Skip to content

[Epic] Cross-cutting / Hardening #15

Description

@iret77

Epic — Cross-cutting / Hardening (spans phases). Collects the cross-cutting requirements from the Codex review that belong to no single phase but must land in the owning phase. No own milestone — each item is implemented in its owner phase and tracked here.

Items

  • Key rotation / revocation / disaster recovery + operator runbook (R1/R11) — backup/restore, compromised-key revocation, DID-doc update, old-signature verification, recovery. Owner: Phase 1/4.
  • anp_version migration (R7/R14b) — schema version registry, migration policy, backward verification, fixture versioning, compatibility tests. Owner: Phase 0 + Schema-backflow matrix + ANP PR process #2.
  • GDPR / right to erasure vs. immutable anchors (R13b) — what is deletable (off-chain body/keys), what stays (hash/anchor), how the residue is explained, does deletion break verification? Owner: before productive PII processing.
  • Multi-tenant isolation (R17) — tenant scoping across proof.identity/proof.store/proof.anchor/verify-link/auditor rights. Owner: Phase 1+.
  • Clock / timestamp trust (R18) — ledger vs. local timestamp, skew, ordering. Owner: Phase 2.
  • Observability baseline (R14) — metrics, alerts, degraded states, anchor-retry visibility. Owner: Phase 2.
  • CI breadth beyond canonicalization — packaging/signing, Privacy-Shield boundary tests, UI e2e, cross-instance co-signing, migration tests. Owner: Phase 0, ongoing.
  • IOTA tooling maturity (R19) — IOTA Identity/Gas Station/Notarization are pre-GA; pin versions, plan for pre-GA API breaks, keep anchor-mock carrying Phases 0–1. Owner: Phase 2.

Done

Each item implemented in its owner phase and linked; runbooks exist.

Refs: plan.md §6 (R9–R19), §11 (Codex IMPORTANT findings).

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/securitykey lifecycle, custody, privacy, compliancecross-cuttingSpans phases (hardening)type/epicTracking issue for a phase / stage

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions