Description
Description
This ticket is to create a threat model for Nakamoto based on the information in the Draft SIP here: stacksgov/sips#155. The expected outcome of this ticket is a document outlining a concrete threat model for Nakamoto that we can use to aid in designing a secure system from the very beginning.
Context
A threat model is a systematic process of identifying and analyzing potential threats to a system which will allow us to design and implement security controls to mitigate those threats. It is an important part of the design process for any cryptocurrency, as it helps to ensure that the system is secure and resistant to attack.
As we move forward with Nakamoto's design and implementation we'll need to identify risk factors and mitigation vectors so we can build in security as we go.
Expected Approach
To generate the threat model we must follow the guidance in the following resources:
These resources must be the foundation of the research and documentation approach. The final document should include text, diagrams, and any other resources that best articulate the model.
Once we have a nearly complete version of this document we'll need to get it reviewed and altered before finally pushing the document to the repository documents.
Artifacts / Acceptance Criteria
Key stakeholders include (but are not limited to) @wileyj @jcnelson @AshtonStephens @xoloki
- Threat model rough draft reviewed by key stakeholders
- Subsequent iterations of that draft until approved by all key stakeholders
- An approved and merged document to a permanent resting place for the threat model