Metadata-Version: 2.4
Name: leukquant
Version: 0.1.0
Summary: Fully Local, Decentralized Threat Defense
Requires-Python: >=3.9
Description-Content-Type: text/markdown
Requires-Dist: onnxruntime>=1.16.0
Requires-Dist: numpy>=1.24.0
Requires-Dist: psutil>=5.9.0
Requires-Dist: cryptography>=41.0.0
Requires-Dist: pyyaml>=6.0.1
Requires-Dist: click>=8.1.7
Requires-Dist: rich>=13.7.0
Requires-Dist: watchdog>=3.0.0
Requires-Dist: scikit-learn>=1.3.2
Requires-Dist: skl2onnx>=1.16.0
Provides-Extra: pqc
Requires-Dist: liboqs-python>=0.8.0; extra == "pqc"
Provides-Extra: ember
Requires-Dist: ember; extra == "ember"
Requires-Dist: lief; extra == "ember"
Provides-Extra: kaggle
Requires-Dist: kaggle; extra == "kaggle"
Provides-Extra: dev
Requires-Dist: pytest>=7.4.0; extra == "dev"
Requires-Dist: pytest-cov>=4.1.0; extra == "dev"

# Leukquant — Fully Local, Decentralized Threat Defense

> **Zero cloud. Zero trust in corporations. Zero single point of failure.**

## Overview

Leukquant is a fully local, decentralized threat defense system. It uses on-device AI for malware classification, a behavior profiler for anomaly detection, and post-quantum cryptography for file encryption.

*Note: The blockchain threat ledger is currently disabled in this version. We use datasets like EMBER, VirusShare, and Kaggle Malware datasets for local AI scanning.*

## Features

1. **Local AI Scanning**: On-device malware classification using ONNX models. No telemetry. No cloud calls.
2. **Behavior Profiler**: Learns normal patterns over a 14-day baseline and flags deviations.
3. **Post-Quantum Crypto Vault**: Encrypts files with NIST PQC standards (ML-KEM, ML-DSA, SLH-DSA).
4. **Offline Mode**: Built for machines that never touch the internet.

## Installation

```bash
pip install -r requirements.txt
```

## Usage

### 1. Local AI Scanning

Scan a file using the local AI model:

```bash
python src/cli/main.py scan --file /path/to/file
```

### 2. Behavior Profiler

Start monitoring system behavior:

```bash
python src/cli/main.py monitor
```

### 3. Post-Quantum File Encryption

Encrypt a file:

```bash
python src/cli/main.py encrypt --file secret.pdf --algo ml-kem-1024 --sign ml-dsa-87
```

Decrypt a file:

```bash
python src/cli/main.py decrypt --file secret.pdf.sqe --key ~/.Leukquant/private.key
```

## File Structure

- `models/`: Contains the ONNX/GGML models for malware detection.
- `db/`: Local SQLite databases for threat signatures and behavior baselines.
- `keys/`: Post-quantum cryptographic keys.
- `config/`: Configuration files (e.g., `Leukquant.yml`).
- `src/`: Source code for the scanner, behavior profiler, crypto vault, and CLI.
- `logs/`: Local logs for anomalies.

## Datasets for Training

To train the local AI model, you can use the following datasets:
- **EMBER**: Open PE malware dataset.
- **VirusShare**: Repository of malware samples.
- **Kaggle Malware Datasets**: Various datasets available on Kaggle.

*Note: The pre-trained model should be placed in `models/malware_detector.onnx`.*
