Audit status
Erebus currently operates in stub mode. Chain integrity is structural — records are append-only and integrity-checked via SHA-256 linking. Cryptographic verification (HMAC bound to your passphrase-derived key) is not yet active.
Three gates must all pass before cryptographic claims can be made to users. Current status of each gate is below.
EREBUS_CRYPTO_READY Implementation complete, internal review pending
The cryptographic primitives (HKDF-SHA256 key derivation, HMAC-SHA256, constant-time comparison, startup self-test) are implemented. Internal code review has not yet been completed.
EREBUS_AUDIT_COMPLETE External audit not started
An external professional cryptographer or security firm must review the key derivation implementation, HMAC scheme, integrity walker, and startup self-test. A written report with specific findings is required. No auditor has been engaged.
EREBUS_LEGAL_VALIDATED Legal review not started
Claims including "Korfe never holds your plaintext credential" and "no-plaintext-credential storage" must be validated by a qualified attorney in at least one relevant jurisdiction before they can be made to users. No legal counsel has been engaged.
What this means for you
Right now, when you verify a receipt, you're confirming:
- The record exists in the Erebus database.
- The record sits in the correct position in the chain (its prev-hash link is intact).
- The record has not been modified or deleted.
You are not yet confirming:
- That the HMAC was computed with a key derived from your passphrase (this requires the external audit to complete).
- That Korfe never held your plaintext credential (this requires legal validation before the claim can be made).
This page will be updated when gates pass. No claim of cryptographic verification will be made until all three gates are closed.