S13 — Hardening
Security requirements for all node and client implementations.
HS-01: Data integrity
All events stored in a Merkle tree. Inclusion proofs required for any event referenced in disputes or arbitration. Missing proof = event treated as unverified.
HS-02: Admission enforcement
Rate limiting (S10) is mandatory. VRF audit selects 5-20% of events for deeper verification. Nodes that skip admission checks are flagged and their events rejected by peers.
HS-03: Tenant isolation
Row-level security by tenant_id on all shared infrastructure. Least-privilege access — components can only read/write tables they own.
HS-04: Finality windows
- Dispute window ≥24 hours (configurable upward, not downward)
- No irreversible external effects before HARD finality
- Block finalization if clock drift detected (>30s from STA median)
HS-05: Identity recovery
Shamir’s Secret Sharing for key recovery:
| Security level | Shares (N) | Threshold (M) |
|---|---|---|
| Standard | 5 | 3 |
| High security | 7 | 5 |
Recovered identity retains full reputation and token history.
HS-06: Threat model
Assume:
- Hostile network (MITM, replay, eclipse attacks possible)
- Compromised device (key theft, memory inspection)
- Phishable user (social engineering, credential theft)
Design accordingly: Ed25519 for signatures, Merkle proofs for state, VRF for randomness, commit-reveal for voting.
Implementation Status
Verified against source: 2026-04-06
| Claim | Status | Notes |
|---|---|---|
| HS-01: Merkle tree for events | Partial | src/domains/merkle/ implements Merkle trees over audit actions (mcp_merkle, mcp_session_root tables), with inclusion proof generation and verification. However, this covers MCP tool-call audit trails, not protocol-level events as described in the spec. |
| HS-02: Rate limiting | Partial | src/middleware/index.js implements per-tool rate limiting (100 req/min window) with circuit breakers. VRF-based audit sampling is spec-only; no VRF implementation found. |
| HS-03: Tenant isolation | Spec-only | No tenant_id column or row-level security in the schema. ACL middleware (src/middleware/acl.js) enforces project-scoped role hierarchy (owner/admin/member/viewer), but this is per-project RBAC, not multi-tenant row isolation. |
| HS-04: Finality windows | Spec-only | No finality, dispute window, or clock-drift detection in source. |
| HS-05: Shamir’s Secret Sharing | Spec-only | No Shamir SSS or key-recovery logic found. |
| HS-06: Ed25519 signatures | Spec-only | No Ed25519 signing. Auth uses HMAC-based JWT tokens via jose library (src/middleware/auth.js). |
| HS-06: Merkle proofs for state | Partial | Merkle proofs exist for audit chains but not for general protocol state verification. |
| HS-06: VRF for randomness | Spec-only | No VRF implementation. |
| HS-06: Commit-reveal for voting | Spec-only | No commit-reveal or voting mechanism. |
| (Bonus) Input validation | Implemented | src/security/validator.js provides Zod-based input validation with security checks. |
| (Bonus) Injection detection | Implemented | src/security/audit.js and audit-comprehensive.js detect SQL injection, command injection, path traversal, NoSQL injection, XPath injection, LDAP injection. |
| (Bonus) Secret scanning | Implemented | src/security/audit.js scans for API keys, tokens, passwords, AWS keys, private keys. |
| (Bonus) Input sanitization | Implemented | src/security/sanitizer.js provides HTML escaping, SQL sanitization, path sanitization. |
| (Bonus) Audit logging | Implemented | src/middleware/audit.js logs all tool calls with hash-chained integrity (mcp_action table with previous_hash/current_hash). |
| (Bonus) Auth middleware | Implemented | src/middleware/auth.js provides token-based auth with configurable modes (trust/token/hybrid/required). |
Summary: The Colibri protocol hardening claims (finality windows, Shamir SSS, Ed25519, VRF, commit-reveal, tenant isolation) are spec-only. However, the Colibri server has substantial operational security: input validation, injection detection across six attack vectors, secret scanning, audit logging with hash chains, Merkle proof trees for audit integrity, rate limiting with circuit breakers, and token-based authentication with RBAC.