If you discover a security vulnerability in SPE, please report it responsibly:
Email: contacto@speaudit.com
Subject: [SECURITY] SPE Vulnerability Report
We will respond within 48 hours. Please do NOT open a public issue for security vulnerabilities.
- Standard: FIPS 180-4
- Security Level: 128-bit collision resistance
- Implementation: Python
hashlib(OpenSSL backend) - Usage: Content hashing, ledger chain, capsule hashing
- Standard: RFC 8032
- Security Level: 128-bit equivalent
- Implementation: PyNaCl (libsodium backend)
- Usage: Optional origin attribution signatures
- Key Format: 32-byte seed (Base64-encoded)
- Formula:
SHA-256(prev_hash | capsule_hash | t_run) - Genesis:
prev_hash = "0" * 64 - Storage: SQLite (portable, self-contained)
- Integrity: Append-only, any modification breaks the chain
| Attack | Protected? | Mechanism |
|---|---|---|
| Content modification | ✅ Yes | SHA-256 hash comparison |
| Ledger entry insertion | ✅ Yes | Hash chain breaks |
| Ledger entry deletion | ✅ Yes | Hash chain breaks |
| Ledger entry reordering | ✅ Yes | Sequential hash dependency |
| Signature forgery | ✅ Yes | Ed25519 cryptographic verify |
| Capsule field tampering | ✅ Yes | Canonical hash comparison |
| Attack | Protected? | Reason |
|---|---|---|
| Key compromise | ❌ No | Private key security is user's responsibility |
| Timestamp manipulation | ❌ No | t_run is self-declared (not TSA) |
| Content truthfulness | ❌ No | SPE certifies integrity, not truth |
| Pre-certification manipulation | ❌ No | SPE certifies from generation forward |
- Generate keys securely: Use
nacl.signing.SigningKey.generate()in a secure environment - Store private keys safely: Never commit private keys to version control
- Rotate keys if compromised: Generate a new keypair and update your signing configuration
- Share only public keys: The public key is safe to distribute for verification
SPE's production public key (for verifying proofs generated by speaudit.com):
G7aHboCJsVDCM5exNfewMAyFpbI6ulcy9a5lrIeonyk=
SPE has a documented roadmap for transitioning to post-quantum cryptographic algorithms:
| Timeline | Hash | Signature | Status |
|---|---|---|---|
| Current | SHA-256 | Ed25519 | ✅ Production |
| Phase 2 | SHA-3/256 | ML-DSA (FIPS 204) | 🟡 Planned |
The transition will maintain backward compatibility — existing proofs will remain verifiable.
Security documentation — February 2026