If you discover a security vulnerability in ZTSSH, please report it responsibly.

• Open a public GitHub issue
• Post details on social media or forums
• Exploit the vulnerability against production systems

Send your report to the project maintainers via GitHub Security Advisories:

1. Go to the Security tab of this repository
2. Click "Report a vulnerability"
3. Provide:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact assessment
   • Suggested fix (if any)

ZTSSH is built on these security foundations:

• Ed25519 — No RSA, no NIST curves, no legacy crypto
• CSPRNG via OS entropy (/dev/urandom, BCryptGenRandom)
• zeroize — All private key material is wiped from memory on drop
• Fixed-time signature verification (via ed25519-dalek constant-time ops)

• Air-gapped Root CA — The root signing key never touches the network
• 5-minute certificate TTL — Maximum exposure window on compromise
• Continuous verification — Identity re-proven every 60 seconds in-session
• Multi-server isolation — Certificates are scoped to the issuing server's Sub-CA
• 3-level revocation — Global principal ban, server revocation, individual cert revocation

• Network connectivity during sessions (Sub-CA operates locally)
• Long-lived credentials (maximum 5 minutes)
• Single point of authentication (continuous, not one-shot)
• The client's previous authentication state (re-verified from scratch each cycle)

This project has not yet been professionally audited. If you are a security firm interested in auditing ZTSSH, please reach out.

• All cryptographic operations rely on ed25519-dalek and zeroize
• SSH transport uses russh, async runtime is tokio
• CLI parsing via clap, serialization via serde/bincode
• Observability through tracing/tracing-subscriber
• No unsafe blocks in ZTSSH code (relies on audited unsafe in ed25519-dalek and russh internals)
• Regular cargo audit runs for known vulnerabilities