus independent selected-object readback",
"service": "same active gateway process before and after",
},
}
protocol_sha256 = _canonical_sha256(protocol)
checks = {
**handler_checks,
"exact_three_turn_sequence": len(messages) == 3 and [item["sequence"] for item in messages] == [1, 2, 3],
"exact_prompts_imported_from_handler_verifier": [item["message"] for item in messages]
== [item["message"] for item in unseen.PROMPTS],
"first_prompt_supplies_no_row_id": unseen.UUID_RE.search(messages[0]["message"]) is None,
"authenticated_chrome_is_only_send_transport": target["allowed_transport"]
== "authenticated_chrome_telegram_ui",
"packet_does_not_send": True,
"packet_does_not_mutate_database": True,
}
ready = all(checks.values())
authorization_text = _authorization_text(chat_label=chat_label, chat_id=chat_id, messages=messages)
proof_paths = {
"preflight_json": str(DEFAULT_PREFLIGHT),
"postflight_json": str(DEFAULT_POSTFLIGHT),
"capture_receipt_json": str(DEFAULT_CAPTURE_RECEIPT),
"capture_json": f"{proof_dir}/capture.json",
"turn_screenshots": [f"{proof_dir}/turn-{index}.png" for index in range(1, 4)],
"turn_accessibility": [f"{proof_dir}/turn-{index}-accessibility.txt" for index in range(1, 4)],
"final_screenshot": f"{proof_dir}/final.png",
"final_accessibility": f"{proof_dir}/final-accessibility.txt",
}
return {
"schema": SCHEMA,
"generated_at_utc": datetime.now(timezone.utc).isoformat(),
"mode": "telegram_visible_unseen_chain_exact_packet_not_sent",
"packet_generation_git_sha": git_sha if git_sha is not None else current_git_sha(),
"protocol_sha256": protocol_sha256,
"ready_to_request_action_time_authorization": ready,
"authorization_gate_status": "ready_to_request_exact_authorization" if ready else "not_ready",
"telegram_visible_messages_sent": False,
"telegram_visible_message_authorization_present": False,
"production_apply_executed": False,
"mutates_db": False,
"target": target,
"exact_messages": messages,
"handler_receipt_binding": handler_binding,
"tooling_binding": tooling,
"checks": checks,
"expected_proof_paths_after_authorized_run": proof_paths,
"explicit_operator_authorization_text": authorization_text,
"clear_CTA": (
"Reply with the exact authorization sentence in this packet. That sentence names the destination, "
"transport, complete message bodies, ordering, evidence, and no-mutation boundary."
),
"next_non_user_action_after_authorization": [
"Re-run the zero-mutation preflight and confirm its packet file hash is current.",
"Use authenticated Chrome only and verify the Leo chat ID before typing anything.",
"Send one exact message, wait for Leo's visible reply, then continue to the next exact message.",
"Capture message IDs, timestamps, screenshot, and accessibility text without copying handler output.",
"Extract the selected DB object reference and run the read-only postflight with that reference.",
"Run the Telegram-visible verifier and accept T3 only if every visible and state check passes.",
],
"claim_ceiling": {
"current_tier": "T0_spec_plus_prior_T2_handler_evidence",
"required_tier": "T3_live_readonly",
"proven": "The exact three-turn Chrome send packet is bound to a passing no-send handler receipt.",
"not_proven": [
"Telegram-visible delivery of these three messages",
"Telegram-visible replies from Leo",
"post-send canonical fingerprint equality",
],
},
}
def write_json(path: Path, data: dict[str, Any]) -> None:
path.parent.mkdir(parents=True, exist_ok=True)
path.write_text(json.dumps(data, indent=2, sort_keys=True) + "\n", encoding="utf-8")
def write_markdown(path: Path, data: dict[str, Any]) -> None:
target = data["target"]
lines = [
"# Telegram-Visible Unseen Chain Authorization Packet",
"",
f"Generated UTC: `{data['generated_at_utc']}`",
f"Protocol SHA256: `{data['protocol_sha256']}`",
f"Ready to request action-time authorization: `{data['ready_to_request_action_time_authorization']}`",
f"Telegram-visible messages sent: `{data['telegram_visible_messages_sent']}`",
f"Mutates DB: `{data['mutates_db']}`",
"",
"## Exact Destination",
"",
f"- Chat: `{target['chat_label']}` (`{target['chat_id']}`)",
f"- Transport: `{target['allowed_transport']}`",
"",
"## Exact Messages",
"",
]
for item in data["exact_messages"]:
lines.extend(
[
f"### {item['sequence']}. {item['prompt_id']}",
"",
item["message"],
"",
f"SHA256: `{item['message_sha256']}`",
"",
]
)
lines.extend(["## Checks", ""])
lines.extend(f"- `{key}`: `{value}`" for key, value in sorted(data["checks"].items()))
lines.extend(
[
"",
"## Exact Action-Time Authorization",
"",
data["explicit_operator_authorization_text"],
"",
"## Clear CTA",
"",
data["clear_CTA"],
"",
"## Claim Ceiling",
"",
f"Current tier: `{data['claim_ceiling']['current_tier']}`",
f"Required tier: `{data['claim_ceiling']['required_tier']}`",
"",
]
)
path.parent.mkdir(parents=True, exist_ok=True)
path.write_text("\n".join(lines), encoding="utf-8")
def parse_args(argv: list[str] | None = None) -> argparse.Namespace:
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument("--handler-receipt", type=Path, default=DEFAULT_HANDLER_RECEIPT)
parser.add_argument("--chat-id", default=DEFAULT_CHAT_ID)
parser.add_argument("--chat-label", default=DEFAULT_CHAT_LABEL)
parser.add_argument("--proof-dir", default=DEFAULT_PROOF_DIR)
parser.add_argument("--out", type=Path, default=DEFAULT_OUT)
parser.add_argument("--markdown-out", type=Path, default=DEFAULT_MARKDOWN_OUT)
return parser.parse_args(argv)
def main(argv: list[str] | None = None) -> int:
args = parse_args(argv)
data = build_packet(
handler_receipt_path=args.handler_receipt,
chat_id=args.chat_id,
chat_label=args.chat_label,
proof_dir=args.proof_dir,
)
write_json(args.out, data)
write_markdown(args.markdown_out, data)
print(
json.dumps(
{
"out": str(args.out),
"markdown_out": str(args.markdown_out),
"ready_to_request_action_time_authorization": data["ready_to_request_action_time_authorization"],
"telegram_visible_messages_sent": False,
},
indent=2,
sort_keys=True,
)
)
return 0 if data["ready_to_request_action_time_authorization"] else 2
if __name__ == "__main__":
raise SystemExit(main())