Skip to main content

TideCloak 0.6.63

A critical bug fixing release on top of introducing a new Cardano signature model.

Highlights:

  • Cardano signature model.
  • Quorum-based operational action.
  • First draft of Rules Engine.
  • Licensing auto-renewal fix.

TideCloak changes

Licensing Auto-Renewal - CRITICAL BUG FIX

The monthly recurring process that automatically renews each of TideCloak's realms subscription had an edge-case that prevented it from working in specific circumstances due to legacy code. That problem has now been fixed and realms are now being renewed automatically as intended.

CyberSec Fabric changes

Quorum-based Ineffable Operational Action

A new capability was introduced to allow for real-time action requiring a quorum approval. Until now, quorum approvals were only required on administrative actions - such as changing a user's role or assigning new roles to a user, which required multiple admins to review, approve and commit that change to take effect. This new capability, described as an additional "auth-flow", allows operational actions (actions that happens on an on-going basis - like signing a transaction) to only be approved if a quorum of users (not necessarily admins) reviewed, approved and committed it first. This new capability allows functionalities like approving a monetary transaction only if approved by a group of users first, or authorising real-time access only if a group of supervisors allowed.

Programmable Rule-based actioning

This is the first step towards a comprehensive decentralized Rule-based engine. This capability allows Vendors to set or modify the conditions upon which a Fabric action is performed (Action performed in multi-party by the Fabric). These rules are tested, in realtime, every time that Fabric action is called, and act as a layer of security in a delegated scenario where authority over the Fabric's key isn't held with one owner rather a algorithmic flow. Tide now allows to specify different models to Fabric actions which dictate how those actions behave, e.g. a different model to sign a JWT than a Cardano transaction. Some models mandate a designation to a certified rule settings specification. Rule settings describe the logic the Fabric must follow in order to accomplish the desired model's action, e.g. a list of conditions that need to be met for the action to take place. Platforms can now allow users to set the conditions in the rule settings and trust the Fabric to adhere. A rule settings specification includes an array of rule-sets, where each set describe a set of rules that define methods and output values. All conditions within a rule-set must be met for it to pass, but only one rule-set must pass for the entire rule settings to approve an action. The Fabric will only honour rule settings that were certified by the key they're attempting to rule. The process of provisioning and administration of rules is the same as user roles and permissions in a Tide-IGA (Quorum-Based Authorization) flow. This new capability of a programmable rule-based security is tightly integrated with this release's previous capability of Quorum-based Ineffable Operational Action by the way it allows for rules that define, in real-time, the quorum of users required to approve an ad-hoc action.

For complete description of this feature and how to use it, see the documentation.

Cardano Signature model

Cardano blockchain's Shelly era's transactions are now part of the ever-growing capabilities of Tide Cybersecurity Fabric. Tide can now be used as a store for Cardano accounts (keys) in an Ineffable manner. A new interface now allows requesting to certify a Cardano transaction, that is compliant with Cardano's specifications and will be acceptable as proof of transaction. TideCloak can now offer an Enterprize-grade, multi-user, quorum-based custodian for an Ineffable Cardano wallet. See contributed reference project.