# Dosh Native v1 Audit Packet This is the handoff checklist for an external security review. ## Scope Review the security properties of Dosh native v1: - Native UDP authentication and key exchange - Host key trust and known-host mismatch behavior - Authorized key parsing and policy enforcement - Transport encryption, replay protection, rekeying, resume, and stale packet handling - Attach ticket sealing/opening - TCP forwarding and agent forwarding authorization boundaries - Parser robustness for untrusted wire/config data Primary files: - `src/native.rs` - `src/protocol.rs` - `src/auth.rs` - `src/ssh_agent.rs` - `src/bin/dosh-client.rs` - `src/bin/dosh-server.rs` - `src/config.rs` - `tests/parser_robustness.rs` - `tests/protocol_auth.rs` - `tests/hostile_network.rs` - `tests/integration_smoke.rs` - `fuzz/fuzz_targets/*` Primary docs: - `docs/NATIVE_V1_SPEC.md` - `docs/THREAT_MODEL.md` - `docs/PROTOCOL_VERSIONING.md` - `docs/PUBLIC_READINESS.md` - `docs/RELEASE_EVIDENCE_2026-06-20.md` ## Required Reviewer Questions 1. Is the native handshake transcript complete enough to bind client/server keys, requested session, mode, env, and forwarding permissions? 2. Are host-key trust transitions fail-closed, especially unknown vs mismatch vs explicit TOFU? 3. Are authorized-key options parsed conservatively enough, and are unsupported options rejected safely? 4. Can replayed, reordered, delayed, stale, or cross-epoch packets affect terminal input or forwarded streams more than once? 5. Does key rotation preserve confidentiality without creating split-brain epoch states? 6. Do attach tickets create any bearer-token replay or privilege-extension issue? 7. Can UDP endpoint migration be abused for hijack or reflection? 8. Are local/remote/dynamic TCP forwarding and agent forwarding gated correctly by client opt-in, server config, and authorized-key options? 9. Are parser and packet-size limits sufficient against malicious inputs? 10. Are there any unsafe assumptions in process/session persistence or holder adoption? ## Current Local Evidence As of 2026-06-20: - `cargo test`: `153 passed, 1 ignored` - `make soak-local`: passed 30-minute sleep/roaming soak - `make fuzz-smoke`: passed all configured fuzz targets for 20s each - `make bench-docker-mosh`: passed SSH, ControlMaster, native, cached, and Mosh comparison gates ## Explicit Non-Claims Before Audit - No claim of generic SSH protocol replacement. - No claim of full Mosh compatibility. - No claim that native v1 is externally audited. - No claim that Windows server support is production-ready.