Security Policy
Supported Versions
| Version | Supported |
|---|---|
| 1.x | ✅ |
Reporting a Vulnerability
Please do NOT open a public GitHub issue for security vulnerabilities.
Report vulnerabilities privately via GitHub’s
Security Advisories feature, or email the
maintainers at security@scorpio-net.example.com.
Include:
- A description of the vulnerability and potential impact
- Steps to reproduce or proof-of-concept code
- Affected version(s)
- Any suggested mitigations
We aim to acknowledge reports within 48 hours and provide a fix or mitigation plan within 90 days for critical issues.
Security Architecture
Scorpio Net is built around the following security principles:
Cryptography
- End-to-end encryption: Signal Protocol (X3DH + Double Ratchet)
- Symmetric cipher: AES-256-GCM (authenticated encryption)
- Key exchange: X25519 Diffie-Hellman
- Signatures: Ed25519
- Password hashing: Argon2id (64 MiB, 3 iterations, 2 lanes)
- Key derivation: HKDF-SHA-512
- Random number generation: Platform CSPRNG (
SecRandomCopyBytes/SecureRandom)
Key Management
- Private keys stored exclusively in iOS Keychain / Android Keystore
- Server never has access to private keys or plaintext
- Pre-keys deleted after single use (forward secrecy)
Authentication
- Local PIN authentication with Argon2id hashing
- Exponential-backoff lockout on failed attempts
- Optional biometric (Face ID / Touch ID / Fingerprint)
- Optional TOTP as a third factor
- Data wipe after configurable maximum failed attempts
Transport Security
- TLS 1.3 minimum
- Certificate pinning (SPKI SHA-256 fingerprints)
- WebSocket over TLS (WSS)
- Optional Tor routing
Device Security
- Jailbreak/root detection (best-effort)
- Screenshot prevention (FLAG_SECURE on Android)
- Auto-lock on background
Compliance
- GDPR Article 25 (privacy by design and default)
- HIPAA addressable safeguards
- NIST SP 800-53 Rev. 5 security controls
- FIPS 140-3 approved algorithms
Known Limitations
- Jailbreak/root detection is best-effort and can be bypassed by sophisticated exploits
- The Tor integration is a stub pending a production-grade implementation
- BLE mesh networking is a stub pending security review