Share
## https://sploitus.com/exploit?id=205601AE-E7C0-5BA7-8522-8C321608314E
# JFP Console PoC
**Tamper-evident autonomous system governor with a live operator dashboard.**
JFP Console PoC is a Linux daemon that monitors system resources, executes governed interventions when safety thresholds are breached, and writes every action to a SHA-256 hash-chain proof log β optionally signed with Ed25519. A PySide6 operator console visualises metrics and events in real time and sends whitelisted control commands over a Unix socket.
The system is not AI-dependent. Every decision is deterministic, every intervention is gated by two independent policy layers, and every proof record is mathematically verifiable offline.
---
## Key properties
| Property | How it is enforced |
|---|---|
| **Two-layer governance** | Every action passes Governor (hard constitutional rules) and Supervisor (adaptive optimizer). Both must approve. |
| **Tamper-evident proof log** | SHA-256 hash chain. Any modification to any historical record breaks the chain. |
| **Optional Ed25519 signing** | Each record signed with daemon's private key. Public key verifiable offline. |
| **Safe-mode dry run** | `JFP_DRY_RUN=1` β no real system mutations. Default for development. |
| **Trigger streak guard** | Intervention only after N consecutive threshold breaches (prevents false positives from transient spikes). |
| **Auth-gated write ops** | All write operations require an operator token. Read-only methods are public. |
| **Process isolation** | Daemon runs as root. Console runs as unprivileged user. No `sudo` in the console. |
---
## Architecture
```
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β jfpd (daemon, root) β
β β
β ββββββββββββ βββββββββββββββββ βββββββββββββββ β
β β metrics ββββββΆβ GovernorCon ββββΆβ Action β β
β β sampler β β stitution β β Executor β β
β β (1s tick)β β (hard rules) β β (allowlist)β β
β ββββββββββββ βββββββββ¬ββββββββ ββββββββ¬βββββββ β
β β β β
β βββββββββΌββββββββ β β
β β Supervisor ββββββββββββ β
β β (adaptive) β β
β βββββββββββββββββ β
β β
β ββββββββββββββββββββββββββββββββββββββββββ β
β β ProofLogger β SHA-256 chain + Ed25519 β β
β ββββββββββββββββββββββββββββββββββββββββββ β
β β β
β Unix socket (AF_UNIX) β
β JSON-RPC (8 methods) β
ββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β jfp-console (PySide6, unprivileged user) β
β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β MetricCards β β LiveCharts β β Timeline β β
β β (8 panels) β β CPU/RAM/TΒ° β β (events) β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β
β [ENGAGE JFP HEALER] [UNLOCK SAFETY] [START BENCHMARK] β
β [STOP BENCHMARK] [PANIC STOP] β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
```
### State machine
```
MONITORING ββ(3Γ threshold hit)βββΆ TRIGGERED
TRIGGERED ββ(gate: PASS)ββββββββββΆ INTERVENTION
TRIGGERED ββ(gate: DENY)ββββββββββΆ COOLDOWN
INTERVENTION ββββββββββββββββββββββΆ COOLDOWN
COOLDOWN ββ(window elapsed)ββββββΆ MONITORING
```
---
## Quick start
Requires Python 3.10+ and Linux.
```bash
git clone
cd JFP_Project
# 1. Create virtual environment and install dependencies
python3 -m venv .venv
.venv/bin/pip install -r requirements.txt
# 2. One-click launch (daemon + console, Ed25519 signing enabled)
./run-poc.sh
```
Or separately:
```bash
# Terminal 1 β daemon (dry-run, no signing)
./run-daemon.sh
# Terminal 2 β console
./run-console.sh
```
### Environment variables
| Variable | Default | Description |
|---|---|---|
| `JFP_DRY_RUN` | `1` | `1` = no real system mutations |
| `JFP_SOCKET_PATH` | `/run/jfpd.sock` | Unix socket path (`@name` for abstract) |
| `JFP_LOG_PATH` | `/var/log/jfp/jfp_proof.jsonl` | Proof log file |
| `JFP_OPERATOR_TOKEN` | `local-dev-token` | Auth token for write operations |
| `JFP_SIGNING_ENABLED` | `0` | `1` = enable Ed25519 signing |
| `JFP_SIGNING_KEY` | _(none)_ | Path to Ed25519 private key PEM |
---
## Demo benchmark flow
The console exposes a controlled memory-pressure scenario to demonstrate the full trigger β intervention β cooldown cycle without manual load generation.
1. Click **UNLOCK SAFETY** β activates a 120-second safety unlock window
2. Click **START DEMO BENCHMARK** β starts a bounded `stress --vm` process (65% RAM, 60s, process-group controlled)
3. Observe in the timeline: `TRIGGER_HIT` β `INTERVENTION_EXECUTED` β `COOLDOWN_COMPLETE`
4. Click **PANIC STOP** at any time β immediate SIGKILL on the benchmark process group
The **ENGAGE JFP HEALER** button sends `policy.set_profile powersave` via RPC β a manual governor override logged as `OPERATOR_PROFILE_SET`.
---
## RPC protocol
The daemon exposes a JSON-RPC interface over a Unix socket. See `shared/protocol.json` for the full schema.
**Request format:**
```json
{
"id": "550e8400-...",
"method": "health.ping",
"params": {},
"session_token": ""
}
```
**Response format:**
```json
{
"id": "550e8400-...",
"ok": true,
"result": { ... },
"error": null,
"server_ts": "2026-04-01T12:00:00Z"
}
```
### Methods
| Method | Auth | Description |
|---|---|---|
| `health.ping` | no | Daemon state, governor profile, proof counter |
| `metrics.get_current` | no | Full snapshot: CPU, RAM, temp, load, PSI, governors |
| `events.get_recent` | no | Last N records from the proof log |
| `policy.set_profile` | **yes** | Set CPU governor profile (`powersave`, `balanced`, `performance`) |
| `benchmark.unlock` | **yes** | Activate safety unlock (TTL: 120s) |
| `benchmark.start` | **yes** | Start demo scenario (`memory_pressure`) |
| `benchmark.stop` | **yes** | Stop running benchmark |
| `panic.stop` | **yes** | Emergency stop β kills benchmark, sets `powersave` |
### Error codes
| Code | Meaning |
|---|---|
| `E_AUTH` | Missing or wrong session token |
| `E_INVALID_METHOD` | Unknown RPC method |
| `E_INVALID_PARAMS` | Bad parameter value (profile, mode, etc.) |
| `E_POLICY_DENY` | Action blocked by Governor or Supervisor |
| `E_RUNTIME` | Internal daemon error |
---
## Metrics collected
Every tick (1s) the daemon collects:
- **CPU** β utilization %, per-core frequency MHz
- **RAM** β used %, available MB, cached MB
- **Temperature** β per sensor (psutil + `/sys/class/thermal` + `/sys/class/hwmon` fallbacks)
- **Load average** β 1m / 5m / 15m
- **CPU governor** β per-core scaling governor
- **PSI** β Pressure Stall Information: cpu / memory / io (Linux 4.20+)
- **Sensor health** β which subsystems reported successfully
---
## Trigger thresholds (defaults)
| Trigger | Threshold | Action |
|---|---|---|
| RAM high | > 90% | Intervention after 3 consecutive hits |
| RAM critical | > 95% | Governor constitution activates immediately |
| Temperature | > 85Β°C | Intervention |
| PSI memory avg10 | > 20% | Intervention |
| Load avg / cores | > 1.0 | Intervention |
| Load factor | > 1.5Γ | Governor constitution (hard guard) |
| Temperature | > 92Β°C | Governor constitution (hard guard) |
---
## Proof log verification
The proof log at `.runtime/jfp_proof.jsonl` (or `/var/log/jfp/jfp_proof.jsonl` in production) is a JSONL file where every record links to the previous via SHA-256.
```bash
# Verify hash chain integrity (no signing)
.venv/bin/python tools/verify_chain.py .runtime/jfp_proof.jsonl
# PASS: chain_valid records=47 signed=no
# Verify hash chain + Ed25519 signatures
.venv/bin/python tools/verify_chain.py .runtime/jfp_proof.jsonl \
--pubkey .runtime/keys/ed25519_public.pem
# PASS: chain_valid records=47 signed=yes
# Verify mathematical consistency of intervention claims
.venv/bin/python tools/verify_claims.py .runtime/jfp_proof.jsonl
# PASS: claims_valid interventions=3
```
See `docs/JFP_Manifest_Proof_Manual_v1.md` for a full explanation of the proof record format, field semantics, and hash computation.
---
## Tests
```bash
make test
# or
.venv/bin/pytest tests/ -v
```
```
tests/test_governor.py 27 passed GovernorConstitution β all branches
tests/test_supervisor.py 16 passed Supervisor β trend, recommend, approve
tests/test_actions.py 12 passed ActionExecutor β dry-run, allowlists
tests/test_logger.py 12 passed ProofLogger β chain, recovery, Ed25519
tests/test_verify_chain.py 11 passed verify_chain.py CLI β valid/tamper/signed
tests/test_verify_claims.py 9 passed verify_claims.py CLI β claim math
tests/test_rpc_integration.py 31 passed Live daemon RPC β all 8 methods + auth
123 passed in ~12s
```
---
## Project structure
```
daemon/
βββ jfpd.py Main daemon β monitor loop, RPC server, state machine
βββ governor.py GovernorConstitution β hard constitutional rules
βββ supervisor.py Supervisor β adaptive optimizer (RAM trend, recommendations)
βββ actions.py ActionExecutor β allowlisted system actions
βββ logger.py ProofLogger β SHA-256 chain + Ed25519 signing
βββ metrics.py System metric snapshot (CPU/RAM/temp/PSI/governor)
βββ jfpd.service Hardened systemd unit template
console/
βββ main_ui.py PySide6 operator dashboard
βββ api_client.py JFPClient β Unix socket JSON-RPC with retry
tools/
βββ gen_signing_key.py Generate Ed25519 key pair
βββ verify_chain.py Offline hash-chain + signature verifier
βββ verify_claims.py Intervention claim consistency verifier
shared/
βββ protocol.json IPC contract schema
docs/
βββ JFP_v1_Implementation_Spec.md Architecture and determinism spec
βββ JFP_Manifest_Proof_Manual_v1.md Proof log format and verification guide
tests/
βββ conftest.py Shared fixtures (live daemon subprocess)
βββ test_governor.py GovernorConstitution unit tests
βββ test_supervisor.py Supervisor unit tests
βββ test_actions.py ActionExecutor unit tests
βββ test_logger.py ProofLogger unit tests
βββ test_verify_chain.py verify_chain.py integration tests
βββ test_verify_claims.py verify_claims.py integration tests
βββ test_rpc_integration.py Live daemon RPC integration tests
scripts/
βββ install_system.sh System-wide installation (root)
βββ uninstall_system.sh Uninstallation (root)
packaging/
βββ JFP_Console_POC.desktop Linux desktop entry for installed mode
```
---
## System deployment
For production deployment (daemon runs as root, systemd-managed):
```bash
# Install to /opt/jfp, enable jfpd.service
sudo ./scripts/install_system.sh
# Remove
sudo ./scripts/uninstall_system.sh
```
The systemd unit (`daemon/jfpd.service`) includes hardening directives: `NoNewPrivileges`, `PrivateTmp`, `ProtectHome`, `ProtectSystem=strict`, `RestrictAddressFamilies=AF_UNIX`, `MemoryDenyWriteExecute`.
---
## License
MIT