Principles:

• Memory safety and data race avoidance
• Minimal attack surface and no unsafe code
• Strict input validation for protocol commands
• No dynamic code execution or plugins
• Predictable resource usage and backpressure

Operational guidance:

• Bind server to trusted interfaces
• Use network firewalls and TLS termination in front of Centric
• Monitor log growth and run regular checkpoints
• Backup snapshots and WAL safely

TLS:

• Enable TLS by setting CENTRIC_TLS_CERT and CENTRIC_TLS_KEY (PEM files)
• When unset, Centric uses plain TCP; deploy behind a TLS proxy if preferred

RBAC:

• Set CENTRIC_TOKEN_HASH or CENTRIC_TOKEN to require AUTH <token>
• Configure CENTRIC_TOKEN_ROLE=read|admin to restrict writes/admin operations

Hardening:

• Avoid third-party parsers where possible
• Keep dependencies minimal and audited
• Use limited, line-based protocol with explicit length checks
• Optional authentication:
  • Set CENTRIC_TOKEN_HASH to an Argon2 hash to require AUTH <token> before performing mutating or admin operations
  • If not set, authentication is disabled; reads remain open by default