Security
Documentation Entry
Technical and Commercial guidelines for ABS Core.
Threat Model and Security Specification (v10.1.5)
Technical Diligence Document - Confidential
This document details the security model of ABS Core, covering attack vectors, mitigations, and the trust architecture.
1. Trust Architecture (Zero-Trust Proxy)
ABS Core operates as an interceptor between the AI Agent and the LLM.
- WASM Isolation: Governance policies run in a WebAssembly (WASM) kernel. This ensures that a malicious policy script cannot access system keys or host memory.
- Secret Vault JIT (Just-In-Time): Unlike static secrets, ABS injects credentials into the request payload only at the moment it exits to the provider (OpenAI/Stripe), destroying them immediately after processing.
2. Attack Surface and Mitigations
| Attack Vector | Mitigation in ABS Core | Efficacy |
|---|---|---|
| Prompt Injection | Recursive Sanitization (Pillar #1) and Intent Interception. | High |
| PII Leakage | Redaction via PII Guardrails (Vaccine #2) at the output level. | Critical |
| Tampering (Audit) | Cryptographic Hash Chaining (Forensic Ledger v10.1.5). | Immutable |
| Credential Theft | Secret Vault Synchronized with JIT Secrets. | Maximum |
3. Secret Vault JIT Specification
How we prevent leaks in practice:
- The Agent developer never touches the
STRIPE_API_KEY. They use a marker@STRIPE_VAULT. - ABS Core intercepts the call.
- The
SecretManagerfetches the key from the Vault (in protected memory or Cloudflare Secrets). - The payload is signed and sent to the provider.
- The audit log stores only the metadata, never the actual secret.
4. Vulnerability Disclosure Policy (VDP)
We maintain a posture of radical transparency with the buyer.
- Bug Bounty Program: Structured for security researchers.
- Patch Lead Time: Average of < 24h for critical security fixes in the main kernel.
Verdict: ABS Core doesn't just "promise" security; it implements physical isolation (WASM) and mathematical proof (Hash Chain) in every transaction.