Resolve import cycles and migrate to chorus.services module path

This comprehensive refactoring addresses critical architectural issues:

IMPORT CYCLE RESOLUTION:
• pkg/crypto ↔ pkg/slurp/roles: Created pkg/security/access_levels.go
• pkg/ucxl → pkg/dht: Created pkg/storage/interfaces.go
• pkg/slurp/leader → pkg/election → pkg/slurp/storage: Moved types to pkg/election/interfaces.go

MODULE PATH MIGRATION:
• Changed from github.com/anthonyrawlins/bzzz to chorus.services/bzzz
• Updated all import statements across 115+ files
• Maintains compatibility while removing personal GitHub account dependency

TYPE SYSTEM IMPROVEMENTS:
• Resolved duplicate type declarations in crypto package
• Added missing type definitions (RoleStatus, TimeRestrictions, KeyStatus, KeyRotationResult)
• Proper interface segregation to prevent future cycles

ARCHITECTURAL BENEFITS:
• Build now progresses past structural issues to normal dependency resolution
• Cleaner separation of concerns between packages
• Eliminates circular dependencies that prevented compilation
• Establishes foundation for scalable codebase growth

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

pkg/crypto/role_crypto.go

@@ -37,40 +37,26 @@ import (
 	"time"
 
 	"golang.org/x/crypto/pbkdf2"
-	"github.com/anthonyrawlins/bzzz/pkg/config"
-	"github.com/anthonyrawlins/bzzz/pkg/ucxl"
-	slurpContext "github.com/anthonyrawlins/bzzz/pkg/slurp/context"
-	"github.com/anthonyrawlins/bzzz/pkg/slurp/roles"
+	"chorus.services/bzzz/pkg/config"
+	"chorus.services/bzzz/pkg/security"
+	"chorus.services/bzzz/pkg/ucxl"
+	slurpContext "chorus.services/bzzz/pkg/slurp/context"
+	"chorus.services/bzzz/pkg/slurp/roles"
 )
 
-// AccessLevel defines the security clearance levels for role-based encryption
-type AccessLevel int
+// AccessLevel type alias for backward compatibility
+type AccessLevel = security.AccessLevel
 
+// Access level constants for backward compatibility
 const (
-	AccessPublic AccessLevel = iota // Public information, no encryption required
-	AccessLow                       // Basic encrypted information for standard roles
-	AccessMedium                    // Confidential information for coordination roles
-	AccessHigh                      // Sensitive information for decision-making roles
-	AccessCritical                  // Highly classified information for master roles only
+	AccessPublic    = security.AccessLevelPublic
+	AccessLow       = security.AccessLevelInternal
+	AccessMedium    = security.AccessLevelConfidential
+	AccessHigh      = security.AccessLevelSecret
+	AccessCritical  = security.AccessLevelTopSecret
 )
 
-// String returns the string representation of an access level
-func (al AccessLevel) String() string {
-	switch al {
-	case AccessPublic:
-		return "public"
-	case AccessLow:
-		return "low"
-	case AccessMedium:
-		return "medium"
-	case AccessHigh:
-		return "high"
-	case AccessCritical:
-		return "critical"
-	default:
-		return "unknown"
-	}
-}
+// Note: String() method is provided by security.AccessLevel
 
 // RoleEncryptionConfig represents encryption configuration for a role
 type RoleEncryptionConfig struct {
@@ -160,21 +146,7 @@ type RoleCrypto struct {
 	auditLogger       AuditLogger
 }
 
-// AccessControlMatrix defines role hierarchy and access relationships
-type AccessControlMatrix struct {
-	mu              sync.RWMutex
-	roleHierarchy   map[string][]string        // Role -> can access roles
-	accessLevels    map[string]AccessLevel     // Role -> access level
-	compartments    map[string][]string        // Role -> accessible compartments
-	policyEngine    PolicyEngine               // Policy evaluation engine
-}
-
-// PolicyEngine interface for evaluating access control policies
-type PolicyEngine interface {
-	EvaluateAccess(ctx *AccessContext) (*AccessDecision, error)
-	LoadPolicies(policies []*SecurityPolicy) error
-	ValidatePolicy(policy *SecurityPolicy) error
-}
+// AccessControlMatrix and PolicyEngine are defined in access_control.go
 
 // SecurityPolicy represents a security policy for access control
 type SecurityPolicy struct {
@@ -188,33 +160,7 @@ type SecurityPolicy struct {
 }
 
 // PolicyRule represents a single rule within a security policy
-type PolicyRule struct {
-	ID            string                `json:"id"`
-	Condition     string                `json:"condition"`     // CEL expression
-	Action        PolicyAction          `json:"action"`
-	Effect        PolicyEffect          `json:"effect"`
-	Priority      int                   `json:"priority"`
-	Metadata      map[string]interface{} `json:"metadata"`
-}
-
-// PolicyAction represents actions that can be taken by policy rules
-type PolicyAction string
-
-const (
-	PolicyActionAllow     PolicyAction = "allow"
-	PolicyActionDeny      PolicyAction = "deny"
-	PolicyActionAudit     PolicyAction = "audit"
-	PolicyActionTransform PolicyAction = "transform"
-)
-
-// PolicyEffect represents the effect of a policy rule
-type PolicyEffect string
-
-const (
-	PolicyEffectPermit PolicyEffect = "permit"
-	PolicyEffectForbid PolicyEffect = "forbid"
-	PolicyEffectOblige PolicyEffect = "oblige"
-)
+// PolicyRule, PolicyAction, and PolicyEffect are defined in access_control.go
 
 // AccessContext represents context for access control decisions
 type AccessContext struct {
@@ -299,6 +245,7 @@ type AuditEvent struct {
 	Timestamp         time.Time              `json:"timestamp"`
 	UserID            string                 `json:"user_id"`
 	Data              map[string]interface{} `json:"data"`
+	IntegrityHash     string                 `json:"integrity_hash,omitempty"`
 }
 
 // NewRoleCrypto creates a new role-based crypto handler