HDP-P — Embodied Delegation Tokens and pre-execution safety for physical AI agents

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for siri-helixar from gravatar.com siri-helixar

Unverified details

These details have not been verified by PyPI
Meta
  • License: CC-BY-4.0
  • Requires: Python >=3.10
  • Provides-Extra: dev , gemma , lerobot
Report project as malware

Project description

hdp-physical

HDP-P — Embodied Delegation Tokens and pre-execution safety for physical AI agents.

Part of the HDP (Human Delegation Provenance) protocol suite.

PyPI version

What it does

HDP-P wraps physical robot action commands with cryptographic authorization. Before any motor command reaches an actuator, the PreExecutionGuard checks:

  1. Is the command signed with a valid Embodied Delegation Token (EDT)?
  2. Does the action's irreversibility class exceed the EDT's ceiling?
  3. Is a Class 3 (harmful/irreversible) action prohibited by the EDT?
  4. Is the target zone excluded?
  5. Does force/velocity exceed EDT limits?

An unsigned command from a prompt-injected LLM is caught at step 1 and never reaches the robot.

Install

pip install hdp-physical

Optional extras:

pip install "hdp-physical[lerobot]"   # LeRobot adapter
pip install "hdp-physical[gemma]"     # Gemma interceptor

Quick start

import asyncio
from hdp_physical import (
    EdtBuilder, sign_edt, PreExecutionGuard, IrreversibilityClass
)
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey

async def main():
    private_key = Ed25519PrivateKey.generate()
    public_key = private_key.public_key()

    edt = (
        EdtBuilder()
        .set_embodiment(agent_type="robot_arm", platform_id="aloha_v2", workspace_scope="zone_A")
        .set_action_scope(permitted_actions=["pick", "place", "move"], excluded_zones=[], max_force_n=45, max_velocity_ms=0.5)
        .set_irreversibility(max_class=IrreversibilityClass.REVERSIBLE_WITH_EFFORT, class2_requires_confirmation=True, class3_prohibited=True)
        .set_policy_attestation(policy_hash="sha256-of-weights", training_run_id="run-1", sim_validated=True)
        .set_delegation_scope(allow_fleet_delegation=False, max_delegation_depth=1, sub_agent_whitelist=[])
        .build()
    )

    signed_edt = await sign_edt(edt, private_key, "my-key")
    guard = PreExecutionGuard()

    decision = await guard.authorize(
        {"description": "pick box from left", "force_n": 5, "velocity_ms": 0.2},
        signed_edt,
        public_key,
    )

    if decision.approved:
        print("✅ Action approved — safe to send to actuator")
    else:
        print(f"🛑 Blocked at: {decision.blocked_at}{decision.reason}")

asyncio.run(main())

Irreversibility Classes

Class Name Example
0 REVERSIBLE Sensor query, state read
1 REVERSIBLE_WITH_EFFORT Normal pick-and-place
2 IRREVERSIBLE_NORMALLY Press-fit, adhesive bond
3 IRREVERSIBLE_AND_HARMFUL Crush, override safety limits

Live demo

🤖 HDP-P Physical Safety — Powered by Gemma 4 on HuggingFace

License

CC-BY-4.0 — Helixar AI

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for siri-helixar from gravatar.com siri-helixar

Unverified details

These details have not been verified by PyPI
Meta
  • License: CC-BY-4.0
  • Requires: Python >=3.10
  • Provides-Extra: dev , gemma , lerobot

Release history Release notifications | RSS feed

0.1.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

hdp_physical-0.1.0.tar.gz (18.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

hdp_physical-0.1.0-py3-none-any.whl (16.3 kB view details)

Uploaded Python 3

File details

Details for the file hdp_physical-0.1.0.tar.gz.

File metadata

  • Download URL: hdp_physical-0.1.0.tar.gz
  • Upload date:
  • Size: 18.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for hdp_physical-0.1.0.tar.gz
Algorithm Hash digest
SHA256 34068bd92a2dbf3811daace030a2e546be8dbb8026b93ba2a4cbb169c8f2c76d
MD5 cc409e05d4eb24f2f6f9138f20fe8680
BLAKE2b-256 8d5a062e5aeeb1cc26efb579903ac5c2eb1485e606a39370441b765ba75277c1

See more details on using hashes here.

Provenance

The following attestation bundles were made for hdp_physical-0.1.0.tar.gz:

Publisher: release.yml on Helixar-AI/HDP

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file hdp_physical-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: hdp_physical-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 16.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for hdp_physical-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 6770fc1a96590c62252227efafe1f2a5ba7e7ed3ba6a238427334f90c3424058
MD5 07967e0b855ab3e07be45150bb084f42
BLAKE2b-256 066b3a291271477936a0fbeb27d509a890008cdac8b56311857caeca84c6a0df

See more details on using hashes here.

Provenance

The following attestation bundles were made for hdp_physical-0.1.0-py3-none-any.whl:

Publisher: release.yml on Helixar-AI/HDP

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page