Skip to main content

Verified Package Mirror — TIBET provenance for package mirrors, supply chain attack detection

Project description

tibet-mirror — Verified Package Mirror with TIBET Provenance

Every mirrored package gets a TIBET token proving: when it was mirrored, from where, and its hash at mirror time.

If upstream changes (supply chain attack), the TIBET chain breaks. The mirror refuses the package.

tibet-mirror is an enterprise-grade package mirror (PyPI, npm) with supply chain attack detection. Every package that enters your mirror is stamped with a TIBET provenance token. If the upstream registry silently replaces a package, the hash mismatch breaks the TIBET chain and your mirror rejects it.

The Supply Chain Attack Problem

Package registries like PyPI and npm are high-value targets. An attacker who compromises an upstream package can inject malicious code into thousands of downstream systems.

[Upstream PyPI]                         [Your Mirror]
  requests==2.31.0                        requests==2.31.0
  sha256: abc123...                       mirror_hash: abc123...
        |                                 tibet_token: jis:mirror:...
        v                                        |
  ATTACKER replaces package!              tibet-mirror compares:
  sha256: def456... (malicious)             source_hash != mirror_hash
        |                                   TIBET chain BROKEN
        v                                        |
  Mirror pulls update...                  --> QUARANTINE. Alert.

Install

pip install tibet-mirror

With Bandersnatch integration:

pip install tibet-mirror[bandersnatch]

Quick Start

from tibet_mirror import MirrorEngine, MirrorPolicy

engine = MirrorEngine(mirror_node="mirror-eu-01")

# Mirror a package — creates TIBET provenance token
record = engine.mirror_package(
    name="requests",
    version="2.31.0",
    source_url="https://pypi.org/simple/requests/",
    package_hash="abc123def456...",
)

print(record.verified)       # True
print(record.tibet_token_id) # "jis:mirror:a1b2c3d4..."

# Later: verify the package still matches upstream
result = engine.verify_package("requests", "2.31.0")
print(result)  # True — hashes still match

# Full integrity check across all mirrored versions
integrity = engine.check_integrity("requests")
print(integrity.drift_detected)  # False — no supply chain drift

# Add a policy: block packages with known CVEs
engine.add_policy(MirrorPolicy(
    name="block-known-cves",
    action="BLOCK",
    conditions={"has_cve": True, "severity": "critical"},
    description="Block packages with critical CVEs",
))

CLI

tibet-mirror info       # Concept overview and supply chain attack scenario
tibet-mirror demo       # Demo: mirror packages, detect simulated attack
tibet-mirror policies   # Show default mirror policies
tibet-mirror status     # Mirror statistics

How It Works

  1. Mirror — Package is downloaded from upstream (PyPI/npm)
  2. Hash — SHA-256 of the package at mirror time
  3. TIBET Token — Provenance token records: who mirrored, when, from where, hash
  4. Verify — On every sync, compare upstream hash with mirror hash
  5. Detect — If hashes diverge, the TIBET chain breaks. Package is quarantined.

TIBET Provenance Layers

Every mirrored package creates a TIBET token:

Layer Content
ERIN Package name, version, source + mirror hashes
ERAAN Source registry URL, upstream hash at mirror time
EROMHEEN Mirror node, timestamp, operator
ERACHTER Mirror reason (scheduled sync, manual, policy override)

The token chain proves exactly which packages were mirrored when, and whether they have been tampered with since.

Mirror Policies

Policy Action Description
verify-on-sync MIRROR Always verify hash before accepting upstream update
block-known-cves BLOCK Refuse packages with known critical CVEs
quarantine-new QUARANTINE Hold first-time packages for manual review
block-typosquat BLOCK Refuse packages with names similar to popular packages

Bandersnatch Integration

tibet-mirror integrates with Bandersnatch, the official PyPI mirror tool:

from tibet_mirror import MirrorEngine

engine = MirrorEngine(mirror_node="bandersnatch-eu-01")

# After Bandersnatch syncs a package, create provenance
record = engine.mirror_package(
    name="django",
    version="5.0.1",
    source_url="https://pypi.org/simple/django/",
    package_hash="...",
)

# Scan for upstream drift
drift = engine.scan_upstream("django")
print(drift)  # PackageIntegrity showing any version mismatches

Part of the TIBET ecosystem

Package Purpose
tibet-core Protocol core
tibet-y2k38 Y2K38 Time Bridge
tibet-pol Process Integrity Checker
tibet-pqc Post-Quantum Crypto Router
tibet-overlay Identity Overlay
tibet-twin Digital Twin Guard
tibet-mirror Verified Package Mirror

License

MIT — Humotica AI Lab 2025-2026

Authors

Credits

Designed by Jasper van de Meent. Built by Jasper and Root AI as part of HumoticaOS.


Stack-positie: Groep evidence · Bootstrap = OSAPI-handshake naar tibet + jis (fail → snaft-rule + tibet-pol-rapport) · ← tibet-sbom · tibet-wayback → · See STACK.md · See demo/golden-path/ for the spine end-to-end.

Enterprise

For private hub hosting, SLA support, custom integrations, or compliance guidance:

Enterprise enterprise@humotica.com
Support support@humotica.com
Security security@humotica.com

See ENTERPRISE.md for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tibet_mirror-0.1.1.tar.gz (13.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

tibet_mirror-0.1.1-py3-none-any.whl (14.7 kB view details)

Uploaded Python 3

File details

Details for the file tibet_mirror-0.1.1.tar.gz.

File metadata

  • Download URL: tibet_mirror-0.1.1.tar.gz
  • Upload date:
  • Size: 13.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_mirror-0.1.1.tar.gz
Algorithm Hash digest
SHA256 dc1aac4b7b226a3b43ae4fafde551728f9e687196303d2148301f9122e47c04e
MD5 c670def3d0e3fef1ce9860b7a9384624
BLAKE2b-256 cbb5ad1a4fa478b3569954c3e5f5b74a73ba06ba63452b9b98eae8672741445f

See more details on using hashes here.

File details

Details for the file tibet_mirror-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: tibet_mirror-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 14.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_mirror-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 ee7581984249f04a450b87a326f4a7938fcc953377ded8c59b9a31ad23db0e0a
MD5 e34126574db6ca98c649112d940c66d5
BLAKE2b-256 a0982d2adbe662896ab5a7589b26c8e9f4c353427b0a0f7b0c4955df1ae4a569

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page