| API endpoints | Unauthorized access | Auth middleware on all routes except /api/v1/health |
| API endpoints | Brute force | Rate limiting per token and per IP |
| Master key | Extraction from memory | Never stored as string (use []byte, zeroize after use), envelope encryption via KMS |
| Master key | Extraction from disk | Never stored on disk in plaintext — KMS reference only |
| Plugin package | Supply chain attack (malicious plugin) | Ed25519 signature verification before loading |
| Plugin package | Tampered after download | SHA-256 checksum verification on every load |
| Plugin runtime | Rogue plugin accesses network/filesystem | Sandboxed execution — plugins can ONLY call host functions, no direct I/O |
| Plugin runtime | Plugin accesses other plugins' data | Store scoping — plugin_data filtered by engine_id + realm_id |
| Plugin runtime | Plugin escalates privileges | Capability model — core grants only declared capabilities |
| Stored secrets | Database compromise | AES-256-GCM encryption at rest, key never stored in DB |
| Stored secrets | Memory dump | Secrets decrypted only at point of use, not cached in memory |
| Audit log | Tampering | Append-only table, optional HMAC chain, SIEM export for external copy |
| Activation key | Piracy / key sharing | Bound to org fingerprint (hardware ID + org name), periodic heartbeat |
| Config file | Credential leakage | No plaintext secrets in config — env vars or KMS references only |
| API in transit | Man-in-the-middle | TLS required in ALL modes (auto-generated self-signed if not configured), mTLS option for Multi-node |
| CLI credentials | Token theft from disk | Token file at ~/.arcan/token with 0600 permissions, token expiry |