2.8 KiB
2.8 KiB
Scratchpad — TESS-M1-SEC-004 Discord ingress
- Task / issue: TESS-M1-SEC-004 / #707
- Branch:
fix/tess-discord-ingressfromorigin/mainat59e49cfd - Objective: Authenticate the Discord plugin service at gateway ingress; enforce explicit guild/channel/user allowlists; attach Discord message and generated correlation IDs; reject replayed native message IDs.
- Scope:
plugins/discord,apps/gateway, and existing Discord admin/developer protocol docs. - Budget: Task estimate 28K; no explicit hard cap supplied.
- Assumptions: The Discord plugin and gateway share an injected high-entropy
DISCORD_SERVICE_TOKEN; a configured Discord plugin fails closed without it. Allowlist configuration is comma-separated Discord snowflakes. Discord native message ID is the replay key, with bounded in-memory retention pending the M2 durable inbox/idempotency work.
Plan
- Add failing tests covering ingress service authentication/signing, unlisted guild/channel/user rejection, correlation propagation, and replay rejection.
- Implement the signed Discord ingress envelope and allowlist validation in the plugin.
- Authenticate and validate the envelope at the gateway boundary, then enforce bounded replay protection before agent dispatch.
- Document the service-token and allowlist operations; run focused and baseline gates; obtain independent review.
Progress
- 2026-07-12: Intake complete; PRD TESS-SEC-005, architecture, and threat model reviewed.
- Added service-token Socket.IO authentication, HMAC-signed Discord envelopes, default-deny guild/channel/user allowlists, correlated message metadata, bounded replay rejection, and fail-fast configuration checks.
- Code and security reviews completed. Code review findings on service persistence ownership, package-boundary tests, disconnected ingress observability, and chat payload validation were remediated; final independent code review approved.
Risks / blockers
- Existing
mainhas known unrelated Prettier debt; only changed files will be held format-clean. Durable replay persistence is intentionally out of scope for this M1 prerequisite and belongs to TESS-M2 durable inbox/idempotency work.
Verification evidence
- Focused ingress suite:
pnpm --filter @mosaicstack/gateway test -- discord-ingress.security.spec.ts— 7 passed. - Gateway suite:
pnpm --filter @mosaicstack/gateway test— 513 passed, 11 skipped. - Plugin suite:
pnpm --filter @mosaicstack/discord-plugin test— no tests, passed by configured--passWithNoTests. pnpm typecheck— passed.pnpm lint— passed.pnpm format:check— fails only on the known pre-existing Tess documentation debt listed in the task dispatch; changed files pass targeted Prettier verification.- Codex security review — no findings; final Codex code review — approved.