Part V · 3 — Discipline and posture

draft

The Stack's cryptography is not correct by luck — it is correct because there is a single place where it lives, a posture that guides it, and the agility to swap whatever needs swapping. This is the close of the compendium: from the how to the how to keep it.


3.1 koder_kit: a single chokepoint

The central lesson of Part I — *work at the highest layer; never assemble primitives by hand* — becomes code in engines/sdk/koder_kit. All of the Stack's cryptography passes through it (policies/reuse-first.kmd); no module reimplements:

SDK API What it delivers
crypto.aead ChaCha20-Poly1305 + AES-GCM, nonce managed safely
crypto.sign Ed25519 (default) and ML-DSA-65 (PQC, planned)
crypto.kex X25519 + X25519MLKEM768 hybrid
crypto.hash SHA-256/384, BLAKE3
crypto.kdf HKDF, Argon2id
crypto.random CSPRNG wrapper
crypto.constant_time comparison without a side channel

The decisive point is the misuse-resistant API: it exposes seal(key, plaintext, ad) and open(key, ciphertext, ad) — and does not expose raw ECBCBCCTR, manual nonce choice, or "encrypt without authenticating". The most common mistake of Part II is made impossible by construction: there is no way to ask for the insecure path.

koder_kit as the single point: modules → SDK → primitives, with no insecure path

As a corollary, direct cryptographic dependencies are forbidden in production code: the module calls the SDK, not the low-level library. One single place to audit, update, and migrate.


3.2 Posture: self-hosted and multi-tenant

Two policies shape every decision:

  • Self-hosted first (policies/self-hosted-first.kmd) — no third-party SaaS in

    a crypto-critical path when there is a Koder or auditable OSS alternative. Trust is not outsourced.

  • Multi-tenant by default (policies/multi-tenant-by-default.kmd) — per-tenant

    isolation is a premise, not a feature added later.


3.3 Agility: ready for the next swap

Because the SDK is the single point, the Stack gets crypto-agility for free (Part IV): adding ML-DSA-65 to crypto.sign or the post-quantum hybrid to crypto.kex is a change in one place, propagated to all consumers. The PQC migration — which in hardwired systems is a rewrite — is configuration here. That is why X25519MLKEM768 is already in pilot in TLS and SSH.


3.4 The complete picture

The arc closes. Every Koder Stack engineering decision is a primitive chosen on purpose:

Koder need Primitive/protocol Part
Prove identity (JWT, passkey) Ed25519, WebAuthn I, II
Protect the connection (web, git) TLS 1.3, SSH — AEAD + KEX + signature II, III
Resist quantum X25519MLKEM768, ML-DSA-65 IV
Encrypt files and backups AEAD (kzip) II
Store keys HSM, HKDF, Shamir II
Not err in implementation koder_kit (misuse-resistant API) I

From intuition (Part I) to the primitives (II), to the protocols (III), to the post-quantum future (IV), all the way to the code that runs in production: Koder's cryptography is one single discipline, applied with consistency. For the dense detail of any point, Part VIII — Reference is the almanac.


End of the narrated arc of the Cryptography Compendium. The five parts cover from the why to the how to the how to keep it. The reference layer stays alive and dense for consultation. Next domain of the genre: Blockchain (stack#196).