Skip to content

update task documentation #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
wangqianqianjun merged 1 commit into from
May 6, 2026
Merged

update task documentation #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
dist/
artifacts/
release-assets/
.worktrees/
.DS_Store
12 changes: 12 additions & 0 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Contributing

This repository accepts focused improvements to public specs, examples, test vectors, and verifier packages.

Good contributions:

- clarify a documented security limit;
- add a small test vector;
- improve verifier error reporting;
- fix a portable rule or masking edge case.

Please avoid contributions that add product-specific desktop, Enterprise, billing, signing, deployment, or credential-management code. Those areas are intentionally outside this public package.
173 changes: 173 additions & 0 deletions LICENSE
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,173 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/

TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

1. Definitions.

"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.

"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.

"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.

"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.

"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.

"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.

"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work.

"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.

"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."

"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.

2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.

3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate as
of the date such litigation is filed.

4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:

(a) You must give any other recipients of the Work or Derivative
Works a copy of this License; and

(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and

(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work, excluding
those notices that do not pertain to any part of the Derivative
Works; and

(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.

You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.

5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.

6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.

7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.

8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.

9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.

END OF TERMS AND CONDITIONS
7 changes: 7 additions & 0 deletions NOTICE
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
FutrixData Security Package
Copyright 2026 FutrixData

This repository contains public security specifications, verification
utilities, and small reusable packages extracted from FutrixData. It does not
contain the proprietary FutrixData desktop app, enterprise server, licensing,
billing, account, signing, or release infrastructure.
160 changes: 114 additions & 46 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,74 +1,142 @@
# FutrixData
<p align="center">
<img src="docs/assets/futrix-security-package-flow.svg" alt="FutrixData security package assurance flow" width="920">
</p>

**The Data Gateway Your AI Agents Trust**
<h1 align="center">FutrixData Security Package</h1>

FutrixData is a desktop app for teams who want to use AI with real databases without handing raw credentials to an LLM. It sits between your AI agents and your data systems, keeps credentials on your machine, masks sensitive fields, and blocks risky operations before they run.
<p align="center">
Public security specifications, verifiers, protocol types, masking code, and a partial risk-engine core for FutrixData.
</p>

- Website: [futrixdata.com](https://futrixdata.com/)
- Downloads: [Latest Release](https://github.com/FutrixDev/FutrixData/releases/latest)
<p align="center">
<a href="LICENSE"><img alt="License: Apache-2.0" src="https://img.shields.io/badge/license-Apache--2.0-blue"></a>
<a href="go.mod"><img alt="Go 1.23+" src="https://img.shields.io/badge/go-1.23%2B-00ADD8"></a>
<a href="https://futrixdata.com/doc"><img alt="FutrixData docs" src="https://img.shields.io/badge/docs-futrixdata.com-4f46e5"></a>
<a href="docs/assurance-matrix.md"><img alt="Assurance matrix" src="https://img.shields.io/badge/assurance-matrix-0f766e"></a>
</p>

## Why FutrixData
FutrixData is an AI data gateway for teams that want agents to work with real databases without handing raw credentials or unrestricted execution power to the agent. This repository is the **inspectable public security package**: the pieces a security reviewer, procurement team, or integrator can read, run, and compare against FutrixData product behavior during evaluation.

FutrixData is built for a simple goal: let AI help with real data work, while keeping production access safe.
> **Scope:** this repository is Apache-2.0. The FutrixData desktop application and FutrixData Enterprise Edition remain commercial, proprietary products under their own license terms.

### Agents get data, not credentials
## Product References

AI agents connect through MCP or Skill-style integrations and receive query results instead of database passwords, connection strings, or raw tokens.
Start with the official product docs when evaluating what this package supports:

### Risk checks before execution
- [FutrixData product site](https://futrixdata.com/)
- [Technical overview](https://futrixdata.com/doc/futrixdata-technical-overview)
- [Database risk control engine](https://futrixdata.com/doc/database-risk-control-engine)
- [Data sensitivity classification](https://futrixdata.com/doc/data-sensitivity-classification)
- [FutrixData Enterprise Edition](https://futrixdata.com/doc/futrixdata-enterprise-edition)

Every statement goes through the same safety layer before it runs. Destructive changes can be blocked, expensive queries can be flagged, and schema changes can require explicit confirmation.
## Quick Start

### One app for every data source
Run the public verification suite:

Use one desktop console to connect databases, browse schemas, run queries, inspect results, and work with an AI assistant in the same place.
```bash
go test ./...
```

## What You Can Do
Verify the sanitized product-export evidence bundle:

- Connect MySQL, PostgreSQL, MongoDB, Redis, Elasticsearch, ChromaDB, DynamoDB, Cloudflare D1, and more
- Keep credentials encrypted locally on your machine
- Mask PII and sensitive fields before results reach AI agents
- Use natural language to generate queries and charts
- Review SQL in a visual console with schema browsing and execution history
- Add custom safety rules based on datasource, entity pattern, operation type, row count, or cost
```bash
go run ./cmd/futrix-evidence-verify ./examples/product-export
```

## Built for Safe AI Data Access
Verify an audit log hash chain:

FutrixData combines three ideas in one product:
```bash
go run ./cmd/futrix-audit-verify ./examples/audit-log/valid.jsonl
```

1. **AI Agent Data Gateway**
Connect AI tools without exposing secrets.
Verify downloaded release artifacts when a `SHA256SUMS.txt` file is present:

2. **Risk Control Engine**
Analyse queries before execution and stop dangerous operations.
```bash
bash ./release-verification/verify-checksums.sh /path/to/downloads
```

3. **Unified Management Console**
Work with many data sources from one polished desktop app.
## What You Can Inspect

## Getting Started
| Area | Public path | What it proves |
| --- | --- | --- |
| Audit chain | `pkg/auditchain`, `cmd/futrix-audit-verify` | Local hash-chain audit format and verifier behavior. |
| PII masking | `pkg/masking` | L1-L5 sensitivity model and deterministic `masked:v1:` HMAC output. |
| Partial risk engine | `pkg/riskengine` | Rule model, lightweight parser, matching priority, and allow/warn/approval/block decisions. |
| Agent protocol | `pkg/protocol` | Tool names, response envelopes, approval payloads, errors, audit IDs, and risk attribution. |
| Evidence verifier | `pkg/evidence`, `cmd/futrix-evidence-verify` | End-to-end checks for audit, masking, block, and approval examples. |
| Release verification | `release-verification/verify-checksums.sh` | Checksum validation for published release assets. |

1. Download FutrixData for your platform.
2. Connect your databases in the desktop app.
3. Enable MCP or Skill integration for your AI tool.
4. Query with confidence knowing every request passes through the risk engine.
## Buyer Evaluation Workflow

## Available Platforms
Use this repository as the public part of an Enterprise security review:

- macOS Apple Silicon
- macOS Intel
- Windows 64-bit
- Linux 64-bit
1. Read the [assurance matrix](docs/assurance-matrix.md) to map product claims to code and verification steps.
2. Run `go test ./...` to confirm the public packages compile and pass.
3. Run `go run ./cmd/futrix-evidence-verify ./examples/product-export` to validate the evidence bundle.
4. During POC, ask FutrixData for equivalent exports from a disposable datasource:
- an agent query with masked columns;
- a destructive statement that is blocked;
- a statement held for approval with `riskAttribution`;
- an exported agent audit log that can be checked with `futrix-audit-verify`.

You can always find the latest installers on the [Releases](https://github.com/FutrixDev/FutrixData/releases) page.
## How FutrixData Uses These Concepts

## About This Repository
Agents call FutrixData over MCP, Skill, CLI, or HTTP instead of holding database credentials directly. FutrixData attributes each call to an agent identity, evaluates risk before execution, applies approval gates when needed, masks sensitive fields before agent egress, and records activity in an audit log with a local hash chain.

This repository is the **public release and packaging repository** for FutrixData.
This repository exposes the reviewable contracts behind that flow. The commercial products provide the full runtime: datasource adapters, richer parser integrations, EXPLAIN probes, trust-mode storage, approval routing, daemon behavior, UI, Enterprise deployment, SSO/RBAC, and operational controls.

It is used to:
## Repository Layout

- publish installers and release assets
- track release notes and versioned binaries
- store packaging and distribution automation
```text
cmd/futrix-audit-verify/ Standalone audit-log verifier
cmd/futrix-evidence-verify/ Evidence-bundle verifier CLI
pkg/auditchain/ Local audit hash-chain verifier
pkg/masking/ Deterministic field masking
pkg/riskengine/ Portable risk-engine core
pkg/protocol/ Public agent tool protocol types
pkg/evidence/ Evidence-bundle verifier package
docs/ Specs, assurance matrix, and scope notes
examples/ Audit, risk-rule, and product-export fixtures
release-verification/ Checksum verification helper
```

For the product overview, screenshots, and download experience, visit [futrixdata.com](https://futrixdata.com/).
## What Is Not Open

This repository does not include the complete FutrixData product. The following remain proprietary:

- desktop UI, datasource adapters, and credential storage;
- account, license, billing, and entitlement flows;
- Enterprise deployment, RBAC, SSO, and tenant administration;
- signing, notarization, release credentials, and private build systems.

The boundary is intentional: the public package supports review and verification of key security claims without making the full commercial product reconstructable from this repository alone.

## Known Limits

- **Local audit hash chains are not remote notarization.** They detect changes to the current file, but a fully privileged local attacker can rewrite the file and recompute hashes unless an external anchor is used.
- **Deterministic masking is not anonymization.** It preserves equality for agent analysis, but low-cardinality values remain guessable by enumeration.
- **The public risk engine is a portable subset.** The commercial product adds live datasource execution, EXPLAIN probes, trust modes, approval routing, and Enterprise policy controls.

## Specifications

- [Open-source scope analysis](docs/open-source-scope.md)
- [Assurance matrix](docs/assurance-matrix.md)
- [Production consistency statement](docs/production-consistency.md)
- [Evidence bundle](docs/evidence-bundle.md)
- [Threat model](docs/threat-model.md)
- [Audit-chain specification](docs/audit-chain.md)
- [Masking specification](docs/masking.md)
- [Partial risk-engine specification](docs/risk-engine.md)
- [Agent protocol](docs/agent-protocol.md)

## Contributing and Security

- Contribution guidelines: [CONTRIBUTING.md](CONTRIBUTING.md)
- Security policy: [SECURITY.md](SECURITY.md)
- Attribution notice: [NOTICE](NOTICE)

## License

This repository is licensed under Apache-2.0. See [LICENSE](LICENSE).

The FutrixData desktop application and FutrixData Enterprise Edition remain commercial products under their own license terms.
Loading