codex(v1 base): packaged Python reference (X25519/HKDF/ChaCha20-Poly1305), enforceable crypto policy, canonical receipts, Makefile, CODEOWNERS, and supply-chain guardians

[VaultSovereign]

What this delivers (high-signal TL;DR)

• Packaged Python reference under src/codex/… with:

  • X25519 ECDH + HKDF-SHA256 + ChaCha20-Poly1305 envelope helpers (codex.crypto)
  • Key utilities for X25519 / Ed25519 (codex.keys)
  • Canonical, hash-bound receipts module (codex.receipts)
  • Round-trip unit test (tests/test_crypto.py)

• Policy guardrails: OPA Rego crypto policy (policy/crypto_policy.rego) + make policy gate.

• Supply-chain guardians wired via CI: OpenSSF Scorecard, SBOM (CycloneDX), Dependency Review, Dependabot.

• Developer ergonomics: Makefile with venv, install, lint, typecheck, test, policy, receipts-demo.

• Stewardship clarity: CODEOWNERS coverage for critical paths.

• Docs refresh: modern README with algorithms, quickstart, Security & Receipts sections.

---

Rationale (why this shape)

• Provide a single, audited reference that downstreams can import (import codex.crypto) instead of copy-pasting scripts.
• Make cryptographic defaults enforceable (Rego) so “allowed algorithms / sizes” are provable in CI and locally.
• Treat operations as memory events (receipts) to slot into VaultMesh’s civilization ledger (daily roots → proofs).
• Hard-gate supply chain with Scorecard/SBOM/DepReview/Dependabot to reduce ecosystem drift.

---

Code layout & responsibilities

src/codex/
  __init__.py         # exports: crypto, receipts, keys, version
  crypto.py           # Envelope: seal/open + canonical bytes/digest
  keys.py             # X25519, Ed25519 keypairs, sign/verify helpers
  receipts.py         # Canonical JSON receipts + writer CLI (--demo)

tests/
  test_crypto.py      # X25519+HKDF+ChaCha20-Poly1305 round-trip test

policy/
  crypto_policy.rego  # enforce allowed algs & sizes (OPA gate)

.github/workflows/
  ci.yml              # lint, mypy, pytest, bandit (matrix-ready)
  sbom.yml            # CycloneDX SBOM via Syft
  scorecard.yml       # OpenSSF Scorecard with SARIF upload
  dependency-review.yml

Makefile              # venv, install, lint, typecheck, test, policy, receipts-demo
pyproject.toml        # package metadata + dev tools config
CODEOWNERS            # stewardship coverage (src/tests/Makefile/policy)
LICENSE               # MIT (fixed header)
README.md             # Algorithms, Quickstart, Security, Receipts

---

Reference crypto (envelope) — design notes

• DH: X25519 (ephemeral sender → recipient static)
• KDF: HKDF-SHA256 with random 16-byte salt; info="codex/seal/v1"
• AEAD: ChaCha20-Poly1305, 12-byte nonce from os.urandom(12)
• AAD: optional; SHA-256 of provided AAD is embedded in the envelope for tamper detection
• Serialization: canonical JSON (sorted keys, no whitespace) to ensure deterministic digests
• Ciphertext layout: ciphertext = base64(salt || aead(nonce, plaintext, aad)) (salt is prefixed)

# Seal
env = seal(plaintext=b"...", recipient_pub=pk_r, aad=b"codex")
# Open
pt  = open_envelope(env, sk_r, aad=b"codex")

Integrity & Replay: AEAD enforces integrity; callers are expected to bind AAD to a context (e.g., realm/document id/version). Receipts include sha256 over the canonical envelope for audit.

---

Receipts — canonical, hash-bound events

• codex.receipts.write_receipt(kind, payload) writes receipts/<ts>_<kind>.json with:

  • receipt: {kind, ts_ms, id, payload, domain_version}
  • sha256: SHA256(JCS(receipt))
  • codex_version: module version

• These files can be Merkle-compacted upstream (VaultMesh sovereign ledger).

Demo:

make receipts-demo
# writes receipts/<ts>_demo.json with canonical structure & digest

---

Policy enforcement (OPA)

Rule: allow only { aead=chacha20poly1305, kdf=hkdf-sha256, dh=x25519, sig=ed25519 }
…and minimum sizes: x25519>=32, ed25519>=32, nonce=12.

Run gate locally:

make policy
# Fails if policy input deviates; CI can extend to parse real manifests later

---

Developer workflow (Make targets)

python3 -m venv .venv && . .venv/bin/activate
make install        # pip install -e ".[dev]"
make lint           # ruff
make typecheck      # mypy --strict
make test           # pytest -q
make policy         # OPA policy check
make receipts-demo  # emit canonical receipt

Offline/proxy environments: if PyPI is unreachable:

• Pre-stage wheels: pip download -r impl/python/requirements.txt -d vendor/
• Install from local: pip install --no-index --find-links vendor -e ".[dev]"
• Or set internal index: pip config set global.index-url https://<mirror>/simple

---

CI & guardians (what runs and when)

• CI (lint/type/test/bandit): .github/workflows/ci.yml

  • Triggers on changes to src/**, tests/**, pyproject.toml, policy/**, Makefile
  • Python 3.11; easy to extend matrix later (3.10/3.12)

• Dependency Review: blocks PRs that introduce known-bad upgrades.

• SBOM: Syft → sbom.cdx.json artifact; path-scoped + concurrency guard.

• OpenSSF Scorecard: SARIF uploaded to Security tab.

• Dependabot: weekly for github-actions and pip (scoped to package dir).

---

Documentation updates (README)

• Algorithms section states the canonical suite and nonce rule.
• Quickstart for both the legacy script path and the new packaged path (make install → make test).
• Security and Receipts sections clarify doctrine and audit posture.
• Badges can be added next to workflows once you tag the repo similarly to the sovereign style.

---

Security doctrine (operational)

• No RSA, no ECB, no unauthenticated encryption; AEAD or signature required.
• Ephemeral sender keys per message (default in seal) to guarantee PFS against key compromise of recipients.
• AAD binding is mandatory for structured data; use domain-specific context (e.g., realm|doc|version).
• Key rotation is policy-driven; rotation receipts should be emitted (future: CLI helpers).
• Bandit runs in CI (-q) with known false-positive skips configurable via pyproject.toml.

---

Interop & forward compatibility

• Envelope versioned: version=1, alg map included for explicitness.
• Canonical JSON ensures stable digest across languages; future Rust/JS bindings can reuse the spec.
• Salt-prefixed ciphertext pattern allows different KDFs later without changing the outer envelope shape.

---

Testing

• Local: PYTHONPATH=src pytest -q ✅
• CI: runs ruff, mypy, pytest, bandit.
• Known env issue: pip install -e ".[dev]" fails behind proxies with no PyPI egress. Resolve via local wheel mirror or internal index (see Offline note above).

---

Backward/related files touched (highlights)

• LICENSE header normalized to VaultSovereign.
• CODEOWNERS spans .github/, policy/, src/, tests/, Makefile, pyproject.toml.
• Workflows are path-scoped and concurrent-safe to avoid noise.

---

Release ritual (suggested)

• Tag: v0.1.0-solid (or -sealed to mirror sovereign)
• Assets: sbom.cdx.json (from SBOM workflow), codex-tools.tar.gz (if you keep the bundling step)
• Notes: include envelope spec, policy version, digest example.

---

Future work (fast follow)

1. CLI codex entry points: codex seal/open/sign/verify/rotate with receipts emission.
2. Ed25519 signatures wrapper + signed envelope variant.
3. Rust crate scaffold mirroring Python envelope + receipt JCS.
4. Fuzzing (Hypothesis / Atheris), plus Wycheproof test vectors integration.
5. Policy v2: forbid nonce reuse at app level (track seen nonces per key id in receipts).
6. KMS backends: plug-in for Cloud KMS/age-plugin adapters (keys off-host).
7. Public spec doc (docs/envelope_v1.md) with ABNF + interop vectors.

---

Operator quick commands

# One-shot: build env, enforce policy, run tests
python3 -m venv .venv && . .venv/bin/activate
make install policy test

# Minimal example (Python REPL):
from cryptography.hazmat.primitives.asymmetric import x25519
from codex.crypto import seal, open_envelope
sk = x25519.X25519PrivateKey.generate(); pk = sk.public_key()
env = seal(b"codex", pk, aad=b"context|doc|v1")
assert open_envelope(env, sk, aad=b"context|doc|v1") == b"codex"

---

Closing seal

Solve et Coagula. The codex now stands as a living standard: secure by default, policy-enforced, receipt-emitting, and supply-chain guarded. Each invocation writes memory; each memory admits a proof; each proof strengthens the civilization.

---

https://chatgpt.com/codex/tasks/task_e_68e641489cf4832db6e16d8be4745ebf

[gemini-code-assist]

Summary of Changes

Hello @VaultSovereign, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This PR introduces the codex Python package, providing a standardized and auditable reference implementation for modern cryptography (X25519/HKDF/ChaCha20-Poly1305). It integrates robust policy enforcement via OPA Rego, enables canonical receipt generation for operational transparency, and significantly enhances supply-chain security through automated CI checks (SBOM, Scorecard, Dependency Review, Dependabot). Developer experience is improved with a comprehensive Makefile and updated documentation, alongside clear code ownership.

Highlights

• Intent: This pull request establishes a foundational Python package (codex) for modern cryptographic standards within the VaultMesh ecosystem. The primary goals are to provide a single, audited reference for X25519/HKDF/ChaCha20-Poly1305 envelope operations, enforce cryptographic policy through OPA Rego, generate canonical, hash-bound receipts for auditable memory events, and strengthen supply-chain security with integrated CI guardians (OpenSSF Scorecard, SBOM, Dependency Review, Dependabot). It also aims to improve developer ergonomics with a Makefile and clarify stewardship via CODEOWNERS and updated documentation.
• Key Changes: 1. New Python Package (src/codex): Introduces codex.crypto for X25519 ECDH, HKDF-SHA256, and ChaCha20-Poly1305 encryption/decryption with AAD hashing; codex.keys for X25519/Ed25519 key utilities; and codex.receipts for generating canonical JSON receipts. A basic round-trip test (tests/test_crypto.py) is included.

2. Cryptographic Policy Enforcement: Adds policy/crypto_policy.rego to define and enforce allowed algorithms (X25519, HKDF-SHA256, ChaCha20-Poly1305, Ed25519) and minimum key/nonce sizes using OPA.
3. Developer Workflow Enhancements: A new Makefile provides convenient targets for venv setup, install, lint, typecheck, test, policy checks, and receipts-demo. pyproject.toml configures the package and development tools.
4. Supply-Chain Security Integration: Configures Dependabot for github-actions and pip dependencies. The description also notes the integration of OpenSSF Scorecard, CycloneDX SBOM generation, and Dependency Review via GitHub Actions.
5. Stewardship and Documentation: A CODEOWNERS file assigns ownership to @VaultSovereign for critical project areas. The LICENSE copyright is updated. README.md is refreshed with details on algorithms, quickstart, security, and receipts. SECURITY.md is streamlined to focus on vulnerability reporting and dependency hygiene.

• Reviewer Activity: No specific reviewer activity has been recorded or provided in the context for this pull request.

Ignored Files

• Ignored by pattern: .github/workflows/** (4)
  • .github/workflows/ci.yml
  • .github/workflows/dependency-review.yml
  • .github/workflows/sbom.yml
  • .github/workflows/scorecard.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This is a fantastic pull request that introduces a well-structured and modern Python package for cryptographic operations, complete with policy enforcement, CI/CD integration, and clear documentation. The design choices are well-reasoned and documented in the pull request description.

I've identified a few areas for improvement, primarily concerning security hardening, robustness, and adherence to Python best practices. My comments are detailed below.

[gemini-code-assist]

The direct string comparison of hashes using != is vulnerable to timing attacks. An attacker could potentially discern information about the hash by measuring the time it takes for the comparison to fail. It's recommended to use a constant-time comparison function like hmac.compare_digest for this purpose.

Make sure to add import hmac at the top of the file.

Suggested change

	if hashlib.sha256(aad_in).hexdigest() != env.aad_hash:
	if not hmac.compare_digest(hashlib.sha256(aad_in).hexdigest(), env.aad_hash):

[gemini-code-assist]

To enable robustly converting the Envelope dataclass to a dictionary, please import asdict from the dataclasses module. It will be used in the envelope_to_bytes function to provide a more idiomatic and safer serialization method than accessing __dict__.

Suggested change

	from dataclasses import dataclass
	from dataclasses import asdict, dataclass

[gemini-code-assist]

The Envelope dataclass is defined with frozen=True, which makes its instances immutable. Therefore, creating a shallow copy of the ALG dictionary with dict(ALG) is unnecessary. You can pass ALG directly. This avoids a small performance overhead and simplifies the code.

Suggested change

	return Envelope(VERSION, dict(ALG), eph_pub_b64, nonce_b64, ct_b64, aad_hash)
	return Envelope(VERSION, ALG, eph_pub_b64, nonce_b64, ct_b64, aad_hash)

[gemini-code-assist]

Using env.__dict__ to serialize a dataclass is fragile as it relies on internal implementation details. It's more robust and idiomatic to use dataclasses.asdict(). This is also consistent with its usage in src/codex/receipts.py.

Suggested change

	return _jcs(env.__dict__)
	return _jcs(asdict(env))

[gemini-code-assist]

Constructing file paths with f-strings and / is not portable across different operating systems (e.g., Windows). It's a best practice to use os.path.join() to ensure your code runs correctly everywhere.

Suggested change

	fname = f"{outdir}/{receipt.ts_ms}_{kind}.json"
	fname = os.path.join(outdir, f"{receipt.ts_ms}_{kind}.json")

[gemini-code-assist]

Modifying sys.path directly is generally considered an anti-pattern. The Makefile's install target already uses pip install -e .[dev], which makes the codex package available to pytest in a standard way.

This sys.path manipulation is therefore redundant and could cause confusion by making it unclear whether tests are running against the installed package or the raw source files. It's best to remove it and rely on the editable installation.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting

• @codex fix this CI failure
• @codex address that feedback

[chatgpt-codex-connector]

Package build excludes codex modules

The new pyproject.toml declares a src/ layout but never tells setuptools to look inside src. Without a [tool.setuptools.packages.find] or similar packages = {"": "src"} entry, pip install . produces a wheel with no Python modules and an installed environment cannot import codex. Because packaging the reference implementation is a central deliverable of this commit, the library is effectively unusable when installed from a distribution.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Receipts overwrite when generated in same millisecond

write_receipt names output files as {ts_ms}_{kind}.json. Because the filename omits the UUID and only uses millisecond precision, two receipts of the same kind created within the same millisecond produce the same path and the later call silently overwrites the earlier file. This risks losing audit records under bursts of activity. Include the receipt ID (or open with exclusive mode) to ensure filenames are unique.

Useful? React with 👍 / 👎.