mirror of
https://github.com/BigBodyCobain/Shadowbroker.git
synced 2026-06-05 05:48:02 +02:00
release: prepare v0.9.7
This commit is contained in:
BigBodyCobain
@@ -0,0 +1,16 @@
|
||||
# ShadowBroker Mesh Claims Reconciliation
|
||||
|
||||
This file maps high-level release claims to implementation status for v0.9.7.
|
||||
It exists to prevent the public README from promising stronger privacy or
|
||||
security than the code provides.
|
||||
|
||||
| Claim | Status | Implementation Notes |
|
||||
|---|---|---|
|
||||
| InfoNet is a decentralized intelligence mesh. | Supported as testnet | Mesh routing, signed events, peer sync, gate personas, and Wormhole relay code are present, but deployment topology is still experimental. |
|
||||
| Gate chat is private. | Not supported | Gate chat is obfuscated and signed, not end-to-end private. Public claims must say "obfuscated" rather than "private". |
|
||||
| Dead Drop DMs are the strongest current private lane. | Supported with caveats | DM mailboxes, token handling, SAS/contact verification, sealed payloads, and witness/root transparency code exist. The lane is still experimental and should not be described as confidently private. |
|
||||
| Sovereign Shell governance is public. | Supported | Governance events are signed public records and should be documented as observable. |
|
||||
| Function Keys provide anonymous citizenship proof. | Partial | Nullifiers, challenge-response, receipts, denial codes, and settlement scaffolding exist. Blind-signature issuance is not complete. |
|
||||
| RingCT, stealth addresses, shielded balances, and DEX privacy are live. | Not supported | Protocol interfaces and Rust integration targets exist, but final primitives are not selected, wired, and audited. |
|
||||
| v0.9.6 users can auto-update to v0.9.7. | Supported if release asset is attached | The v0.9.6 updater requires a `.zip` release asset. The v0.9.7 release must attach `ShadowBroker_v0.9.7.zip`. Future v0.9.7+ updaters can use GitHub `zipball_url`. |
|
||||
| Docker users should update by pulling images. | Supported | The v0.9.7 updater detects Docker/runtime contexts and returns Docker pull instructions instead of attempting in-place extraction. |
|
||||
@@ -0,0 +1,38 @@
|
||||
# ShadowBroker InfoNet Threat Model
|
||||
|
||||
ShadowBroker v0.9.7 ships InfoNet and Wormhole as an experimental testnet.
|
||||
This document is the release-facing threat model for those systems. It is
|
||||
intended to keep README, UI, and release claims aligned with the implementation.
|
||||
|
||||
## Privacy Classification
|
||||
|
||||
| Surface | Classification | Notes |
|
||||
|---|---|---|
|
||||
| Meshtastic and APRS | Public | Radio traffic is public by design and can be intercepted by anyone in range or by public relays. |
|
||||
| InfoNet gate chat | Obfuscated, not private | Gate personas, canonical signing, padding, and transport policy reduce casual linkage but do not provide end-to-end encryption or metadata privacy. |
|
||||
| Dead Drop DMs | Strongest current lane | Token-based epoch mailboxes, SAS verification, sealed payloads, and witness/root checks improve privacy, but this is still testnet code. |
|
||||
| Sovereign Shell governance | Public ledger | Petitions, votes, upgrades, disputes, and market events are intentionally observable signed records. |
|
||||
| Privacy-core primitives | Integration runway | Rust MLS/private primitive work is present, but the README must not claim final RingCT, stealth, DEX, or anonymous-citizenship privacy until wired and audited. |
|
||||
|
||||
## In Scope
|
||||
|
||||
- Passive observation of public map layers and public mesh/gate traffic.
|
||||
- Replay and duplicate write attempts against signed mesh endpoints.
|
||||
- Basic sender spoofing attempts where canonical signatures are required.
|
||||
- Local runtime mistakes such as leaking caches, operator keys, relay state, or hidden-service material through Git.
|
||||
- Update-channel integrity checks for release zip assets and optional SHA-256 pins.
|
||||
|
||||
## Out Of Scope For v0.9.7
|
||||
|
||||
- A guarantee of end-to-end private messaging across every lane.
|
||||
- Strong anonymity against a global network observer.
|
||||
- Protection from a compromised local host, browser profile, or operator machine.
|
||||
- Production-grade governance finality or financial settlement guarantees.
|
||||
- Fully selected and audited privacy primitives for RingCT, stealth addresses, shielded balances, range proofs, or DEX matching.
|
||||
|
||||
## Required Operator Guidance
|
||||
|
||||
- Do not send sensitive material on public mesh, InfoNet gate chat, or experimental DMs.
|
||||
- Treat all v0.9.7 mesh lanes as testnet lanes.
|
||||
- Keep runtime keys, relay state, Tor hidden-service data, and `backend/data/*` operator state out of Git.
|
||||
- Use the release zip asset for v0.9.6 auto-update compatibility, and prefer signed/hashed release artifacts where available.
|
||||
@@ -0,0 +1,47 @@
|
||||
# Wormhole DM Root Operations Runbook
|
||||
|
||||
This runbook covers the v0.9.7 operator flow for DM root witness and
|
||||
transparency monitoring.
|
||||
|
||||
## Goals
|
||||
|
||||
- Keep root transparency state observable for operators.
|
||||
- Make witness publication and monitoring repeatable.
|
||||
- Avoid committing operator-local keys, ledgers, or runtime state.
|
||||
|
||||
## Local State Boundaries
|
||||
|
||||
Never commit these paths:
|
||||
|
||||
- `backend/data/root/`
|
||||
- `backend/data/root_distribution/`
|
||||
- `backend/data/root_transparency/`
|
||||
- `backend/data/_domain_keys/`
|
||||
- `ops/`
|
||||
- `dm_relay.json`
|
||||
|
||||
The root `.gitignore` excludes these runtime paths. If a release archive is
|
||||
made with `git archive`, only tracked files are included.
|
||||
|
||||
## Useful Scripts
|
||||
|
||||
Run these from the repository root after configuring the backend and any
|
||||
operator environment variables required by the specific deployment:
|
||||
|
||||
```bash
|
||||
node scripts/mesh/poll-dm-root-health-alerts.mjs
|
||||
node scripts/mesh/export-dm-root-health-prometheus.mjs
|
||||
node scripts/mesh/publish-external-root-witness-package.mjs
|
||||
node scripts/mesh/smoke-external-root-witness-flow.mjs
|
||||
node scripts/mesh/smoke-root-transparency-publication-flow.mjs
|
||||
node scripts/mesh/smoke-dm-root-deployment-flow.mjs
|
||||
node scripts/mesh/sync-dm-root-external-assurance.mjs
|
||||
```
|
||||
|
||||
## Release Checklist
|
||||
|
||||
1. Run the secret scanner against the candidate tree.
|
||||
2. Verify root transparency tests pass.
|
||||
3. Verify no runtime root, witness, Tor, key, or relay-state files are staged.
|
||||
4. Build release archives from the committed tree with `git archive`.
|
||||
5. Attach `ShadowBroker_v0.9.7.zip` to the GitHub release for v0.9.6 updater compatibility.
|
||||
Reference in New Issue
Block a user