Authority Boundary Audit

[flyingrobots]

Migrated from Method backlog

This issue was created from a legacy filesystem backlog card. GitHub Issues are now the live work tracker; repository docs remain Method evidence.

Source backlog: docs/method/backlog/v0.1.0/SECURITY_authority-boundary-audit.md
Original lane: v0.1.0
Original legend: SECURITY

Original backlog card

Authority Boundary Audit

Status: initial local audit recorded; final release security review remains.

Depends on:

• Product-facing intent outcome API
• App-safe client surface
• Reference trusted runtime host loop

Why now

The release is only credible if application code cannot reach trusted runtime
authority. Echo's central contract-host promise is that applications submit and
observe while the runtime owner controls ticks.

Audit targets

Verify that application-facing paths cannot:

• tick, step, start, stop, or run the scheduler;
• access TrustedKernelControlPort or equivalent host-only capabilities;
• resume faulted heads;
• install privileged host adapters;
• mutate state through query observers;
• bypass package install compatibility checks;
• turn retry into hidden runtime behavior.

Acceptance criteria

• Tests prove app-facing dispatch cannot tick or access trusted runtime
  control.
• WASM/Node/browser exports are app-safe if those packages ship.
• Generated helpers target app-safe request APIs or host-only install APIs
  explicitly.
• Host-only APIs are documented as runtime-owner authority.
• Security review records deferred risks before release candidate.

Implemented local slice

docs/design/v0.1.0-authority-boundary-audit.md records the current
authority-boundary evidence and deferred risks. The local release witness keeps
application code on TrustedRuntimeApp and trusted runtime control on
TrustedRuntimeHost.

Non-goals

• Do not build a sandbox or capability system beyond the release surface.
• Do not treat method names as authority boundaries.
• Do not make query observers a mutation API.

[coderabbitai]

🔗 Related PRs

#353 - Fix WASM application intent authority boundary [merged]
#358 - feat(core): add admission evidence boundaries [merged]
#369 - docs: add Echo v0.1.0 release plan [merged]
#373 - chore: remove legacy ttd-browser surface [merged]
#380 - feat(core): expose retained evidence posture on readings [merged]

---

📝 Issue Planner

_{Check the box below or use the @coderabbitai plan command to generate an implementation plan and prompts that you can use with your favorite coding assistant.}

• Create Plan

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord!