security_review/security_review_summary.json
12135 bytes
{
"chain_id": "spacecash-devnet-1",
"consensus_spec_hash": "02FC7BE0A5DDE8D5D95EDA14BD8D1F195BB680D1D853123ABD89F8BBDAF85E5B",
"copied_docs": [
"docs/spacecash/CONSENSUS_SPEC.md",
"docs/spacecash/BLOCKER_ELIMINATION_PLAN.md",
"docs/spacecash/MONETARY_POLICY.md",
"docs/spacecash/SYMBOLIC_VALUE.md",
"docs/spacecash/GENESIS_PLAN.md",
"docs/spacecash/GENESIS_ALLOCATION.md",
"docs/spacecash/SECURITY_AUDIT_SCOPE.md",
"docs/spacecash/THREAT_MODEL.md",
"docs/spacecash/MAINNET_GATE.md",
"docs/spacecash/MANUAL_GATES.md",
"docs/spacecash/PUBLIC_TESTNET_RUNBOOK.md",
"docs/spacecash/WALLET_RECOVERY_CUSTODY_POLICY.md",
"docs/spacecash/PRODUCTION_DEPLOYMENT_RUNBOOK.md",
"docs/spacecash/LEGAL_COMPLIANCE_GATE.md"
],
"external_review_status": "packet_only_not_audit",
"generated_at": "2026-06-11T21:14:49Z",
"genesis_allocation_hash": "131ED3AD0536152AB3D6590D7804DCF614206617DEAE41D238905913E36944E1",
"genesis_allocation_ready": false,
"genesis_allocation_warnings": [
"allocation total does not match the supply cap."
],
"genesis_plan_hash": "55D62969DFEE8460989A8A36D59F37D78CFB8BAF48DE44BF7B991FE61DFEEC27",
"legal_compliance_evidence_blockers": [
"allocation_verifier_output_path_missing",
"allocation_verifier_output_sha256_missing",
"approved_use_case_missing",
"consumer_protection_refunds_not_approved",
"customer_support_not_approved",
"engagement_letter_missing",
"final_decision_decided_at_missing",
"final_decision_not_approved",
"final_decision_reviewer_statement_missing",
"genesis_allocation_basis_not_approved",
"genesis_allocation_hash_missing",
"jurisdiction_availability_not_approved",
"manual_gate_not_complete",
"marketing_risk_disclosures_not_approved",
"no_exchange_listing_claims_confirmed_not_confirmed",
"no_investment_claims_confirmed_not_confirmed",
"no_legal_tender_claims_confirmed_not_confirmed",
"privacy_data_retention_not_approved",
"privacy_policy_path_missing",
"product_payment_reviewed_not_confirmed",
"prohibited_use_cases_missing",
"public_distribution_reviewed_not_confirmed",
"real_money_use_authorized_not_confirmed",
"refund_policy_path_missing",
"release_bundle_sha256_missing",
"required_disclosures_missing",
"required_operational_controls_missing",
"restricted_product_controls_not_approved",
"restricted_product_policy_path_missing",
"review_areas_not_approved",
"reviewed_source_hash_missing",
"reviewer_missing",
"supply_distribution_treasury_not_approved",
"tax_position_path_missing",
"tax_reporting_not_approved",
"terms_of_service_not_approved",
"terms_path_missing",
"token_payment_classification_not_approved",
"treasury_controls_path_missing",
"treasury_controls_reviewed_not_confirmed",
"treasury_controls_sha256_missing"
],
"legal_compliance_evidence_ready": false,
"mainnet_decision_blockers": [
"genesis_allocation_file_missing",
"launch_authorization_approved_at_missing",
"launch_authorization_approver_missing",
"launch_authorization_not_approved",
"launch_authorization_statement_missing",
"legal_compliance_evidence_file_missing",
"manual_gate_evidence_file_missing",
"production_deployment_evidence_file_missing",
"public_testnet_evidence_file_missing",
"release_bundle_sha256s_file_missing",
"reviewed_source_hash_missing",
"security_review_evidence_file_missing",
"wallet_custody_evidence_file_missing"
],
"mainnet_decision_ready": false,
"manifest_file_count": 88,
"manual_gate": {
"id": "external_security_review_complete",
"reason": "External auditor review and closure are still required.",
"status": "not_complete"
},
"manual_gate_blockers": [
"public_testnet_complete",
"external_security_review_complete",
"legal_compliance_review_complete",
"wallet_recovery_custody_policy_complete",
"production_deployment_runbook_complete"
],
"manual_gate_evidence_ready": false,
"mode": "spacecash-security-review-packet-v1",
"monetary_policy_hash": "5C4C51D443B91EF950B0E3FCC2A653F14C650E2316CACF2D93740CE180496B64",
"ok": true,
"out_dir": "C:\\Users\\andre\\scripts\\the_workshop\\projects\\NORTHSTAR_PRIME\\_tmp\\spacecash_release_bundle\\security_review",
"production_deployment_evidence_blockers": [
"approved_genesis_allocation_not_approved",
"approved_genesis_allocation_sha256_missing",
"backup_restore_not_approved",
"backup_restore_rehearsal_path_missing",
"backup_restore_rehearsed_not_confirmed",
"bootstrap_peer_plan_path_missing",
"bootstrap_peers_missing",
"deployment_decisions_not_approved",
"deployment_runbook_path_missing",
"deployment_target_missing",
"final_approval_approved_at_missing",
"final_approval_approver_missing",
"final_approval_not_approved",
"final_approval_statement_missing",
"genesis_allocation_check_sha256_missing",
"http_hardening_not_approved",
"incident_contact_missing",
"incident_response_not_approved",
"incident_response_plan_path_missing",
"launch_window_approved_not_confirmed",
"legal_compliance_evidence_sha256_missing",
"manual_gate_not_complete",
"monitoring_alerting_not_approved",
"monitoring_endpoints_missing",
"monitoring_owner_confirmed_not_confirmed",
"monitoring_plan_path_missing",
"node_setup_instructions_path_missing",
"node_setup_not_approved",
"post_deploy_audit_not_approved",
"post_deploy_audit_plan_path_missing",
"production_domain_missing",
"production_http_controls_path_missing",
"public_testnet_evidence_sha256_missing",
"release_artifacts_archived_not_confirmed",
"release_bundle_archive_not_approved",
"release_bundle_path_missing",
"release_bundle_sha256_missing",
"release_manifest_path_missing",
"reviewed_source_hash_missing",
"reviewer_missing",
"rollback_owner_confirmed_not_confirmed",
"rollback_plan_not_approved",
"rollback_plan_path_missing",
"security_review_evidence_sha256_missing",
"security_review_packet_sha256_missing",
"sha256sums_path_missing",
"source_freeze_not_approved",
"validator_count_invalid",
"validator_quorum_invalid",
"validator_rollout_not_approved",
"validator_rollout_plan_path_missing",
"wallet_custody_evidence_sha256_missing",
"write_route_controls_approved_not_confirmed"
],
"production_deployment_evidence_ready": false,
"public_testnet_blockers": [
"checkpoint_quorum_not_passed",
"duration_below_minimum",
"final_report_not_approved",
"guarded_import_not_passed",
"incident_response_not_passed",
"manual_gate_not_complete",
"node_health_and_readiness_not_passed",
"node_restart_recovery_not_passed",
"nodes[0].not_independently_operated",
"nodes[1].not_independently_operated",
"nodes[2].not_independently_operated",
"not_enough_independent_operators",
"peer_gossip_not_passed",
"product_payment_not_passed",
"signed_transfer_not_passed",
"sync_preview_not_passed"
],
"public_testnet_evidence_ready": false,
"required_outputs": [
"reviewed source hash",
"symbolic value disclosure boundary",
"findings by severity",
"reproduction steps",
"remediation evidence",
"auditor closure statement",
"wallet recovery/custody approval evidence",
"production deployment approval evidence",
"final mainnet decision evidence"
],
"review_workpapers": {
"closure_template": "audit/closure/auditor_closure_template.md",
"finding_template": "audit/findings/SCAUD-001-template.md",
"signed_scope_template": "audit/scope/signed_scope_template.md",
"topic_workpapers": [
"audit/topics/signature_payload_binding.md",
"audit/topics/nonce_and_mempool_replay.md",
"audit/topics/ledger_supply_and_blocks.md",
"audit/topics/snapshot_sync_import.md",
"audit/topics/consensus_spec_integrity.md",
"audit/topics/monetary_policy_integrity.md",
"audit/topics/genesis_allocation_boundary.md",
"audit/topics/genesis_allocation_schema.md",
"audit/topics/wallet_recovery_custody_boundary.md",
"audit/topics/checkpoint_quorum.md",
"audit/topics/daemon_exposure.md"
]
},
"security_review_evidence_blockers": [
"auditor_missing",
"checkpoint_quorum_not_closed",
"closure_auditor_statement_missing",
"closure_closed_at_missing",
"closure_not_approved",
"closure_not_closed",
"consensus_spec_integrity_not_closed",
"daemon_exposure_not_closed",
"genesis_allocation_boundary_not_closed",
"genesis_allocation_schema_not_closed",
"ledger_supply_and_blocks_not_closed",
"manual_gate_not_complete",
"monetary_policy_integrity_not_closed",
"nonce_and_mempool_replay_not_closed",
"reviewed_source_hash_missing",
"scope_topics_not_closed",
"security_packet_sha256_missing",
"signature_payload_binding_not_closed",
"signed_scope_missing",
"snapshot_sync_import_not_closed",
"wallet_recovery_custody_boundary_not_closed"
],
"security_review_evidence_ready": false,
"security_review_workbench_blockers": [
"auditor_missing",
"checkpoint_quorum_not_closed",
"closure_closed_at_missing",
"closure_not_approved",
"closure_not_closed",
"consensus_spec_integrity_not_closed",
"critical_high_findings_open",
"critical_high_remediation_not_confirmed",
"daemon_exposure_not_closed",
"genesis_allocation_boundary_not_closed",
"genesis_allocation_schema_not_closed",
"ledger_supply_and_blocks_not_closed",
"manual_gate_not_complete",
"monetary_policy_integrity_not_closed",
"nonce_and_mempool_replay_not_closed",
"open_findings",
"scope_topics_not_closed",
"security_packet_sha256_missing",
"signature_payload_binding_not_closed",
"signed_scope_missing",
"snapshot_sync_import_not_closed",
"wallet_recovery_custody_boundary_not_closed"
],
"security_review_workbench_ready": false,
"source_hash": "EDBB518F077F0B26281B2FB653E456AEDB268EC022522B021A57ACEB62ED45C6",
"symbolic_value_code": "0x000999",
"symbolic_value_formula": "SpaceCash_value = v + i*sigma",
"symbolic_value_hash": "3CDE23ABCAF5383009C9B9A13467118AACCD3D97B4766FFEFEE91A999FC709DF",
"wallet_custody_evidence_blockers": [
"address_versioning_not_approved",
"address_versioning_path_missing",
"backup_passphrase_warning_approved_not_confirmed",
"backup_rotation_not_approved",
"backup_rotation_path_missing",
"backup_verification_flow_path_missing",
"compromised_key_procedure_not_approved",
"compromised_key_procedure_path_missing",
"development_key_exclusion_not_approved",
"development_keys_excluded_not_confirmed",
"final_approval_approved_at_missing",
"final_approval_approver_missing",
"final_approval_not_approved",
"final_approval_statement_missing",
"hardware_or_custody_plan_path_missing",
"hardware_wallet_or_custody_not_approved",
"lost_key_procedure_not_approved",
"lost_key_procedure_path_missing",
"lost_key_warning_approved_not_confirmed",
"manual_gate_not_complete",
"private_key_handling_not_approved",
"private_key_handling_policy_path_missing",
"recovery_standard_not_approved",
"recovery_standard_path_missing",
"release_bundle_sha256_missing",
"reviewed_source_hash_missing",
"reviewer_missing",
"support_escalation_not_approved",
"user_backup_verification_not_approved",
"wallet_decisions_not_approved"
],
"wallet_custody_evidence_ready": false,
"wallet_policy_hash": "239750DE7AC4374A298EED8124925E8193B8D16FA966E0D6FBB256B873F422C8"
}