Security & Threat Model
Keywords: threat model, vulnerabilities, anti-cheat, maphack, replay signing, WASM sandbox, transport encryption, Workshop supply chain, ranked integrity, path traversal, competitive integrity
Iron Curtain’s security is architectural — every defense emerges from design decisions made for other reasons. This chapter catalogs 61 vulnerabilities (V1–V61) with concrete mitigations, cross-referenced to the design decisions that prevent them.
| Section | Topic | File |
|---|---|---|
| Threat Model & Core Vulns (V1–V5) | Fundamental constraint, threat matrix, maphack, order injection, lag switch, desync exploit, WASM sandbox | security/threat-model.md |
| Mods & Replays (V6–V10) | Replay tampering, reconciler signing, join codes, tracking server, version mismatch | security/vulns-mods-replays.md |
| Client Cheating (V11–V13) | Speed hack, automation/botting (dual-model detection, population baselines, enforcement timing, behavioral matchmaking), match result fraud | security/vulns-client-cheating.md |
| Protocol & Transport (V14–V17) | Transport encryption, protocol parsing, order authentication, state saturation (EWMA traffic scoring) | security/vulns-protocol.md |
| Workshop Security (V18–V25) | Supply chain, typosquatting, manifest confusion, git-index poisoning, dependency confusion, version immutability, relay exhaustion, desync-as-DoS | security/vulns-workshop.md |
| Ranked Integrity (V26–V32) | Win-trading, queue sniping, CommunityBridge phishing, cross-community rating, soft reset, desperation timeout, relay SPOF | security/vulns-ranked.md |
| Infrastructure & Sandbox (V33–V42) | YAML injection, EWMA NaN, SimReconciler drift, DualModel trust, protocol fingerprinting, parser safety, Lua sandbox, LLM injection, replay bypass, save game deserialization | security/vulns-infrastructure.md |
| Identity & Module Isolation (V43–V52) | DNS rebinding, dev mode, replay frame loss, Unicode impersonation, key rotation, server key revocation, Workshop signing, WASM isolation, package quarantine, star-jacking | security/vulns-identity-sandboxing.md |
| Edge Cases & Summary (V53–V61) | Direct-peer replay gap, false-positive targets, desync classification, RTL/BiDi injection, ICRP CSWSH, lobby manipulation, spectator delay, RNG prediction, local credential theft, path security infrastructure, competitive integrity summary | security/vulns-edge-cases-infra.md |