Security Model

Threat model, security invariants, and vulnerability disclosure.

Trust boundaries

Client ↔ Service — TLS-encrypted gRPC/REST. Clients authenticate via bearer tokens. The service trusts the PDP for authorization.
Service ↔ PDP — If the PDP is compromised, authorization is compromised. The service fails closed if the PDP is unreachable.
Service ↔ Storage — Storage holds encrypted key handles and metadata. Key material lives in the provider, not storage.
Service ↔ HSM — The HSM is the root of trust. PKCS#11 PIN is zeroized after session establishment.

These invariants are enforced structurally in the codebase:

Authorization on every operation — Every handler passes through PDP authorization before executing.
Audit on every operation — Including denied requests (AuthorizationDenied).
Fail-closed on PDP unavailability — No “allow if PDP is down” mode.
Fail-closed on KMS unavailability — No fallback to weaker algorithms.
Sensitive data zeroization — Key material, plaintext, and DEKs use Sensitive<T> wrapper.
Identity tags excluded from responses — Only user_tags returned to API callers.
Opaque encryption context — AAD is BLAKE3-hashed in audit logs; raw values never persisted.
Cascade disable — Disabling a parent key disables all descendants server-side.
Unique LIDs — UUID injection makes LID collisions structurally impossible.
Constant-time authentication — Bootstrap token comparison uses constant-time equality.

FIPS 140-3 compliance is achieved through the HSM provider path. The HSM’s certificate defines the cryptographic boundary.

Audit events include Ed25519 signatures and BLAKE3 hash-chain linking. Events are delivered via NATS for durable, distributed consumption.

Report security issues responsibly via the process documented in the upstream SECURITY.md.