elmadani/echo-ix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Community release v1.0 — BSL-1.1 + Ed25519 signatures — © Salka Elmadani 2025-2026

Browse Source
This commit is contained in:
elmadani 2026-02-24 21:43:14 +00:00
parent 8e27c06725
commit 2a5e6f9357
1 changed files with 72 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
verify_authorship.py Normal file
View File

@ -0,0 +1,72 @@
#!/usr/bin/env python3
"""Verify SALKA ELMADANI authorship signatures.
Usage: python3 verify_authorship.py [file_or_directory]
Every source file carries an Ed25519 signature bound to SHA-256 of content.
Modify 1 character = signature invalid = tampering detected.
"""
import sys, hashlib, base64, os
from pathlib import Path
from cryptography.hazmat.primitives import serialization
from cryptography.exceptions import InvalidSignature
PUBLIC_KEY_PEM = """
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEARCtdhRqqYcu7c8qwyoRKRn5Qbx9puylZHZOM+IsDp0U=
-----END PUBLIC KEY-----
""".strip()
def strip_sig(text):
lines, out, in_b = text.split("\n"), [], False
for ln in lines:
if MARK_S in ln: in_b = True; continue
if MARK_E in ln and in_b: in_b = False; continue
if not in_b: out.append(ln)
return "\n".join(out).rstrip("\n") + "\n"
def extract_sig_data(text):
sha, sig = None, None
for ln in text.split("\n"):
if "SHA256:" in ln: sha = ln.split("SHA256:")[-1].strip().lstrip("#/ ")
if "SIG-ED25519:" in ln: sig = ln.split("SIG-ED25519:")[-1].strip().lstrip("#/ ")
return sha, sig
def verify_file(fp, pub):
try: content = Path(fp).read_text(encoding="utf-8", errors="replace")
except: return None, "Cannot read"
clean = strip_sig(content)
claimed_h, sig_b64 = extract_sig_data(content)
if not claimed_h or not sig_b64: return False, "No signature"
actual_h = hashlib.sha256(clean.encode("utf-8")).hexdigest()
if actual_h != claimed_h: return False, f"HASH MISMATCH — modified"
try:
pub.verify(base64.b64decode(sig_b64), hashlib.sha256(clean.encode()).digest())
return True, "VALID © Salka Elmadani"
except InvalidSignature: return False, "INVALID SIGNATURE — forgery"
except Exception as e: return False, str(e)
def main():
pub = serialization.load_pem_public_key(PUBLIC_KEY_PEM.encode())
target = sys.argv[1] if len(sys.argv) > 1 else "."
files = [Path(target)] if Path(target).is_file() else [
p for p in Path(target).rglob("*")
if p.is_file() and p.suffix in [".py",".cpp",".h",".js",".ts",".sh",".rs",".go",".md"]
and ".git" not in str(p)
]
ok, fail, skip = 0, 0, 0
for f in sorted(files):
r, msg = verify_file(f, pub)
if r is None: skip += 1
elif r: ok += 1; print(f"{f.name}: {msg}")
else: fail += 1; print(f"{f.name}: {msg}")
print(f"\nResults: {ok} valid | {fail} TAMPERED | {skip} skipped")
if fail: print("WARNING: Authorship chain broken."); sys.exit(1)
if __name__ == "__main__": main()
# ╔══ SALKA ELMADANI AUTHORSHIP CERTIFICATE ══╗
# © Salka Elmadani 2025-2026 — ALL RIGHTS RESERVED
# Licensed under Business Source License 1.1 — https://inference-x.com
# ─────────────────────────────────────────────────────────
# SHA256: f4e32c8fe1f2cb7f5dc498c7506b054256f6871d7283beb74b1d5859eb775121
# SIG-ED25519: g4rHIrZteuUk4HU/21i69rTk7H8EiL1XjX4A+dZD0xswTqR5XJb1CfnBQfyAxjb1Sf9VW3JptZVDkvOq+magCA==
# VERIFY: python3 verify_authorship.py verify_authorship.py