Metadata-Version: 2.4
Name: sovereign-ai-stack
Version: 1.1.0a1
Summary: Local-first RAG with policy gating and audit-friendly logging — reference implementation
Author-email: Anandakrishnan Damodaran <ananda.krishnan@hotmail.com>
License: MIT
Project-URL: Homepage, https://github.com/anandkrshnn/sovereign-ai-stack
Project-URL: Documentation, https://github.com/anandkrshnn/sovereign-ai-stack/tree/main/docs
Project-URL: Repository, https://github.com/anandkrshnn/sovereign-ai-stack
Project-URL: Issues, https://github.com/anandkrshnn/sovereign-ai-stack/issues
Project-URL: Changelog, https://github.com/anandkrshnn/sovereign-ai-stack/blob/main/CHANGELOG.md
Keywords: sovereign-ai,local-rag,policy-gating,audit-logging,abac,governance,local-llm
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Healthcare Industry
Classifier: Intended Audience :: Financial and Insurance Industry
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
Classifier: Topic :: Security :: Cryptography
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: pydantic>=2.5.0
Requires-Dist: sqlalchemy>=2.0.0
Requires-Dist: sentence-transformers>=2.2.0
Requires-Dist: lancedb>=0.4.0
Requires-Dist: asyncpg>=0.29.0
Requires-Dist: fastapi>=0.104.0
Requires-Dist: uvicorn>=0.24.0
Requires-Dist: click>=8.1.0
Requires-Dist: aiosqlite>=0.19.0
Requires-Dist: accelerate>=0.25.0
Requires-Dist: nest-asyncio>=1.5.0
Provides-Extra: verify
Requires-Dist: sentence-transformers>=3.0.0; extra == "verify"
Requires-Dist: torch>=2.0.0; extra == "verify"
Provides-Extra: bridge
Requires-Dist: httpx>=0.25.0; extra == "bridge"
Requires-Dist: redis>=5.0.0; extra == "bridge"
Requires-Dist: prometheus-client>=0.19.0; extra == "bridge"
Provides-Extra: agent
Requires-Dist: keyring>=24.0.0; extra == "agent"
Requires-Dist: cryptography>=41.0.0; extra == "agent"
Provides-Extra: dashboard
Requires-Dist: streamlit>=1.38.0; extra == "dashboard"
Requires-Dist: plotly>=5.18.0; extra == "dashboard"
Requires-Dist: pandas>=2.0.0; extra == "dashboard"
Provides-Extra: full
Requires-Dist: sovereign-ai-stack[agent,bridge,dashboard,verify]; extra == "full"
Provides-Extra: dev
Requires-Dist: pytest>=7.4.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21.0; extra == "dev"
Requires-Dist: pytest-cov>=4.1.0; extra == "dev"
Requires-Dist: black>=23.0.0; extra == "dev"
Requires-Dist: ruff>=0.1.0; extra == "dev"
Requires-Dist: mypy>=1.7.0; extra == "dev"
Dynamic: license-file

# 🛰️ Sovereign AI Stack (Research Preview)

**Exploring Deterministic RAG Verification & Forensic Accountability.**

> [!WARNING]
> **Experimental Alpha**: This is a research prototype, not a production-grade security system. It is designed to explore Natural Language Inference (NLI) as a grounding mechanism and Ed25519 signatures for audit integrity. It has not undergone external security audits.

---

## 🔬 The Concept

The Sovereign AI Stack is a technical exploration into **"Verify then Trust"** architectures for local AI. Instead of relying on generative LLM judges—which are slow and prone to their own hallucinations—this stack tests a deterministic pipeline using NLI Cross-Encoders.

### Key Hypotheses
1.  **Efficiency**: A specialized NLI model (DeBERTa-v3) can verify grounding in **80ms**, compared to **2000ms+** for a generative judge.
2.  **Determinism**: Cross-encoders provide a repeatable entailment score rather than a generative "grade."
3.  **Accountability**: Asymmetric cryptography (Ed25519) can provide non-repudiable audit trails even in local-first environments.

---

## 🛠️ Components

1.  **Verify (NLI Gate)**: An experimental gate that blocks responses if the NLI entailment score between the answer and sources falls below a threshold (default 0.85).
2.  **Audit (Signed Chain)**: Every decision is cryptographically signed using **Ed25519** and linked into a SHA-256 hash chain.
3.  **Govern (ABAC)**: A simple Attribute-Based Access Control engine to gate retrieval by role and classification.

---

## 🚀 Quick Start (Alpha)

### 1. Install
```bash
pip install sovereign-ai-stack==0.1.0a1
```

### 2. Basic Usage
```python
from sovereign_ai import SovereignPipeline

# Initializing with default NLI model (deberta-v3-base)
pipeline = SovereignPipeline(tenant_id="research_test")

# Run a governed query
result = pipeline.query("What is the protocol?", role="analyst")
print(f"Verified Answer: {result['answer']}")
print(f"Grounding Score: {result['verification']['score']}")
```

---

## ⚠️ Known Limitations & Experimental Status

- **Model Specificity**: The default NLI model is trained on general entailment; domain-specific grounding (medical/legal) may require fine-tuning.
- **Hardware Binding**: While the system uses the OS Keyring, true hardware-level attestation (TPM 2.0) is a roadmap item.
- **Security Review**: This codebase is for research purposes. Do not use it to secure sensitive production data without a comprehensive security review.
- **Adversarial Robustness**: We are actively seeking feedback on adversarial prompts that might bypass the NLI gate.

---

## 🤝 Contributing & Feedback

This is an open technical exploration. We value "Brutal Feedback" on the architecture, the cryptographic implementation, and the NLI thresholding logic.

- **Issues**: Report bugs or architectural flaws.
- **Discussions**: Suggest better verification models or faster forensic methods.

---

## 📜 License
MIT
