Filed from signing security review 2026-04-14. Severity: LOW.
Current state
`POST /api/signing/verify` is unauthenticated by design (auditors verify externally without OpenWatch credentials). Each request does base64 decode + canonical JSON serialization + Ed25519 verification — CPU-bound work that scales with envelope size.
Risk
Combined with the global rate limit (100 req/min per IP), bounded but not zero. Coordinated abuse could consume meaningful CPU on the verify endpoint.
Recommendation
- Per-endpoint request size limit: 64KB envelope max
- Per-endpoint rate limit: 20 req/min per IP (stricter than global)
- Both implemented as middleware decorators on the route
References
- Source: `docs/SIGNING_SECURITY_REVIEW_2026-04-14.md`
- Endpoint: `backend/app/routes/signing/routes.py:95`
Filed from signing security review 2026-04-14. Severity: LOW.
Current state
`POST /api/signing/verify` is unauthenticated by design (auditors verify externally without OpenWatch credentials). Each request does base64 decode + canonical JSON serialization + Ed25519 verification — CPU-bound work that scales with envelope size.
Risk
Combined with the global rate limit (100 req/min per IP), bounded but not zero. Coordinated abuse could consume meaningful CPU on the verify endpoint.
Recommendation
References