Comprehensive security documentation for independent auditors. Threat model, attack surface review, protocol state specification, and security claims mapped to code and tests.
9 adversary classes (passive observer, malicious server, nation-state, supply chain, device thief, insider, network attacker, quantum adversary, malicious contact). Security properties and coverage analysis.
Read DocumentComprehensive entry point analysis across client crypto library, mobile app, server relay, and network transport. Risk assessment with input validation coverage.
Read DocumentFormal session lifecycle with 5 states (UNINITIALIZED to CLOSED). State transition rules, invariants, epoch management, and key rotation policy.
Read Document34 security claims mapped to specific code locations and test files. Each claim lists evidence, verification status, and gaps requiring attention.
Read DocumentComplete feature-by-feature status table across v1 core, v2 hardening, v3 production, server relay, and infrastructure. Implementation status with test counts.
Read DocumentFull v2 architecture document with threat matrix, attack surface diagram, cryptographic design specifications, metadata resistance design, and phased upgrade plan.
Read Document