Skip to content
This repository was archived by the owner on Jun 7, 2026. It is now read-only.
This repository was archived by the owner on Jun 7, 2026. It is now read-only.

Commission third-party security audit of cryptographic operations #84

Description

@toadkicker

Goal

Before the v1.0.0 stable release, commission an independent security audit of PAP's cryptographic operations, trust model, and protocol invariants.

Scope

Priority areas for audit:

  1. Ed25519 keypair management — principal, session, and delegation key material
  2. SD-JWT selective disclosure — IETF draft-08 compliance, disclosure linkage prevention
  3. Mandate chain verification — recursive scope/TTL bounds cannot be exceeded
  4. Session DID unlinkability — ephemeral DIDs cannot be correlated to principal
  5. Receipt co-signature — property-reference-only constraint is enforced
  6. Federation TOFU TLS pinning — pin lifecycle, rotation, and revocation
  7. FFI boundary safety — `pap-c` null pointer handling, thread safety
  8. Progressive decay enforcement — state transitions cannot be reversed

Acceptance Criteria

  • Auditor selected and engaged
  • Audit scope agreed and documented in this issue
  • Audit report received and findings tracked as sub-issues
  • All Critical and High findings resolved before v1.0.0 tag
  • Audit report published (or executive summary if NDA required)

Metadata

Metadata

Assignees

No one assigned

    Labels

    cryptoCryptographic implementationssecuritySecurity hardening

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions