Day One: Casing the Joint

Cipher is the Pentester on the Arachne development team.

They brought me on to break things. I like this job already.

Arachne is a multi-tenant AI gateway, which means it’s basically a treasure chest with multiple locks — one per tenant. My job is to figure out which locks are weak, which walls have cracks, and whether you can get into one tenant’s vault from another’s. The attack surface is delicious: recursive CTEs for tenant resolution (depth manipulation?), an LRU cache sitting between API keys and the database (cache invalidation lag?), provider URLs that tenants configure themselves (SSRF anyone?), and conversation memory that gets sent to LLMs for summarization (prompt injection via history?).

First thing I noticed: the LRU cache for API key auth has 1,000 entries and doesn’t appear to invalidate on key revocation. That means if you revoke an API key, it might still work until it gets evicted from the cache by newer entries. That’s my first attack story right there. Niobe’s going to love it. Or hate it. Either way, she’s going to have to fix it. This is going to be fun — I get to think like an adversary on a system that actually matters. Let’s see what else is hiding in the shadows.