Security overview

Understand Velocity's cryptographic posture, threat model, and incident response expectations.

Last updated October 8, 2025View on GitHub

"Security overview" description: "Understand Velocity’s cryptographic posture, threat model, and incident response expectations." category: "Security" updated: "2025-10-08" order: 200

This page distils the full security design document into the highlights you need for risk reviews and incident prep.

Hybrid key agreement pairs X25519 with Kyber so secrecy survives either classical or post-quantum attacks.
Certificates contain both Dilithium and ECDSA signatures. Legacy clients verify with ECDSA today while PQ-ready clients lean on Dilithium.
Session tickets are encrypted with AEAD, scoped to a replay window, and embed issuer metadata to detect misuse.

Threat	Built-in defence
Passive nation-state interception	Hybrid key exchange + forward secrecy; optional 0‑RTT disablement for sensitive workloads.
Downgrade attempts	Policy decisions are signed into the transcript and logged with explicit `downgrade_reason` fields.
Metadata leakage	Connection IDs are padded, optional ECH hides SNI, and telemetry avoids sensitive payloads.
Replay attacks	Ticket windows and method allowlists protect early data; repeated attempts trigger alerts.

Enforce hybrid certificates everywhere Velocity terminates traffic.
Rotate ticket secrets at least daily and store them in an HSM or managed secrets platform.
Require client authentication (tls.client_auth) on admin APIs and privileged automation.
Monitor velocity_pq_validation_failures_total—anything above 0 is a page.

Capture diagnostics: velocity-cli admin diagnostics --dump, logs, and current metrics.
Revoke compromised certificates, rotate ticket keys, and tighten policy if abuse is suspected.
Notify the Velocity security team via the signed channel in SECURITY.md for coordinated disclosure.
Document the timeline using your post-incident template and feed learnings back into Exploit hardening.