Add Core Identity environment for OpenEnv

.gitignore

@@ -0,0 +1,5 @@
+__pycache__/
+*.pyc
+.venv/
+*.egg-info/
+.pytest_cache/

Dockerfile

@@ -0,0 +1,43 @@
+# Core Identity Environment - Docker configuration for HF Spaces
+
+ARG BASE_IMAGE=ghcr.io/meta-pytorch/openenv-base:latest
+FROM ${BASE_IMAGE} AS builder
+
+WORKDIR /app
+
+COPY . /app/env
+
+WORKDIR /app/env
+
+RUN if ! command -v uv > /dev/null 2>&1; then \
+        curl -LsSf https://astral.sh/uv/install.sh | sh && \
+        mv /root/.local/bin/uv /usr/local/bin/uv && \
+        mv /root/.local/bin/uvx /usr/local/bin/uvx; \
+    fi
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    git \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --no-install-project --no-editable
+
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --no-editable
+
+FROM ${BASE_IMAGE}
+
+WORKDIR /app
+
+COPY --from=builder /app/env/.venv /app/.venv
+COPY --from=builder /app/env /app/env
+
+ENV PATH="/app/.venv/bin:$PATH"
+ENV PYTHONPATH="/app/env:$PYTHONPATH"
+
+HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
+    CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')" || exit 1
+
+EXPOSE 8000
+
+CMD ["sh", "-c", "cd /app/env && uvicorn core_identity_env.server.app:app --host 0.0.0.0 --port 8000"]

README.md

@@ -0,0 +1,188 @@
+# Core Identity Environment — OpenEnv
+
+[![OpenEnv](https://img.shields.io/badge/OpenEnv-compatible-blue)](https://github.com/meta-pytorch/OpenEnv)
+[![Python](https://img.shields.io/badge/python-3.10%2B-brightgreen)](https://python.org)
+
+An identity verification environment for OpenEnv (`meta-pytorch/OpenEnv`), where AI agents can perform document verification, credential authentication, profile management, and fraud detection tasks.
+
+---
+
+## Overview
+
+This environment simulates real-world identity verification tasks. Agents must:
+
+1. Analyze identity documents or credentials
+2. Perform verification checks
+3. Detect fraud or issues
+4. Make accurate verification decisions
+
+### Why Core Identity?
+
+- **Security-focused** — critical real-world application
+- **Multi-faceted** — document, credentials, and profile tasks
+- **Difficulty progression** — simple auth → hard fraud detection
+- **Measurable** — clear true/false outcomes
+
+---
+
+## Project Structure
+
+```
+core_identity_env/               # Environment package
+├── __init__.py                  # Exports: CoreIdentityEnv, CoreIdentityAction
+├── client.py                    # CoreIdentityEnv — async EnvClient (WebSocket)
+├── models.py                    # Typed models for all task types
+├── openenv.yaml                 # OpenEnv manifest (spec_version: 1)
+├── pyproject.toml               # Per-env package config
+├── tasks/
+│   ├── __init__.py
+│   └── definitions.py           # 5 task types + graders
+└── server/
+    ├── __init__.py              # FastAPI app via create_app()
+    ├── core_identity_environment.py  # Server-side Environment
+    ├── requirements.txt         # Server/Docker deps
+    └── Dockerfile               # Multi-stage build
+```
+
+---
+
+## Tasks
+
+| Task ID | Name | Task Type | Difficulty |
+|---------|------|-----------|------------|
+| `doc_verify_passport` | Passport Verification | document_verification | Medium |
+| `doc_verify_fake_id` | Fake ID Detection | document_verification | Hard |
+| `auth_valid_creds` | Credential Authentication | credential_authentication | Easy |
+| `auth_brute_force` | Brute Force Detection | credential_authentication | Hard |
+| `profile_update` | Profile Update Validation | profile_management | Medium |
+
+---
+
+## Quick Start
+
+### 1. Install the environment
+
+```bash
+pip install -e core_identity_env/
+```
+
+### 2. Start the server
+
+```bash
+uvicorn core_identity_env.server.app:app --host 0.0.0.0 --port 8000
+```
+
+### 3. Use the async client
+
+```python
+import asyncio
+from core_identity_env import CoreIdentityEnv, CoreIdentityAction, VerificationResult
+
+async def main():
+    async with CoreIdentityEnv(base_url="http://localhost:8000") as env:
+        result = await env.reset()
+        obs = result.observation
+        print(f"Task: {obs.task_name}")
+        
+        if obs.document:
+            print(f"Document type: {obs.document.document_type}")
+
+        action = CoreIdentityAction(
+            verification=VerificationResult(
+                verified=True,
+                confidence=0.95,
+                checks_performed={"expiry_check": True, "format_check": True},
+            ),
+            submit=True,
+        )
+        result = await env.step(action)
+        print(f"Reward: {result.reward:.4f}")
+
+asyncio.run(main())
+```
+
+### 4. From a Hugging Face Space
+
+```python
+import asyncio
+from core_identity_env import CoreIdentityEnv
+
+async def main():
+    env = await CoreIdentityEnv.from_env("hirann/core-identity-env")
+    try:
+        result = await env.reset()
+        print(result.observation.task_name)
+    finally:
+        await env.close()
+
+asyncio.run(main())
+```
+
+---
+
+## Docker
+
+```bash
+# Build
+docker build -t core-identity-env -f core_identity_env/server/Dockerfile .
+
+# Run
+docker run -p 8000:8000 core-identity-env
+```
+
+## Hugging Face Spaces Deployment
+
+1. Create a new Space at https://huggingface.co/new-space
+2. Select **Docker** as the SDK
+3. Push your repo
+
+---
+
+## Architecture
+
+```
+┌───────────────────────────────────┐
+│       Client Application          │
+│  CoreIdentityEnv (EnvClient)      │
+│    async with env: ...            │
+└───────────────┬───────────────────┘
+                 │ WebSocket /ws
+                 │ (reset, step, state)
+┌───────────────▼───────────────────┐
+│  Docker Container / HF Space      │
+│  FastAPI — create_app()          │
+│  CoreIdentityEnvironment         │
+│    reset() / step() / state       │
+└───────────────────────────────────┘
+```
+
+---
+
+## Reward Function
+
+| Component | Weight | Notes |
+|-----------|--------|-------|
+| Accuracy | 70% | Correct verification decision |
+| Completeness | 30% | Checks performed / required |
+| Efficiency bonus | +0.1 | Completed in ≤50% of max steps |
+
+---
+
+## OpenEnv Spec Compliance
+
+| Spec requirement | Status |
+|-----------------|--------|
+| `openenv.yaml` with `spec_version: 1` | ✅ |
+| `type: space`, `runtime: fastapi` | ✅ |
+| `Environment` base class (`reset/step/state`) | ✅ |
+| `EnvClient` base class (async WebSocket) | ✅ |
+| `create_app()` factory | ✅ |
+| Per-env `pyproject.toml` | ✅ |
+| `server/Dockerfile` with `openenv-base` | ✅ |
+| Typed `Action` / `Observation` models | ✅ |
+
+---
+
+## License
+
+MIT — see LICENSE file for details.

__init__.py

@@ -0,0 +1,26 @@
+"""Core Identity Environment — OpenEnv.
+
+An identity verification environment for AI agents that can:
+- Verify user identity documents (ID, passport, etc.)
+- Authenticate users via credentials
+- Manage user profiles and attributes
+- Detect fraudulent documents
+"""
+
+from core_identity_env.client import CoreIdentityEnv
+from core_identity_env.models import (
+    CoreIdentityAction,
+    CoreIdentityObservation,
+    TaskType,
+    IdentityDocument,
+    VerificationResult,
+)
+
+__all__ = [
+    "CoreIdentityEnv",
+    "CoreIdentityAction",
+    "CoreIdentityObservation",
+    "TaskType",
+    "IdentityDocument",
+    "VerificationResult",
+]

client.py

@@ -0,0 +1,95 @@
+"""Core Identity Environment Client.
+
+Provides the async EnvClient for connecting to a CoreIdentityEnvironment server.
+Supports both async (recommended) and synchronous usage via .sync() wrapper.
+
+Example (async):
+    >>> import asyncio
+    >>> from core_identity_env import CoreIdentityEnv, CoreIdentityAction, VerificationResult
+    >>>
+    >>> async def main():
+    ...     async with CoreIdentityEnv(base_url="http://localhost:8000") as env:
+    ...         result = await env.reset()
+    ...         obs = result.observation
+    ...         print(obs.document)
+    ...
+    ...         action = CoreIdentityAction(
+    ...             verification=VerificationResult(
+    ...                 verified=True,
+    ...                 confidence=0.95,
+    ...                 issues=[],
+    ...             ),
+    ...             submit=True,
+    ...         )
+    ...         result = await env.step(action)
+    ...         print(result.reward)
+    ...
+    >>> asyncio.run(main())
+
+Example (from Hugging Face Space):
+    >>> env = await CoreIdentityEnv.from_env("openenv/core-identity-env")
+    >>> try:
+    ...     result = await env.reset()
+    ... finally:
+    ...     await env.close()
+"""
+
+from typing import Any, Dict
+
+try:
+    from openenv.core.env_client import EnvClient
+    from openenv.core.client_types import StepResult
+except ImportError:
+    from openenv.core.env_client import EnvClient
+    from openenv.core.client_types import StepResult
+
+from core_identity_env.models import CoreIdentityObservation, CoreIdentityAction
+
+
+class CoreIdentityEnv(EnvClient[CoreIdentityAction, CoreIdentityObservation, Dict[str, Any]]):
+    """Async client for the Core Identity Environment.
+
+    Connects to a running CoreIdentityEnvironment server via WebSocket and
+    provides step/reset/state methods for interacting with the environment.
+
+    Inherits from EnvClient:
+      - Async by default — use ``async with`` and ``await``
+      - Sync wrapper — call ``.sync()`` for synchronous usage
+      - ``from_env(repo_id)`` — connect to a Hugging Face Space
+      - ``from_docker_image(image)`` — spin up a local Docker container
+    """
+
+    def _step_payload(self, action: CoreIdentityAction) -> Dict[str, Any]:
+        """Serialise CoreIdentityAction to JSON payload for the server."""
+        return action.model_dump()
+
+    def _parse_result(self, payload: Dict[str, Any]) -> "StepResult[CoreIdentityObservation]":
+        """Deserialise server JSON response to a typed StepResult."""
+        metadata = payload.get("metadata", payload)
+        obs_data = metadata.get("observation", metadata)
+        reward_data = metadata.get("reward", {})
+        done = payload.get("done", metadata.get("done", False))
+        reward_value = payload.get("reward", reward_data.get("value", 0.0))
+
+        try:
+            observation = CoreIdentityObservation.model_validate(obs_data)
+        except Exception:
+            observation = CoreIdentityObservation(
+                task_id=obs_data.get("task_id", "unknown"),
+                task_type=obs_data.get("task_type", "document_verification"),
+                task_name=obs_data.get("task_name", "unknown"),
+                task_description=obs_data.get("task_description", ""),
+                difficulty=obs_data.get("difficulty", "medium"),
+                challenge_data=obs_data.get("challenge_data", {}),
+            )
+
+        return StepResult(
+            observation=observation,
+            reward=reward_value,
+            done=done,
+            info=metadata.get("info", {}),
+        )
+
+    def _parse_state(self, payload: Dict[str, Any]) -> Dict[str, Any]:
+        """Return raw state dict from server."""
+        return payload

models.py

@@ -0,0 +1,87 @@
+from enum import Enum
+from typing import Any, Optional
+from pydantic import BaseModel, Field
+
+
+class TaskType(str, Enum):
+    """Types of identity verification tasks the environment supports."""
+    DOCUMENT_VERIFICATION = "document_verification"
+    CREDENTIAL_AUTHENTICATION = "credential_authentication"
+    PROFILE_MANAGEMENT = "profile_management"
+    FRAUD_DETECTION = "fraud_detection"
+
+
+class DocumentType(str, Enum):
+    """Types of identity documents."""
+    PASSPORT = "passport"
+    DRIVERS_LICENSE = "drivers_license"
+    NATIONAL_ID = "national_id"
+    BIRTH_CERTIFICATE = "birth_certificate"
+
+
+class IdentityDocument(BaseModel):
+    """Identity document data for verification."""
+    document_type: DocumentType = Field(description="Type of document")
+    document_number: str = Field(description="Document identifier number")
+    full_name: str = Field(description="Full name as on document")
+    date_of_birth: str = Field(description="Date of birth (YYYY-MM-DD)")
+    expiry_date: Optional[str] = Field(default=None, description="Document expiry date")
+    issuing_country: str = Field(description="Country that issued the document")
+    additional_fields: dict[str, Any] = Field(default_factory=dict, description="Additional document data")
+
+
+class UserCredentials(BaseModel):
+    """User credentials for authentication."""
+    username: str = Field(description="Username or email")
+    password: str = Field(description="Password")
+    two_factor_code: Optional[str] = Field(default=None, description="2FA code if enabled")
+
+
+class UserProfile(BaseModel):
+    """User profile information."""
+    user_id: str = Field(description="Unique user identifier")
+    full_name: str = Field(description="Full name")
+    email: str = Field(description="Email address")
+    phone: Optional[str] = Field(default=None, description="Phone number")
+    date_of_birth: Optional[str] = Field(default=None, description="Date of birth")
+    address: Optional[str] = Field(default=None, description="Physical address")
+    attributes: dict[str, Any] = Field(default_factory=dict, description="Additional attributes")
+
+
+class VerificationResult(BaseModel):
+    """Result of identity verification."""
+    verified: bool = Field(description="Whether verification passed")
+    confidence: float = Field(default=0.0, description="Confidence score 0-1")
+    issues: list[str] = Field(default_factory=list, description="List of verification issues")
+    checks_performed: dict[str, bool] = Field(default_factory=dict, description="Individual check results")
+
+
+class CoreIdentityObservation(BaseModel):
+    """Observation returned by the environment after reset or step."""
+    task_id: str = Field(description="Unique identifier for the task")
+    task_type: TaskType = Field(description="Type of identity task")
+    task_name: str = Field(description="Human-readable name of the task")
+    task_description: str = Field(description="Description of what needs to be done")
+    difficulty: str = Field(default="medium", description="Difficulty level: easy, medium, hard")
+    
+    document: Optional[IdentityDocument] = Field(default=None, description="Document to verify")
+    credentials: Optional[UserCredentials] = Field(default=None, description="Credentials to authenticate")
+    profile: Optional[UserProfile] = Field(default=None, description="User profile to manage")
+    
+    expected_verification: Optional[bool] = Field(default=None, description="Expected verification result")
+    challenge_data: dict[str, Any] = Field(default_factory=dict, description="Additional challenge data")
+    max_steps: int = Field(default=10, description="Maximum allowed steps")
+
+
+class CoreIdentityAction(BaseModel):
+    """Action to perform in the environment."""
+    verification: VerificationResult = Field(description="The verification result from the agent")
+    submit: bool = Field(default=False, description="Whether to submit the final result")
+
+
+class CoreIdentityReward(BaseModel):
+    """Reward components for the environment."""
+    accuracy: float = Field(default=0.0, description="Accuracy of verification")
+    completeness: float = Field(default=0.0, description="Completeness of checks performed")
+    efficiency: float = Field(default=0.0, description="Efficiency bonus for fewer steps")
+    total: float = Field(default=0.0, description="Total reward value")

openenv.yaml

@@ -0,0 +1,6 @@
+spec_version: 1
+name: core_identity_env
+type: space
+runtime: fastapi
+app: server.app:app
+port: 8000

pyproject.toml

@@ -0,0 +1,24 @@
+[project]
+name = "core_identity_env"
+version = "0.1.0"
+description = "Core Identity environment for verification, authentication, and profile management"
+readme = "README.md"
+requires-python = ">=3.10"
+dependencies = [
+    "openenv-core>=0.1.0",
+    "fastapi>=0.109.0",
+    "uvicorn>=0.27.0",
+    "pydantic>=2.5.0",
+]
+
+[project.scripts]
+server = "uvicorn:main"
+core-identity = "core_identity_env.server.app:app"
+
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["core_identity_env*"]

server/Dockerfile

@@ -0,0 +1,53 @@
+# Core Identity Environment - Docker configuration for HF Spaces
+
+ARG BASE_IMAGE=ghcr.io/meta-pytorch/openenv-base:latest
+FROM ${BASE_IMAGE} AS builder
+
+WORKDIR /app
+
+ARG BUILD_MODE=standalone
+
+COPY . /app/env
+
+WORKDIR /app/env
+
+RUN if ! command -v uv > /dev/null 2>&1; then \
+        curl -LsSf https://astral.sh/uv/install.sh | sh && \
+        mv /root/.local/bin/uv /usr/local/bin/uv && \
+        mv /root/.local/bin/uvx /usr/local/bin/uvx; \
+    fi
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    git \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN --mount=type=cache,target=/root/.cache/uv \
+    if [ -f uv.lock ]; then \
+        uv sync --frozen --no-install-project --no-editable; \
+    else \
+        uv sync --no-install-project --no-editable; \
+    fi
+
+RUN --mount=type=cache,target=/root/.cache/uv \
+    if [ -f uv.lock ]; then \
+        uv sync --frozen --no-editable; \
+    else \
+        uv sync --no-editable; \
+    fi
+
+FROM ${BASE_IMAGE}
+
+WORKDIR /app
+
+COPY --from=builder /app/env/.venv /app/.venv
+COPY --from=builder /app/env /app/env
+
+ENV PATH="/app/.venv/bin:$PATH"
+ENV PYTHONPATH="/app/env:$PYTHONPATH"
+
+HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
+    CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')" || exit 1
+
+EXPOSE 8000
+
+CMD ["sh", "-c", "cd /app/env && uvicorn core_identity_env.server.app:app --host 0.0.0.0 --port 8000"]

server/__init__.py

@@ -0,0 +1,16 @@
+from core_identity_env.server.core_identity_environment import CoreIdentityEnvironment
+from core_identity_env.models import CoreIdentityAction, CoreIdentityObservation
+
+
+def create_app():
+    """Create and configure the FastAPI application for the Core Identity Environment."""
+    from openenv.core.env_server.http_server import create_app as create_openenv_app
+    return create_openenv_app(
+        CoreIdentityEnvironment,
+        CoreIdentityAction,
+        CoreIdentityObservation,
+        env_name="core_identity_env",
+    )
+
+
+app = create_app()

server/core_identity_environment.py

@@ -0,0 +1,237 @@
+"""Core Identity Environment - server-side implementation."""
+
+import random
+from typing import Any, Dict, Optional
+from dataclasses import dataclass, field
+from uuid import uuid4
+
+try:
+    from openenv.core.env_server.interfaces import Environment
+    from openenv.core.env_server.types import Action, Observation, State
+except ImportError:
+    from openenv.core.env_server.interfaces import Environment
+    from openenv.core.env_server.types import Action, Observation, State
+
+from core_identity_env.models import (
+    CoreIdentityObservation,
+    CoreIdentityAction,
+    VerificationResult,
+    TaskType,
+    IdentityDocument,
+    UserCredentials,
+    UserProfile,
+)
+from core_identity_env.tasks.definitions import (
+    get_all_tasks,
+    get_task_by_id,
+    CoreIdentityTask,
+    CoreIdentityTaskEvaluator,
+    GradingResult,
+)
+
+
+@dataclass
+class _EpisodeState:
+    task: CoreIdentityTask
+    episode_id: str
+    current_step: int = 0
+    cumulative_reward: float = 0.0
+    submitted_verification: Dict[str, Any] = field(default_factory=dict)
+    episode_complete: bool = False
+
+
+DIFFICULTY_WEIGHTS = {
+    "easy": 0.15,
+    "medium": 0.12,
+    "hard": 0.08,
+}
+
+
+class CoreIdentityEnvironment(Environment):
+    """Server-side Core Identity Environment compliant with OpenEnv spec."""
+
+    def __init__(
+        self,
+        task_id: Optional[str] = None,
+        seed: Optional[int] = None,
+        max_steps: int = 10,
+    ):
+        self._task_id = task_id
+        self._seed = seed
+        self._max_steps = max_steps
+        self._ep: Optional[_EpisodeState] = None
+        self._state = State(episode_id=str(uuid4()), step_count=0)
+
+        if seed is not None:
+            random.seed(seed)
+
+    def reset(
+        self,
+        seed: Optional[int] = None,
+        episode_id: Optional[str] = None,
+        task_id: Optional[str] = None,
+        **kwargs: Any,
+    ) -> Observation:
+        if seed is not None:
+            random.seed(seed)
+
+        target_task_id = task_id or self._task_id
+        if target_task_id:
+            task = get_task_by_id(target_task_id)
+        else:
+            task = random.choice(get_all_tasks())
+
+        eid = episode_id or str(uuid4())
+
+        document = None
+        credentials = None
+        profile = None
+
+        if task.document:
+            document = IdentityDocument(**task.document)
+        if task.credentials:
+            credentials = UserCredentials(**task.credentials)
+        if task.profile:
+            profile = UserProfile(**task.profile)
+
+        self._ep = _EpisodeState(
+            task=task,
+            episode_id=eid,
+            current_step=0,
+            cumulative_reward=0.0,
+            submitted_verification={},
+            episode_complete=False,
+        )
+        self._state = State(episode_id=eid, step_count=0)
+
+        obs = self._build_observation(document, credentials, profile)
+        return Observation(
+            done=False,
+            reward=0.0,
+            metadata=obs.model_dump(),
+        )
+
+    def step(
+        self,
+        action: Action,
+        timeout_s: Optional[float] = None,
+        **kwargs: Any,
+    ) -> Observation:
+        if self._ep is None:
+            return Observation(
+                done=True,
+                reward=0.0,
+                metadata={"error": "Environment not reset. Call reset() first."},
+            )
+
+        if self._ep.episode_complete:
+            return Observation(
+                done=True,
+                reward=0.0,
+                metadata={"error": "Episode already finished."},
+            )
+
+        action_data: Dict[str, Any] = {}
+        if hasattr(action, "data") and isinstance(action.data, dict):
+            action_data = action.data
+        elif isinstance(action, dict):
+            action_data = action
+        elif hasattr(action, "__dict__"):
+            action_data = vars(action)
+
+        try:
+            env_action = CoreIdentityAction.model_validate(action_data)
+        except Exception:
+            env_action = CoreIdentityAction(verification=VerificationResult())
+
+        self._ep.current_step += 1
+        self._state.step_count = self._ep.current_step
+
+        verification_dict = env_action.verification.model_dump()
+        self._ep.submitted_verification = verification_dict
+
+        evaluator = CoreIdentityTaskEvaluator(self._ep.task)
+        result = evaluator.grade(verification_dict)
+
+        reward_value = result.score * DIFFICULTY_WEIGHTS.get(self._ep.task.difficulty, 0.1)
+
+        terminal = env_action.submit or self._ep.current_step >= self._ep.task.max_steps
+
+        if terminal:
+            final_score = result.score
+            if self._ep.current_step <= self._ep.task.max_steps * 0.5:
+                final_score += 0.1
+            reward_value = min(1.0, final_score)
+            self._ep.episode_complete = True
+
+        self._ep.cumulative_reward += reward_value
+
+        document = None
+        credentials = None
+        profile = None
+        if self._ep.task.document:
+            document = IdentityDocument(**self._ep.task.document)
+        if self._ep.task.credentials:
+            credentials = UserCredentials(**self._ep.task.credentials)
+        if self._ep.task.profile:
+            profile = UserProfile(**self._ep.task.profile)
+
+        obs = self._build_observation(document, credentials, profile)
+        step_result = {
+            "observation": obs.model_dump(),
+            "reward": {
+                "value": reward_value,
+                "accuracy": result.accuracy,
+                "completeness": result.completeness,
+                "total": result.score,
+                "feedback": result.feedback,
+            },
+            "done": self._ep.episode_complete,
+            "info": {
+                "step": self._ep.current_step,
+                "is_final": self._ep.episode_complete,
+            },
+        }
+
+        return Observation(
+            done=self._ep.episode_complete,
+            reward=reward_value,
+            metadata=step_result,
+        )
+
+    @property
+    def state(self) -> State:
+        return self._state
+
+    def _build_observation(
+        self,
+        document: Optional[IdentityDocument],
+        credentials: Optional[UserCredentials],
+        profile: Optional[UserProfile],
+    ) -> CoreIdentityObservation:
+        ep = self._ep
+        return CoreIdentityObservation(
+            task_id=ep.task.task_id,
+            task_type=TaskType(ep.task.task_type),
+            task_name=ep.task.name,
+            task_description=ep.task.description,
+            difficulty=ep.task.difficulty,
+            document=document,
+            credentials=credentials,
+            profile=profile,
+            expected_verification=ep.task.expected_verification,
+            challenge_data=ep.task.challenge_data,
+            max_steps=ep.task.max_steps,
+        )
+
+    def get_task_list(self) -> Dict[str, Any]:
+        return [
+            {
+                "task_id": t.task_id,
+                "name": t.name,
+                "task_type": t.task_type,
+                "difficulty": t.difficulty,
+                "description": t.description,
+            }
+            for t in get_all_tasks()
+        ]

server/requirements.txt

@@ -0,0 +1,4 @@
+fastapi>=0.109.0
+uvicorn>=0.27.0
+pydantic>=2.5.0
+openenv-core

tasks/definitions.py

@@ -0,0 +1,216 @@
+"""Task definitions and graders for the Core Identity environment."""
+
+from typing import List, Dict, Any
+from dataclasses import dataclass
+import re
+from datetime import datetime, timedelta
+
+
+@dataclass
+class CoreIdentityTask:
+    task_id: str
+    name: str
+    description: str
+    task_type: str
+    difficulty: str
+    document: Dict[str, Any] | None
+    credentials: Dict[str, Any] | None
+    profile: Dict[str, Any] | None
+    expected_verification: bool
+    required_checks: List[str]
+    challenge_data: Dict[str, Any]
+    max_steps: int
+
+
+@dataclass
+class GradingResult:
+    accuracy: float
+    completeness: float
+    score: float
+    feedback: str
+
+
+class CoreIdentityTaskEvaluator:
+    """Evaluate responses for Core Identity tasks."""
+
+    def __init__(self, task: CoreIdentityTask):
+        self.task = task
+
+    def grade(self, response: Dict[str, Any]) -> GradingResult:
+        verification = response.get("verification", {})
+        verified = verification.get("verified", False)
+        issues = verification.get("issues", [])
+        checks_performed = verification.get("checks_performed", {})
+
+        expected = self.task.expected_verification
+
+        accuracy = 1.0 if verified == expected else 0.0
+
+        performed_count = sum(1 for v in checks_performed.values() if v)
+        required_count = len(self.task.required_checks)
+        completeness = performed_count / required_count if required_count > 0 else 0.5
+
+        if accuracy == 1.0:
+            base_score = 0.7
+            completeness_bonus = completeness * 0.3
+        else:
+            base_score = 0.0
+            completeness_bonus = 0.0
+
+        score = base_score + completeness_bonus
+
+        feedback = f"Verification: {verified}, Expected: {expected}, Checks: {performed_count}/{required_count}"
+
+        return GradingResult(
+            accuracy=accuracy,
+            completeness=completeness,
+            score=score,
+            feedback=feedback,
+        )
+
+
+def create_document_verification_task() -> CoreIdentityTask:
+    return CoreIdentityTask(
+        task_id="doc_verify_passport",
+        name="Passport Verification",
+        description="Verify the authenticity of a passport document",
+        task_type="document_verification",
+        difficulty="medium",
+        document={
+            "document_type": "passport",
+            "document_number": "P12345678",
+            "full_name": "John Smith",
+            "date_of_birth": "1990-01-15",
+            "expiry_date": "2030-01-15",
+            "issuing_country": "United States",
+        },
+        credentials=None,
+        profile=None,
+        expected_verification=True,
+        required_checks=["expiry_check", "format_check", "country_validation"],
+        challenge_data={
+            "valid_passport": True,
+            "expired_document": False,
+        },
+        max_steps=5
+    )
+
+
+def create_document_fraud_task() -> CoreIdentityTask:
+    return CoreIdentityTask(
+        task_id="doc_verify_fake_id",
+        name="Fake ID Detection",
+        description="Detect a potentially fraudulent ID document",
+        task_type="document_verification",
+        difficulty="hard",
+        document={
+            "document_type": "drivers_license",
+            "document_number": "DL999999999",
+            "full_name": "Jane Doe",
+            "date_of_birth": "1985-06-20",
+            "expiry_date": "2025-06-20",
+            "issuing_country": "California",
+        },
+        credentials=None,
+        profile=None,
+        expected_verification=False,
+        required_checks=["expiry_check", "format_check", "country_validation", "fraud_indicators"],
+        challenge_data={
+            "valid_passport": False,
+            "expired_document": True,
+            "suspicious_number": True,
+            "fraud_indicators": ["expired", "invalid_format"],
+        },
+        max_steps=8
+    )
+
+
+def create_authentication_task() -> CoreIdentityTask:
+    return CoreIdentityTask(
+        task_id="auth_valid_creds",
+        name="Credential Authentication",
+        description="Verify user credentials for authentication",
+        task_type="credential_authentication",
+        difficulty="easy",
+        document=None,
+        credentials={
+            "username": "john.smith@email.com",
+            "password": "SecureP@ss123",
+        },
+        profile=None,
+        expected_verification=True,
+        required_checks=["username_format", "password_strength"],
+        challenge_data={
+            "valid_credentials": True,
+            "account_locked": False,
+        },
+        max_steps=3
+    )
+
+
+def create_authentication_fraud_task() -> CoreIdentityTask:
+    return CoreIdentityTask(
+        task_id="auth_brute_force",
+        name="Brute Force Detection",
+        description="Detect and block brute force authentication attempts",
+        task_type="credential_authentication",
+        difficulty="hard",
+        document=None,
+        credentials={
+            "username": "admin@company.com",
+            "password": "wrong_password",
+        },
+        profile=None,
+        expected_verification=False,
+        required_checks=["username_format", "password_strength", "attempt_tracking", "ip_validation"],
+        challenge_data={
+            "valid_credentials": False,
+            "failed_attempts": 5,
+            "suspicious_ip": True,
+            "time_window": "5 minutes",
+        },
+        max_steps=6
+    )
+
+
+def create_profile_task() -> CoreIdentityTask:
+    return CoreIdentityTask(
+        task_id="profile_update",
+        name="Profile Update Validation",
+        description="Validate a user profile update request",
+        task_type="profile_management",
+        difficulty="medium",
+        document=None,
+        credentials=None,
+        profile={
+            "user_id": "user_12345",
+            "full_name": "Alice Johnson",
+            "email": "alice.j@newdomain.com",
+            "phone": "+1-555-987-6543",
+            "date_of_birth": "1992-03-10",
+        },
+        expected_verification=True,
+        required_checks=["email_format", "phone_format", "age_verification"],
+        challenge_data={
+            "valid_request": True,
+            "requested_changes": ["email", "phone"],
+        },
+        max_steps=5
+    )
+
+
+def get_all_tasks() -> List[CoreIdentityTask]:
+    return [
+        create_document_verification_task(),
+        create_document_fraud_task(),
+        create_authentication_task(),
+        create_authentication_fraud_task(),
+        create_profile_task(),
+    ]
+
+
+def get_task_by_id(task_id: str) -> CoreIdentityTask:
+    for task in get_all_tasks():
+        if task.task_id == task_id:
+            return task
+    raise ValueError(f"Task not found: {task_id}")