KBN-010: Threat, authorization, and constraint-impact gate #753

Open
opened 2026-07-14 17:16:02 +00:00 by jason.woltje · 0 comments
Owner

Objective

Complete the mandatory security/authorization/constraint-impact gate before Native Kanban/SOT schema implementation begins.

Scope

Documentation and test-plan analysis only. No runtime, schema, migration, API, or deployment edits.

Required analysis

  • Cross-workspace owners, principals, evidence, and project hierarchy
  • Active membership and service-token boundaries
  • Stale/forged public health and transaction-local write proof
  • Assignment/approval forgery and monotonic fencing
  • Change-proposal abuse and proposal/audit event binding
  • Immutable audit retention and break-glass boundaries
  • PostgreSQL and Valkey outage/failure semantics
  • Required negative tests and schema/API constraint impacts

Acceptance criteria

  • Threat/authorization matrix maps every risk to frozen contract controls and required evidence.
  • Every schema/API/test impact is explicit.
  • No unresolved schema-impact finding remains before KBN-100 release.
  • Independent SecReview passes.
  • PR squash-merges with terminal-green Mosaic CI.

Depends on merged canon PR #752. Blocks KBN-100.

## Objective Complete the mandatory security/authorization/constraint-impact gate before Native Kanban/SOT schema implementation begins. ## Scope Documentation and test-plan analysis only. No runtime, schema, migration, API, or deployment edits. ## Required analysis - Cross-workspace owners, principals, evidence, and project hierarchy - Active membership and service-token boundaries - Stale/forged public health and transaction-local write proof - Assignment/approval forgery and monotonic fencing - Change-proposal abuse and proposal/audit event binding - Immutable audit retention and break-glass boundaries - PostgreSQL and Valkey outage/failure semantics - Required negative tests and schema/API constraint impacts ## Acceptance criteria - [ ] Threat/authorization matrix maps every risk to frozen contract controls and required evidence. - [ ] Every schema/API/test impact is explicit. - [ ] No unresolved schema-impact finding remains before KBN-100 release. - [ ] Independent SecReview passes. - [ ] PR squash-merges with terminal-green Mosaic CI. Depends on merged canon PR #752. Blocks KBN-100.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaicstack/stack#753