Please email security@atomr.dev with a description of the issue. We acknowledge within 72 hours.
atomr-dledger is built under a "Harvest Now, Decrypt Later" threat model. The key invariants we defend:
- Data confidentiality survives a quantum break. All data-at-rest
is wrapped under ML-KEM-1024. All data-in-transit uses the
X25519MLKEM768hybrid KEM group. A future quantum capability does not retroactively decrypt today's traffic or storage. - Signatures fail safely. Hot keys are Ed25519; cold keys are ML-DSA-65 (Dilithium-5). High-value operations require the cold key. A break in the hot key can only damage one identity rotation window.
- Floating-point non-determinism cannot frame an honest node. Fraud-proof comparisons run over a canonicalised trace per ADR-0008. Two honest replicas that disagree within the model's declared precision bucket are not slashed.
- The right to be forgotten is cryptographic. Crypto-shredding
(
atomr-dledger-provenance::ShredRegistry) destroys the wrapped DEK; the ciphertext remains in immutable history but is mathematically irrecoverable. Backups of the ciphertext are safe only if every backup also lost the wrapped DEK.
- Bugs in atomr upstream — please file against https://github.com/rustakka/atomr instead.
- Bugs in third-party crates referenced by us — please file upstream and copy us.
- Speculation about Phase 4/5 (RV11–RV16) aspirational traits — the
Mock/Allowdefaults are intentionally permissive per ADR-0004. Real implementations are not part of v1.0.