Skip to content

Wanted: Security Audit of Key Rotation Semantics #3

Open
Open
Wanted: Security Audit of Key Rotation Semantics#3
Labels
help wantedExtra attention is neededsecuritySecurity review or vulnerability
@chrishooooo-netizen

Description

@chrishooooo-netizen
chrishooooo-netizen
opened on Mar 26, 2026

TRAIL DIDs use EdDSA (Ed25519) with JSON Canonicalization Scheme (JCS). We need a security review of:

  • Key rotation mechanism - How agents update their verification methods without breaking existing trust chains.
  • Revocation propagation timing - How fast does a revoked key become untrusted across the network?
  • Recovery scenarios - Compromised agent key, compromised registry key, partial network partition.

Threat model:

  • Malicious agent impersonation
  • Registry compromise
  • MITM during DID resolution
  • Replay attacks with stale DID documents

If you have cryptographic protocol review experience, this is a high-impact contribution.

Metadata

Metadata

Assignees

No one assigned

    Labels

    help wantedExtra attention is neededsecuritySecurity review or vulnerability

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions