Files
stack/docs/scratchpads/tess-m1-sec-004-discord-ingress.md
Jarvis 55ae77b6fd
All checks were successful
ci/woodpecker/pr/ci Pipeline was successful
feat(#707): secure Discord service ingress
2026-07-12 18:00:29 -05:00

2.8 KiB

Scratchpad — TESS-M1-SEC-004 Discord ingress

  • Task / issue: TESS-M1-SEC-004 / #707
  • Branch: fix/tess-discord-ingress from origin/main at 59e49cfd
  • Objective: Authenticate the Discord plugin service at gateway ingress; enforce explicit guild/channel/user allowlists; attach Discord message and generated correlation IDs; reject replayed native message IDs.
  • Scope: plugins/discord, apps/gateway, and existing Discord admin/developer protocol docs.
  • Budget: Task estimate 28K; no explicit hard cap supplied.
  • Assumptions: The Discord plugin and gateway share an injected high-entropy DISCORD_SERVICE_TOKEN; a configured Discord plugin fails closed without it. Allowlist configuration is comma-separated Discord snowflakes. Discord native message ID is the replay key, with bounded in-memory retention pending the M2 durable inbox/idempotency work.

Plan

  1. Add failing tests covering ingress service authentication/signing, unlisted guild/channel/user rejection, correlation propagation, and replay rejection.
  2. Implement the signed Discord ingress envelope and allowlist validation in the plugin.
  3. Authenticate and validate the envelope at the gateway boundary, then enforce bounded replay protection before agent dispatch.
  4. Document the service-token and allowlist operations; run focused and baseline gates; obtain independent review.

Progress

  • 2026-07-12: Intake complete; PRD TESS-SEC-005, architecture, and threat model reviewed.
  • Added service-token Socket.IO authentication, HMAC-signed Discord envelopes, default-deny guild/channel/user allowlists, correlated message metadata, bounded replay rejection, and fail-fast configuration checks.
  • Code and security reviews completed. Code review findings on service persistence ownership, package-boundary tests, disconnected ingress observability, and chat payload validation were remediated; final independent code review approved.

Risks / blockers

  • Existing main has known unrelated Prettier debt; only changed files will be held format-clean. Durable replay persistence is intentionally out of scope for this M1 prerequisite and belongs to TESS-M2 durable inbox/idempotency work.

Verification evidence

  • Focused ingress suite: pnpm --filter @mosaicstack/gateway test -- discord-ingress.security.spec.ts — 7 passed.
  • Gateway suite: pnpm --filter @mosaicstack/gateway test — 513 passed, 11 skipped.
  • Plugin suite: pnpm --filter @mosaicstack/discord-plugin test — no tests, passed by configured --passWithNoTests.
  • pnpm typecheck — passed.
  • pnpm lint — passed.
  • pnpm format:check — fails only on the known pre-existing Tess documentation debt listed in the task dispatch; changed files pass targeted Prettier verification.
  • Codex security review — no findings; final Codex code review — approved.