feat(canary): fingerprint_html + fingerprint_svg generators

Two new synthesised-artifact generators that bake the obfuscated fingerprint payload into plausible-looking decoy files: * fingerprint_html — a mundane "Internal Asset Directory" page with a small table of fake hosts; the obfuscated payload is inlined at the bottom of <body>. Visible content (row pool slice, sync timestamp) also varies per mint via SHA-256-derived stable ints, so two extracted canaries don't diff to zero even on the rendered surface. * fingerprint_svg — standalone SVG with an embedded <script> CDATA block. SVG <script> only fires for top-level loads / <object> / <iframe>; <img>-referenced renders are safely inert. Both derive the mint UUID via uuid.uuid5 from the callback token, so re-mints are byte-identical (preserving the generator determinism contract) AND the same token produces the same mint UUID across HTML and SVG variants — the worker can correlate beacons across artifact shapes. Wired into the factory + KNOWN_GENERATORS, default placement paths under ~/Documents/asset_directory.html and ~/Documents/network_topology.svg for both linux and windows personas. Tests cover determinism, per-token divergence, structural validity (DOCTYPE/SVG headers), and that the beacon URL stays inside the obfuscated string array (not in plaintext). The two new entries skip in test_generators.py when Node toolchain is absent so bare CI checkouts still pass.
2026-04-29 16:22:18 -04:00
parent 12cd7ad9cb
commit f64e78f78c
6 changed files with 363 additions and 0 deletions
--- a/decnet/canary/factory.py
+++ b/decnet/canary/factory.py
@@ -21,6 +21,8 @@ KNOWN_GENERATORS: Tuple[str, ...] = (
    "honeydoc_docx",
    "honeydoc_pdf",
    "mysql_dump",
+    "fingerprint_html",
+    "fingerprint_svg",
 )

 KNOWN_INSTRUMENTERS: Tuple[str, ...] = (
@@ -64,6 +66,16 @@ def get_generator(name: str) -> CanaryGenerator:
    if name == "mysql_dump":
        from decnet.canary.generators.mysql_dump import MySQLDumpGenerator
        return MySQLDumpGenerator()
+    if name == "fingerprint_html":
+        from decnet.canary.generators.fingerprint_html import (
+            FingerprintHtmlGenerator,
+        )
+        return FingerprintHtmlGenerator()
+    if name == "fingerprint_svg":
+        from decnet.canary.generators.fingerprint_svg import (
+            FingerprintSvgGenerator,
+        )
+        return FingerprintSvgGenerator()
    raise ValueError(
        f"Unknown canary generator: {name!r}. Known: {KNOWN_GENERATORS}"
    )