tutus-chain

Commit Graph

Author	SHA1	Message	Date
Tutus Development	1b4a61fcf7	Add security remediation infrastructure and fixes Implement comprehensive security infrastructure from Security-Remediation-Plan.md: New Infrastructure Files: - circuit_breaker.go (ARCH-001): Circuit breaker pattern for contract failures with Closed/Open/Half-Open state machine and emergency shutdown - invariants.go (ARCH-003): Formal verification with 14 critical invariants and TLA+ specifications for runtime verification - canary_deployment.go (ARCH-004): Feature flags with percentage-based rollout and auto-rollback on error rate threshold - audit_logger.go (ARCH-005): Comprehensive audit logging with multi-index querying across 8 categories (Auth, Access, Data, Governance, etc.) - config_registry.go (LOW-003): Configuration governance infrastructure - event_archival.go (LOW-001): Event log archival with Merkle commitments - validation.go (LOW-002): Common input validation constants and utilities - role_registry_domain.go (CRIT-002): Domain-specific committee roles (Legal, Health, Education, Economy, Identity, Governance) Contract Security Fixes: - contract.go: Add HasDomainCommitteeAuthority to IRoleRegistry interface - lex.go: Remove duplicate ErrReasonTooLong declaration - salus.go, eligere.go, palam.go, pons.go, scire.go, tribute.go: Line ending normalization and security validation integration - collocatio.go: Security validation for investment operations State Type Updates: - state/pons.go, state/salus.go, state/tribute.go: Line ending fixes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-21 09:06:14 +00:00
Tutus Development	83c12c5362	Add Salus native contract for universal healthcare Implement universal healthcare infrastructure for all citizens: - Healthcare Accounts: One per Vita holder (birth-to-death coverage) - Annual credits allocation for medical services - Coverage tracking and eligibility verification - Medical Records: Privacy-preserving health data management - Patient-controlled access permissions - Provider-specific record creation - Encrypted off-chain content with on-chain hashes - Provider Registry: Healthcare provider management - Registration and verification (RoleHealthProvider) - Specialty and capability tracking - Suspension for policy violations - Authorization System: Patient consent management - Explicit provider access grants - Time-limited and scope-limited permissions - Revocation with audit trail - Emergency Access: Life-saving overrides - Temporary access for emergency responders - Automatic expiration with logging - Post-facto patient notification - Cross-contract integration: - Vita: Patient identity verification - Lex: RightHealthcare enforcement - RoleRegistry: RoleHealthProvider (ID 21) Contract ID: -19 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-20 08:53:57 +00:00

Author

SHA1

Message

Date

Tutus Development

1b4a61fcf7

Add security remediation infrastructure and fixes

Implement comprehensive security infrastructure from Security-Remediation-Plan.md:

New Infrastructure Files:
- circuit_breaker.go (ARCH-001): Circuit breaker pattern for contract failures
  with Closed/Open/Half-Open state machine and emergency shutdown
- invariants.go (ARCH-003): Formal verification with 14 critical invariants
  and TLA+ specifications for runtime verification
- canary_deployment.go (ARCH-004): Feature flags with percentage-based rollout
  and auto-rollback on error rate threshold
- audit_logger.go (ARCH-005): Comprehensive audit logging with multi-index
  querying across 8 categories (Auth, Access, Data, Governance, etc.)
- config_registry.go (LOW-003): Configuration governance infrastructure
- event_archival.go (LOW-001): Event log archival with Merkle commitments
- validation.go (LOW-002): Common input validation constants and utilities
- role_registry_domain.go (CRIT-002): Domain-specific committee roles
  (Legal, Health, Education, Economy, Identity, Governance)

Contract Security Fixes:
- contract.go: Add HasDomainCommitteeAuthority to IRoleRegistry interface
- lex.go: Remove duplicate ErrReasonTooLong declaration
- salus.go, eligere.go, palam.go, pons.go, scire.go, tribute.go:
  Line ending normalization and security validation integration
- collocatio.go: Security validation for investment operations

State Type Updates:
- state/pons.go, state/salus.go, state/tribute.go: Line ending fixes

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-21 09:06:14 +00:00

Tutus Development

83c12c5362

Add Salus native contract for universal healthcare

Implement universal healthcare infrastructure for all citizens:

- Healthcare Accounts: One per Vita holder (birth-to-death coverage)
  - Annual credits allocation for medical services
  - Coverage tracking and eligibility verification

- Medical Records: Privacy-preserving health data management
  - Patient-controlled access permissions
  - Provider-specific record creation
  - Encrypted off-chain content with on-chain hashes

- Provider Registry: Healthcare provider management
  - Registration and verification (RoleHealthProvider)
  - Specialty and capability tracking
  - Suspension for policy violations

- Authorization System: Patient consent management
  - Explicit provider access grants
  - Time-limited and scope-limited permissions
  - Revocation with audit trail

- Emergency Access: Life-saving overrides
  - Temporary access for emergency responders
  - Automatic expiration with logging
  - Post-facto patient notification

- Cross-contract integration:
  - Vita: Patient identity verification
  - Lex: RightHealthcare enforcement
  - RoleRegistry: RoleHealthProvider (ID 21)

Contract ID: -19

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-20 08:53:57 +00:00

2 Commits