HDP-P — Embodied Delegation Tokens and pre-execution safety for physical AI agents

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for siri-helixar from gravatar.com siri-helixar

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache-2.0
  • Requires: Python >=3.10
  • Provides-Extra: dev , gemma , lerobot
Report project as malware

Project description

hdp-physical

HDP-P — Embodied Delegation Tokens and pre-execution safety for physical AI agents.

Part of the HDP (Human Delegation Provenance) protocol suite.

PyPI version

What it does

HDP-P wraps physical robot action commands with cryptographic authorization. Before any motor command reaches an actuator, the PreExecutionGuard checks:

  1. Is the command signed with a valid Embodied Delegation Token (EDT)?
  2. Does the action's irreversibility class exceed the EDT's ceiling?
  3. Is a Class 3 (harmful/irreversible) action prohibited by the EDT?
  4. Is the target zone excluded?
  5. Does force/velocity exceed EDT limits?

An unsigned command from a prompt-injected LLM is caught at step 1 and never reaches the robot.

Install

pip install hdp-physical

Optional extras:

pip install "hdp-physical[lerobot]"   # LeRobot adapter
pip install "hdp-physical[gemma]"     # Gemma interceptor

Quick start

import asyncio
from hdp_physical import (
    EdtBuilder, sign_edt, PreExecutionGuard, IrreversibilityClass
)
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey

async def main():
    private_key = Ed25519PrivateKey.generate()
    public_key = private_key.public_key()

    edt = (
        EdtBuilder()
        .set_embodiment(agent_type="robot_arm", platform_id="aloha_v2", workspace_scope="zone_A")
        .set_action_scope(permitted_actions=["pick", "place", "move"], excluded_zones=[], max_force_n=45, max_velocity_ms=0.5)
        .set_irreversibility(max_class=IrreversibilityClass.REVERSIBLE_WITH_EFFORT, class2_requires_confirmation=True, class3_prohibited=True)
        .set_policy_attestation(policy_hash="sha256-of-weights", training_run_id="run-1", sim_validated=True)
        .set_delegation_scope(allow_fleet_delegation=False, max_delegation_depth=1, sub_agent_whitelist=[])
        .build()
    )

    signed_edt = await sign_edt(edt, private_key, "my-key")
    guard = PreExecutionGuard()

    decision = await guard.authorize(
        {"description": "pick box from left", "force_n": 5, "velocity_ms": 0.2},
        signed_edt,
        public_key,
    )

    if decision.approved:
        print("✅ Action approved — safe to send to actuator")
    else:
        print(f"🛑 Blocked at: {decision.blocked_at}{decision.reason}")

asyncio.run(main())

Irreversibility Classes

Class Name Example
0 REVERSIBLE Sensor query, state read
1 REVERSIBLE_WITH_EFFORT Normal pick-and-place
2 IRREVERSIBLE_NORMALLY Press-fit, adhesive bond
3 IRREVERSIBLE_AND_HARMFUL Crush, override safety limits

Live demo

🤖 HDP-P Physical Safety — Powered by Gemma 4 on HuggingFace

License

Apache-2.0 — Helixar AI

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for siri-helixar from gravatar.com siri-helixar

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache-2.0
  • Requires: Python >=3.10
  • Provides-Extra: dev , gemma , lerobot

Release history Release notifications | RSS feed

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

hdp_physical-0.1.1.tar.gz (18.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

hdp_physical-0.1.1-py3-none-any.whl (16.3 kB view details)

Uploaded Python 3

File details

Details for the file hdp_physical-0.1.1.tar.gz.

File metadata

  • Download URL: hdp_physical-0.1.1.tar.gz
  • Upload date:
  • Size: 18.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for hdp_physical-0.1.1.tar.gz
Algorithm Hash digest
SHA256 045fd387cecae3d5f1e36e9e2ee8d63171e13982ca043c23d3e91b92bf6307d3
MD5 21d300e53488af243ad27fc87761c1e3
BLAKE2b-256 232c6def65fb735f95130683475d9ff9f3dd0ead89e3aaed9380f59bdbd2d029

See more details on using hashes here.

Provenance

The following attestation bundles were made for hdp_physical-0.1.1.tar.gz:

Publisher: release.yml on Helixar-AI/HDP

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file hdp_physical-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: hdp_physical-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 16.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for hdp_physical-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 1cd36fa775b7d61f6fa08b6c83beafa34dda69fe293734ab8a0cb6b935f2860b
MD5 1e21a5905bc6072cffaf784a77caa860
BLAKE2b-256 054c9da46cc00a9a890e8d5fb66f32e7cf4ba58ad3d96ad66bf1b98b240bb637

See more details on using hashes here.

Provenance

The following attestation bundles were made for hdp_physical-0.1.1-py3-none-any.whl:

Publisher: release.yml on Helixar-AI/HDP

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page