Metadata-Version: 2.4
Name: cerone
Version: 1.1.9
Summary: Zero Trust Security for AI Agents
Home-page: https://github.com/AnantDhavale/cerone_sdk
Author: Anant Dhavale for Homer Semantics
Author-email: Homer Semantics <info@homersemantics.com>
License: Agent Governance SDK Commercial License
        Version 1.0
        
        Copyright (c) 2026 Anant Dhavale and Homer Semantics. All rights reserved.
        
        This license governs use of the Agent Governance Software Development Kit ("SDK") and any associated source code, binaries, examples, and documentation made available by Homer Semantics ("Licensor").
        
        1. Grant of License
        Subject to compliance with this License, Licensor grants you a limited, non-exclusive, non-transferable, revocable license to:
        (a) use the SDK solely to develop, test, and operate integrations with Licensor's Agent Governance services;
        (b) reproduce and distribute the SDK only as embedded within your application in object form, where end users cannot reasonably extract the SDK as a standalone developer tool.
        
        2. Ownership and Intellectual Property
        The SDK is licensed, not sold. Licensor retains all right, title, and interest in and to the SDK, including all intellectual property rights, trade secrets, and derivative works.
        
        3. Restrictions
        You may not, and may not permit others to:
        (a) sell, sublicense, rent, lease, or provide the SDK as a standalone product or service;
        (b) modify, create derivative works of, or redistribute the SDK source code, except with Licensor's prior written permission;
        (c) remove, alter, or obscure any copyright, trademark, or proprietary notices;
        (d) use the SDK or Agent Governance services to build, train, benchmark, validate, or improve any competing product or service, including competitive analysis intended for publication or commercialization;
        (e) reverse engineer, decompile, disassemble, translate, decode, or otherwise attempt to derive source code, underlying ideas, algorithms, model behavior, scoring logic, thresholds, prompts, or non-public APIs, except to the limited extent such restriction is expressly prohibited by applicable law;
        (f) attempt model extraction, prompt extraction, dataset extraction, or systematic output analysis intended to replicate Agent Governance functionality;
        (g) attempt to discover or reconstruct non-public service internals, infrastructure, security controls, or backend implementation details through unauthorized means, including probing, scraping, fuzzing, or penetration activity without prior written authorization from Licensor;
        (h) circumvent or attempt to circumvent usage limits, authentication controls, billing controls, access restrictions, anti-abuse controls, or monitoring controls.
        
        4. Service Terms and Quotas
        Use of the Agent Governance service APIs is subject to separate service terms, usage quotas, and pricing published by Licensor. Licensor may suspend or terminate API access for abuse, non-payment, security risk, or license breach. Current introductory quota is described in the Terms of Service and may change from time to time.
        
        5. Confidentiality
        Any non-public technical information, performance information, keys, or implementation details disclosed by Licensor are confidential and must not be disclosed to third parties.
        
        6. Feedback
        If you provide feedback, suggestions, or improvement ideas, you grant Licensor a perpetual, irrevocable, worldwide, royalty-free right to use them without restriction or compensation.
        
        7. Disclaimer
        THE SDK IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
        
        8. Limitation of Liability
        TO THE MAXIMUM EXTENT PERMITTED BY LAW, LICENSOR WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR ANY LOSS OF DATA, PROFITS, OR REVENUE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. LICENSOR'S AGGREGATE LIABILITY FOR ALL CLAIMS RELATING TO THE SDK WILL NOT EXCEED USD $100.
        
        9. Termination
        This License is effective until terminated. It terminates automatically if you breach any term. Upon termination, you must cease use of the SDK and destroy all copies in your possession or control.
        
        10. Governing Law
        This License is governed by the laws of India, without regard to conflict of laws principles. Any dispute shall be subject to the exclusive jurisdiction of the courts of Maharashtra, India.
        
        11. Contact
        Licensing requests: info@homersemantics.com , anantdhavale@gmail.com
        
        By using the SDK, you agree to this License.
        
Project-URL: Homepage, https://www.homersemantics.com/ai-agent-governance-and-oauth
Project-URL: Repository, https://github.com/AnantDhavale/cerone_sdk
Project-URL: Bug Tracker, https://github.com/AnantDhavale/cerone_sdk/issues
Keywords: ai,agents,security,zero-trust,validation,llm
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: Other/Proprietary License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: requests>=2.28
Provides-Extra: async
Requires-Dist: aiohttp>=3.8; extra == "async"
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21; extra == "dev"
Requires-Dist: aiohttp>=3.8; extra == "dev"
Dynamic: author
Dynamic: home-page
Dynamic: license-file
Dynamic: requires-python

# Cerone — Runtime Governance for AI Agents

**Install it. Create an agent. Validate a real action. See a live governance decision in minutes.**

Cerone gives every AI agent a cryptographic identity, validates intended actions
before execution, and returns explicit runtime decisions:

- `approved`
- `flagged`
- `rejected`

Start immediately from the SDK with **2,500 one-time free validations**.

**Powered by AZTP (Agent Zero Trust Platform)**

---

## Why Developers Use Cerone

- start immediately with hosted trial access from the SDK
- validate agent actions before they execute
- keep your own OpenAI, Anthropic, or other model key
- add runtime governance without replacing the rest of your stack
- get real decisions instead of vague policy claims
- use a lean trust layer instead of a heavy control-plane rewrite

---

## Install

```bash
pip install cerone
```

After install, you can verify connectivity and bootstrap a hosted trial from the terminal:

```bash
cerone
```

If your shell does not pick up the installed script immediately, this also works:

```bash
python3 -m cerone
```

**macOS note:** if `pip install cerone` succeeds but `cerone` says `command not found`, your Python scripts directory may not be on `PATH` yet. On many macOS installs, this fixes it:

```bash
echo 'export PATH="/Library/Frameworks/Python.framework/Versions/3.10/bin:$PATH"' >> ~/.zprofile
source ~/.zprofile
hash -r
```

Then try:

```bash
cerone
```

If you are working from source, clone this repository and install it locally:

```bash
git clone https://github.com/AnantDhavale/cerone_sdk.git
cd cerone_sdk
pip install -e .

```

---

## Access Modes

Cerone now has two usage paths:

1. **Hosted API trial**
   - `CeroneClient()` can bootstrap an anonymous hosted trial token automatically
   - the current hosted trial is designed for evaluation and demo use
   - if the trial is exhausted, contact us for persistent access

2. **Python SDK usage**
   - use `CeroneClient()` with no key for hosted trial bootstrap
   - use a provisioned key for persistent POCs or production environments

Hosted signup and support:

- [homersemantics.com](https://homersemantics.com)
- [info@homersemantics.com](mailto:info@homersemantics.com)

Hosted service terms:

- [TERMS_OF_SERVICE.md](https://github.com/AnantDhavale/cerone_sdk/blob/main/TERMS_OF_SERVICE.md)
---

## Quick Start

```python
import asyncio

from cerone import CeroneClient


async def main():
    client = CeroneClient(
        base_url="https://api.homersemantics.com",
    )

    try:
        certificate = client.create_agent(
            purpose="Customer billing support",
            capabilities=["db_read", "billing_api"],
        )

        result = await client.validate_async(
            agent_id=certificate.agent_id,
            action="database_query",
            parameters={"table": "billing", "customer_id": "123"},
        )

        print("Agent:", certificate.agent_id)
        print("Decision:", result.result)
        print("Trust:", result.trust_score)
    finally:
        await client.aclose()


asyncio.run(main())
```

---

## Single Action vs Batch Validation

Start with `validate(...)` for a single action. Use `validate_batch([...])` only
when you already have two or more validation items to send together.

Single action:

```python
from cerone import CeroneClient

client = CeroneClient()

agent = client.create_agent(
    purpose="Customer billing support",
    capabilities=["db_read", "billing_api"],
)

result = client.validate(
    agent.agent_id,
    "database_query",
    {"table": "billing", "customer_id": "123"},
)

print(result.result, result.trust_score)
client.close()
```

Batch validation:

```python
from cerone import CeroneClient

client = CeroneClient()

results = client.validate_batch([
    {
        "agent_id": "agt_123",
        "action": {
            "tool": "database_query",
            "parameters": {"table": "billing", "customer_id": "123"},
        },
    },
    {
        "agent_id": "agt_456",
        "action": {
            "tool": "refund_lookup",
            "parameters": {"refund_id": "rf_789"},
        },
    },
])

for item in results:
    print(item.agent_id, item.result, item.trust_score)

client.close()
```

If you call `validate_batch([])`, the SDK raises a local error before making a
request.

---

## What Cerone Does

Cerone is a runtime trust and governance layer for AI agents.

It:
- gives each agent a cryptographic identity
- validates intended actions against declared purpose and capability
- returns explicit runtime decisions before execution
- records audit and trust signals across agent activity
- preserves lineage and delegation boundaries where applicable

---

## What Cerone Validates

| Check | What it catches |
|---|---|
| **Cryptographic identity** | Impersonation, spoofed agents |
| **Semantic alignment** | Agents acting outside their declared purpose |
| **Trust scoring** | Behavioural drift over time |
| **Capability scope** | Agents calling tools they were never granted |
| **Lineage integrity** | Unauthorized parent-child relationships |

---

## Trial and Access

Cerone currently has two usage paths:

### 1. Hosted Trial
- `CeroneClient()` can bootstrap an anonymous hosted trial token automatically
- includes **2,500 one-time successful validations**
- no manual signup required to begin evaluation
- intended for initial testing and demos

### 2. Persistent Access
- for POCs, pilots, and production usage
- contact us for provisioned persistent SDK access

Support and contact:
- [homersemantics.com](https://homersemantics.com)
- [info@homersemantics.com](mailto:info@homersemantics.com)

Hosted service terms:
- [TERMS_OF_SERVICE.md](https://github.com/AnantDhavale/cerone_sdk/blob/main/TERMS_OF_SERVICE.md)

---

## Bring Your Own Model Key

Cerone governs agent **behaviour**, not inference.

You keep your own OpenAI, Anthropic, or other provider key and pass it directly
to your model calls. Cerone validates the intended action and records the
governance trail, but it does not sit in the middle of your model billing path.

```python
import asyncio
import openai

from cerone import CeroneClient


async def main():
    client = CeroneClient(
        base_url="https://api.homersemantics.com",
    )
    openai_client = openai.AsyncOpenAI(api_key="sk-...")

    try:
        certificate = client.create_agent(
            purpose="Summarise support tickets",
            capabilities=["read_ticket", "write_summary"],
        )

        validation = await client.validate_async(
            agent_id=certificate.agent_id,
            action="write_summary",
            parameters={"ticket_id": "T-001"},
        )
        print("Decision:", validation.result)

        response = await openai_client.chat.completions.create(
            model="gpt-4o-mini",
            messages=[{"role": "user", "content": "Summarise ticket T-001"}],
        )
        print(response)
    finally:
        await client.aclose()


asyncio.run(main())
```

---

## Why Cerone Is Different

Many vendors talk about agentic governance. Very few have something real you
can install, run, and demo.

Cerone is different because it is:
- **runtime-real**: it makes live governance decisions in the execution path
- **lean**: it adds trust and control without demanding a full platform rewrite
- **developer-usable**: installable, callable, and demoable now
- **business-aware**: designed to support workflow-aware governance, not just technical checks

Most of the category still looks theoretical. Cerone is meant to be used.

---

## Architecture

```text
Your Agent Code
      │
      ▼
  Cerone SDK  ──────────────────────────────────────────┐
      │                                                  │
      ▼                                                  ▼
AZTP Platform (api.homersemantics.com)  Your LLM Provider
  ├─ Identity Manager
  ├─ Semantic Validator
  ├─ Trust Engine
  └─ Audit Logger
```

Cerone is distributed by design: a thin SDK on the client side and centralized
identity, validation, governance, and audit logic on the server side.

---

## License

This SDK repository currently uses a proprietary commercial SDK license.

The SDK source license and the hosted Cerone service terms are separate:

- SDK / package code: [LICENSE](https://github.com/AnantDhavale/cerone_sdk/blob/main/LICENSE)
- Hosted service usage: [TERMS_OF_SERVICE.md](https://github.com/AnantDhavale/cerone_sdk/blob/main/TERMS_OF_SERVICE.md)

Free trial and hosted commercial terms are subject to change.

Homer Semantics and Anant Dhavale are not liable for losses, damages, business
interruption, model outputs, workflow outcomes, or downstream actions arising
from use of the SDK or hosted service. Use Cerone at your own discretion and risk.

---

## Contact

- Website: [homersemantics.com](https://homersemantics.com)
- Support: [info@homersemantics.com](mailto:info@homersemantics.com)
- Founder: [anantdhavale@gmail.com](mailto:anantdhavale@gmail.com)

If you are building with agents and want runtime governance that is actually
usable, reach out.
