relicario

alee/relicario

Fork 0

Commit Graph

Author	SHA1	Message	Date
adlee-was-taken	95d1ff833c	docs: enumerate RELICARIO_* env vars in SECURITY.md (audit S3) Adds a "Configuration env vars" section listing every RELICARIO_* variable read by production code, with purpose and trust boundary. Splits user-facing vars from debug-only ones (cfg(debug_assertions)) to make the attack surface explicit for security reviewers. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2026-05-02 18:50:44 -04:00
adlee-was-taken	8e26c8708b	docs: document manifest integrity model (audit I4) Clarifies what AEAD protects (tampering) vs. what it doesn't (deletion, rollback). Documents that git history is the audit trail and device authentication is the mitigation. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-05-02 09:36:34 -04:00

Author

SHA1

Message

Date

adlee-was-taken

95d1ff833c

docs: enumerate RELICARIO_* env vars in SECURITY.md (audit S3)

Adds a "Configuration env vars" section listing every RELICARIO_*
variable read by production code, with purpose and trust boundary.
Splits user-facing vars from debug-only ones (cfg(debug_assertions))
to make the attack surface explicit for security reviewers.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

2026-05-02 18:50:44 -04:00

adlee-was-taken

8e26c8708b

docs: document manifest integrity model (audit I4)

Clarifies what AEAD protects (tampering) vs. what it doesn't (deletion,
rollback). Documents that git history is the audit trail and device
authentication is the mitigation.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-05-02 09:36:34 -04:00

2 Commits