-
Notifications
You must be signed in to change notification settings - Fork 0
Configuration
Stephen edited this page Mar 5, 2026
·
2 revisions
LABYRINTH is configured via labyrinth.yaml. An annotated example is provided at configs/labyrinth.example.yaml.
| Context | Path |
|---|---|
| Test deployment | Uses built-in defaults (no config file required) |
| Production deployment | ~/.labyrinth/environments/<name>/labyrinth.yaml |
| Example template |
configs/labyrinth.example.yaml (in repo) |
The CLI generates a deployment-specific config during labyrinth deploy -p, substituting the allocated proxy IP and subnet.
# ═══════════════════════════════════════════════════
# Layer 0 — BEDROCK (Foundation)
# ═══════════════════════════════════════════════════
layer0:
encryption:
algorithm: AES-256-GCM
key_source: env # vault | env | file
network:
honeypot_vlan: 100
production_route: deny # deny | allow
proxy:
validate_scope_on_start: true
fail_mode: closed # closed | open
retention:
credentials: 7d
fingerprints: 90d
decision_logs: indefinite
# ═══════════════════════════════════════════════════
# Layer 1 — THRESHOLD (Portal Trap)
# ═══════════════════════════════════════════════════
layer1:
honeypot_services:
ssh:
port: 22
template: ubuntu-22.04-staged
http:
port: 8080
template: nginx-vulnerable
container:
runtime: docker # docker | podman
network: bridge
egress_proxy: true
# ═══════════════════════════════════════════════════
# Layer 2 — MINOTAUR (Maze)
# ═══════════════════════════════════════════════════
layer2:
adaptive: true
contradiction_density: medium # low | medium | high
max_container_depth: 5
# ═══════════════════════════════════════════════════
# Layer 3 — BLINDFOLD (Disruption)
# ═══════════════════════════════════════════════════
layer3:
activation: on_escalation # on_connect | on_escalation | manual
corruption_method: bashrc_payload
# ═══════════════════════════════════════════════════
# Layer 4 — PUPPETEER (Control)
# ═══════════════════════════════════════════════════
layer4:
mode: auto # auto | manual
default_swap: passive # passive | neutralize | double_agent | counter_intel
log_original_prompts: true
# ═══════════════════════════════════════════════════
# SIEM Integration (Optional)
# ═══════════════════════════════════════════════════
siem:
enabled: false
endpoint: https://siem.internal/api/events
alert_prefix: LABYRINTH| Parameter | Type | Default | Description |
|---|---|---|---|
encryption.algorithm |
string | AES-256-GCM |
Forensic data encryption algorithm |
encryption.key_source |
string | env |
Key retrieval method: vault, env (LABYRINTH_KEY), or file
|
network.honeypot_vlan |
int | 100 |
VLAN tag for honeypot traffic isolation |
network.production_route |
string | deny |
Whether session containers can reach production networks |
proxy.validate_scope_on_start |
bool | true |
Validate proxy scope on orchestrator startup |
proxy.fail_mode |
string | closed |
Behavior if proxy fails: closed (drop traffic) or open (bypass) |
retention.credentials |
string | 7d |
How long to keep captured credentials |
retention.fingerprints |
string | 90d |
How long to keep agent fingerprints |
retention.decision_logs |
string | indefinite |
How long to keep decision/event logs |
| Parameter | Type | Default | Description |
|---|---|---|---|
honeypot_services.ssh.port |
int | 22 |
SSH portal trap listen port |
honeypot_services.ssh.template |
string | ubuntu-22.04-staged |
Session container base image |
honeypot_services.http.port |
int | 8080 |
HTTP portal trap listen port |
honeypot_services.http.template |
string | nginx-vulnerable |
HTTP server template |
container.runtime |
string | docker |
Container runtime (docker or podman) |
container.network |
string | bridge |
Docker network mode |
container.egress_proxy |
bool | true |
Route session container egress through L4 proxy |
| Parameter | Type | Default | Description |
|---|---|---|---|
adaptive |
bool | true |
Scale contradictions with session depth |
contradiction_density |
string | medium |
Contradiction count: low (3), medium (6), high (10) |
max_container_depth |
int | 5 |
Maximum nested SSH container depth |
| Parameter | Type | Default | Description |
|---|---|---|---|
activation |
string | on_escalation |
When to trigger: on_connect, on_escalation (depth ≥ 3), or manual
|
corruption_method |
string | bashrc_payload |
Corruption delivery method |
| Parameter | Type | Default | Description |
|---|---|---|---|
mode |
string | auto |
auto (transparent MITM) or manual (Burp-style intercept) |
default_swap |
string | passive |
Default operational mode for AI API interception |
log_original_prompts |
bool | true |
Save original prompts before any swap/modification |
L4 Modes:
| Mode | Effect |
|---|---|
passive |
Observe and log only — no modification |
neutralize |
Replace agent prompts with benign instructions |
double_agent |
Feed false results to mislead the agent |
counter_intel |
Passive logging + structured intelligence reports |
Modes can be changed at runtime via the TUI (m key), web dashboard dropdown, or API (POST /api/l4/mode).
| Parameter | Type | Default | Description |
|---|---|---|---|
siem.enabled |
bool | false |
Enable event push to external SIEM |
siem.endpoint |
string | — | SIEM webhook URL |
siem.alert_prefix |
string | LABYRINTH |
Prefix for all forwarded events |
Events are pushed asynchronously (fire-and-forget) to avoid blocking the orchestrator event loop.
These environment variables override or supplement config file settings:
| Variable | Used By | Description |
|---|---|---|
LABYRINTH_KEY |
L0 BEDROCK | Forensic encryption key (when key_source: env) |
OPENAI_API_KEY |
Attacker agents | OpenAI API key for agent LLM |
ANTHROPIC_API_KEY |
Attacker agents | Anthropic API key for agent LLM |
- Layer-0-BEDROCK — Runtime validation details
- Layer-4-PUPPETEER — L4 mode details and phantom services
- Deployment-Topology — Docker services and network layout
- Troubleshooting — Common configuration issues
Getting Started
Architecture
Layers
Operations