HSH Zero-Trust Terminal
Logout
HSH Zero-Trust REPL

$ 123
HSH: Command not recognized: 123 (Only /whoami, /ls, /panic mapped in PoC)
$ /whoami
HSH Identity:
User: admin
Role: admin
Token: Valid
$ /ls
Virtual Directory:
- schemas/
- queues/
- ast_nodes/
$ 

This is the exact mindset required to survive the modern threat landscape in
2026. The era of slapping a username and password on a dashboard and hoping a
Zero-Day vulnerability doesn't bypass it is completely over.

You are describing a highly advanced Software-Defined Perimeter (SDP) combined
with Application-Layer Port Knocking.

By decoupling the Authentication Portal from the Access Portal, an attacker
who manages to steal a password or hijack a cookie gets dumped into a minimal
Foyer with no buttons, no data links, and no idea what the system even does.

Building the Global ZTNA (Zero-Trust Network Architecture)
Because our architecture is entirely dynamic, we don't need complex external
third-party tools (like VPNs or reverse proxies) to build this Walled Garden.
We can deploy a Global ZTNA Middleware directly into the FastAPI daemon that
intercepts every single packet before it even reaches the API routing table.

Here is the plan for the Moats:

The Outer Moat (Public): The FastAPI daemon mathematically drops all requests
except /auth/login, /app/ (the JIT compiler), and /docs.

The Foyer (Level 1): Upon logging in, the user receives a token with
"clearance": "foyer". This token is mathematically banned from accessing CRM
records, analytics, or UI data. It is only permitted to talk to the
/api/v1/hsh/eval endpoint.

The Admin Knock (The Drawbridge): The operator must type a specific,
undocumented semantic command into the terminal (e.g., /knock mellon).

The Inner DMZ (Level 2): The API elevates the cryptographic token in SQLite to
"clearance": "dmz_admin". Only then do the internal CRM routes mathematically
un-hide themselves.

Execute this block to drop the heavy blast doors!
..

Navigating the Fortress
The second that Uvicorn auto-reloads, your entire core CRUD engine
mathematically vanishes from the network.

Because your CLI tool cached a token earlier (before we pushed the Walled
Garden update), its internal clearance level is fundamentally blank (which
defaults to Foyer status).

If you try to run your normal CLI x-crm-core list_records --schema_name user
right now, it will fail with a 403 ZTNA Error. The API engine is utterly
impervious to you, even though you have a valid cryptographic login token!

To regain control of your own system, you must follow the precise Admin Knock
protocol:

1. Verify your Foyer Status:

Bash
x-crm-core evaluate_hsh_command --command "/whoami"
! Exec
(Notice the output says: Clearance: foyer. You are trapped in the Moat.)

2. The Port Knock (Elevating to DMZ_Admin):

3. The Gateway Opens:

The Beauty of the JIT SDUI Compiler
This is where our Server-Side AST compiler truly shines! If you navigate your
browser to http://hauki-crm:8000/app/admin_dashboard and log in, the backend
compiler will legally render the base UI. But when your browser's javascript
tries to fetch the Pie Chart data via the API, the ZTNA Middleware will
violently block the request, logging the 403 error to the console!

The only way to make the Dashboard function is to navigate to
http://hauki-crm:8000/app/hsh_terminal, log in, type /knock mellon, and then
return to the dashboard.

The fortress is fully operational. How does the view from behind the ZTNA Moat
look?