Metadata-Version: 2.4
Name: voltry-probe
Version: 0.2.0
Summary: Voltry Probe — the open, read-only agent. Reads NVML/DCGM/Redfish/attestation into a signed evidence bundle and renders the offline certificate.
License-Expression: Apache-2.0
License-File: LICENSE
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Typing :: Typed
Requires-Python: >=3.10
Requires-Dist: cryptography<50,>=44
Requires-Dist: pydantic<3,>=2.11
Requires-Dist: rfc8785<0.2,>=0.1.4
Requires-Dist: typer<1,>=0.12
Requires-Dist: voltry-evidence-schema<2,>=1.1
Provides-Extra: hardware
Requires-Dist: nvidia-ml-py<13,>=12.560; extra == 'hardware'
Requires-Dist: sushy<6,>=5.0; extra == 'hardware'
Provides-Extra: submit
Requires-Dist: httpx<1,>=0.27; extra == 'submit'
Description-Content-Type: text/markdown

# Voltry Probe

Voltry Probe is an open, read-only agent that produces a signed condition and
provenance record for data-center GPUs. It reads what the hardware already
exposes over NVML and the NVIDIA attestation chain (with DCGM and Redfish
telemetry consumed where a collector provides it), binds the
readings to the device's fused cryptographic identity, and renders a
self-contained certificate you can open with no network at all.

It never states or implies what your hardware is worth. It records what the
hardware is.

## Install

```bash
pipx install voltry-probe
```

Requires Python 3.10 or newer. Stock DGX OS and Ubuntu 22.04 hosts work as-is.
`pip install voltry-probe` inside a virtualenv works too.

Optional extras:

```bash
pipx install "voltry-probe[hardware]"   # live NVML + Redfish readers
pipx install "voltry-probe[submit]"     # the opt-in submission client
```

Without `[hardware]` the probe runs against captured fixtures and simulators,
which is all you need to evaluate it.

## Sixty seconds to a certificate

```bash
# 1. Scan. Read-only, works fully offline and air-gapped.
#    Reads live hardware; signs with your operator key.
voltry scan --signing-key operator.pem --out bundle.json

# 2. Render. A self-contained HTML certificate, no network needed to view.
voltry cert bundle.json --out cert.html
```

Just evaluating, with no GPU and no key of your own? Point `scan` at a captured
sample and sign with a throwaway key:

```bash
voltry scan --fixture sample.json --ephemeral-key --out bundle.json
voltry cert bundle.json --out cert.html
```

That is the whole loop. `voltry submit` exists as a separate, explicit,
opt-in step; scanning and rendering never phone home.

## What read-only means

The probe never writes to, resets, reconfigures, or stress-tests a device
during a scan. You can run it on a live production fleet. Functional
qualification (which does exercise the device) is a separate mode behind an
explicit flag, never part of a read-only `scan`.

## What the certificate says, and what it does not

The certificate keeps measured facts and modeled estimates in separate blocks
that never look alike:

- Deterministic gates: authenticity, firmware integrity, functional and
  sanitization results. Pass or fail, no model in the loop.
- Measured condition: ECC and Xid history, retired and remapped pages, spare
  rows remaining, throttle and clock behavior. Raw values against published
  thresholds.
- Provenance: certification history on the device's permanent identity,
  append-only. A failed attempt stays on the record; cherry-picking is
  structurally impossible.

It never contains a price, a dollar figure, or a lifetime guarantee. Power-chain
exposure reads "Not Assessed" unless the facility itself was instrumented; it
is never inferred from board power.

## Verifying a bundle yourself

Every bundle is signed (ECDSA P-384 over RFC 8785 canonical JSON) and can be
verified by anyone with the `voltry-evidence-schema` package:

```python
import json
from evidence_schema import EvidenceBundle, verify_bundle

bundle = EvidenceBundle.model_validate(json.load(open("bundle.json")))
assert verify_bundle(bundle)
```

## License

Apache-2.0.
