Skip to content

feat: cryptographic integrity verification for executables (SHA-256 hashing) #170

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
unclesp1d3r merged 32 commits into from
Apr 11, 2026
Merged

feat: cryptographic integrity verification for executables (SHA-256 hashing) #170

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
c5da633
feat(daemoneye-lib): add streaming multi-algorithm integrity hash engine
unclesp1d3r Apr 8, 2026
f2fdf74
feat(collector-core): add TriggerableCollector trait + wire-safe errors
unclesp1d3r Apr 8, 2026
88d179f
feat(collector-core): add BinaryHasherCollector with security hardening
unclesp1d3r Apr 8, 2026
d1c3704
feat(procmond,collector-core): populate executable_hash via post-enum…
unclesp1d3r Apr 8, 2026
8525566
fix(binary-hashing): doctest imports + clippy indexing-slicing in tests
unclesp1d3r Apr 8, 2026
1c85e5f
feat(config): add logo-designer-skill dependency with version and source
unclesp1d3r Apr 8, 2026
5668bf4
chore(gitignore): add todos directory to .gitignore and remove yarn.lock
unclesp1d3r Apr 8, 2026
a1b6d0d
feat(config): add trailofbits skills dependency with included skills
unclesp1d3r Apr 8, 2026
0f7c3e1
chore(tessl): remove good-oss-citizen tile dependency
unclesp1d3r Apr 9, 2026
4a37590
refactor(integrity): filter FileChanged at engine boundary via HashEr…
unclesp1d3r Apr 9, 2026
4293ca1
feat(procmond): wire shared Arc<MultiAlgorithmHasher> composition root
unclesp1d3r Apr 9, 2026
84f8f55
feat(procmond,integrity): add authorization + parallel hash pass (P1 …
unclesp1d3r Apr 10, 2026
63ac37c
feat(collector-core): add cap-std TOCTOU-safe opens for BinaryHasherC…
unclesp1d3r Apr 10, 2026
2fc9480
feat(procmond): add hash-pass telemetry and startup log
unclesp1d3r Apr 10, 2026
6024541
docs(solutions): document binary hashing P1 resolution (authorization…
unclesp1d3r Apr 10, 2026
fdefcab
refactor: resolve review todos #020-#024 (fingerprint, strip_prefix, …
unclesp1d3r Apr 10, 2026
8196dbb
fix: address PR review findings (error handling, type safety, test co…
unclesp1d3r Apr 10, 2026
4250260
fix: address PR #170 review findings (TOCTOU, auth, docs, tests)
unclesp1d3r Apr 11, 2026
198d88c
chore(security): remove outdated security audit report file
unclesp1d3r Apr 11, 2026
abcad09
fix(procmond): restore hash_algorithm field on Linux/Windows collectors
unclesp1d3r Apr 11, 2026
b44dcee
fix: Windows test failures on binary hashing
unclesp1d3r Apr 11, 2026
0ec04b8
fix(procmond): gate MAX_EXECUTABLE_PATH_LEN import to cfg(unix)
unclesp1d3r Apr 11, 2026
08d1ed9
fix(procmond): gate populate_hashes tests with hardcoded Unix paths
unclesp1d3r Apr 11, 2026
04f9a8a
fix: address CodeRabbit review findings on PR #170
unclesp1d3r Apr 11, 2026
5275038
fix: address second CodeRabbit review pass (TOCTOU, caching, runtime …
unclesp1d3r Apr 11, 2026
00cc99c
chore(config): update tone instructions and labeling guidelines for c…
unclesp1d3r Apr 11, 2026
02c021a
style(lib): improve comment clarity for SHA-256 normalization in hasher
unclesp1d3r Apr 11, 2026
092f9bd
fix: Windows compile + docs build failures on integrity module
unclesp1d3r Apr 11, 2026
2b810b1
fix(docs): rustdoc broken intra-doc link to private test fn
unclesp1d3r Apr 11, 2026
35d80b9
fix(docs): more rustdoc private intra-doc links
unclesp1d3r Apr 11, 2026
02088ed
fix: address third CodeRabbit review pass (cancellation safety, dead …
unclesp1d3r Apr 11, 2026
306fb14
fix(procmond): Windows directory rejection in authorize_kernel_path
unclesp1d3r Apr 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
680 changes: 333 additions & 347 deletions .coderabbit.yaml
View file
Open in desktop

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,3 +141,4 @@ docs/plans
.tessl/tiles/
**/*.local.*
.context/**/*.md
todos/
4 changes: 0 additions & 4 deletions .tessl/RULES.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,6 @@ This file is updated when running `tessl install`. If a linked file is missing,

@tiles/popey/github-action-monitor/rules/post-push-monitor.md [post-push-monitor](tiles/popey/github-action-monitor/rules/post-push-monitor.md)

## tessl-labs/good-oss-citizen β€” good-oss-citizen

@tiles/tessl-labs/good-oss-citizen/rules/good-oss-citizen.md [good-oss-citizen](tiles/tessl-labs/good-oss-citizen/rules/good-oss-citizen.md)

## tessl-labs/skill-discovery β€” skill-discovery-rules

@tiles/tessl-labs/skill-discovery/rules/skill-discovery-rules.md [skill-discovery-rules](tiles/tessl-labs/skill-discovery/rules/skill-discovery-rules.md)
168 changes: 166 additions & 2 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

22 changes: 21 additions & 1 deletion Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,10 @@ blake3 = { version = "1.8.4", default-features = false, features = ["std"] }
# Buffer and byte utilities
bytes = "1.11.1"

# Capability-based filesystem access (TOCTOU-safe opens)
cap-fs-ext = "=4.0.2"
cap-std = "=4.0.2"

# Date/time and utilities
chrono = { version = "0.4.44", features = ["serde"] }

Expand Down Expand Up @@ -83,6 +87,10 @@ futures-util = "0.3.32"
hostname-validator = "1.1.1"
insta = { version = "1.47.2", features = ["filters"] }
interprocess = { version = "2.4.0", features = ["tokio"] }
# Exact-pinned: libc exposes raw OS constants (O_NOFOLLOW, ELOOP, etc.)
# that security-critical code in procmond relies on. See AGENTS.md
# "Pin security-critical deps".
libc = "=0.2.184"
parking_lot = "0.12.5"

# Serialization
Expand All @@ -96,6 +104,12 @@ proptest = "1.11.0"
prost = "0.14.3"
prost-build = "0.14.3"
prost-types = "0.14.3"

# Bounded in-memory cache (hash result store).
# Exact-pinned per AGENTS.md "Pin security-critical deps" β€” this cache
# holds authoritative hash results so a silent upstream change here
# could affect integrity decisions.
quick_cache = "=0.6.21"
rand = "0.10.0"

# Database and storage
Expand All @@ -109,12 +123,18 @@ security-framework = "3.7.0"
serde = { version = "1.0.228", features = ["derive"] }
serde_json = "1.0.149"
sha2 = "0.11.0"
# Exact-pinned: SHA-3 is a cryptographic primitive and must not change
# silently under a caret update. See AGENTS.md "Pin security-critical deps".
sha3 = "=0.11.0"
sqlparser = "0.61.0"

sysinfo = "0.38.4"
tempfile = "3.27.0"
thiserror = "2.0.18"
tokio = { version = "1.51.0", features = [
# Exact-pinned: Tokio is the async runtime underpinning privilege
# separation, IPC, and agent coordination. See AGENTS.md "Pin
# security-critical deps".
tokio = { version = "=1.51.1", features = [
"rt",
"rt-multi-thread",
"net",
Expand Down
Loading
Loading