Security
Overview of cryptographic primitives, authorization, consensus guarantees, replay protection, rate limiting, and P2P security.
Cryptographic primitives
| Primitive | Algorithm | Size | Usage |
|---|---|---|---|
| Message hash | BLAKE3 | 32 bytes | BLAKE3(MessageData) |
| Message signature | Ed25519 | 64 bytes | Ed25519.sign(hash, key) |
| Signer key | Ed25519 | 32 bytes | Public key identifying the signer |
| State root | BLAKE3 | 32 bytes | Merkle root of all state after a block |
| ETH claim | EIP-191 + secp256k1 + keccak256 | 65 bytes | Ethereum address linking |
| SOL claim | Ed25519 | 64 bytes | Solana address linking |
Claim message format: makechain:verify:<mid>.
Authorization model
Key scopes
| Scope | Level | Permissions |
|---|---|---|
| OWNER | Highest | Manage keys, remove projects, manage collaborators, all lower-scope actions |
| SIGNING | Middle | Create projects, push commits, update refs, add verifications, fork |
| AGENT | Lowest | Restricted to specific projects via allowed_projects |
Check order
- Key lookup — signing key registered for the message's
mid - Scope check — key scope meets minimum for the message type
- Project access —
midis owner or collaborator - Agent restriction — target project in key's
allowed_projects
KEY_ADD and KEY_REMOVE skip the signer pre-check (relayed from onchain registry).
Collaborators
Collaborators get write access. Only the owner can add/remove them. The owner cannot be a collaborator on their own project.
Consensus security
Simplex BFT properties:
- Fault tolerance —
3f + 1validators, toleratesfByzantine - Finality — 2-chain rule, ~300ms
- Leader election — round-robin
Committed blocks include a BLAKE3 hash verified before storage as a defense-in-depth check.
Replay protection
Timestamp windows
| Parameter | Default | Effect |
|---|---|---|
max_timestamp_age_secs | 600 (10 min) | Reject old messages |
max_timestamp_drift_secs | 30 | Reject future messages |
Hash deduplication
Mempool deduplicates by hash. A committed message index lets gossip receivers reject already-finalized messages.
Network isolation
Messages include a network field. The node rejects messages for a different network, preventing cross-network replay.
Ref nonces
Monotonically increasing nonce on each ref prevents reordering even when CAS hashes match.
Rate limiting
Token-bucket on the gRPC API: burst 100, refill 10/sec. Exceeding returns RESOURCE_EXHAUSTED.
P2P security
- Authenticated encryption — all peer connections via
commonware-p2p. Peers identified by Ed25519 keys. - Gossip validation — inbound messages pass full envelope verification and are checked against the committed message index.
- Channel quotas — three Simplex channels (votes, certificates, resolver) with independent quotas.
- Misbehavior blocking — strike-based system. Peers sending invalid messages accumulate strikes and get blocked.
Storage limits
| Resource | Limit |
|---|---|
| Projects per storage unit | 10 |
| Commits per project | 10,000 (oldest unprotected pruned) |
| Refs per project | 200 |
| Collaborators per project | 50 |
| Keys per account | 100 |
| Verifications per account | 50 |
See storage limits for the full allocation model.