A threat × mitigation matrix covering identity, transport, routing, and the mesh itself. Adversary model: Dolev–Yao with quantum capability and up to f = ⌊(n−1)/3⌋ compromised neighbors per node.
| Layer | Threat | Mechanism | Primitive | Residual risk |
|---|---|---|---|---|
| End-to-end encryption | Passive eavesdropping | Double Ratchet hybrid PQ | Kyber-768 + X25519 | Negligible (≤ 2⁻¹²⁸) |
| Mutual authentication | MitM impersonation | DID + hardware attestation | X.509-DID + TEE quote | Low |
| Forward secrecy | Future key compromise | Per-message ephemeral keys | X25519 ratchet | Low |
| Post-quantum sigs | Quantum forgery | Lattice-based signatures | Dilithium | Low |
| Selective disclosure | Over-sharing | Zero-knowledge proofs | zk-SNARKs (Groth16) | Low |
| Anonymous routing | Traffic analysis | Onion routing + cover traffic | Sphinx packet format | Medium (statistical) |
| Anti-spoofing | Forged link-state | Signed advertisements + cert pinning | Dilithium-signed LSP | Low |
| Anti-replay | Replay attacks | Hash-chained nonces + sliding window | BLAKE3 + 2⁶⁴ counter | Low |
| Sybil resistance | Mass-identity attack | PoUW + neighbor attestations | VDF + social graph | Medium (cost-bounded) |
| Eclipse resistance | Topology isolation | Diverse-peer selection across S2 cells | S2 geohash quotas | Low |
| DoS resistance | Resource exhaustion | Adaptive PoW + per-source token buckets | BLAKE3 PoW | Medium under botnet |
| Tamper-evident logs | Receipt forgery | Per-node append-only Merkle DAG | BLAKE3-Merkle | Low |
Each node maintains a reputation vector for every peer it has interacted with. Reputation increases on successful relay attestations from non-collusive neighbors and decreases under signed misbehavior receipts. Reputation decays exponentially with a 7-day half-life so silent or stale peers lose privilege.
Lost or stolen devices are revoked via a kill-cert signed by 3 of 5 social-recovery shareholders. The cert is gossiped network-wide via the same channel that distributes link-state updates; convergence is empirically sub-3 seconds across 10 M-node simulated topologies.