oc-lib/tools/peer_behavior.go

package tools

import "time"

// BehaviorSeverity qualifies the gravity of a peer misbehavior.
type BehaviorSeverity int

const (
	// BehaviorWarn: minor inconsistency — slight trust penalty.
	BehaviorWarn BehaviorSeverity = iota
	// BehaviorFraud: deliberate data manipulation (e.g. fake peerless Ref,
	// invalid booking) — significant trust penalty.
	BehaviorFraud
	// BehaviorCritical: severe abuse (secret exfiltration, data corruption,
	// system-level attack) — heavy penalty, near-immediate blacklist.
	BehaviorCritical
)

// scorePenalties maps each severity to a trust-score deduction (out of 100).
var scorePenalties = map[BehaviorSeverity]float64{
	BehaviorWarn:     5,
	BehaviorFraud:    20,
	BehaviorCritical: 40,
}

// Penalty returns the trust-score deduction for this severity.
func (s BehaviorSeverity) Penalty() float64 {
	if p, ok := scorePenalties[s]; ok {
		return p
	}
	return 5
}

// PeerBehaviorReport is the payload carried by PEER_BEHAVIOR_EVENT.
// Any trusted service can emit it; oc-discovery is the sole consumer.
type PeerBehaviorReport struct {
	// ReporterApp identifies the emitting service (e.g. "oc-scheduler", "oc-datacenter").
	ReporterApp string `json:"reporter_app"`
	// TargetPeerID is the MongoDB DID (_id) of the offending peer.
	TargetPeerID string `json:"target_peer_id"`
	// Severity drives how much the trust score drops.
	Severity BehaviorSeverity `json:"severity"`
	// Reason is a human-readable description shown in the blacklist warning.
	Reason string `json:"reason"`
	// Evidence is an optional reference (booking ID, resource Ref, …).
	Evidence string `json:"evidence,omitempty"`
	// At is the timestamp of the observed misbehavior.
	At time.Time `json:"at"`
}
Peerless + New Argo 2026-03-24 12:49:37 +01:00			`package tools`

			`import "time"`

			`// BehaviorSeverity qualifies the gravity of a peer misbehavior.`
			`type BehaviorSeverity int`

			`const (`
			`// BehaviorWarn: minor inconsistency — slight trust penalty.`
			`BehaviorWarn BehaviorSeverity = iota`
			`// BehaviorFraud: deliberate data manipulation (e.g. fake peerless Ref,`
			`// invalid booking) — significant trust penalty.`
			`BehaviorFraud`
			`// BehaviorCritical: severe abuse (secret exfiltration, data corruption,`
			`// system-level attack) — heavy penalty, near-immediate blacklist.`
			`BehaviorCritical`
			`)`

			`// scorePenalties maps each severity to a trust-score deduction (out of 100).`
			`var scorePenalties = map[BehaviorSeverity]float64{`
			`BehaviorWarn: 5,`
			`BehaviorFraud: 20,`
			`BehaviorCritical: 40,`
			`}`

			`// Penalty returns the trust-score deduction for this severity.`
			`func (s BehaviorSeverity) Penalty() float64 {`
			`if p, ok := scorePenalties[s]; ok {`
			`return p`
			`}`
			`return 5`
			`}`

			`// PeerBehaviorReport is the payload carried by PEER_BEHAVIOR_EVENT.`
			`// Any trusted service can emit it; oc-discovery is the sole consumer.`
			`type PeerBehaviorReport struct {`
			`// ReporterApp identifies the emitting service (e.g. "oc-scheduler", "oc-datacenter").`
			ReporterApp string `json:"reporter_app"`
			`// TargetPeerID is the MongoDB DID (_id) of the offending peer.`
			TargetPeerID string `json:"target_peer_id"`
			`// Severity drives how much the trust score drops.`
			Severity BehaviorSeverity `json:"severity"`
			`// Reason is a human-readable description shown in the blacklist warning.`
			Reason string `json:"reason"`
			`// Evidence is an optional reference (booking ID, resource Ref, …).`
			Evidence string `json:"evidence,omitempty"`
			`// At is the timestamp of the observed misbehavior.`
			At time.Time `json:"at"`
			`}`