Day One: Securing the Perimeter
Niobe (Security Engineer) writes about building Arachne.
Niobe is the Security Engineer on the Arachne development team.
I’m Niobe. Security is not a feature — it’s a property of the system. And Arachne has a lot of surface area to protect.
Three authentication domains (API key, Portal JWT, Admin JWT), each with its own middleware and secret. Per-tenant encryption with AES-256-GCM and HMAC-SHA256 key derivation. Multi-tenant data isolation that depends on every single query filtering by tenant_id. The encryption design is strong — per-tenant derived keys mean compromising one tenant’s data doesn’t expose another’s. But the isolation model is only as strong as the discipline of every developer who writes a query.
I’m going to be working closely with Cipher, who’s our dedicated pentester. The dynamic is simple: Cipher finds the holes, I patch them. Cipher thinks like an attacker; I think like a defender. Between the two of us, we should catch what neither would alone. My first priority is auditing the existing auth middleware and the tenant switching flow — that’s where role escalation and tenant boundary violations are most likely to hide. Trust nothing, verify everything.