types: add trust identity verification to prevent LLM reviewer forgery#59
Merged
types: add trust identity verification to prevent LLM reviewer forgery#59
Conversation
…3 E0226-E0227 E0251 E0260-E0262 E0310 Covers error codes across lexer, parser, types, contracts, and annotation phases. 16 new compile-fail UI tests bringing error-messages coverage to 40 files with 38+ distinct error codes exercised. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Covers closures, actors, traits/impls, annotations, Option/Result types, tuples, break/continue, spawn, channels, select, intents, unary/binary ops, nested collections, and idempotency (format(format(x)) == format(x)). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Covers: fmt roundtrip and idempotency, annotate JSON output, audit JSON and policy enforcement, and fix dry-run — bringing all major kodoc subcommands under automated test coverage. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Exercises BinOp (add, sub, mul, div, eq), StringConst assign, Call in body, multi-block with jump, BoolConst return, and local assign+return via MIR-level compile_module calls. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Introduces E0263 and E0264 to detect when an AI agent attempts to forge a @reviewed_by(human: "...") annotation by naming itself as a human reviewer. A new [trust] section in kodo.toml configures two opt-in checks: - known_agents: list of agent names forbidden as human reviewers (E0263) - human_reviewers: allowlist of authorized reviewer identities (E0264) Both checks run case-insensitively at type-check time via a new TrustConfig struct threaded into TypeChecker via set_trust_config(). The kodoc check, build, audit, confidence-report, and mir commands all load trust config automatically from kodo.toml in the source file's parent directory. The audit command gains a new trust=verified policy criterion for CI/CD gating. FunctionAudit now exposes a reviewers field in JSON output. Adds 7 unit tests (E0263/E0264 cases), 4 manifest tests, 3 audit tests, and 3 UI tests (tests/ui/traceability/trust/) with a kodo.toml fixture. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
@reviewed_by(human: "...")annotation by naming itself as a human reviewer[trust]section tokodo.tomlwith two opt-in fields:known_agents(forbidden as human reviewers) andhuman_reviewers(allowlist of authorized reviewers)trust=verifiedpolicy criterion tokodoc auditfor CI/CD gatingWhat changed
Core type system (
kodo_types)TrustConfigstruct exported as public APITypeChecker::set_trust_config()— injects trust config beforecheck_modulevalidate_reviewer_identity()— validates reviewers case-insensitively against both lists; wired intovalidate_module_policiesandvalidate_policies_collectingAgentClaimsHumanReview(E0263) with auto-fix patch (human:→agent:)ReviewerNotInAllowlist(E0264) with suggestionManifest (
kodoc)TrustSection+trust: Option<TrustSection>field onManifestload_trust_config(source_file)— looks upkodo.tomlin the file's parent directorycheck,build,audit,confidence-report,mir) callset_trust_configautomaticallyAudit
PolicyCriterion::TrustVerified+"trust=verified"policy stringvalidate_policy_with_trust()withknown_agentssliceFunctionAudit.reviewers: Vec<String>in JSON outputTest plan
cargo fmt --all -- --check— cleancargo clippy --workspace -- -D warnings— zero warningscargo test --workspace— all pass (7 new unit tests for E0263/E0264, 4 manifest tests, 3 audit tests)make ui-test— 127 tests pass including 3 new UI tests intests/ui/traceability/trust/Backward compatibility
Everything is opt-in. Projects without a
[trust]section inkodo.tomlare completely unaffected —TrustConfig::default()is a no-op.🤖 Generated with Claude Code