mirror of
https://github.com/vacp2p/rfc-index.git
synced 2026-01-07 23:04:09 -05:00
e742cd5192
This PR continues work from PR #158 and PR #173, and introduces a new **Section 9: Security Considerations** to the Mix Protocol RFC. It formalizes the protocol’s core guarantees, trust assumptions, and known limitations. ### New Section Added Structured Section 9 with the following subsections: - [x] **9.1 Security Guarantees of the Core Mix Protocol** Defines sender anonymity, metadata protection, and statelessness guarantees. - [x] **9.2 Exit Node Trust Model** Trust assumptions at the final hop: - [x] `9.2.1 Message Delivery and Origin Trust` - [x] `9.2.2 Origin Protocol Trust and Client Role Abuse` - [x] **9.3 Destination as Final Hop** Optional deployment model where the destination operates its own Mix instance to eliminate exit-level trust. - [x] **9.4 Known Protocol Limitations** Clearly outlines out-of-scope threats: - Undetectable node misbehavior - Lack of built-in retries or acknowledgments - No Sybil resistance - Vulnerability to DoS attacks ### Key Improvements - Clearly delineates what the Mix Protocol guarantees and what it leaves to external systems. - Formalizes the exit trust boundary, a key concept for downstream applications. - Introduces an alternative destination participation model. - Enables future discussions around accountability, reliability, and Sybil resistance. --------- Co-authored-by: Prem Chaitanya Prathi <chaitanyaprem@gmail.com>