okami 0.2.0

Post-quantum cryptographic identity for AI agents
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

/// Regression witness for /cso Finding #4 — bincode allocation DoS.
///
/// Verifies that a crafted 8-byte length prefix of 0xFF...FF is rejected
/// immediately by the bounded deserializer, without attempting allocation
/// and without panicking or hanging.
fn main() {
    // Craft a minimal payload: 8 bytes of 0xFF (u64::MAX as a length prefix
    // for the first Vec field in bincode's encoding) + 8 bytes of padding.
    // An unbounded deserializer would attempt to allocate ~18 exabytes.
    let evil = vec![0xFFu8; 16];

    let t0 = std::time::Instant::now();
    let result = okami::delegation::DelegationChain::from_bytes(&evil);
    let elapsed = t0.elapsed();

    println!("Result: {result:?}");
    println!("Elapsed: {elapsed:?}");

    // Sanity-check: must be an error
    assert!(result.is_err(), "Expected Err, got Ok — limit not active!");

    // Sanity-check: must be fast (well under 100ms)
    assert!(
        elapsed.as_millis() < 100,
        "Elapsed {elapsed:?} exceeds 100ms — limit may not be applied before allocation"
    );

    println!("PASS: exploit rejected in {elapsed:?}");
}