Skip to content

Security Validation — honest CURE surfacing

GFTCL-LION-SECURITY-001.

What the cell HONESTLY guarantees

The cell surfaces post-quantum cryptography work without claiming summit closure. MLKEMConstraint.lean and PQWalletFinance.lean are CURE-state (skeleton + algebraic tautology) — the actual ML-KEM break is Nobel-class open work on summit.mlkem.break.

The substrate CHECK enforces closes_summit = 0 on every security_validations row. The cell physically cannot lie that it closed an open summit.

What the cell DOES seal: - Conformance test outcomes (KAT match / mismatch) - Attack-test outcomes (T1–T9: pass / fail / inconclusive / refused) - Constitutional posture: outcome=attack_succeeded is signaled NEUTRAL, not BAD — a refutation is a first-class valid observation

Walkthrough

SecurityDomainPanel → tap an implementation → SecurityValidationWalkthrough opens:

  1. Implementation confirmation(impl_id, kind, version) from sealed substrate row
  2. Test kindkat_conformance / constant_time / side_channel / oracle_check
  3. Outcomepass | fail | inconclusive | refused (substrate CHECK enforces)
  4. Honest scope reminder — touches_summit shown; closes_summit forced to 0
  5. Witness sealed — append-only security_validations; signed quintet; broadcast permitted

Federation

  • NATS subject: gaiaftcl.security.validation.sealed
  • AlertableDomain: SecurityAlertableEvents (seedRules: conformance_match → GOOD; attack_succeeded → NEUTRAL with honest scope text)
  • Peer recompute: GET /federation/witnesses/{emission_id}

What stays NAMED OPEN (Nobel-class)

  • summit.mlkem.break — the actual cryptanalytic break of ML-KEM. The cell does NOT claim closure under any circumstances; substrate CHECK refuses closes_summit=1.
  • summit.pq.wallet_hardening — full PQ wallet operational seal
  • summit.pq.side_channel_complete — exhaustive side-channel resistance proof

Files

  • Lean: proof/lean/FirstRoars/MLKEMConstraint.lean (CURE), PQWalletFinance.lean (CURE)
  • Engine: cells/xcode/Sources/SecurityUI/SecurityEngine.swift
  • Panel: cells/xcode/Sources/SecurityUI/SecurityDomainPanel.swift
  • Alertable: cells/xcode/Sources/SecurityAlertableEvents/
  • Substrate: V125 pq_implementations + security_validations (CHECK closes_summit=0)

Federation-cosigned

This page's source is sealed in the GaiaFTCL federation manifest — page SHA-256 beb1df901d071c33…, manifest witness a090592e0609adc8…, signed 2026-06-02T18:58:22Z by cell gaiaftcl-mac-cell. Verify with gaiaftcl wiki sign --all and compare wiki-all-signatures.json.