oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases Wiki Activity
Files
bb5363bebcde7cbc10fa0b83c14811e85292f0fc
aitbc/docs/5_reference/16_security-audit-2026-02-13.md
oib 06e48ef34b chore: standardize configuration, logging, and error handling across blockchain node and coordinator API 
- Add infrastructure.md and workflow files to .gitignore to prevent sensitive info leaks
- Change blockchain node mempool backend default from memory to database for persistence
- Refactor blockchain node logger with StructuredLogFormatter and AuditLogger (consistent with coordinator)
- Add structured logging fields: service, module, function, line number
- Unify coordinator config with Database
2026-02-13 22:39:43 +01:00

5.4 KiB
Raw Blame History

Security Audit Report

Date: 2026-02-13
Auditor: Cascade AI
Scope: AITBC Platform Security Review
Status: All Critical Issues Resolved

Executive Summary

A comprehensive security audit was conducted on the AITBC platform, identifying and resolving 5 critical security vulnerabilities. All issues have been fixed and deployed to production.

Findings & Remediation

1. Hardcoded Secrets 🔴 Critical

Issue:

  • JWT secret hardcoded in config_pg.py
  • PostgreSQL credentials hardcoded in db_pg.py

Impact:

  • Authentication bypass possible
  • Database compromise risk

Remediation:

# Before
jwt_secret: str = "change-me-in-production"

# After
jwt_secret: str = Field(..., env='JWT_SECRET')
validate_secrets()  # Fail-fast if not provided

Status: Resolved

2. Authentication Gaps 🔴 Critical

Issue:

  • Exchange API endpoints without authentication
  • Hardcoded user_id=1 in order creation

Impact:

  • Unauthorized access to trading functions
  • Data exposure

Remediation:

# Added session-based authentication
@app.post("/api/orders", response_model=OrderResponse)
def create_order(
    order: OrderCreate, 
    db: Session = Depends(get_db_session),
    user_id: UserDep  # Authenticated user
):

Status: Resolved

3. CORS Misconfiguration 🟡 High

Issue:

  • Wildcard origins allowed (allow_origins=["*"])

Impact:

  • Cross-origin attacks from any website
  • CSRF vulnerabilities

Remediation:

# Before
allow_origins=["*"]

# After
allow_origins=[
    "http://localhost:3000",
    "http://localhost:8080", 
    "http://localhost:8000",
    "http://localhost:8011"
]

Status: Resolved

4. Weak Encryption 🟡 High

Issue:

  • Wallet private keys using weak XOR encryption
  • No key derivation

Impact:

  • Private keys easily compromised
  • Wallet theft

Remediation:

# Before
encrypted = xor_encrypt(private_key, password)

# After
encrypted = encrypt_value(private_key, password)  # Fernet
# Uses PBKDF2 with SHA-256 for key derivation

Status: Resolved

5. Database Session Inconsistency 🟡 Medium

Issue:

  • Multiple session dependencies across routers
  • Legacy code paths

Impact:

  • Potential connection leaks
  • Inconsistent transaction handling

Remediation:

  • Migrated all routers to storage.SessionDep
  • Removed legacy deps.get_session

Status: Resolved

Additional Improvements

CI/CD Security

  • Fixed import error causing build failures
  • Replaced requests with httpx (already a dependency)
  • Added graceful fallback for missing dependencies

Code Quality & Observability

Structured Logging

  • Added JSON structured logging to Coordinator API
    • StructuredLogFormatter class for consistent log output
    • Added AuditLogger class for tracking sensitive operations
    • Configurable JSON/text format via settings
  • Added JSON structured logging to Blockchain Node
    • Consistent log format with Coordinator API
    • Added service field for log parsing

Structured Error Responses

  • Implemented standardized error responses across all APIs
    • Added ErrorResponse and ErrorDetail Pydantic models
    • All exceptions now have error_code, status_code, and to_response() method
    • Added new exception types: AuthorizationError, NotFoundError, ConflictError

OpenAPI Documentation

  • Enabled OpenAPI documentation with ReDoc
    • Added docs_url="/docs", redoc_url="/redoc", openapi_url="/openapi.json"
    • Added OpenAPI tags for all router groups

Health Check Endpoints

  • Added liveness and readiness probes
    • /health/live - Simple alive check
    • /health/ready - Database connectivity check

Connection Pooling

  • Added database connection pooling
    • QueuePool for PostgreSQL with configurable pool settings
    • pool_size=10, max_overflow=20, pool_pre_ping=True

Systemd Service Standardization

  • Standardized all service paths to /opt/<service-name> convention
    • Updated 10 systemd service files for consistent deployment paths

Deployment

Site A (aitbc.bubuit.net)

  • All security fixes deployed and active
  • Services restarted and verified
  • CORS restrictions confirmed working

Site B (ns3)

  • No action needed
  • Only runs blockchain node (not affected)

Verification

Security Tests Passed

  • Unauthorized origins blocked (400 Bad Request)
  • Authentication required for protected endpoints
  • Wallet encryption/decryption functional
  • Secrets validation on startup
  • CI pipeline passes

Health Checks

# All services operational
curl https://aitbc.bubuit.net/api/v1/health
# {"status":"ok","env":"dev"}

curl https://aitbc.bubuit.net/exchange/api/health
# {"status": "ok", "database": "postgresql"}

Recommendations

Short Term

  1. Set up automated security scanning in CI
  2. Implement secret rotation policies
  3. Add rate limiting to authentication endpoints

Long Term

  1. Implement OAuth2/JWT for all APIs
  2. Add comprehensive audit logging
  3. Set up security monitoring and alerting

Conclusion

All critical security vulnerabilities have been resolved. The AITBC platform now follows security best practices with proper authentication, encryption, and access controls. Regular security audits should be conducted to maintain security posture.

Next Review: 2026-05-13 (Quarterly)

Report generated by Cascade AI Security Auditor