Metadata-Version: 2.4
Name: cerone
Version: 1.1.4
Summary: Zero Trust Security for AI Agents
Home-page: https://github.com/AnantDhavale/cerone_sdk
Author: Anant Dhavale for Homer Semantics
Author-email: Homer Semantics <info@homersemantics.com>
License: Agent Governance SDK Commercial License
        Version 1.0
        
        Copyright (c) 2026 Anant Dhavale and Homer Semantics. All rights reserved.
        
        This license governs use of the Agent Governance Software Development Kit ("SDK") and any associated source code, binaries, examples, and documentation made available by Homer Semantics ("Licensor").
        
        1. Grant of License
        Subject to compliance with this License, Licensor grants you a limited, non-exclusive, non-transferable, revocable license to:
        (a) use the SDK solely to develop, test, and operate integrations with Licensor's Agent Governance services;
        (b) reproduce and distribute the SDK only as embedded within your application in object form, where end users cannot reasonably extract the SDK as a standalone developer tool.
        
        2. Ownership and Intellectual Property
        The SDK is licensed, not sold. Licensor retains all right, title, and interest in and to the SDK, including all intellectual property rights, trade secrets, and derivative works.
        
        3. Restrictions
        You may not, and may not permit others to:
        (a) sell, sublicense, rent, lease, or provide the SDK as a standalone product or service;
        (b) modify, create derivative works of, or redistribute the SDK source code, except with Licensor's prior written permission;
        (c) remove, alter, or obscure any copyright, trademark, or proprietary notices;
        (d) use the SDK or Agent Governance services to build, train, benchmark, validate, or improve any competing product or service, including competitive analysis intended for publication or commercialization;
        (e) reverse engineer, decompile, disassemble, translate, decode, or otherwise attempt to derive source code, underlying ideas, algorithms, model behavior, scoring logic, thresholds, prompts, or non-public APIs, except to the limited extent such restriction is expressly prohibited by applicable law;
        (f) attempt model extraction, prompt extraction, dataset extraction, or systematic output analysis intended to replicate Agent Governance functionality;
        (g) attempt to discover or reconstruct non-public service internals, infrastructure, security controls, or backend implementation details through unauthorized means, including probing, scraping, fuzzing, or penetration activity without prior written authorization from Licensor;
        (h) circumvent or attempt to circumvent usage limits, authentication controls, billing controls, access restrictions, anti-abuse controls, or monitoring controls.
        
        4. Service Terms and Quotas
        Use of the Agent Governance service APIs is subject to separate service terms, usage quotas, and pricing published by Licensor. Licensor may suspend or terminate API access for abuse, non-payment, security risk, or license breach. Current introductory quota is described in the Terms of Service and may change from time to time.
        
        5. Confidentiality
        Any non-public technical information, performance information, keys, or implementation details disclosed by Licensor are confidential and must not be disclosed to third parties.
        
        6. Feedback
        If you provide feedback, suggestions, or improvement ideas, you grant Licensor a perpetual, irrevocable, worldwide, royalty-free right to use them without restriction or compensation.
        
        7. Disclaimer
        THE SDK IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
        
        8. Limitation of Liability
        TO THE MAXIMUM EXTENT PERMITTED BY LAW, LICENSOR WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR ANY LOSS OF DATA, PROFITS, OR REVENUE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. LICENSOR'S AGGREGATE LIABILITY FOR ALL CLAIMS RELATING TO THE SDK WILL NOT EXCEED USD $100.
        
        9. Termination
        This License is effective until terminated. It terminates automatically if you breach any term. Upon termination, you must cease use of the SDK and destroy all copies in your possession or control.
        
        10. Governing Law
        This License is governed by the laws of India, without regard to conflict of laws principles. Any dispute shall be subject to the exclusive jurisdiction of the courts of Maharashtra, India.
        
        11. Contact
        Licensing requests: info@homersemantics.com , anantdhavale@gmail.com
        
        By using the SDK, you agree to this License.
        
Project-URL: Homepage, https://www.homersemantics.com/ai-agent-governance-and-oauth
Project-URL: Repository, https://github.com/AnantDhavale/cerone_sdk
Project-URL: Bug Tracker, https://github.com/AnantDhavale/cerone_sdk/issues
Keywords: ai,agents,security,zero-trust,validation,llm
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: Other/Proprietary License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: requests>=2.28
Provides-Extra: async
Requires-Dist: aiohttp>=3.8; extra == "async"
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21; extra == "dev"
Requires-Dist: aiohttp>=3.8; extra == "dev"
Dynamic: author
Dynamic: home-page
Dynamic: license-file
Dynamic: requires-python

# Cerone — Governance and Zero Trust Runtime for AI Agents

**Powered by AZTP (Agent Zero Trust Platform)**

Cerone gives every AI agent a cryptographic identity, validates that its
actions align with its declared purpose, and produces an auditable runtime
trail across identity, validation, governance, and delegated token exchange.

Most teams deploying agents in production still have weak runtime control over
what those agents actually do. Cerone is built to fix that.

Why developers try Cerone:
- start immediately with hosted trial access from the SDK
- add governance without replacing the rest of the agent stack
- keep your own model-provider key and model spend
- get explicit `approved`, `flagged`, or `rejected` runtime decisions
- use a lean runtime trust layer instead of a heavy control-plane rewrite

---

## Install

The current hosted SDK package name is `cerone`.

```bash
pip install cerone
```

If you are working from source, clone this repository and install it locally:

```bash
git clone https://github.com/AnantDhavale/cerone_sdk.git
cd cerone_sdk
pip install -e .

```

---

## Access Modes

Cerone now has two usage paths:

1. **Hosted API trial**
   - `CeroneClient()` can bootstrap an anonymous hosted trial token automatically
   - the current hosted trial is designed for evaluation and demo use
   - if the trial is exhausted, contact us for persistent access

2. **Python SDK usage**
   - use `CeroneClient()` with no key for hosted trial bootstrap
   - use a provisioned key for persistent POCs or production environments

Hosted signup and support:

- [homersemantics.com](https://homersemantics.com)
- [info@homersemantics.com](mailto:info@homersemantics.com)

Hosted service terms:

- [TERMS_OF_SERVICE.md](https://github.com/AnantDhavale/cerone_sdk/blob/main/TERMS_OF_SERVICE.md)

---

## Quick Start

```python
import asyncio

from cerone import CeroneClient


async def main():
    client = CeroneClient(
        base_url="https://aztp-homer-semantics.onrender.com",
    )

    try:
        health = client.health_check()
        print(f"Health: {health}")

        certificate = client.create_agent(
            purpose="Customer billing support",
            capabilities=["db_read", "billing_api"],
        )

        print(f"Agent ID: {certificate.agent_id}")
        print(f"Trust score: {certificate.trust_score}")

        result = await client.validate_async(
            agent_id=certificate.agent_id,
            action="database_query",
            parameters={"table": "billing", "customer_id": "123"},
        )
        print(f"Validation result: {result}")

        trust_score = client.get_trust_score(certificate.agent_id)
        print(f"Trust score: {trust_score}")

        audit_log = client.get_audit_log(certificate.agent_id, limit=10)
        print(f"Audit log: {audit_log}")
    finally:
        await client.aclose()


asyncio.run(main())
```

---

## What Cerone Validates

| Check | What it catches |
|---|---|
| **Cryptographic identity** | Impersonation, spoofed agents |
| **Semantic alignment** | Agents acting outside their declared purpose |
| **Trust scoring** | Behavioural drift over time |
| **Capability scope** | Agents calling tools they were never granted |
| **Lineage integrity** | Unauthorized parent-child relationships |

---

## Bring Your Own Model Key

Cerone governs agent **behaviour**, not inference.

You keep your own OpenAI, Anthropic, or other provider key and pass it directly
to your model calls. Cerone validates the agent action and records the
governance trail, but it does not sit in the middle of your model billing path.

```python
import asyncio
import openai

from cerone import CeroneClient


async def main():
    client = CeroneClient(
        base_url="https://aztp-homer-semantics.onrender.com",
    )
    openai_client = openai.AsyncOpenAI(api_key="sk-...")

    try:
        certificate = client.create_agent(
            purpose="Summarise support tickets",
            capabilities=["read_ticket", "write_summary"],
        )

        validation = await client.validate_async(
            agent_id=certificate.agent_id,
            action="write_summary",
            parameters={"ticket_id": "T-001"},
        )
        print(f"Validation result: {validation}")

        response = await openai_client.chat.completions.create(
            model="gpt-4o-mini",
            messages=[{"role": "user", "content": "Summarise ticket T-001"}],
        )
        print(response)
    finally:
        await client.aclose()


asyncio.run(main())
```

---

## Validation Pattern

The current `cerone` SDK exposes validation through `CeroneClient`.
Validate the intended action before running the local tool or model call you
control.

```python
from cerone import CeroneClient

client = CeroneClient(
    base_url="https://aztp-homer-semantics.onrender.com",
)

certificate = client.create_agent(
    purpose="Customer data analysis",
    capabilities=["db_read", "analytics"],
)

validation = client.validate(
    agent_id=certificate.agent_id,
    action="database_query",
    parameters={"customer_id": "123"},
)
print(f"Validation result: {validation}")

# Run your local tool after validation.
customer = {"customer_id": "123", "name": "Jane Doe"}
print(customer)

client.close()
```

---

## Tiers

| | Trial | Startup | Pro | Enterprise |
|---|---|---|---|---|
| Validations / 30-day window | Hosted evaluation flow | 50,000 | 500,000 | Custom |
| Agents | Limited | 25 | 250 | Custom |
| Audit retention | Limited | 30 days | 90 days | 365 days |
| Model access | BYO | BYO | BYO now, managed later | BYO or managed |
| Support | — | Email | Priority | Dedicated |
| Commercial model | Evaluation | Contact us | Contact us | Contact us |

Current commercial motion:
- evaluate first
- contact us for provisioned persistent SDK access

---

## Architecture

```text
Your Agent Code
      │
      ▼
  Cerone SDK  ──────────────────────────────────────────┐
      │                                                  │
      ▼                                                  ▼
AZTP Platform (aztp-homer-semantics.onrender.com)  Your LLM Provider
  ├─ Identity Manager
  ├─ Semantic Validator
  ├─ Trust Engine
  └─ Audit Logger
```

---

## Integration Direction

Cerone is being shaped to govern:
- agent frameworks
- custom tool-calling runtimes
- business workflows that need identity, validation, and audit

If you want a specific framework or business-system integration, contact us directly.

---

## Usage and Quota

```bash
curl https://aztp-homer-semantics.onrender.com/usage \
  -H "X-API-Key: sk_startup_..."
```

This returns current usage, remaining quota, reset date, and tier feature flags.

---

## Documentation

- [TERMS_OF_SERVICE.md](https://github.com/AnantDhavale/cerone_sdk/blob/main/TERMS_OF_SERVICE.md)


---

## License

## License

This SDK repository currently uses a proprietary commercial SDK license.

The SDK source license and the hosted Cerone service terms are separate:

- SDK / package code: [LICENSE](https://github.com/AnantDhavale/cerone_sdk/blob/main/LICENSE)
- Hosted service usage: [TERMS_OF_SERVICE.md](https://github.com/AnantDhavale/cerone_sdk/blob/main/TERMS_OF_SERVICE.md)

Free trial and hosted commercial terms are subject to change.


---

## Contact and Feedback

- Website: [homersemantics.com](https://homersemantics.com)
- Support: [info@homersemantics.com](mailto:info@homersemantics.com)
- Founder: [anantdhavale@gmail.com](mailto:anantdhavale@gmail.com)

If you are using Cerone, feedback is genuinely useful. POCs and design
partners are welcome.

---

## Disclaimer

Cerone is provided for evaluation and operational governance support, but final
deployment, enforcement choices, and production use remain your responsibility.
Use the SDK and hosted service at your own discretion and risk. To the maximum
extent permitted by law, Homer Semantics and Anant Dhavale are not liable for
any direct, indirect, incidental, consequential, business, data, model, or
security losses arising from use, misuse, non-use, or reliance on Cerone.
