5 stable releases
| 2.5.0 | Jan 3, 2026 |
|---|---|
| 1.7.0 | Dec 31, 2025 |
| 1.6.0 | Dec 30, 2025 |
| 1.5.0 | Dec 30, 2025 |
| 1.2.0 | Dec 27, 2025 |
#5 in #ai-safety
1MB
20K
SLoC
𧬠Hope Genome v1.4.0 - Hardened Security Edition
Tamper-Evident Cryptographic Framework for AI Accountability
"Not unhackable, but tamper-evident with cryptographic proof."
π Table of Contents
- Overview
- What's New in v1.4.0
- Security Achievements
- Features
- Quick Start
- Architecture
- Performance
- Production Deployment
- Red Team Audit Response
- API Examples
- Contributing
- License
π― Overview
Hope Genome is a production-grade cryptographic framework designed to ensure accountability, auditability, and transparency in AI systems. It provides tamper-evident proofs for AI decisions, making attacks detectable rather than impossible.
Core Philosophy
Hope Genome doesn't prevent all attacksβit makes them impossible to hide. Every AI action is:
- β Cryptographically signed (Ed25519, v1.4.0+)
- β Immutably logged (blockchain-style audit trail)
- β Replay-protected (persistent nonce store, v1.4.0+)
- β Bound to ethical rules (sealed genome capsules)
π What's New in v1.4.0
Release Date: December 30, 2025 Codename: Hardened Security Edition
Critical Security Upgrades
π 1. Ed25519 Migration - Marvin Attack Eliminated
Replaced RSA-2048 with Ed25519 signatures:
| Feature | RSA-2048 (v1.3.0) | Ed25519 (v1.4.0) | Improvement |
|---|---|---|---|
| Signing Speed | ~1ms | ~10ΞΌs | 100x faster |
| Verification | ~50ΞΌs | ~25ΞΌs | 2x faster |
| Signature Size | 256 bytes | 64 bytes | 75% smaller |
| Key Size | 256 bytes | 32 bytes | 87% smaller |
| Marvin Attack | β Vulnerable | β Immune | Critical fix |
| Timing Attacks | β οΈ Possible | β Constant-time | Hardened |
πΎ 2. Persistent Nonce Store - Restart-Safe Replay Protection
// Memory-only (v1.3.0) - nonces lost on restart β
let auditor = ProofAuditor::new(keypair);
// Persistent (v1.4.0) - nonces survive restarts β
let nonce_store = RocksDbNonceStore::new("./nonces.db")?;
let auditor = ProofAuditor::new(
Box::new(key_store),
Box::new(nonce_store),
);
Supported Backends:
- β MemoryNonceStore - In-memory (testing)
- β RocksDbNonceStore - Persistent disk (production)
- β RedisNonceStore - Distributed cache (multi-instance)
π 3. HSM Abstraction Layer - Hardware Security Ready
Pluggable KeyStore trait for future HSM integration:
pub trait KeyStore: Send + Sync {
fn sign(&self, data: &[u8]) -> Result<Vec<u8>>;
fn verify(&self, data: &[u8], signature: &[u8]) -> Result<()>;
fn public_key_bytes(&self) -> Vec<u8>;
}
Implementations:
- β
SoftwareKeyStore(Ed25519, memory) - Available Now - π
HsmKeyStore(PKCS#11) - Architecture Ready (v1.5.0)
π‘οΈ Security Achievements
Red Team Audit Response (Gemini, 2025-12-30)
| Attack Vector | v1.3.0 Status | v1.4.0 Mitigation | Result |
|---|---|---|---|
| Marvin Attack | β RSA PKCS#1v15 vulnerable | β Ed25519 (no padding) | ELIMINATED |
| Replay Attack (pre-restart) | β Nonce tracking (memory) | β Same | Protected |
| Replay Attack (post-restart) | β Nonces lost | β RocksDB/Redis persistence | ELIMINATED |
| Timing Attack | β οΈ RSA variable-time | β Ed25519 constant-time | ELIMINATED |
| Forgery | β RSA signatures | β Ed25519 signatures (faster) | Hardened |
| Oracle Attack | β Action binding | β Same | Protected |
| TOCTOU | β Rust ownership | β Same | Protected |
| Log Tampering | β Blockchain chain | β Same | Protected |
Security Score Progression
- v1.3.0: 8.5/10 (Gemini Red Team)
- v1.4.0: Target: 10/10 π― (Awaiting re-audit)
β¨ Features
Core Capabilities
- π Ed25519 Signatures - Modern, fast, constant-time cryptography
- π Immutable Audit Trail - Blockchain-style tamper-evident logging
- π Replay Attack Prevention - Persistent nonce tracking (RocksDB/Redis)
- π― Action Binding - Proofs tied to specific actions (prevents oracle attacks)
- β±οΈ Time-To-Live (TTL) - Proof expiration for temporal security
- ποΈ Sealed Genomes - Immutable ethical rulesets with cryptographic binding
- π Multi-Source Consensus - Byzantine Fault Tolerance for sensor data
- π Pluggable Backends - Trait-based architecture (KeyStore, NonceStore)
Defense Mechanisms
| Layer | Protection | Implementation |
|---|---|---|
| Cryptographic | Ed25519 signatures | SoftwareKeyStore |
| Temporal | TTL + Nonce expiry | IntegrityProof::is_expired() |
| Replay | Persistent nonce store | RocksDbNonceStore |
| Integrity | Blockchain-style chain | AuditLog::append() |
| Consensus | Multi-source voting | ConsensusVerifier |
π Quick Start
Installation
Add to Cargo.toml:
[dependencies]
hope_core = "1.4.0"
# Optional: Persistent nonce store
hope_core = { version = "1.4.0", features = ["rocksdb-nonce-store"] }
Basic Example (v1.4.0 API)
use hope_core::*;
use hope_core::crypto::SoftwareKeyStore;
use hope_core::nonce_store::MemoryNonceStore;
fn main() -> Result<(), Box<dyn std::error::Error>> {
// 1. Create genome with ethical rules
let mut genome = SealedGenome::new(vec![
"Do no harm".to_string(),
"Respect privacy".to_string(),
])?;
// 2. Seal it (make immutable)
genome.seal()?;
// 3. Create action
let action = Action::delete("sensitive_data.csv");
// 4. Get cryptographic proof (Ed25519 signed)
let proof = genome.verify_action(&action)?;
println!("β
Proof signed: {} bytes", proof.signature.len()); // 64 bytes
// 5. Create auditor with persistent nonce store
let key_store = SoftwareKeyStore::generate()?;
let nonce_store = MemoryNonceStore::new(); // Or RocksDbNonceStore
let mut auditor = ProofAuditor::new(
Box::new(key_store),
Box::new(nonce_store),
);
// 6. Verify proof
auditor.verify_proof(&proof)?;
println!("β
Proof verified successfully");
// 7. Replay attack: BLOCKED!
match auditor.verify_proof(&proof) {
Err(e) => println!("β
Replay attack blocked: {}", e),
Ok(_) => panic!("β Replay attack NOT blocked!"),
}
Ok(())
}
Production Example (Persistent Storage)
use hope_core::*;
use hope_core::crypto::SoftwareKeyStore;
use hope_core::nonce_store::RocksDbNonceStore;
fn main() -> Result<(), Box<dyn std::error::Error>> {
// Production setup: persistent nonce store
let key_store = SoftwareKeyStore::generate()?;
let nonce_store = RocksDbNonceStore::new("./production_nonces.db")?;
let mut auditor = ProofAuditor::new(
Box::new(key_store),
Box::new(nonce_store),
);
// Nonces persist across restarts!
// Even after process crash, replay attacks are blocked
Ok(())
}
ποΈ Architecture
Component Overview
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Hope Genome v1.4.0 β
β Hardened Security Edition β
ββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββ΄ββββββββββββββββ
β β
ββββββββΌβββββββ ββββββββΌβββββββ
β SealedGenomeβ βProofAuditor β
β (Rules) β β (Verifier) β
ββββββββ¬βββββββ ββββββββ¬βββββββ
β β
β signs β verifies
β (Ed25519) β (Ed25519)
β β
βΌ βΌ
βββββββββββββββ βββββββββββββββ
β KeyStore βββββββββββββββββββ€ NonceStore β
β (Pluggable) β atomic β (Pluggable) β
βββββββ¬ββββββββ check βββββββ¬ββββββββ
β β
ββ SoftwareKeyStore ββ MemoryNonceStore
ββ HsmKeyStore (v1.5.0) ββ RocksDbNonceStore
ββ [Your Custom Store] ββ RedisNonceStore
Data Flow
AI Decision
β
βββΊ Action (e.g., "delete file X")
β
βββΊ SealedGenome.verify_action()
β β
β βββΊ Check against ethical rules
β βββΊ Create IntegrityProof
β β ββ nonce (32 bytes, cryptographic random)
β β ββ timestamp + TTL
β β ββ action_hash (SHA-256)
β β ββ capsule_hash (genome binding)
β β
β βββΊ Sign with KeyStore (Ed25519)
β ββ signature (64 bytes)
β
βββΊ IntegrityProof
β β
β βββΊ ProofAuditor.verify_proof()
β β
β βββΊ Verify Ed25519 signature
β βββΊ Check TTL (not expired)
β βββΊ NonceStore.check_and_insert()
β β
β ββ If nonce exists: REJECT (replay attack)
β ββ Else: INSERT & ACCEPT
β
βββΊ Execute Action (if proof valid)
β‘ Performance
Benchmarks (v1.4.0 vs v1.3.0)
Test Environment: Intel i7-12700K, 32GB RAM, Windows 11
| Operation | RSA-2048 (v1.3.0) | Ed25519 (v1.4.0) | Speedup |
|---|---|---|---|
| Key Generation | 45ms | 0.08ms | 562x faster |
| Sign Proof | 1.2ms | 0.010ms | 120x faster |
| Verify Proof | 0.045ms | 0.025ms | 1.8x faster |
| Nonce Check (Memory) | 0.002ms | 0.002ms | Same |
| Nonce Check (RocksDB) | N/A | 0.15ms | New feature |
| Full Workflow | 1.25ms | 0.037ms | 33x faster |
Memory Footprint
| Component | Size (v1.3.0) | Size (v1.4.0) | Reduction |
|---|---|---|---|
| Private Key | 256 bytes | 32 bytes | 87% smaller |
| Public Key | 256 bytes | 32 bytes | 87% smaller |
| Signature | 256 bytes | 64 bytes | 75% smaller |
| IntegrityProof | ~550 bytes | ~360 bytes | 35% smaller |
π Production Deployment
Recommended Setup
# docker-compose.yml (Production)
version: '3.8'
services:
hope-genome-api:
image: hope-genome:1.4.0
environment:
- RUST_LOG=info
- NONCE_STORE=rocksdb
- NONCE_DB_PATH=/data/nonces.db
- KEY_STORE=software # or 'hsm' in v1.5.0
volumes:
- nonce-data:/data
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- NET_BIND_SERVICE
rocksdb:
image: rocksdb:latest
volumes:
- rocksdb-data:/data
read_only: true
volumes:
nonce-data:
rocksdb-data:
Security Hardening Checklist
- Ed25519 signatures - Immune to Marvin & timing attacks
- Persistent nonce store - RocksDB or Redis
- Read-only containers - Prevent runtime tampering
- Minimal capabilities - Drop all, add only necessary
- No new privileges - Prevent privilege escalation
- HSM integration - PKCS#11 (coming in v1.5.0)
- mTLS - Mutual TLS for API communication
- Rate limiting - Prevent DoS attacks
π¬ Red Team Audit Response
Original Findings (Gemini, v1.3.0)
Score: 8.5/10 Date: December 2025 Auditor: Gemini Red Team
Critical Issues Identified:
- β Marvin Attack Risk - RSA PKCS#1v15 padding oracle vulnerability
- β Replay Attack (Post-Restart) - Nonces lost on process restart
- β οΈ No HSM Support - Keys stored in process memory
v1.4.0 Remediation
| Issue | Status | Solution | Verification |
|---|---|---|---|
| Marvin Attack | β FIXED | Ed25519 (no padding) | 79/79 tests pass |
| Replay (Restart) | β FIXED | RocksDB/Redis nonce store | Persistent storage tests |
| HSM Support | π READY | KeyStore trait + PKCS#11 placeholder | Architecture in place |
Re-Audit Target: 10/10 π―
π API Examples
Example 1: Custom KeyStore Implementation
use hope_core::crypto::{KeyStore, CryptoError};
struct MyCustomKeyStore {
// Your custom implementation
}
impl KeyStore for MyCustomKeyStore {
fn sign(&self, data: &[u8]) -> Result<Vec<u8>, CryptoError> {
// Sign with your custom backend (HSM, KMS, etc.)
todo!()
}
fn verify(&self, data: &[u8], signature: &[u8]) -> Result<(), CryptoError> {
// Verify with your custom backend
todo!()
}
fn public_key_bytes(&self) -> Vec<u8> {
// Return public key
todo!()
}
}
// Use it:
let custom_store = MyCustomKeyStore { /* ... */ };
let auditor = ProofAuditor::new(
Box::new(custom_store),
Box::new(MemoryNonceStore::new()),
);
Example 2: Multi-Source Consensus
use hope_core::consensus::*;
// Collect sensor readings from multiple sources
let readings = vec![
SensorReading::new(42.5, "sensor-1"),
SensorReading::new(42.3, "sensor-2"),
SensorReading::new(42.7, "sensor-3"),
];
// Sign each reading
let keypairs = vec![
KeyPair::generate()?,
KeyPair::generate()?,
KeyPair::generate()?,
];
for (reading, keypair) in readings.iter_mut().zip(&keypairs) {
reading.sign(keypair)?;
}
// Verify consensus (Byzantine Fault Tolerance)
let verifier = ConsensusVerifier::new(0.1); // 10% tolerance
let confidence = verifier.verify_readings(&readings, &keypairs)?;
println!("β
Consensus confidence: {:.2}%", confidence * 100.0);
π€ Contributing
We welcome contributions! Please see CONTRIBUTING.md for guidelines.
Development Setup
# Clone repository
git clone https://github.com/silentnoisehun/Hope_Genome.git
cd Hope_Genome
# Run tests
cargo test
# Run with features
cargo test --features rocksdb-nonce-store
cargo test --features redis-nonce-store
# Benchmarks
cargo bench
# Lint
cargo clippy -- -D warnings
# Format
cargo fmt
Code of Conduct
- Security First - Report vulnerabilities privately to stratosoiteam@gmail.com
- Test Coverage - All PRs must include tests
- Documentation - Public APIs must be documented
- Performance - Benchmark regressions require justification
π License
MIT License
Copyright (c) 2025 MΓ‘tΓ© RΓ³bert
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
π Acknowledgments
Standards & Projects
- Rust Cryptography Working Group - Ed25519 implementation (ed25519-dalek)
- RocksDB Project - Persistent storage backend
Contributors
- MΓ‘tΓ© RΓ³bert (@silentnoisehun) - Primary Author & Architect
- Claude (Anthropic) - Technical Advisor & Co-Designer
Special Thanks
- Gemini Red Team - Security audit and critical feedback
- Rust Community - Exceptional tooling and ecosystem
- AI Safety Community - Inspiration and guidance
π Contact
- Author: MΓ‘tΓ© RΓ³bert
- Email: stratosoiteam@gmail.com
- GitHub: @silentnoisehun
- Project: Hope_Genome
πΊοΈ Roadmap
v1.5.0 (Q1 2026) - HSM Integration
- PKCS#11 HSM support (YubiKey, SoftHSM, Thales)
- AWS CloudHSM integration
- Azure Key Vault integration
- TPM 2.0 support
v1.6.0 (Q2 2026) - Distributed Systems
- Raft consensus for multi-node deployments
- Kubernetes operator
- Distributed audit log (IPFS/Blockchain)
- gRPC API
v2.0.0 (Q3 2026) - Breaking Changes
- Remove deprecated
KeyPair(useSoftwareKeyStore) - Remove deprecated
ProofAuditorconstructor - Post-quantum cryptography (Dilithium, Kyber)
Hope Genome v1.4.0 - Hardened Security Edition
"Not unhackable, but tamper-evident with cryptographic proof."
Dependencies
~5β14MB
~284K SLoC