| Name | comp-leo JSON |
| Version |
0.1.2
JSON |
| download |
| home_page | None |
| Summary | Compliance & security SDK for Leo smart contracts |
| upload_time | 2025-10-27 18:39:07 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | >=3.10 |
| license | None |
| keywords |
aleo
blockchain
compliance
leo
security
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# 🔒 Comp-LEO SDK
[](https://pypi.org/project/comp-leo/)
[](https://opensource.org/licenses/Apache-2.0)
[](https://www.python.org/downloads/)
**Compliance & Security for Leo Smart Contracts | 100% Local | Zero Network Calls**
Comp-LEO brings shift-left compliance to the Aleo ecosystem. Check your Leo smart contracts for security vulnerabilities and compliance issues in seconds, not months. Find issues during development, not after deployment.
---
## ✨ Features
🔍 **Static Analysis** - Parse Leo code with regex-based AST extraction
🛡️ **10+ Security Rules** - Access control, input validation, overflow risks
📊 **Smart Scoring** - Severity-weighted compliance scores (0-100)
🎨 **Beautiful CLI** - Interactive menu with auto-scan and selection
📈 **Multiple Formats** - Export reports as JSON, HTML, or Markdown
🤖 **CI/CD Ready** - GitHub Actions, GitLab CI, pre-commit hooks
🔒 **100% Private** - Code never leaves your machine
⚡ **Blazing Fast** - <100ms per file, 25x faster than AI tools
🆓 **Free & Open Source** - Apache 2.0 license
---
## 🚀 Quick Start
### Installation
```bash
pip install comp-leo
# With interactive menu mode
pip install comp-leo[interactive]
# With file watching
pip install comp-leo[watch]
# Full install
pip install comp-leo[all]
```
### Usage
#### 🎨 Interactive Menu Mode (Recommended)
The interactive menu mode provides a beautiful, user-friendly interface with auto-scanning:
```bash
comp-leo --interactive
```
**Features:**
- 🔍 Auto-scans for `.leo` files in current directory, parent, and `programs/` folders
- 📋 Shows up to 5 files directly in the main menu for quick access
- ⌨️ Navigate with arrow keys, select with Enter
- 🔄 Rescan on demand to find new files
- 📊 View detailed results and statistics
- 💾 Export reports in multiple formats
**Example Session:**
```
██████╗ ██████╗ ███╗ ███╗██████╗ ██╗ ███████╗ ██████╗
██╔════╝██╔═══██╗████╗ ████║██╔══██╗ ██║ ██╔════╝██╔═══██╗
██║ ██║ ██║██╔████╔██║██████╔╝█████╗██║ █████╗ ██║ ██║
██║ ██║ ██║██║╚██╔╝██║██╔═══╝ ╚════╝██║ ██╔══╝ ██║ ██║
╚██████╗╚██████╔╝██║ ╚═╝ ██║██║ ███████╗███████╗╚██████╔╝
╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝ ╚═════╝
Compliance & Security for Leo Smart Contracts
v0.1.1 | Zero-Knowledge Compliance | 100% Local
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📋 Interactive Menu Mode
Use arrow keys to navigate, Enter to select
🔍 Scanning for Leo files...
✓ Found 8 Leo file(s)
› What would you like to do?
─── Quick Check ───
▸ ✓ programs/sbom_registry/src/main.leo
✓ programs/compliance_oracle/src/main.leo
✓ programs/token/src/main.leo
... and 5 more files
─── More Options ───
🔍 Browse & Check File
📁 Check Directory
🔄 Rescan for Leo Files
📋 List Available Policies
🔧 Change Policy Pack
❓ Help
❌ Exit
```
**Menu Navigation:**
- Use **↑/↓** arrow keys to move
- Press **Enter** to select
- Press **Ctrl+C** to cancel (returns to menu)
- Select "❌ Exit" to quit
**Quick Check:**
Select any file from the "Quick Check" section to instantly analyze it. Results show violations, severity, and compliance score.
**After Running a Check:**
The menu dynamically updates to show additional options:
```
📊 View Last Results # See all violations with details
📈 Show Statistics # View detailed metrics
💾 Export Report # Save as JSON/HTML/Markdown
```
**Browse Mode:**
When you select "🔍 Browse & Check File":
1. Enter a path (defaults to current directory)
2. If it's a directory, see all `.leo` files
3. Select a file to check
4. See up to 30 files, with option to show all
#### 💻 Command Line Mode
For scripting and CI/CD, use direct commands:
```bash
# Check a single file
comp-leo check programs/my_contract/src/main.leo
# Check entire directory
comp-leo check programs/
# Check with custom threshold
comp-leo check programs/ --threshold 90
# Fail on any high severity issues
comp-leo check programs/ --fail-on-high
# Generate HTML report
comp-leo report programs/ --format html -o report.html
# Generate Markdown report
comp-leo report programs/ --format markdown -o COMPLIANCE.md
# List available policies
comp-leo list-policies
# Generate CI/CD configs
comp-leo init-ci
# Watch mode (auto-check on file changes)
comp-leo watch programs/
```
## 📋 Commands
| Command | Description |
|---------|-------------|
| `comp-leo` | Show banner and help |
| `comp-leo --interactive` | Launch interactive menu mode |
| `comp-leo check <path>` | Check Leo file or directory |
| `comp-leo report <path>` | Generate compliance report |
| `comp-leo list-policies` | List available policy packs |
| `comp-leo init-ci` | Generate CI/CD configurations |
| `comp-leo watch <path>` | Watch files for changes (requires `[watch]`) |
| `comp-leo --version` | Show version |
| `comp-leo --help` | Show full help |
## 🎯 Use Cases
### Pre-Commit Hook
```bash
# .git/hooks/pre-commit
#!/bin/bash
comp-leo check programs/ --threshold 75 --fail-on-critical || exit 1
```
### GitHub Actions
```yaml
# .github/workflows/compliance.yml
name: Compliance Check
on: [pull_request]
jobs:
compliance:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: '3.10'
- run: pip install comp-leo
- run: comp-leo check programs/ --fail-on-critical
```
### Python API
```python
from comp_leo.analyzer.checker import ComplianceChecker
checker = ComplianceChecker(policy_pack="aleo-baseline")
result = checker.check_file("programs/my_contract/src/main.leo")
print(f"Score: {result.score}/100")
print(f"Violations: {len(result.violations)}")
for v in result.violations:
print(f"{v.severity}: {v.message} at line {v.line_number}")
```
## 📚 Policy Packs
| Pack | Status | Controls | Focus Area |
|------|--------|----------|-----------|
| **aleo-baseline** | ✅ Available | 10+ | Leo security best practices |
| **nist-800-53** | 🚧 v0.2.0 | 1,200+ | Federal security baseline |
| **iso-27001** | 🚧 v0.2.0 | 114 | Information security |
| **pci-dss** | 🚧 v0.3.0 | 300+ | Payment card security |
| **gdpr** | 🚧 v0.3.0 | 99 | Data protection & privacy |
### Current Rules (aleo-baseline)
- ✅ Missing access control checks
- ✅ Unvalidated inputs in transitions
- ✅ Unprotected state mutations
- ✅ Integer overflow risks
- ✅ Missing event logging
- ✅ Hardcoded credentials
- ✅ Weak randomness
- ✅ Reentrancy patterns
- ✅ Gas optimization issues
- ✅ Documentation gaps
## Architecture
```
┌─────────────────────────────────────────────────────────────┐
│ Comp-LEO SDK │
├─────────────────────────────────────────────────────────────┤
│ CLI Tool API Service CI Integration │
│ comp-leo check /v1/check GitHub Actions │
│ comp-leo fix /v1/report GitLab CI │
│ comp-leo report Authentication PR Comments │
├─────────────────────────────────────────────────────────────┤
│ Static Analysis Engine │
│ Leo Parser → AST → Pattern Matcher → Scorer │
├─────────────────────────────────────────────────────────────┤
│ Policy Engine │
│ Rules | Severity | Evidence | Control Mapping │
├─────────────────────────────────────────────────────────────┤
│ Remediation Engine (Future) │
│ Fix Generator → AI Agent → PR Creator │
└─────────────────────────────────────────────────────────────┘
```
## Example Output
```
⚠️ Compliance Check: 3 issues found
HIGH: Missing input validation [AC-3.1, NIST 800-53]
→ programs/payment/src/main.leo:45
💡 Add assertion: assert(amount > 0u64);
MEDIUM: Insufficient logging [AU-2, NIST 800-53]
→ programs/payment/src/main.leo:78
💡 Log transaction hash before state mutation
LOW: Public field exposure [privacy-001]
→ programs/payment/src/main.leo:12
💡 Consider using private modifier for sensitive data
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ 47 checks passed ⚠️ 3 warnings ❌ 0 critical
Score: 85/100 (Threshold: 75)
```
## 🆕 What's New in v0.1.1
✨ **Interactive Menu Mode** - Beautiful TUI with auto-scanning
📁 **Smart File Discovery** - Auto-finds Leo files in current/parent directories
🎯 **Quick Check** - One-click checking from scanned files
🔄 **Rescan on Demand** - Refresh file list without restarting
📊 **Dynamic Menus** - Context-aware options based on state
🎨 **Enhanced CLI** - Improved error messages and help
📦 **Optional Dependencies** - Install only what you need (`[interactive]`, `[watch]`, `[all]`)
## 🔒 Why 100% Local?
Your code never leaves your machine. No AI APIs. No network calls. True privacy for ZK blockchain development.
- **No Data Leakage** - Code stays on your machine
- **Works Offline** - Zero network dependency
- **Deterministic** - Same code = same results always
- **Fast** - <100ms vs 2-5s with cloud AI
- **Free Forever** - No per-check costs
- **Auditable** - Open source, verify everything
See [WHY_LOCAL.md](WHY_LOCAL.md) for full philosophy.
## Pricing
| Tier | Checks/Month | Price | Features |
|------|-------------|-------|----------|
| **Freemium** | 100 | Free | Core policies, CLI access |
| **Pro** | 1,000 | $99/mo | All policies, API access, CI integration |
| **Enterprise** | Unlimited | $999/mo | Custom rules, SLA, white-label |
## Project Structure
```
comp-leo-sdk/
├─ cli/ # Command-line tool
├─ api/ # FastAPI service
├─ analyzer/ # Static analysis engine
│ ├─ parser.py # Leo AST parser
│ ├─ checker.py # Pattern matcher
│ └─ scorer.py # Severity & scoring
├─ policies/ # Compliance rule definitions
│ ├─ nist_800_53.json
│ ├─ iso_27001.json
│ ├─ pci_dss.json
│ └─ aleo_baseline.json
├─ integrations/ # CI/CD plugins
│ ├─ github/
│ └─ gitlab/
└─ tests/ # Test suite
```
## Development Roadmap
### Phase 1: Foundation (Weeks 1-4)
- [x] Leo parser & AST builder
- [x] Core static analysis patterns
- [x] NIST 800-53 baseline (80% of ISO overlap)
- [x] CLI tool with local checks
- [ ] Unit test suite (>80% coverage)
### Phase 2: API & Monetization (Weeks 5-8)
- [ ] FastAPI service with authentication
- [ ] Rate limiting & usage tracking
- [ ] API key management portal
- [ ] Stripe integration for paid tiers
### Phase 3: CI/CD & Ecosystem (Weeks 9-12)
- [ ] GitHub Actions integration
- [ ] PR comment bot
- [ ] Policy pack expansion (PCI, GDPR)
- [ ] VS Code extension
### Phase 4: AI Auto-Fix (Weeks 13-16)
- [ ] Fix suggestion engine
- [ ] LLM integration (GPT-4/Claude)
- [ ] Automated PR generation
- [ ] Confidence scoring for fixes
## Contributing
See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup and guidelines.
## License
Apache 2.0 for core SDK (open-source)
Proprietary for API service & enterprise features
---
**Built for the Aleo ecosystem** | [Website](https://compiledger.com) |
Raw data
{
"_id": null,
"home_page": null,
"name": "comp-leo",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": "aleo, blockchain, compliance, leo, security",
"author": null,
"author_email": "CompliLedger <dev@compiledger.com>",
"download_url": "https://files.pythonhosted.org/packages/3b/3c/dd638f90470b207cb53171e1646b53e5413ce3ceebcdb4b6f33352bb5688/comp_leo-0.1.2.tar.gz",
"platform": null,
"description": "# \ud83d\udd12 Comp-LEO SDK\n\n[](https://pypi.org/project/comp-leo/)\n[](https://opensource.org/licenses/Apache-2.0)\n[](https://www.python.org/downloads/)\n\n**Compliance & Security for Leo Smart Contracts | 100% Local | Zero Network Calls**\n\nComp-LEO brings shift-left compliance to the Aleo ecosystem. Check your Leo smart contracts for security vulnerabilities and compliance issues in seconds, not months. Find issues during development, not after deployment.\n\n---\n\n## \u2728 Features\n\n\ud83d\udd0d **Static Analysis** - Parse Leo code with regex-based AST extraction \n\ud83d\udee1\ufe0f **10+ Security Rules** - Access control, input validation, overflow risks \n\ud83d\udcca **Smart Scoring** - Severity-weighted compliance scores (0-100) \n\ud83c\udfa8 **Beautiful CLI** - Interactive menu with auto-scan and selection \n\ud83d\udcc8 **Multiple Formats** - Export reports as JSON, HTML, or Markdown \n\ud83e\udd16 **CI/CD Ready** - GitHub Actions, GitLab CI, pre-commit hooks \n\ud83d\udd12 **100% Private** - Code never leaves your machine \n\u26a1 **Blazing Fast** - <100ms per file, 25x faster than AI tools \n\ud83c\udd93 **Free & Open Source** - Apache 2.0 license\n\n---\n\n## \ud83d\ude80 Quick Start\n\n### Installation\n\n```bash\npip install comp-leo\n\n# With interactive menu mode\npip install comp-leo[interactive]\n\n# With file watching\npip install comp-leo[watch]\n\n# Full install\npip install comp-leo[all]\n```\n\n### Usage\n\n#### \ud83c\udfa8 Interactive Menu Mode (Recommended)\n\nThe interactive menu mode provides a beautiful, user-friendly interface with auto-scanning:\n\n```bash\ncomp-leo --interactive\n```\n\n**Features:**\n- \ud83d\udd0d Auto-scans for `.leo` files in current directory, parent, and `programs/` folders\n- \ud83d\udccb Shows up to 5 files directly in the main menu for quick access\n- \u2328\ufe0f Navigate with arrow keys, select with Enter\n- \ud83d\udd04 Rescan on demand to find new files\n- \ud83d\udcca View detailed results and statistics\n- \ud83d\udcbe Export reports in multiple formats\n\n**Example Session:**\n\n```\n \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\n \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2588\u2588\u2588\u2588\u2554\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2551 \u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551\n \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u255a\u2588\u2588\u2554\u255d\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551\n \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2551 \u255a\u2550\u255d \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\n \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \n\nCompliance & Security for Leo Smart Contracts\nv0.1.1 | Zero-Knowledge Compliance | 100% Local\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\ud83d\udccb Interactive Menu Mode\nUse arrow keys to navigate, Enter to select\n\n\ud83d\udd0d Scanning for Leo files...\n\u2713 Found 8 Leo file(s)\n\n\u203a What would you like to do?\n \u2500\u2500\u2500 Quick Check \u2500\u2500\u2500\n\u25b8 \u2713 programs/sbom_registry/src/main.leo\n \u2713 programs/compliance_oracle/src/main.leo\n \u2713 programs/token/src/main.leo\n ... and 5 more files\n \u2500\u2500\u2500 More Options \u2500\u2500\u2500\n \ud83d\udd0d Browse & Check File\n \ud83d\udcc1 Check Directory\n \ud83d\udd04 Rescan for Leo Files\n \ud83d\udccb List Available Policies\n \ud83d\udd27 Change Policy Pack\n \u2753 Help\n \u274c Exit\n```\n\n**Menu Navigation:**\n- Use **\u2191/\u2193** arrow keys to move\n- Press **Enter** to select\n- Press **Ctrl+C** to cancel (returns to menu)\n- Select \"\u274c Exit\" to quit\n\n**Quick Check:**\nSelect any file from the \"Quick Check\" section to instantly analyze it. Results show violations, severity, and compliance score.\n\n**After Running a Check:**\nThe menu dynamically updates to show additional options:\n```\n \ud83d\udcca View Last Results # See all violations with details\n \ud83d\udcc8 Show Statistics # View detailed metrics\n \ud83d\udcbe Export Report # Save as JSON/HTML/Markdown\n```\n\n**Browse Mode:**\nWhen you select \"\ud83d\udd0d Browse & Check File\":\n1. Enter a path (defaults to current directory)\n2. If it's a directory, see all `.leo` files\n3. Select a file to check\n4. See up to 30 files, with option to show all\n\n#### \ud83d\udcbb Command Line Mode\n\nFor scripting and CI/CD, use direct commands:\n\n```bash\n# Check a single file\ncomp-leo check programs/my_contract/src/main.leo\n\n# Check entire directory\ncomp-leo check programs/\n\n# Check with custom threshold\ncomp-leo check programs/ --threshold 90\n\n# Fail on any high severity issues\ncomp-leo check programs/ --fail-on-high\n\n# Generate HTML report\ncomp-leo report programs/ --format html -o report.html\n\n# Generate Markdown report\ncomp-leo report programs/ --format markdown -o COMPLIANCE.md\n\n# List available policies\ncomp-leo list-policies\n\n# Generate CI/CD configs\ncomp-leo init-ci\n\n# Watch mode (auto-check on file changes)\ncomp-leo watch programs/\n```\n\n## \ud83d\udccb Commands\n\n| Command | Description |\n|---------|-------------|\n| `comp-leo` | Show banner and help |\n| `comp-leo --interactive` | Launch interactive menu mode |\n| `comp-leo check <path>` | Check Leo file or directory |\n| `comp-leo report <path>` | Generate compliance report |\n| `comp-leo list-policies` | List available policy packs |\n| `comp-leo init-ci` | Generate CI/CD configurations |\n| `comp-leo watch <path>` | Watch files for changes (requires `[watch]`) |\n| `comp-leo --version` | Show version |\n| `comp-leo --help` | Show full help |\n\n## \ud83c\udfaf Use Cases\n\n### Pre-Commit Hook\n```bash\n# .git/hooks/pre-commit\n#!/bin/bash\ncomp-leo check programs/ --threshold 75 --fail-on-critical || exit 1\n```\n\n### GitHub Actions\n```yaml\n# .github/workflows/compliance.yml\nname: Compliance Check\non: [pull_request]\n\njobs:\n compliance:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v4\n with:\n python-version: '3.10'\n - run: pip install comp-leo\n - run: comp-leo check programs/ --fail-on-critical\n```\n\n### Python API\n```python\nfrom comp_leo.analyzer.checker import ComplianceChecker\n\nchecker = ComplianceChecker(policy_pack=\"aleo-baseline\")\nresult = checker.check_file(\"programs/my_contract/src/main.leo\")\n\nprint(f\"Score: {result.score}/100\")\nprint(f\"Violations: {len(result.violations)}\")\n\nfor v in result.violations:\n print(f\"{v.severity}: {v.message} at line {v.line_number}\")\n```\n\n## \ud83d\udcda Policy Packs\n\n| Pack | Status | Controls | Focus Area |\n|------|--------|----------|-----------|\n| **aleo-baseline** | \u2705 Available | 10+ | Leo security best practices |\n| **nist-800-53** | \ud83d\udea7 v0.2.0 | 1,200+ | Federal security baseline |\n| **iso-27001** | \ud83d\udea7 v0.2.0 | 114 | Information security |\n| **pci-dss** | \ud83d\udea7 v0.3.0 | 300+ | Payment card security |\n| **gdpr** | \ud83d\udea7 v0.3.0 | 99 | Data protection & privacy |\n\n### Current Rules (aleo-baseline)\n\n- \u2705 Missing access control checks\n- \u2705 Unvalidated inputs in transitions\n- \u2705 Unprotected state mutations\n- \u2705 Integer overflow risks\n- \u2705 Missing event logging\n- \u2705 Hardcoded credentials\n- \u2705 Weak randomness\n- \u2705 Reentrancy patterns\n- \u2705 Gas optimization issues\n- \u2705 Documentation gaps\n\n## Architecture\n\n```\n\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n\u2502 Comp-LEO SDK \u2502\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\n\u2502 CLI Tool API Service CI Integration \u2502\n\u2502 comp-leo check /v1/check GitHub Actions \u2502\n\u2502 comp-leo fix /v1/report GitLab CI \u2502\n\u2502 comp-leo report Authentication PR Comments \u2502\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\n\u2502 Static Analysis Engine \u2502\n\u2502 Leo Parser \u2192 AST \u2192 Pattern Matcher \u2192 Scorer \u2502\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\n\u2502 Policy Engine \u2502\n\u2502 Rules | Severity | Evidence | Control Mapping \u2502\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\n\u2502 Remediation Engine (Future) \u2502\n\u2502 Fix Generator \u2192 AI Agent \u2192 PR Creator \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n```\n\n## Example Output\n\n```\n\u26a0\ufe0f Compliance Check: 3 issues found\n\nHIGH: Missing input validation [AC-3.1, NIST 800-53]\n \u2192 programs/payment/src/main.leo:45\n \ud83d\udca1 Add assertion: assert(amount > 0u64);\n\nMEDIUM: Insufficient logging [AU-2, NIST 800-53]\n \u2192 programs/payment/src/main.leo:78\n \ud83d\udca1 Log transaction hash before state mutation\n\nLOW: Public field exposure [privacy-001]\n \u2192 programs/payment/src/main.leo:12\n \ud83d\udca1 Consider using private modifier for sensitive data\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\u2705 47 checks passed \u26a0\ufe0f 3 warnings \u274c 0 critical\nScore: 85/100 (Threshold: 75)\n```\n\n## \ud83c\udd95 What's New in v0.1.1\n\n\u2728 **Interactive Menu Mode** - Beautiful TUI with auto-scanning \n\ud83d\udcc1 **Smart File Discovery** - Auto-finds Leo files in current/parent directories \n\ud83c\udfaf **Quick Check** - One-click checking from scanned files \n\ud83d\udd04 **Rescan on Demand** - Refresh file list without restarting \n\ud83d\udcca **Dynamic Menus** - Context-aware options based on state \n\ud83c\udfa8 **Enhanced CLI** - Improved error messages and help \n\ud83d\udce6 **Optional Dependencies** - Install only what you need (`[interactive]`, `[watch]`, `[all]`) \n\n## \ud83d\udd12 Why 100% Local?\n\nYour code never leaves your machine. No AI APIs. No network calls. True privacy for ZK blockchain development.\n\n- **No Data Leakage** - Code stays on your machine\n- **Works Offline** - Zero network dependency\n- **Deterministic** - Same code = same results always\n- **Fast** - <100ms vs 2-5s with cloud AI\n- **Free Forever** - No per-check costs\n- **Auditable** - Open source, verify everything\n\nSee [WHY_LOCAL.md](WHY_LOCAL.md) for full philosophy.\n\n## Pricing\n\n| Tier | Checks/Month | Price | Features |\n|------|-------------|-------|----------|\n| **Freemium** | 100 | Free | Core policies, CLI access |\n| **Pro** | 1,000 | $99/mo | All policies, API access, CI integration |\n| **Enterprise** | Unlimited | $999/mo | Custom rules, SLA, white-label |\n\n## Project Structure\n\n```\ncomp-leo-sdk/\n\u251c\u2500 cli/ # Command-line tool\n\u251c\u2500 api/ # FastAPI service\n\u251c\u2500 analyzer/ # Static analysis engine\n\u2502 \u251c\u2500 parser.py # Leo AST parser\n\u2502 \u251c\u2500 checker.py # Pattern matcher\n\u2502 \u2514\u2500 scorer.py # Severity & scoring\n\u251c\u2500 policies/ # Compliance rule definitions\n\u2502 \u251c\u2500 nist_800_53.json\n\u2502 \u251c\u2500 iso_27001.json\n\u2502 \u251c\u2500 pci_dss.json\n\u2502 \u2514\u2500 aleo_baseline.json\n\u251c\u2500 integrations/ # CI/CD plugins\n\u2502 \u251c\u2500 github/\n\u2502 \u2514\u2500 gitlab/\n\u2514\u2500 tests/ # Test suite\n```\n\n## Development Roadmap\n\n### Phase 1: Foundation (Weeks 1-4)\n- [x] Leo parser & AST builder\n- [x] Core static analysis patterns\n- [x] NIST 800-53 baseline (80% of ISO overlap)\n- [x] CLI tool with local checks\n- [ ] Unit test suite (>80% coverage)\n\n### Phase 2: API & Monetization (Weeks 5-8)\n- [ ] FastAPI service with authentication\n- [ ] Rate limiting & usage tracking\n- [ ] API key management portal\n- [ ] Stripe integration for paid tiers\n\n### Phase 3: CI/CD & Ecosystem (Weeks 9-12)\n- [ ] GitHub Actions integration\n- [ ] PR comment bot\n- [ ] Policy pack expansion (PCI, GDPR)\n- [ ] VS Code extension\n\n### Phase 4: AI Auto-Fix (Weeks 13-16)\n- [ ] Fix suggestion engine\n- [ ] LLM integration (GPT-4/Claude)\n- [ ] Automated PR generation\n- [ ] Confidence scoring for fixes\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for development setup and guidelines.\n\n## License\n\nApache 2.0 for core SDK (open-source)\nProprietary for API service & enterprise features\n\n---\n\n**Built for the Aleo ecosystem** | [Website](https://compiledger.com) |\n",
"bugtrack_url": null,
"license": null,
"summary": "Compliance & security SDK for Leo smart contracts",
"version": "0.1.2",
"project_urls": {
"Documentation": "https://docs.compiledger.com",
"Homepage": "https://compiledger.com",
"Repository": "https://github.com/compiledger/comp-leo-sdk"
},
"split_keywords": [
"aleo",
" blockchain",
" compliance",
" leo",
" security"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "0d0a45dfcd026894aea04d514262f103b93f2f1dbcb12fcce7fd407e463c0f6f",
"md5": "1d1672947b426a3cea0c3292daee5e84",
"sha256": "3fc6a61b012a07cc6c80cfc805917aa5e0b644e3809ee602ec1f6606bac89469"
},
"downloads": -1,
"filename": "comp_leo-0.1.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1d1672947b426a3cea0c3292daee5e84",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 44990,
"upload_time": "2025-10-27T18:39:05",
"upload_time_iso_8601": "2025-10-27T18:39:05.723477Z",
"url": "https://files.pythonhosted.org/packages/0d/0a/45dfcd026894aea04d514262f103b93f2f1dbcb12fcce7fd407e463c0f6f/comp_leo-0.1.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "3b3cdd638f90470b207cb53171e1646b53e5413ce3ceebcdb4b6f33352bb5688",
"md5": "fc8cc310b068ef519e896892350d086e",
"sha256": "c13cda83b533687b6e8431921fe2d86eb1c8848fcb0e9ffe9ff0b315547fff37"
},
"downloads": -1,
"filename": "comp_leo-0.1.2.tar.gz",
"has_sig": false,
"md5_digest": "fc8cc310b068ef519e896892350d086e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 80261,
"upload_time": "2025-10-27T18:39:07",
"upload_time_iso_8601": "2025-10-27T18:39:07.971026Z",
"url": "https://files.pythonhosted.org/packages/3b/3c/dd638f90470b207cb53171e1646b53e5413ce3ceebcdb4b6f33352bb5688/comp_leo-0.1.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-27 18:39:07",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "compiledger",
"github_project": "comp-leo-sdk",
"github_not_found": true,
"lcname": "comp-leo"
}
