Peerless + New Argo

tools/peer_behavior.go

@@ -0,0 +1,49 @@
+package tools
+
+import "time"
+
+// BehaviorSeverity qualifies the gravity of a peer misbehavior.
+type BehaviorSeverity int
+
+const (
+	// BehaviorWarn: minor inconsistency — slight trust penalty.
+	BehaviorWarn BehaviorSeverity = iota
+	// BehaviorFraud: deliberate data manipulation (e.g. fake peerless Ref,
+	// invalid booking) — significant trust penalty.
+	BehaviorFraud
+	// BehaviorCritical: severe abuse (secret exfiltration, data corruption,
+	// system-level attack) — heavy penalty, near-immediate blacklist.
+	BehaviorCritical
+)
+
+// scorePenalties maps each severity to a trust-score deduction (out of 100).
+var scorePenalties = map[BehaviorSeverity]float64{
+	BehaviorWarn:     5,
+	BehaviorFraud:    20,
+	BehaviorCritical: 40,
+}
+
+// Penalty returns the trust-score deduction for this severity.
+func (s BehaviorSeverity) Penalty() float64 {
+	if p, ok := scorePenalties[s]; ok {
+		return p
+	}
+	return 5
+}
+
+// PeerBehaviorReport is the payload carried by PEER_BEHAVIOR_EVENT.
+// Any trusted service can emit it; oc-discovery is the sole consumer.
+type PeerBehaviorReport struct {
+	// ReporterApp identifies the emitting service (e.g. "oc-scheduler", "oc-datacenter").
+	ReporterApp string `json:"reporter_app"`
+	// TargetPeerID is the MongoDB DID (_id) of the offending peer.
+	TargetPeerID string `json:"target_peer_id"`
+	// Severity drives how much the trust score drops.
+	Severity BehaviorSeverity `json:"severity"`
+	// Reason is a human-readable description shown in the blacklist warning.
+	Reason string `json:"reason"`
+	// Evidence is an optional reference (booking ID, resource Ref, …).
+	Evidence string `json:"evidence,omitempty"`
+	// At is the timestamp of the observed misbehavior.
+	At time.Time `json:"at"`
+}