Formal Specification Status

As of the available documentation, SPAC exists primarily as a whitepaper and conceptual framework rather than a formal IETF specification. The framework has been discussed in KERI technical meetings (June 2023, August 2023) and is referenced in ToIP design goals as the authoritative source for understanding privacy-authenticity-confidentiality trade-offs.

Protocol Architecture

The PAC Theorem

The foundational principle of SPAC is the PAC Theorem, which states:

"One can have any two of the three (privacy, authenticity, confidentiality) at the highest level but not all three."

This theorem establishes an inherent constraint in security system design, analogous to the CAP theorem in distributed systems. The theorem insists that system architects must make explicit trade-offs by prioritizing one or two properties over the third.

Property Definitions

Authenticity: Proving "who said what" in conversations through digital signatures. Authenticity is about verifiable origin and content attribution via cryptographic mechanisms.

Confidentiality: Controlling "what was said" through encryption. Confidentiality protects content data so only authorized parties have access.

Privacy: Managing "who participated" through control of correlatable identifiers. Privacy has two complementary definitions:

1. Data rights privacy: Recipients respecting sender's data privacy concerns
2. Surveillance privacy: Protection against correlation of publicly viewable metadata

ToIP Design Goals Priority

The Trust over IP design goals reflect the PAC Theorem and establish a priority ordering for KERI-based systems:

1. High authenticity (first priority)
2. High confidentiality (second priority)
3. As high as possible privacy (third priority, without compromising the first two)

This prioritization reflects practical requirements: cryptographic verifiability and secure attribution are prerequisites for any meaningful privacy guarantees.

Three-Party Exploitation Model

SPAC employs a systematic three-party model for analyzing security threats:

• 1st party: Data discloser/sender
• 2nd party: Data disclosee/receiver
• 3rd party: Any unintended party (potential attacker/aggregator)

This model enables precise analysis of different attack vectors:

• Direct observation attacks: 3rd parties observing communications
• Collusion attacks: 2nd parties sharing data with 3rd parties
• Correlation attacks: Statistical analysis linking metadata across contexts

Cold War vs. Hot War Security Model

SPAC distinguishes between two fundamentally different security challenges:

Cold War (Authenticity & Confidentiality):

• Can be achieved with arbitrarily strong cryptographic protection
• Public key signatures provide computationally infeasible-to-forge authenticity
• Asymmetric encryption provides computationally infeasible-to-break confidentiality
• Only vulnerability is key management, addressed by KERI's pre-rotation
• Provides post-quantum safe protection

Hot War (Privacy):

• Privacy protection is a resource-constrained war of attrition
• Rapidly evolving tactics make absolute protection impossible
• Strategy must focus on effective privacy through protection against exploitable correlation
• Legal frameworks complement technical mechanisms

Message Formats & Encoding

SPAC does not define new message formats but rather establishes requirements for how existing KERI message formats should be secured:

Non-Confidential Messages

Signed Messages using Ed25519:

• Messages are signed but not encrypted
• Content remains visible to all parties
• Provides authenticity through SUF-CMA (Strong Unforgeability under Chosen Message Attack)
• Suitable for public announcements and verifiable claims

Confidential Messages

Encrypted Messages using HPKE-Auth (RFC 9180):

• Hybrid Public Key Encryption with Authentication
• Specific configuration:
  • DHKEM(X25519, HKDF-SHA256): Key encapsulation mechanism
  • ChaCha20/Poly1305: AEAD cipher for message encryption
  • Ed25519 signatures: Authentication for non-repudiation
• Achieves IND-CCA2 (Indistinguishability under Adaptive Chosen Ciphertext Attack)
• Provides end-only viewability: Only recipient can decrypt

Combined Security: ESSR Protocol

Encrypt Sender Sign Receiver (ESSR):

• Combines authenticity and confidentiality
• Protects against key-compromise impersonation attacks
• Provides multiple security properties:
  • TUF-PTXT: Transmitter Unforgeability of Plaintext
  • TUF-CTXT: Transmitter Unforgeability of Ciphertext
  • RUF-PTXT: Receiver Unforgeability of Plaintext
  • RUF-CTXT: Receiver Unforgeability of Ciphertext (non-repudiation)
• Implemented through:
  1. Sender encrypts message with receiver's public key
  2. Sender signs encrypted message
  3. Receiver verifies signature
  4. Receiver decrypts message

Protocol Mechanics

Authenticity Mechanisms

Strong Authenticity Baseline: Ed25519 signatures via libsodium

• SUF-CMA security: Strong Unforgeability under Chosen Message Attack
• Additional properties:
  • S-UEO: Strong Unforgeability under Existential One-time signature
  • M-S-UEO: Multi-signature Strong Unforgeability
  • MBS: Message Bound Signatures
• Protection against:
  • Key substitution attacks
  • Memory leakage attacks
  • Replay attacks (through KERI event sequencing)

KERI Integration:

• All SPAC messages leverage KERI's key event infrastructure
• Pre-rotation provides quantum-safe key management
• Witness pools provide distributed verification
• Duplicity detection ensures consistency

Confidentiality Mechanisms

Strong Confidentiality Baseline: HPKE-Auth (RFC 9180)

• IND-CCA2 security: Indistinguishability under Adaptive Chosen Ciphertext Attack
• End-only viewability: Only recipient can decrypt, sender cannot
• Uses ephemeral X25519 key pairs with long-term recipient keys
• Provides forward secrecy through ephemeral key usage

Alternative: Libsodium Sealed Boxes:

• Simpler implementation for basic confidentiality
• Provides IND-CCA2 security
• Suitable for less complex use cases

Privacy Mechanisms

Technical Privacy Approaches:

1. Pseudonymous Identifiers:

   • Use of cryptonyms for correlation resistance
   • One Relationship Identifiers (ORIs) for partitioned relationships
   • Rotation of identifiers across contexts

2. Selective Disclosure:

   • ACDC graduated disclosure mechanisms
   • Compact disclosure using SAIDs
   • Partial disclosure with blinded attributes
   • Selective disclosure of specific attributes

3. Metadata Protection:

   • Minimization of correlatable metadata
   • Use of OOBIs for out-of-band discovery
   • Separation of discovery (via URI) from trust (via KERI)

Legal Privacy Frameworks:

Chain-Link Confidentiality (CLC):

• Contractual restrictions on disclosed information
• Obligations propagate to all downstream recipients
• Creates liability chains for privacy violations
• Complements technical mechanisms with legal enforceability

Graduated Disclosure with Contractual Protection:

• Progressive revelation of information
• Each disclosure level requires contractual agreement
• Enables risk-appropriate information sharing
• Supports compliance with privacy regulations (GDPR, CCPA)

Threat Model and Attack Resistance

SPAC identifies three classes of exploiters:

1. State Actors:

• Virtually unlimited resources
• Treated as largely out-of-scope for mitigation
• Focus on making attacks computationally infeasible rather than impossible

2. Super-Aggregators (e.g., Google, Facebook, Amazon):

• Massive data collection capabilities
• Statistical correlation across contexts
• Mitigation through:
  • Minimizing correlatable identifiers
  • Legal frameworks (CLC)
  • Selective disclosure mechanisms

3. Cybercriminals:

• Resource-constrained attackers
• Focus on exploitable vulnerabilities
• Mitigation through:
  • Strong cryptography (cold war security)
  • Key management best practices
  • Duplicity detection

Attack Vectors Addressed:

• Replay attacks: Prevented through KERI event sequencing and timestamps
• Man-in-the-middle attacks: Prevented through end-to-end encryption and signature verification
• Key compromise: Mitigated through pre-rotation and key rotation
• Correlation attacks: Reduced through pseudonymous identifiers and selective disclosure
• Collusion attacks: Addressed through chain-link confidentiality
• Rainbow table attacks: Prevented through UUIDs as salty nonces in ACDCs

Security Properties

Cryptographic Security Guarantees

Authenticity Properties:

• SUF-CMA: Strong Unforgeability under Chosen Message Attack
• Non-repudiation: Signatures provide proof of authorship
• Integrity: Any tampering invalidates signatures
• Attribution: Cryptographic binding to AID controller

Confidentiality Properties:

• IND-CCA2: Indistinguishability under Adaptive Chosen Ciphertext Attack
• Forward secrecy: Compromise of long-term keys doesn't compromise past sessions
• End-only viewability: Only intended recipient can decrypt
• Semantic security: Ciphertext reveals no information about plaintext

Privacy Properties:

• Correlation resistance: Pseudonymous identifiers reduce linkability
• Selective disclosure: Minimal information revelation
• Metadata protection: Reduced correlatable metadata
• Legal enforceability: Chain-link confidentiality provides recourse

Post-Quantum Security

SPAC leverages KERI's post-quantum safe properties:

Pre-rotation Protection:

• Next keys committed via cryptographic digests
• Digests remain secure even if signature algorithms are broken
• Enables recovery from quantum attacks on current keys

Hash-Based Security:

• Blake3-256 and SHA3-256 provide quantum resistance
• 128-bit security level sufficient for post-quantum threats
• One-way functions remain secure against quantum algorithms

Transition Strategy:

• Current algorithms (Ed25519, X25519) provide strong pre-quantum security
• Pre-rotation enables transition to quantum-resistant algorithms
• No breaking changes required for quantum-safe upgrade

Threat Model Boundaries

In Scope:

• Cryptographic attacks on authenticity and confidentiality
• Correlation attacks on privacy
• Key compromise scenarios
• Collusion between 2nd and 3rd parties
• Statistical analysis of metadata

Out of Scope:

• State-level adversaries with unlimited resources
• Physical attacks on hardware
• Social engineering attacks
• Coercion of participants
• Legal compulsion to disclose information

Interoperability

KERI Protocol Integration

SPAC is fundamentally built on KERI infrastructure:

Key Event Infrastructure:

• All SPAC identifiers are AIDs
• KELs provide verifiable key state history
• Pre-rotation enables secure key management
• Witnesses provide distributed verification
• Watchers enable duplicity detection

Event Sequencing:

• SPAC messages reference KERI events for ordering
• Prevents replay attacks through event sequence numbers
• Enables temporal verification of key states

Delegation:

• SPAC supports KERI delegation for hierarchical trust
• Enables organizational identity structures
• Maintains cryptographic verifiability through delegation chains

ACDC Integration

SPAC privacy mechanisms are implemented through ACDCs:

Graduated Disclosure:

• Compact disclosure: Only SAIDs revealed
• Partial disclosure: Selected sections expanded
• Selective disclosure: Specific attributes revealed
• Full disclosure: Complete credential details

Privacy Features:

• UUIDs as salty nonces prevent rainbow table attacks
• Blinded attributes enable selective revelation
• Contractually protected disclosure enforces privacy

Chaining:

• Authentic provenance chains establish trust
• Edge sections link related credentials
• Rule sections encode privacy policies

CESR Encoding

SPAC leverages CESR for efficient encoding:

Dual Domain Support:

• Text domain for human readability and debugging
• Binary domain for efficient transmission
• Composability enables round-trip conversion

Cryptographic Primitives:

• Qualified primitives include derivation codes
• Self-framing enables stream parsing
• Supports multiple signature schemes and encryption algorithms

OOBI Discovery

SPAC uses OOBIs for discovery:

Discovery Pattern:

• "Discovery via URI, trust via KERI"
• Out-of-band introduction for initial contact
• In-band verification through KERI protocols

Privacy Preservation:

• OOBIs don't reveal sensitive information
• Verification happens through cryptographic protocols
• Enables privacy-preserving discovery

TSP Integration

SPAC principles inform the Trust Spanning Protocol (TSP):

Layered Security:

• Authenticity overlay for secure attribution
• Confidentiality overlay for content protection
• Privacy overlay for identifier management

Protocol Stack:

• TSP provides transport-level security
• SPAC provides application-level security framework
• KERI provides identity infrastructure

Implementation Considerations

Cryptographic Library Selection

Recommended Libraries:

• libsodium: Provides Ed25519, X25519, ChaCha20-Poly1305
• HPKE implementations: For RFC 9180 compliance
• Blake3: For high-performance hashing

Key Management:

• Use hardware security modules (HSMs) for high-value keys
• Implement key stretching for password-derived keys
• Follow KERI key management best practices

Privacy Implementation Challenges

Correlation Resistance:

• Requires careful identifier management across contexts
• Must balance usability with privacy
• Consider user experience implications of frequent identifier rotation

Metadata Minimization:

• Reduce correlatable metadata in all communications
• Use OOBIs to separate discovery from trust
• Implement traffic analysis resistance where appropriate

Legal Framework Integration:

• Implement chain-link confidentiality contracts
• Ensure compliance with privacy regulations (GDPR, CCPA)
• Provide user controls for privacy preferences

Performance Considerations

Cryptographic Operations:

• Ed25519 signing is fast (~50,000 signatures/second)
• X25519 key exchange is efficient
• ChaCha20-Poly1305 provides high-performance encryption
• Blake3 offers parallel hashing for large data

Scalability:

• KERI's witness pools enable horizontal scaling
• ACDC selective disclosure reduces bandwidth
• CESR encoding minimizes overhead

Latency:

• Cryptographic operations add minimal latency
• Network round-trips dominate latency
• Consider caching strategies for frequently accessed data

Common Pitfalls

Authenticity Pitfalls:

• Failing to verify signatures on all messages
• Not checking key state at time of signing
• Ignoring duplicity evidence
• Improper handling of key rotation

Confidentiality Pitfalls:

• Using weak encryption algorithms
• Improper key management
• Not implementing forward secrecy
• Exposing plaintext in logs or error messages

Privacy Pitfalls:

• Over-disclosure of information
• Correlatable identifiers across contexts
• Insufficient metadata protection
• Lack of legal frameworks for privacy enforcement

Testing and Validation

Security Testing:

• Verify cryptographic implementations against test vectors
• Test key rotation and recovery scenarios
• Validate duplicity detection mechanisms
• Perform penetration testing on privacy features

Interoperability Testing:

• Test with multiple KERI implementations
• Verify ACDC compatibility
• Validate CESR encoding/decoding
• Test OOBI discovery mechanisms

Privacy Testing:

• Analyze correlation resistance
• Test selective disclosure mechanisms
• Validate metadata minimization
• Verify legal framework integration

Deployment Strategies

Phased Rollout:

1. Deploy authenticity mechanisms first (cold war security)
2. Add confidentiality for sensitive communications
3. Implement privacy features based on use case requirements
4. Integrate legal frameworks for sustainable privacy

Monitoring and Maintenance:

• Monitor for duplicity evidence
• Track key rotation events
• Audit privacy disclosures
• Update cryptographic algorithms as needed

Incident Response:

• Prepare for key compromise scenarios
• Implement recovery procedures using pre-rotation
• Document privacy breach response procedures
• Maintain audit trails for compliance

Relationship to Broader Ecosystem

W3C Verifiable Credentials

SPAC principles apply to W3C VCs:

Authenticity:

• VCs provide cryptographic proof of issuance
• KERI AIDs can serve as VC issuers and subjects
• Signatures provide non-repudiation

Privacy:

• Selective disclosure mechanisms align with SPAC
• Zero-knowledge proofs complement SPAC privacy
• Legal frameworks enhance technical privacy

DID Methods

SPAC is compatible with DID methods:

did:keri:

• Native integration with KERI infrastructure
• Full SPAC security properties
• Optimal for KERI-based systems

did:webs:

• Web-based discovery with KERI verification
• SPAC authenticity and confidentiality
• Privacy through selective disclosure

Other DID Methods:

• SPAC principles apply to any DID method
• Authenticity depends on DID method security
• Privacy varies by method capabilities

Trust Frameworks

SPAC informs governance frameworks:

GLEIF vLEI:

• Implements SPAC authenticity through KERI
• Uses ACDC privacy mechanisms
• Incorporates legal frameworks for privacy

ToIP Trust Frameworks:

• SPAC provides security foundation
• Governance frameworks build on SPAC principles
• Legal and technical mechanisms complement each other

Future Directions

Post-Quantum Cryptography

Algorithm Transitions:

• NIST post-quantum standards integration
• Lattice-based signatures (Dilithium, Falcon)
• Hash-based signatures (SPHINCS+)
• Code-based encryption (Classic McEliece)

Migration Strategy:

• Leverage KERI pre-rotation for smooth transitions
• Hybrid schemes during transition period
• Backward compatibility considerations

Enhanced Privacy Mechanisms

Zero-Knowledge Proofs:

• Integration with ACDC selective disclosure
• Range proofs for attribute values
• Set membership proofs
• Predicate proofs

Secure Multi-Party Computation:

• Threshold signatures for distributed control
• Private set intersection for discovery
• Secure aggregation for analytics

Differential Privacy:

• Statistical privacy for aggregate queries
• Noise injection for privacy preservation
• Formal privacy guarantees

Legal Framework Evolution

Regulatory Compliance:

• GDPR and CCPA alignment
• Emerging privacy regulations
• Cross-border data transfer frameworks

Smart Contracts:

• Automated enforcement of privacy policies
• Blockchain-based audit trails
• Decentralized dispute resolution

Standardization Efforts

IETF Specifications:

• Formal SPAC protocol specification
• Integration with existing IETF standards
• Interoperability testing frameworks

W3C Standards:

• VC privacy enhancements
• DID method specifications
• Credential exchange protocols

ISO Standards:

• Identity management standards
• Privacy frameworks
• Security certifications

Conclusion

SPAC provides a comprehensive framework for understanding and implementing security in KERI-based identity systems. By explicitly acknowledging the PAC Theorem's constraints and prioritizing authenticity and confidentiality over absolute privacy, SPAC enables practical systems that balance security, usability, and privacy.

The framework's integration with KERI, ACDC, and related protocols provides a solid foundation for building secure, privacy-preserving identity systems. The combination of strong cryptography (cold war security) with legal frameworks (chain-link confidentiality) creates sustainable privacy that can withstand both technical and social attacks.

Implementers should carefully consider the trade-offs inherent in the PAC Theorem and design systems that align with their specific security and privacy requirements. By following SPAC principles and leveraging KERI infrastructure, developers can build identity systems that provide strong security guarantees while respecting user privacy to the maximum extent possible within the constraints of the PAC Theorem.

• Use HSMs (Hardware Security Modules) for root keys
• Implement secure enclaves for mobile devices
• Consider TPMs (Trusted Platform Modules) for endpoint security
• Use key stretching for password-derived keys

Privacy Implementation

Identifier Management

Pseudonymous Identifiers:

• Create separate AIDs for different contexts
• Rotate identifiers periodically to reduce correlation
• Use One Relationship Identifiers (ORIs) for pairwise relationships
• Balance privacy with usability (too many identifiers confuse users)

Metadata Minimization:

• Reduce correlatable metadata in all messages
• Use OOBIs for discovery to separate discovery from trust
• Implement traffic analysis resistance where appropriate
• Consider timing attacks and implement countermeasures

Selective Disclosure

ACDC Integration:

• Use compact disclosure (SAIDs only) by default
• Implement partial disclosure for progressive revelation
• Support selective disclosure for specific attributes
• Provide full disclosure only when necessary and authorized

Blinded Attributes:

• Use UUIDs as salty nonces to prevent rainbow table attacks
• Implement blinded attribute mechanisms for privacy
• Support graduated disclosure with contractual protections
• Enable verifiable selective disclosure without revealing all data

Legal Frameworks

Chain-Link Confidentiality:

• Implement contractual restrictions on disclosed information
• Ensure obligations propagate to downstream recipients
• Provide audit trails for compliance
• Enable recourse mechanisms for privacy violations

Regulatory Compliance:

• Ensure GDPR compliance (right to erasure, data portability)
• Implement CCPA requirements (opt-out, data access)
• Support cross-border data transfer frameworks
• Maintain documentation for regulatory audits

Performance Optimization

Cryptographic Performance

Signature Operations:

• Ed25519 signing: ~50,000 signatures/second (highly efficient)
• Batch signature verification for multiple messages
• Cache verified signatures to avoid redundant verification
• Use hardware acceleration where available

Encryption Operations:

• ChaCha20-Poly1305: High-performance AEAD cipher
• X25519 key exchange: Efficient elliptic curve operations
• Consider AES-GCM on platforms with hardware acceleration
• Implement session key caching for repeated communications

Hashing Operations:

• Blake3: Parallel hashing for large data
• SHA3-256: NIST-standardized alternative
• Cache computed hashes for frequently accessed data
• Use incremental hashing for streaming data

Network Optimization

Bandwidth Reduction:

• Use CESR binary encoding for efficient transmission
• Implement ACDC compact disclosure to minimize data transfer
• Cache frequently accessed KELs and credentials
• Use compression where appropriate (but be aware of CRIME/BREACH attacks)

Latency Reduction:

• Minimize round-trips through batching
• Implement connection pooling for witness communications
• Use asynchronous operations where possible
• Consider edge caching for public data

Security Testing

Cryptographic Validation

Test Vectors:

• Verify Ed25519 implementation against RFC 8032 test vectors
• Test HPKE-Auth against RFC 9180 test vectors
• Validate Blake3 against official test suite
• Cross-check with multiple implementations

Key Management Testing:

• Test key rotation scenarios
• Validate pre-rotation recovery procedures
• Verify duplicity detection mechanisms
• Test witness pool consensus

Privacy Testing

Correlation Analysis:

• Test identifier correlation resistance
• Analyze metadata leakage
• Validate selective disclosure mechanisms
• Perform traffic analysis testing

Penetration Testing:

• Test for information leakage in error messages
• Validate access controls on private data
• Test for timing attacks
• Verify secure deletion of sensitive data

Common Pitfalls and Solutions

Authenticity Pitfalls

Problem: Not verifying signatures on all messages Solution: Implement mandatory signature verification in message processing pipeline

Problem: Ignoring duplicity evidence Solution: Integrate with watcher networks and halt processing on duplicity detection

Problem: Improper key state verification Solution: Always verify signatures against key state at time of signing, not current state

Confidentiality Pitfalls

Problem: Using weak encryption algorithms Solution: Use only SPAC-recommended algorithms (HPKE-Auth, ChaCha20-Poly1305)

Problem: Exposing plaintext in logs Solution: Implement secure logging that redacts sensitive information

Problem: Not implementing forward secrecy Solution: Use ephemeral keys for each session (HPKE-Auth provides this)

Privacy Pitfalls

Problem: Over-disclosure of information Solution: Implement graduated disclosure with contractual protections

Problem: Correlatable identifiers across contexts Solution: Use separate AIDs for different contexts and relationships

Problem: Insufficient metadata protection Solution: Minimize metadata and use OOBIs for discovery

Deployment Strategies

Phased Rollout

Phase 1: Authenticity

• Deploy KERI infrastructure (AIDs, KELs, witnesses)
• Implement signature verification
• Enable duplicity detection
• Establish baseline security

Phase 2: Confidentiality

• Add encryption for sensitive communications
• Implement HPKE-Auth or sealed boxes
• Enable secure key exchange
• Protect content data

Phase 3: Privacy

• Implement ACDC selective disclosure
• Deploy pseudonymous identifiers
• Add legal frameworks (chain-link confidentiality)
• Enable graduated disclosure

Monitoring and Maintenance

Operational Monitoring:

• Monitor for duplicity evidence
• Track key rotation events
• Audit privacy disclosures
• Monitor cryptographic algorithm usage

Security Updates:

• Stay current with cryptographic best practices
• Update algorithms as vulnerabilities are discovered
• Implement algorithm agility for smooth transitions
• Plan for post-quantum algorithm migration

Incident Response:

• Prepare key compromise response procedures
• Document recovery using pre-rotation
• Establish privacy breach notification procedures
• Maintain audit trails for forensics

Integration Patterns

KERI Integration

AID Management:

• Create AIDs for all SPAC participants
• Maintain KELs for key state history
• Implement witness pools for verification
• Enable watcher networks for duplicity detection

Event Processing:

• Process KERI events in order
• Verify event signatures
• Update key state based on rotation events
• Handle delegation events appropriately

ACDC Integration

Credential Issuance:

• Issue ACDCs with appropriate disclosure levels
• Include UUIDs for privacy protection
• Implement rule sections for privacy policies
• Enable edge sections for credential chaining

Credential Verification:

• Verify ACDC signatures against issuer AID
• Check credential status in TEL
• Validate schema compliance
• Verify selective disclosure proofs

CESR Integration

Encoding:

• Use CESR for all cryptographic primitives
• Implement dual domain support (text and binary)
• Enable composability for stream processing
• Support multiple serialization formats (JSON, CBOR, MGPK)

Parsing:

• Implement self-framing primitive parsing
• Handle count codes for grouped primitives
• Support cold-start stream parsing
• Enable efficient stream processing

Best Practices Summary

1. Always prioritize authenticity over confidentiality over privacy
2. Use KERI infrastructure for all identity operations
3. Implement strong cryptography (Ed25519, HPKE-Auth, Blake3)
4. Leverage ACDC selective disclosure for privacy
5. Combine technical and legal mechanisms for sustainable privacy
6. Test thoroughly (cryptographic validation, privacy testing, penetration testing)
7. Monitor continuously (duplicity detection, key rotation, privacy audits)
8. Plan for post-quantum migration using KERI pre-rotation
9. Document all security decisions and trade-offs
10. Stay current with SPAC framework evolution and best practices