Skip to content

Add Security Considerations to spec and cryptographic chain verification#8

Merged
bradleygauthier merged 3 commits intomainfrom
security-and-chain-verification
Mar 8, 2026
Merged

Add Security Considerations to spec and cryptographic chain verification#8
bradleygauthier merged 3 commits intomainfrom
security-and-chain-verification

Conversation

@bradleygauthier
Copy link
Contributor

@bradleygauthier bradleygauthier commented Mar 8, 2026

Summary

  • Adds CPS Section 7 (Security Considerations) to the protocol spec, documenting what CPS provides (integrity, authenticity, non-repudiation, ordering, quantum resistance) and what it does not (confidentiality, truthfulness, availability, identity binding). Covers signer key compromise, chain truncation, verification levels, replay, and timestamp trust.
  • Extends chain.verify() in both Python and TypeScript with optional cryptographic verification: recompute SHA3-256 from content and (Python) verify Ed25519 signatures. Default structural-only behavior is unchanged (backward compatible).
  • Updates CHANGELOG to reflect all additions since v1.2.0.

Type of Change

  • New feature (non-breaking change that adds functionality)
  • Protocol change (modifies the CPS specification)
  • Documentation update
  • Test improvement

Checklist

Python reference (reference/python/)

  • Tests pass: cd reference/python && pytest tests/
  • Linter passes: cd reference/python && ruff check src/ tests/
  • Type checker passes: cd reference/python && mypy src/qp_capsule/
  • Golden fixtures pass: cd reference/python && pytest tests/test_golden_fixtures.py

TypeScript reference (reference/typescript/)

  • Tests pass: cd reference/typescript && npm test
  • Type check passes: cd reference/typescript && npx tsc --noEmit
  • Conformance passes: cd reference/typescript && npm run conformance

General

  • Documentation updated (if applicable)
  • CHANGELOG.md updated (if user-facing change)

Protocol Impact

  • Protocol change (requires CPS version bump and golden fixture update)

New Section 7 shifts URI Scheme to Section 8. No changes to serialization, hashing, or sealing — golden fixtures remain valid.

@bradleygauthier
Add Security Considerations to spec and cryptographic chain verification
ace0497 
Add CPS Section 7 (Security Considerations) documenting what the
protocol provides and does not provide, including signer key compromise,
chain truncation, verification levels, replay, and timestamp trust.

Extend chain.verify() in both Python and TypeScript with optional
cryptographic verification: recompute SHA3-256 from content and
verify Ed25519 signatures. Default structural-only behavior is
unchanged (backward compatible).

Update CHANGELOG to reflect all additions since v1.2.0.
@bradleygauthier
Fix chain verification tests to tamper at database level
c8d284b 
The tamper-detection tests were modifying in-memory capsule objects,
but chain.verify() re-reads from SQLite (getting fresh copies), so
it never saw the tampering. Fix by writing tampered JSON directly
to the database's data column without updating the stored hash.
@bradleygauthier
Fix line length lint error in test_chain.py
74c1478
@bradleygauthier bradleygauthier merged commit e7a67d2 into main Mar 8, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bradleygauthier