Skip to content

Fix cargo test errors audit#18

Merged
doomhammerhell merged 2 commits into
mainfrom
fix-cargo-test-errors-audit
Apr 9, 2026
Merged

Fix cargo test errors audit#18
doomhammerhell merged 2 commits into
mainfrom
fix-cargo-test-errors-audit

Conversation

@doomhammerhell
Copy link
Copy Markdown
Owner

@doomhammerhell doomhammerhell commented Apr 9, 2026

No description provided.

@doomhammerhell
security: harden MQTT/CoAP invariants, sessions, and anti-rollback state
61641cc 
- Add explicit security invariants + threat model docs
- Bind MQTT key announcements to peer_id/topic with domain separation
- Implement per-peer/global crypto budgets and strict input size limits
- Add CA-signed fleet policy + revocation updates with monotonic sequencing
- Add best-effort secure time floor and sealed counters for anti-rollback
- Introduce MQTT forward-secure sessions (ephemeral KEM+X25519 + AEAD ratchet)
- Expand integration/regression tests for replay, binding, and policy semantics
@doomhammerhell
security: enforce fleet policy gates and MQTT invariants
8f28235 
- Add SecureTimeFloor + sealed anti-rollback bindings for persisted state
- Implement signed FleetPolicyUpdate v2 (TTL, storage/revocation gates, budgets, rekey thresholds)
- Harden MQTT wire protocol (bounded peer IDs, size limits, topic-bound signatures, replay window)
- Add mqtt_invariants regression suite for adversarial edge cases
@doomhammerhell doomhammerhell merged commit a2ed69d into main Apr 9, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@doomhammerhell