feat(security): replace owned identifiers with BLAKE3#1248
Open
joshuajbouw wants to merge 5 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR migrates Astrid-owned identifiers (invite tokens, pair-device tokens, public-key fingerprints, and MCP binary pins) from SHA-256-centric strings to explicit, domain-separated BLAKE3 semantics, aiming to make internal identifiers self-describing and avoid accidental external compatibility commitments.
Changes:
- Introduces
IdentifierHashandPublicKeyFingerprintnewtypes (BLAKE3 derive-key domain separation) and updates kernel/CLI/gateway usage to emitblake3:<hex>fingerprints. - Versions and migrates invite/pair token stores: schema-0 (legacy SHA-256) fails closed via invalidation; schema-1 persists with typed raw-token prefixes (
astrid_inv_/astrid_pair_) and constant-time comparisons. - Updates MCP binary integrity pins to
blake3:<hex>, removes SHA-256 env value fingerprint logging in the gateway, and removes directsha2deps where no longer needed.
Reviewed changes
Copilot reviewed 25 out of 26 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| e2e/fixtures/compat/legacy-sha-pair-token.toml | Adds a compatibility fixture representing a legacy SHA-256 pair-token store record. |
| e2e/fixtures/compat/legacy-pair-token-without-scope.toml | Updates the legacy pair-token fixture to schema 1 and a blake3:<hex> token hash. |
| docs/gateway-client.md | Updates guidance to use BLAKE3 tooling (b3sum) for spec hashing. |
| docs/distro-signing.md | Updates distro signing documentation from sha256 pin examples to BLAKE3 (b3sum). |
| docs/config.md | Updates binary_hash documentation/examples to blake3:<hex>. |
| crates/astrid-mcp/src/config.rs | Enforces blake3:<64 lowercase hex> for MCP binary_hash, rejecting the retired sha256: label; adds tests. |
| crates/astrid-kernel/src/pair_token.rs | Migrates pair-token identifiers to domain-separated BLAKE3, adds schema handling and invalidation for legacy SHA stores, and typed token prefixing. |
| crates/astrid-kernel/src/kernel_router/admin/pair_device_handlers.rs | Updates docs to reflect BLAKE3-based persistence and redaction posture. |
| crates/astrid-kernel/src/kernel_router/admin/mod.rs | Updates audit redaction docs and revoke token fingerprinting to use the new canonicalization helper. |
| crates/astrid-kernel/src/kernel_router/admin/invite_handlers.rs | Switches public-key fingerprinting to shared BLAKE3 helper; updates invite revoke matching logic; adds persistence/revocation tests. |
| crates/astrid-kernel/src/invite.rs | Migrates invite-token identifiers to domain-separated BLAKE3 with schema handling, typed token prefixing, canonicalization helper, and tests. |
| crates/astrid-kernel/Cargo.toml | Removes direct sha2 dependency from the kernel crate. |
| crates/astrid-integration-tests/tests/compatibility_fixtures.rs | Adds an integration test ensuring legacy SHA pair-token stores are invalidated and rewritten. |
| crates/astrid-gateway/src/routes/invites.rs | Updates OpenAPI schema/docs to reflect typed tokens and blake3:<hex> fingerprints. |
| crates/astrid-gateway/src/routes/env.rs | Removes SHA-256 value fingerprint logging to avoid dictionary-testable leakage for low-entropy env values. |
| crates/astrid-gateway/src/routes/auth.rs | Updates request/response docs/examples for typed tokens and BLAKE3 public-key fingerprints. |
| crates/astrid-gateway/Cargo.toml | Removes direct sha2 dependency from the gateway crate and updates comments. |
| crates/astrid-crypto/src/prelude.rs | Re-exports new identifier/fingerprint helpers in the crypto prelude. |
| crates/astrid-crypto/src/lib.rs | Adds the new identifier module and exports IdentifierHash/PublicKeyFingerprint. |
| crates/astrid-crypto/src/identifier.rs | New module implementing domain-separated BLAKE3 identifier types with tests. |
| crates/astrid-core/src/kernel_api/mod.rs | Updates API docs to reflect typed tokens and blake3:<hex> public-key/token fingerprints. |
| crates/astrid-config/src/defaults.toml | Updates default config comments to binary_hash = "blake3:...". |
| crates/astrid-cli/src/commands/keypair.rs | Migrates key metadata to schema 2 with BLAKE3 fingerprints and self-healing migration/repair logic. |
| crates/astrid-cli/src/commands/invite.rs | Updates CLI help/output formatting for blake3:<hex> fingerprints. |
| CHANGELOG.md | Adds an [Unreleased] changelog entry documenting the BLAKE3 identifier migration and related changes. |
| Cargo.lock | Removes now-unused sha2 dependency entries for affected crates. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
API-CONTRACT-CHANGE: pair and invite bearer tokens now expose typed prefixes, and public key and token fingerprints now use the blake3:<hex> format.
c8ecd13 to
3a34e97
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Linked Issue
Closes #1247
Summary
Replace Astrid-owned SHA-256 identifiers with explicit BLAKE3 semantics before
those formats acquire an external compatibility constituency. Content digests
remain distinct from domain-separated identifiers, recoverable metadata
self-heals, and non-recoverable legacy token indexes fail closed.
Changes
IdentifierHashandPublicKeyFingerprintnewtypes backed byBLAKE3 derive-key contexts
golden vectors and constant-time comparison coverage
astrid_inv_/astrid_pair_and serializefingerprints as
blake3:<hex>so secrets and identifiers are self-describingpreserve unknown future schemas unchanged, and reject malformed state
fingerprint from the retained public key
sha256:<BLAKE3>spelling toblake3:<BLAKE3>, while preserving the existing no-op behavior when an SSEserver has no local command to verify
sha2dependencies from the kernel and gateway whileretaining SHA where external protocols require it
Verification
cargo fmt --all -- --checkcargo metadata --locked --offline --no-deps --format-version 1git diff --checkb3sum --derive-keystrict BLAKE3 parsing for local binaries
1b2e55abChecklist
[Unreleased])