oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aitbc/docs/reference/threat-modeling.md
oib c8be9d7414 feat: add marketplace metrics, privacy features, and service registry endpoints 
- Add Prometheus metrics for marketplace API throughput and error rates with new dashboard panels
- Implement confidential transaction models with encryption support and access control
- Add key management system with registration, rotation, and audit logging
- Create services and registry routers for service discovery and management
- Integrate ZK proof generation for privacy-preserving receipts
- Add metrics instru
2025-12-22 10:33:23 +01:00

287 lines
12 KiB
Markdown
Raw Blame History

# AITBC Threat Modeling: Privacy Features
## Overview
This document provides a comprehensive threat model for AITBC's privacy-preserving features, focusing on zero-knowledge receipt attestation and confidential transactions. The analysis uses the STRIDE methodology to systematically identify threats and their mitigations.
## Document Version
- Version: 1.0
- Date: December 2024
- Status: Published - Shared with Ecosystem Partners
## Scope
### In-Scope Components
1. **ZK Receipt Attestation System**
- Groth16 circuit implementation
- Proof generation service
- Verification contract
- Trusted setup ceremony
2. **Confidential Transaction System**
- Hybrid encryption (AES-256-GCM + X25519)
- HSM-backed key management
- Access control system
- Audit logging infrastructure
### Out-of-Scope Components
- Core blockchain consensus
- Basic transaction processing
- Non-confidential marketplace operations
- Network layer security
## Threat Actors
| Actor | Motivation | Capability | Impact |
|-------|------------|------------|--------|
| Malicious Miner | Financial gain, sabotage | Access to mining software, limited compute | High |
| Compromised Coordinator | Data theft, market manipulation | System access, private keys | Critical |
| External Attacker | Financial theft, privacy breach | Public network, potential exploits | High |
| Regulator | Compliance investigation | Legal authority, subpoenas | Medium |
| Insider Threat | Data exfiltration | Internal access, knowledge | High |
| Quantum Computer | Break cryptography | Future quantum capability | Future |
## STRIDE Analysis
### 1. Spoofing
#### ZK Receipt Attestation
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Proof Forgery | Attacker creates fake ZK proofs | Medium | High | ✅ Groth16 soundness property<br>✅ Verification on-chain<br>⚠️ Trusted setup security |
| Identity Spoofing | Miner impersonates another | Low | Medium | ✅ Miner registration with KYC<br>✅ Cryptographic signatures |
| Coordinator Impersonation | Fake coordinator services | Low | High | ✅ TLS certificates<br>⚠️ DNSSEC recommended |
#### Confidential Transactions
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Key Spoofing | Fake public keys for participants | Medium | High | ✅ HSM-protected keys<br>✅ Certificate validation |
| Authorization Forgery | Fake audit authorization | Low | High | ✅ Signed tokens<br>✅ Short expiration times |
### 2. Tampering
#### ZK Receipt Attestation
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Circuit Modification | Malicious changes to circom circuit | Low | Critical | ✅ Open-source circuits<br>✅ Circuit hash verification |
| Proof Manipulation | Altering proofs during transmission | Medium | High | ✅ End-to-end encryption<br>✅ On-chain verification |
| Setup Parameter Poisoning | Compromise trusted setup | Low | Critical | ⚠️ Multi-party ceremony needed<br>⚠️ Secure destruction of toxic waste |
#### Confidential Transactions
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Data Tampering | Modify encrypted transaction data | Medium | High | ✅ AES-GCM authenticity<br>✅ Immutable audit logs |
| Key Substitution | Swap public keys in transit | Low | High | ✅ Certificate pinning<br>✅ HSM key validation |
| Access Control Bypass | Override authorization checks | Low | High | ✅ Role-based access control<br>✅ Audit logging of all changes |
### 3. Repudiation
#### ZK Receipt Attestation
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Denial of Proof Generation | Miner denies creating proof | Low | Medium | ✅ On-chain proof records<br>✅ Signed proof metadata |
| Receipt Denial | Party denies transaction occurred | Medium | Medium | ✅ Immutable blockchain ledger<br>✅ Cryptographic receipts |
#### Confidential Transactions
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Access Denial | User denies accessing data | Low | Medium | ✅ Comprehensive audit logs<br>✅ Non-repudiation signatures |
| Key Generation Denial | Deny creating encryption keys | Low | Medium | ✅ HSM audit trails<br>✅ Key rotation logs |
### 4. Information Disclosure
#### ZK Receipt Attestation
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Witness Extraction | Extract private inputs from proof | Low | Critical | ✅ Zero-knowledge property<br>✅ No knowledge of witness |
| Setup Parameter Leak | Expose toxic waste from trusted setup | Low | Critical | ⚠️ Secure multi-party setup<br>⚠️ Parameter destruction |
| Side-Channel Attacks | Timing/power analysis | Low | Medium | ✅ Constant-time implementations<br>⚠️ Needs hardware security review |
#### Confidential Transactions
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Private Key Extraction | Steal keys from HSM | Low | Critical | ✅ HSM security controls<br>✅ Hardware tamper resistance |
| Decryption Key Leak | Expose DEKs | Medium | High | ✅ Per-transaction DEKs<br>✅ Encrypted key storage |
| Metadata Analysis | Infer data from access patterns | Medium | Medium | ✅ Access logging<br>⚠️ Differential privacy needed |
### 5. Denial of Service
#### ZK Receipt Attestation
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Proof Generation DoS | Overwhelm proof service | High | Medium | ✅ Rate limiting<br>✅ Queue management<br>⚠️ Need monitoring |
| Verification Spam | Flood verification contract | High | High | ✅ Gas costs limit spam<br>⚠️ Need circuit optimization |
#### Confidential Transactions
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Key Exhaustion | Deplete HSM key slots | Medium | Medium | ✅ Key rotation<br>✅ Resource monitoring |
| Database Overload | Saturate with encrypted data | High | Medium | ✅ Connection pooling<br>✅ Query optimization |
| Audit Log Flooding | Fill audit storage | Medium | Medium | ✅ Log rotation<br>✅ Storage monitoring |
### 6. Elevation of Privilege
#### ZK Receipt Attestation
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| Setup Privilege | Gain trusted setup access | Low | Critical | ⚠️ Multi-party ceremony<br>⚠️ Independent audits |
| Coordinator Compromise | Full system control | Medium | Critical | ✅ Multi-sig controls<br>✅ Regular security audits |
#### Confidential Transactions
| Threat | Description | Likelihood | Impact | Mitigations |
|--------|-------------|------------|--------|-------------|
| HSM Takeover | Gain HSM admin access | Low | Critical | ✅ HSM access controls<br>✅ Dual authorization |
| Access Control Escalation | Bypass role restrictions | Medium | High | ✅ Principle of least privilege<br>✅ Regular access reviews |
## Risk Matrix
| Threat | Likelihood | Impact | Risk Level | Priority |
|--------|------------|--------|------------|----------|
| Trusted Setup Compromise | Low | Critical | HIGH | 1 |
| HSM Compromise | Low | Critical | HIGH | 1 |
| Proof Forgery | Medium | High | HIGH | 2 |
| Private Key Extraction | Low | Critical | HIGH | 2 |
| Information Disclosure | Medium | High | MEDIUM | 3 |
| DoS Attacks | High | Medium | MEDIUM | 3 |
| Side-Channel Attacks | Low | Medium | LOW | 4 |
| Repudiation | Low | Medium | LOW | 4 |
## Implemented Mitigations
### ZK Receipt Attestation
- ✅ Groth16 soundness and zero-knowledge properties
- ✅ On-chain verification prevents tampering
- ✅ Open-source circuit code for transparency
- ✅ Rate limiting on proof generation
- ✅ Comprehensive audit logging
### Confidential Transactions
- ✅ AES-256-GCM provides confidentiality and authenticity
- ✅ HSM-backed key management prevents key extraction
- ✅ Role-based access control with time restrictions
- ✅ Per-transaction DEKs for forward secrecy
- ✅ Immutable audit trails with chain of hashes
- ✅ Multi-factor authentication for sensitive operations
## Recommended Future Improvements
### Short Term (1-3 months)
1. **Trusted Setup Ceremony**
- Implement multi-party computation (MPC) setup
- Engage independent auditors
- Publicly document process
2. **Enhanced Monitoring**
- Real-time threat detection
- Anomaly detection for access patterns
- Automated alerting for security events
3. **Security Testing**
- Penetration testing by third party
- Side-channel resistance evaluation
- Fuzzing of circuit implementations
### Medium Term (3-6 months)
1. **Advanced Privacy**
- Differential privacy for metadata
- Secure multi-party computation
- Homomorphic encryption support
2. **Quantum Resistance**
- Evaluate post-quantum schemes
- Migration planning for quantum threats
- Hybrid cryptography implementations
3. **Compliance Automation**
- Automated compliance reporting
- Privacy impact assessments
- Regulatory audit tools
### Long Term (6-12 months)
1. **Formal Verification**
- Formal proofs of circuit correctness
- Verified smart contract deployments
- Mathematical security proofs
2. **Decentralized Trust**
- Distributed key generation
- Threshold cryptography
- Community governance of security
## Security Controls Summary
### Preventive Controls
- Cryptographic guarantees (ZK proofs, encryption)
- Access control mechanisms
- Secure key management
- Network security (TLS, certificates)
### Detective Controls
- Comprehensive audit logging
- Real-time monitoring
- Anomaly detection
- Security incident response
### Corrective Controls
- Key rotation procedures
- Incident response playbooks
- Backup and recovery
- System patching processes
### Compensating Controls
- Insurance for cryptographic risks
- Legal protections
- Community oversight
- Bug bounty programs
## Compliance Mapping
| Regulation | Requirement | Implementation |
|------------|-------------|----------------|
| GDPR | Right to encryption | ✅ Opt-in confidential transactions |
| GDPR | Data minimization | ✅ Selective disclosure |
| SEC 17a-4 | Audit trail | ✅ Immutable logs |
| MiFID II | Transaction reporting | ✅ ZK proof verification |
| PCI DSS | Key management | ✅ HSM-backed keys |
## Incident Response
### Security Event Classification
1. **Critical** - HSM compromise, trusted setup breach
2. **High** - Large-scale data breach, proof forgery
3. **Medium** - Single key compromise, access violation
4. **Low** - Failed authentication, minor DoS
### Response Procedures
1. Immediate containment
2. Evidence preservation
3. Stakeholder notification
4. Root cause analysis
5. Remediation actions
6. Post-incident review
## Review Schedule
- **Monthly**: Security monitoring review
- **Quarterly**: Threat model update
- **Semi-annually**: Penetration testing
- **Annually**: Full security audit
## Contact Information
- Security Team: security@aitbc.io
- Bug Reports: security-bugs@aitbc.io
- Security Researchers: research@aitbc.io
## Acknowledgments
This threat model was developed with input from:
- AITBC Security Team
- External Security Consultants
- Community Security Researchers
- Cryptography Experts
---
*This document is living and will be updated as new threats emerge and mitigations are implemented.*
Reference in New Issue View Git Blame Copy Permalink