Skip to content

[RE-AUDIT] Verification of 9 critical fixes — TONAIAgent v2.35.1#326

Open
konard wants to merge 4 commits intoxlabtg:mainfrom
konard:issue-325-acfdd1ad6038
Open

[RE-AUDIT] Verification of 9 critical fixes — TONAIAgent v2.35.1#326
konard wants to merge 4 commits intoxlabtg:mainfrom
konard:issue-325-acfdd1ad6038

Conversation

@konard
Copy link
Copy Markdown
Contributor

@konard konard commented Apr 10, 2026
edited
Loading

Summary

Fixes #325

This PR delivers the independent re-audit report verifying the implementation quality of all 9 critical security fixes (PRs #316#324) that were required for TONAIAgent mainnet readiness.

What's included

  • RE_AUDIT_REPORT_TONAIAgent_v2.35.1.md — Complete re-audit report with:
    • Verification verdict for each of the 9 fixes
    • Remaining gaps per fix area (severity-classified)
    • 3 new cross-cutting findings discovered during re-audit
    • Mainnet readiness sign-off with prerequisite checklist
    • Test coverage summary (372+ tests across all 9 PRs)
    • Cryptography assessment table

Re-audit Verdicts

# Fix Area PR Verdict
1 HSM Key Management #323 ⚠️ Partial — Ed25519/TON incompatibility
2 MPC Threshold Signatures #322 ⚠️ Partial — Centralized coordinator
3 TON Smart Contracts #321 ⚠️ Partial — Deployed/audited externally needed
4 API Input Validation #320 ✅ Complete — wiring pending
5 Production Secrets Management #319 ⚠️ Partial — Not wired to entry point
6 KYC/AML Enforcement #318 ⚠️ Partial — Both gates disabled by default
7 AI Safety & Prompt Injection #317 ✅ Complete — PromptBuilder needs adoption
8 Monitoring & Incident Response #316 ✅ Complete — metric wiring pending
9 Security Documentation #324 ✅ Complete — client-side only

Key Remaining Blockers for Mainnet

  1. 🔴 KYC/AML defaults must be invertedenabled: false / enforceAmlChecks: false in defaults must be changed or deploy-time assertions added
  2. 🔴 HSM Ed25519 incompatibility — AWS KMS / Azure KV produce P-256 (not valid for TON); hardware HSM or alternative path needed
  3. 🟠 Smart contracts require external audit — Tact contracts not yet audited or deployed on testnet
  4. 🟡 Multiple integrations pending — secrets loader, PromptBuilder, circuit breaker, all need wiring to runtime

Overall Assessment

⚠️ Conditionally NOT READY for mainnet. All 9 original critical/high findings have been substantially addressed with real implementations. However, 5 medium-to-high gaps remain — particularly the KYC/AML default configuration and the HSM/Ed25519 architecture gap — which must be resolved before real-fund deployment.

Re-audit conducted on 2026-04-10 against main branch post-merge of PRs #316#324
🤖 Generated with Claude Code

konard and others added 2 commits April 10, 2026 09:35
@konard
Initial commit with task details
8217712 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: xlabtg#325
@konard @claude
docs(audit): add re-audit report for TONAIAgent v2.35.1 (Issue xlabtg…
a310ea0 
…#325)

Independent verification of 9 critical security fixes (PRs xlabtg#316xlabtg#324):
- HSM key management: Ed25519 TON-incompatibility flagged as remaining blocker
- MPC threshold signatures: real crypto implemented, centralization risk noted
- Smart contracts: Tact contracts present, external audit still needed
- KYC/AML: enforcement gates exist but disabled by default (must fix before mainnet)
- Secrets management, API validation, AI safety: implemented, wiring pending
- Monitoring, documentation: complete with integration caveats

Overall verdict: conditionally not yet ready for mainnet (5 medium-high gaps remain).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard konard changed the title [WIP] [RE-AUDIT] Verification of the implementation of 9 critical fixes and the final check of readiness for the Mainnet [RE-AUDIT] Verification of 9 critical fixes — TONAIAgent v2.35.1 Apr 10, 2026
@konard konard marked this pull request as ready for review April 10, 2026 09:42
@konard
Copy link
Copy Markdown
Contributor Author

konard commented Apr 10, 2026

🤖 Solution Draft Log

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost estimation:

  • Public pricing estimate: $0.963104
  • Calculated by Anthropic: $0.963104 USD
  • Difference: $0.000000 (+0.00%)

📊 Context and tokens usage:

  • Context window: 54.9K / 1M (5%) input tokens, 23.3K / 64K (36%) output tokens

Total: (95.4K + 852.6K cached) input tokens, 23.3K output tokens, $0.963104 cost

🤖 Models used:

  • Tool: Anthropic Claude Code
  • Requested: sonnet
  • Model: Claude Sonnet 4.6 (claude-sonnet-4-6)

📎 Log file uploaded as Gist (768KB)

Now working session is ended, feel free to review and add any feedback on the solution draft.

@konard
Copy link
Copy Markdown
Contributor Author

konard commented Apr 10, 2026

🔄 Auto-restart 1/3

Detected uncommitted changes from previous run. Starting new session to review and commit or discard them.

Uncommitted files:

?? research/pr-research.md

Auto-restart will stop after changes are committed or discarded, or after 2 more iterations. Please wait until working session will end and give your feedback.

@konard @claude
docs(research): add PR research notes for re-audit of PRs xlabtg#316-x…
6fa4e47 
…labtg#324

Research notes documenting the implementation approach, gaps, and
findings for each of the 9 security fix PRs analyzed during the
re-audit for Issue xlabtg#325.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Copy link
Copy Markdown
Contributor Author

konard commented Apr 10, 2026

🔄 Auto-restart 1/3 Log

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost estimation:

  • Public pricing estimate: $0.148462
  • Calculated by Anthropic: $0.148462 USD
  • Difference: $0.000000 (+0.00%)

📊 Context and tokens usage:

  • Context window: 29.3K / 1M (3%) input tokens, 1.4K / 64K (2%) output tokens

Total: (18.3K + 196.4K cached) input tokens, 1.4K output tokens, $0.148462 cost

🤖 Models used:

  • Tool: Anthropic Claude Code
  • Requested: sonnet
  • Model: Claude Sonnet 4.6 (claude-sonnet-4-6)

📎 Log file uploaded as Gist (1826KB)

Now working session is ended, feel free to review and add any feedback on the solution draft.

@konard
Copy link
Copy Markdown
Contributor Author

konard commented Apr 10, 2026

✅ Ready to merge

This pull request is now ready to be merged:

  • All CI checks have passed
  • No merge conflicts
  • No pending changes

Monitored by hive-mind with --auto-restart-until-mergeable flag

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[RE-AUDIT] Verification of the implementation of 9 critical fixes and the final check of readiness for the Mainnet

1 participant

@konard