mirror of
https://github.com/BigBodyCobain/Shadowbroker.git
synced 2026-05-09 18:47:33 +02:00
BigBodyCobain
327 lines
13 KiB
Python
327 lines
13 KiB
Python
from __future__ import annotations
|
|
|
|
import os
|
|
import threading
|
|
|
|
from services.config import get_settings
|
|
from services.mesh.mesh_private_dispatcher import (
|
|
_dm_fallback_reason_from_status,
|
|
_anonymous_dm_hidden_transport_enforced,
|
|
_anonymous_dm_hidden_transport_requested,
|
|
_hidden_relay_transport_effective,
|
|
_maybe_apply_dm_relay_jitter,
|
|
_rns_private_dm_status,
|
|
_rns_private_dm_ready,
|
|
_secure_dm_enabled,
|
|
attempt_private_release,
|
|
)
|
|
from services.mesh.mesh_privacy_policy import (
|
|
evaluate_network_release,
|
|
)
|
|
from services.mesh.mesh_private_outbox import private_delivery_outbox
|
|
from services.mesh.mesh_private_transport_manager import private_transport_manager
|
|
|
|
_RELAY_APPROVAL_TRIGGER_REASONS = {
|
|
"dm_release_waiting_for_private_lane",
|
|
"dm_release_waiting_for_private_strong",
|
|
"rns_transport_disabled",
|
|
"rns_peer_unknown",
|
|
"rns_peer_offline",
|
|
"rns_link_down",
|
|
"rns_send_failed_unknown",
|
|
}
|
|
|
|
|
|
def _background_threads_enabled() -> bool:
|
|
if os.environ.get("PYTEST_CURRENT_TEST"):
|
|
return False
|
|
return True
|
|
|
|
|
|
def _release_approval_enabled() -> bool:
|
|
return bool(get_settings().MESH_PRIVATE_RELEASE_APPROVAL_ENABLE)
|
|
|
|
|
|
def _strong_release_runtime_ready() -> tuple[bool, str]:
|
|
try:
|
|
from services.release_profiles import current_release_profile
|
|
|
|
profile = current_release_profile()
|
|
except Exception:
|
|
profile = "dev"
|
|
if profile == "dev":
|
|
return True, "dev_profile"
|
|
try:
|
|
from services.privacy_core_attestation import privacy_core_attestation
|
|
|
|
attestation = privacy_core_attestation()
|
|
state = str(attestation.get("attestation_state", "") or "").strip()
|
|
except Exception:
|
|
state = "attestation_stale_or_unknown"
|
|
if state == "attested_current":
|
|
return True, state
|
|
return False, state or "attestation_stale_or_unknown"
|
|
|
|
|
|
class PrivateReleaseWorker:
|
|
def __init__(self) -> None:
|
|
self._thread: threading.Thread | None = None
|
|
self._lock = threading.Lock()
|
|
self._wake_event = threading.Event()
|
|
self._stop_event = threading.Event()
|
|
|
|
def ensure_started(self) -> bool:
|
|
if not _background_threads_enabled():
|
|
return False
|
|
with self._lock:
|
|
if self._thread and self._thread.is_alive():
|
|
return True
|
|
self._stop_event.clear()
|
|
self._thread = threading.Thread(target=self._loop, daemon=True, name="private-release-worker")
|
|
self._thread.start()
|
|
return True
|
|
|
|
def wake(self) -> None:
|
|
self._wake_event.set()
|
|
|
|
def stop(self) -> None:
|
|
self._stop_event.set()
|
|
self._wake_event.set()
|
|
thread = self._thread
|
|
if thread and thread.is_alive():
|
|
thread.join(timeout=1.0)
|
|
|
|
def _loop(self) -> None:
|
|
while not self._stop_event.is_set():
|
|
self.run_once()
|
|
self._wake_event.wait(timeout=2.0)
|
|
self._wake_event.clear()
|
|
|
|
def run_once(self) -> None:
|
|
from services.wormhole_supervisor import get_transport_tier
|
|
|
|
current_tier = get_transport_tier()
|
|
for item in private_delivery_outbox.pending_items():
|
|
lane = str(item.get("lane", "") or "")
|
|
item_id = str(item.get("id", "") or "")
|
|
decision = evaluate_network_release(lane, current_tier)
|
|
if not decision.allowed:
|
|
private_delivery_outbox.mark_queued(
|
|
item_id,
|
|
current_tier=current_tier,
|
|
status_code=decision.status_code,
|
|
reason_code=decision.reason_code,
|
|
plain_reason=decision.plain_reason,
|
|
error=str(item.get("last_error", "") or ""),
|
|
)
|
|
if (
|
|
lane == "dm"
|
|
and _release_approval_enabled()
|
|
and decision.reason_code in _RELAY_APPROVAL_TRIGGER_REASONS
|
|
):
|
|
private_delivery_outbox.note_release_revalidation_failure(
|
|
item_id,
|
|
reason_code=decision.reason_code,
|
|
)
|
|
else:
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
if decision.should_bootstrap:
|
|
self._request_warmup_for_lane(lane, current_tier=current_tier)
|
|
continue
|
|
if (
|
|
lane == "dm"
|
|
and _anonymous_dm_hidden_transport_requested()
|
|
and not _anonymous_dm_hidden_transport_enforced()
|
|
):
|
|
private_delivery_outbox.mark_queued(
|
|
item_id,
|
|
current_tier=current_tier,
|
|
status_code="preparing_private_lane",
|
|
reason_code="anonymous_mode_waiting_for_hidden_transport",
|
|
plain_reason="The sealed message is waiting for an anonymous route.",
|
|
error="",
|
|
)
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
self._request_warmup_for_lane(lane, current_tier=current_tier)
|
|
continue
|
|
if lane == "dm" and self._dm_release_approval_pending(item_id, item):
|
|
private_delivery_outbox.mark_queued(
|
|
item_id,
|
|
current_tier=current_tier,
|
|
status_code="queued_private_delivery",
|
|
reason_code="dm_release_retry_pending_private_lane",
|
|
plain_reason="The sealed message remains queued while the app keeps trying more private routing.",
|
|
error=str(item.get("last_error", "") or ""),
|
|
)
|
|
self._request_warmup_for_lane(lane, current_tier=current_tier)
|
|
continue
|
|
runtime_ready, runtime_state = _strong_release_runtime_ready()
|
|
if not runtime_ready:
|
|
private_delivery_outbox.mark_queued(
|
|
item_id,
|
|
current_tier=current_tier,
|
|
status_code="queued_private_delivery",
|
|
reason_code="privacy_core_attestation_not_current",
|
|
plain_reason=(
|
|
"The sealed message is waiting for secure runtime attestation before private release."
|
|
),
|
|
error=str(runtime_state or "privacy_core_attestation_not_current"),
|
|
)
|
|
continue
|
|
private_delivery_outbox.mark_releasing(item_id, current_tier=current_tier)
|
|
try:
|
|
result = attempt_private_release(
|
|
lane=lane,
|
|
payload=dict(item.get("payload") or {}),
|
|
current_tier=current_tier,
|
|
secure_dm_enabled=_secure_dm_enabled,
|
|
rns_private_dm_ready=_rns_private_dm_ready,
|
|
anonymous_dm_hidden_transport_enforced=_anonymous_dm_hidden_transport_enforced,
|
|
anonymous_dm_hidden_transport_requested=_anonymous_dm_hidden_transport_requested,
|
|
relay_hidden_transport_effective=_hidden_relay_transport_effective,
|
|
apply_dm_relay_jitter=_maybe_apply_dm_relay_jitter,
|
|
relay_consent_granted=self._relay_consent_granted(item_id, item),
|
|
relay_consent_explicit=self._relay_consent_explicit(item_id, item),
|
|
)
|
|
except Exception as exc:
|
|
result = {"ok": False, "detail": str(exc) or type(exc).__name__}
|
|
if result.get("ok"):
|
|
delivered = private_delivery_outbox.mark_delivered(item_id, current_tier=current_tier, result=result)
|
|
if delivered is not None and lane == "dm":
|
|
self._commit_dm_alias_rotation_if_present(dict(item.get("payload") or {}))
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
else:
|
|
fallback_reason = str(result.get("fallback_reason", "") or "").strip()
|
|
if (
|
|
lane == "dm"
|
|
and _release_approval_enabled()
|
|
and fallback_reason in _RELAY_APPROVAL_TRIGGER_REASONS
|
|
):
|
|
private_delivery_outbox.note_release_revalidation_failure(
|
|
item_id,
|
|
reason_code=fallback_reason,
|
|
)
|
|
refreshed_tier = get_transport_tier()
|
|
retry = evaluate_network_release(lane, refreshed_tier)
|
|
private_delivery_outbox.mark_queued(
|
|
item_id,
|
|
current_tier=refreshed_tier,
|
|
status_code=retry.status_code if not retry.allowed else "queued_private_delivery",
|
|
reason_code=retry.reason_code if not retry.allowed else f"{lane}_release_retry",
|
|
plain_reason=retry.plain_reason if not retry.allowed else "The sealed message remains queued for another private delivery attempt.",
|
|
error=str(result.get("detail", "") or "private release failed"),
|
|
)
|
|
if retry.should_bootstrap:
|
|
self._request_warmup_for_lane(lane, current_tier=refreshed_tier)
|
|
|
|
def _current_release_profile(self) -> str:
|
|
try:
|
|
from services.release_profiles import current_release_profile
|
|
|
|
return str(current_release_profile() or "dev")
|
|
except Exception:
|
|
return "dev"
|
|
|
|
def _commit_dm_alias_rotation_if_present(self, payload: dict) -> bool:
|
|
try:
|
|
from services.mesh.mesh_wormhole_dead_drop import commit_outbound_alias_rotation_if_present
|
|
|
|
return bool(
|
|
commit_outbound_alias_rotation_if_present(
|
|
peer_id=str(payload.get("recipient_id", "") or ""),
|
|
payload_format=str(payload.get("format", "mls1") or "mls1"),
|
|
ciphertext=str(payload.get("ciphertext", "") or ""),
|
|
)
|
|
)
|
|
except Exception:
|
|
return False
|
|
|
|
def _scoped_relay_policy_granted(self, item: dict) -> bool:
|
|
payload = dict(item.get("payload") or {})
|
|
recipient_id = str(payload.get("recipient_id", "") or "").strip()
|
|
if not recipient_id:
|
|
return False
|
|
try:
|
|
from services.mesh.mesh_relay_policy import relay_policy_grants_dm
|
|
|
|
decision = relay_policy_grants_dm(
|
|
recipient_id=recipient_id,
|
|
profile=self._current_release_profile(),
|
|
hidden_transport_effective=_hidden_relay_transport_effective(),
|
|
)
|
|
return bool(decision.get("granted", False))
|
|
except Exception:
|
|
return False
|
|
|
|
def _relay_consent_granted(self, item_id: str, item: dict | None = None) -> bool:
|
|
if not _release_approval_enabled():
|
|
return True
|
|
state = private_delivery_outbox.release_approval_state(item_id)
|
|
if bool(state.get("approved", False)):
|
|
return True
|
|
return self._scoped_relay_policy_granted(dict(item or {}))
|
|
|
|
def _relay_consent_explicit(self, item_id: str, item: dict | None = None) -> bool:
|
|
if not _release_approval_enabled():
|
|
return False
|
|
state = private_delivery_outbox.release_approval_state(item_id)
|
|
if bool(state.get("approved", False)):
|
|
return True
|
|
return self._scoped_relay_policy_granted(dict(item or {}))
|
|
|
|
def _dm_release_approval_pending(self, item_id: str, item: dict | None = None) -> bool:
|
|
if not _release_approval_enabled():
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
return False
|
|
if not _secure_dm_enabled():
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
return False
|
|
if _anonymous_dm_hidden_transport_requested():
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
return False
|
|
if _anonymous_dm_hidden_transport_enforced():
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
return False
|
|
if _rns_private_dm_ready():
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
return False
|
|
if self._scoped_relay_policy_granted(dict(item or {})):
|
|
private_delivery_outbox.clear_release_session_state(item_id)
|
|
return False
|
|
fallback_reason = _dm_fallback_reason_from_status(
|
|
direct_attempted=False,
|
|
rns_status=_rns_private_dm_status(False),
|
|
)
|
|
state = private_delivery_outbox.note_release_revalidation_failure(
|
|
item_id,
|
|
reason_code=str(fallback_reason.value),
|
|
)
|
|
return not bool(state.get("approved", False))
|
|
|
|
def _request_warmup_for_lane(self, lane: str, *, current_tier: str) -> None:
|
|
normalized_lane = str(lane or "").strip().lower()
|
|
if normalized_lane == "dm":
|
|
reason = "queued_dm_delivery"
|
|
elif normalized_lane == "gate":
|
|
reason = "queued_gate_delivery"
|
|
else:
|
|
return
|
|
private_transport_manager.request_warmup(
|
|
reason=reason,
|
|
current_tier=current_tier,
|
|
)
|
|
|
|
def reset_for_tests(self) -> None:
|
|
self.stop()
|
|
with self._lock:
|
|
self._thread = None
|
|
self._wake_event = threading.Event()
|
|
self._stop_event = threading.Event()
|
|
|
|
|
|
private_release_worker = PrivateReleaseWorker()
|
|
|
|
|
|
def reset_private_release_worker_for_tests() -> None:
|
|
private_release_worker.reset_for_tests()
|