mirror of
https://github.com/AeThex-Corporation/AeThex-OS.git
synced 2026-04-17 22:07:20 +00:00
a15b5b1015
Major Features: - Custom .aethex programming language with cross-platform compilation - Compiles to JavaScript, Lua (Roblox), Verse (UEFN), and C# (Unity) - Built-in COPPA compliance and PII detection for safe metaverse development Integration Points: 1. Terminal Integration - Added 'aethex' command for in-terminal compilation - Support for all compilation targets with --target flag - Real-time error reporting and syntax highlighting 2. IDE Integration - Native .aethex file support in Monaco editor - One-click compilation with target selector - Download compiled code functionality - Two example files: hello.aethex and auth.aethex 3. Curriculum Integration - New "AeThex Language" section in Foundry tech tree - Three modules: Realities & Journeys, Cross-Platform Sync, COPPA Compliance - Certification path for students 4. Documentation Site - Complete docs at /docs route (client/src/pages/aethex-docs.tsx) - Searchable documentation with sidebar navigation - Language guide, standard library reference, and examples - Ready for deployment to aethex.dev 5. npm Package Publishing - @aethex.os/core@1.0.0 - Standard library (published) - @aethex.os/cli@1.0.1 - Command line compiler (published) - Both packages live on npm and globally installable Domain Configuration: - DNS setup for 29+ domains (aethex.app, aethex.co, etc.) - nginx reverse proxy configuration - CORS configuration for cross-domain requests - OAuth redirect fixes for hash-based routing Standard Library Features: - Passport: Universal identity across platforms - DataSync: Cross-platform data synchronization - SafeInput: PII detection (phone, email, SSN, credit cards) - Compliance: COPPA/FERPA age gates and audit logging Documentation Package: - Created aethex-dev-docs.zip with complete documentation - Ready for static site deployment - Includes examples, API reference, and quickstart guide Technical Improvements: - Fixed OAuth blank page issue (hash routing) - Added .gitignore rules for temp files - Cleaned up build artifacts and temporary files - Updated all package references to @aethex.os namespace Co-Authored-By: Claude <noreply@anthropic.com>
121 lines
3.4 KiB
Text
121 lines
3.4 KiB
Text
# The Foundry Certification Exam
|
|
# Task: Build a COPPA-compliant, PII-safe leaderboard
|
|
#
|
|
# Requirements:
|
|
# 1. Must accept player scores
|
|
# 2. Must detect and block PII (phone numbers, emails, etc.)
|
|
# 3. Must work on Roblox (Lua)
|
|
# 4. Must display safely without exposing sensitive data
|
|
|
|
import { SafeInput, Compliance } from "@aethex/core"
|
|
|
|
reality SecureLeaderboard {
|
|
platforms: [roblox]
|
|
type: "compliance-exam"
|
|
}
|
|
|
|
# CRITICAL: This is the exam
|
|
# If PII gets through to the leaderboard, you FAIL
|
|
|
|
journey SubmitScore(player, playerName, score) {
|
|
platform: roblox
|
|
|
|
# STEP 1: Validate player age (COPPA compliance)
|
|
when !Compliance.isCOPPACompliant(player.age) {
|
|
notify "Players under 13 cannot submit scores publicly"
|
|
return
|
|
}
|
|
|
|
# STEP 2: Validate player name for PII
|
|
let nameValidation = SafeInput.validate(playerName)
|
|
|
|
when !nameValidation.valid {
|
|
notify "Invalid name: " + nameValidation.message
|
|
notify "Blocked PII types: " + nameValidation.blocked
|
|
|
|
# Log security incident
|
|
Compliance.logCheck(player.userId, "leaderboard_name_check", false)
|
|
|
|
return
|
|
}
|
|
|
|
# STEP 3: Validate score value for PII
|
|
let scoreValidation = SafeInput.validate(score.toString())
|
|
|
|
when !scoreValidation.valid {
|
|
notify "Invalid score: contains sensitive data"
|
|
|
|
# Log security incident
|
|
Compliance.logCheck(player.userId, "leaderboard_score_check", false)
|
|
|
|
return
|
|
}
|
|
|
|
# STEP 4: All validations passed - safe to submit
|
|
# (In real implementation, this would update a database)
|
|
|
|
Compliance.logCheck(player.userId, "leaderboard_submission", true)
|
|
notify "Score submitted successfully!"
|
|
|
|
reveal {
|
|
player: nameValidation.clean,
|
|
score: scoreValidation.clean
|
|
}
|
|
}
|
|
|
|
# Test function: Attempts to inject PII
|
|
journey TestPIIDetection() {
|
|
platform: roblox
|
|
|
|
notify "=== FOUNDRY EXAM TEST SUITE ==="
|
|
|
|
# Test 1: Phone number in name
|
|
let test1 = SafeInput.validate("John 555-1234")
|
|
when test1.valid {
|
|
notify "❌ FAIL: Phone number not detected"
|
|
} otherwise {
|
|
notify "✅ PASS: Phone number blocked"
|
|
}
|
|
|
|
# Test 2: Email in name
|
|
let test2 = SafeInput.validate("player@email.com")
|
|
when test2.valid {
|
|
notify "❌ FAIL: Email not detected"
|
|
} otherwise {
|
|
notify "✅ PASS: Email blocked"
|
|
}
|
|
|
|
# Test 3: Clean name
|
|
let test3 = SafeInput.validate("PlayerOne")
|
|
when test3.valid {
|
|
notify "✅ PASS: Clean name accepted"
|
|
} otherwise {
|
|
notify "❌ FAIL: Clean name rejected"
|
|
}
|
|
|
|
# Test 4: SSN in score
|
|
let test4 = SafeInput.validate("123-45-6789")
|
|
when test4.valid {
|
|
notify "❌ FAIL: SSN not detected"
|
|
} otherwise {
|
|
notify "✅ PASS: SSN blocked"
|
|
}
|
|
|
|
notify "=== TEST SUITE COMPLETE ==="
|
|
}
|
|
|
|
# Grading criteria for instructors:
|
|
#
|
|
# PASS CONDITIONS:
|
|
# ✅ All PII patterns detected (phone, email, SSN, credit card)
|
|
# ✅ COPPA age check enforced
|
|
# ✅ Security incidents logged
|
|
# ✅ Clean inputs accepted
|
|
# ✅ Malicious inputs rejected with clear error messages
|
|
#
|
|
# FAIL CONDITIONS:
|
|
# ❌ Any PII reaches the leaderboard display
|
|
# ❌ Under-13 users can submit public data
|
|
# ❌ Security incidents not logged
|
|
# ❌ System crashes on malicious input
|
|
# ❌ Error messages expose system internals
|