{"generated_at":"2026-05-29T18:58:35.173Z","scheme_version":"picms-crypto-v1","algorithms":{"hash":"sha256","hmac":"sha256","cipher":"aes-256-gcm","token_encoding":"base64url","key_exchange":"classical","signature":"ed25519","scheme_version":"picms-crypto-v1"},"application_dependencies":[{"package":"node:crypto","version_constraint":"node >= 22","role":"Symmetric encryption + hashing + CSPRNG primitives","algorithms":["sha256","hmac-sha256","aes-256-gcm","csprng","ed25519"],"quantum_vulnerable":false,"notes":"Standard library. Wrapped by infrastructure/security/crypto-provider.js — application code never imports node:crypto directly. Ed25519 sign/verify added 2026-05-08 for customer-verifiable export signatures."},{"package":"@aws-sdk/client-s3","version_constraint":"^3","role":"S3 transport + at-rest encryption (server-side AES-256)","algorithms":["aes-256-gcm","tls-1.2","sigv4-hmac-sha256"],"quantum_vulnerable":false,"notes":"TLS handshake is the inherited boundary; PICMS does not control cipher suite negotiation. Bundles uploaded with ServerSideEncryption=AES256."},{"package":"@anthropic-ai/sdk","version_constraint":"^0","role":"Claude API client","algorithms":["tls-1.2"],"quantum_vulnerable":false,"notes":"Network only. No local crypto operations. PICMS sends prompt text over TLS; quantum threat to historical traffic is bounded by Anthropic's TLS posture."},{"package":"openai","version_constraint":"^4","role":"OpenAI embeddings + chat completion client","algorithms":["tls-1.2"],"quantum_vulnerable":false,"notes":"Network only. No local crypto."},{"package":"stripe","version_constraint":"^18","role":"Payment processing + webhook signature verification","algorithms":["tls-1.2","hmac-sha256"],"quantum_vulnerable":false,"notes":"Webhook signatures are HMAC-SHA-256 (quantum-resistant). PICMS holds zero card data; only invoice/customer IDs."},{"package":"express-jwt","version_constraint":"^8","role":"JWT verification middleware","algorithms":["rs256"],"quantum_vulnerable":true,"notes":"RS256 verification. Quantum-vulnerability lives at Auth0 (key issuer); PICMS only verifies. Auth0 owns the post-quantum migration of their signing keys."},{"package":"jwks-rsa","version_constraint":"^3","role":"JWKS fetching for RS256 verification","algorithms":["tls-1.2"],"quantum_vulnerable":false,"notes":"Used in tandem with express-jwt. Network-only fetch of Auth0's public keys."},{"package":"helmet","version_constraint":"^6","role":"Security HTTP headers (CSP, HSTS, X-Frame-Options, etc.)","algorithms":[],"quantum_vulnerable":false,"notes":"Header configuration only. No crypto."},{"package":"puppeteer","version_constraint":"^24","role":"PDF rendering via headless Chromium","algorithms":["tls-1.2","various-via-chromium"],"quantum_vulnerable":false,"notes":"Indirect: Chromium uses BoringSSL/OpenSSL for TLS when fetching subresources. PICMS PDF generation does not perform crypto operations on user data."},{"package":"nodemailer","version_constraint":"^7","role":"SMTP email sending (alternative to Resend)","algorithms":["tls-1.2"],"quantum_vulnerable":false,"notes":"Used as a fallback transport. TLS-only; no message-body encryption."},{"package":"@supabase/supabase-js","version_constraint":"^2","role":"Vector database client (pgvector)","algorithms":["tls-1.2"],"quantum_vulnerable":false,"notes":"Network only. Supabase handles all server-side encryption."},{"package":"bcrypt","version_constraint":"^5","role":"Password hashing (DECLARED, NOT USED)","algorithms":["bcrypt"],"quantum_vulnerable":false,"notes":"Listed in package.json but not imported anywhere. Auth0 handles all authentication. Candidate for removal."},{"package":"jsonwebtoken","version_constraint":"^9","role":"JWT creation/verification (DECLARED, NOT USED)","algorithms":["rs256","hs256"],"quantum_vulnerable":true,"notes":"Listed in package.json but not directly imported by PICMS code. Pulled in transitively by Auth0 SDK."}],"inherited_cryptography":[{"boundary":"TLS termination","provider":"AWS Application Load Balancer","algorithms_in_use":["ecdhe-rsa","ecdhe-ecdsa","tls-1.2","tls-1.3"],"quantum_vulnerable":true,"responsibility":"AWS","notes":"PICMS does not control cipher suite negotiation. AWS owns the post-quantum TLS migration timeline."},{"boundary":"Authentication tokens","provider":"Auth0","algorithms_in_use":["rs256"],"quantum_vulnerable":true,"responsibility":"Auth0","notes":"JWT signature verification only on PICMS side. Auth0 holds the signing key and is responsible for migrating to a post-quantum algorithm."},{"boundary":"Webhook signature verification","provider":"Stripe","algorithms_in_use":["hmac-sha256"],"quantum_vulnerable":false,"responsibility":"Stripe","notes":"Symmetric HMAC; quantum-resistant. Both Stripe and PICMS hold the same shared secret."},{"boundary":"AWS SDK request signing","provider":"AWS","algorithms_in_use":["sigv4-hmac-sha256"],"quantum_vulnerable":false,"responsibility":"AWS","notes":"Quantum-resistant. PICMS supplies access keys; SDK handles signing internally."}],"export_signing":{"algorithm":"ed25519","scheme":"picms-exp-ed25519-v1","public_key_url":"https://www.picms.com/.well-known/picms-export-pubkey.pem","public_key_sha256":"5d1c1df63cf1157aca3986e5a67a64a8c88ecda75698c64b8d3705a1ccad0a8d","verifier_script_url":"https://www.picms.com/scripts/verify-picms-export.mjs","documentation_url":"https://www.picms.com/security/cbom","applies_to":"Weekly S3 export bundles (agent-memory exports). Older bundles are HMAC-only.","note":"Customers can verify export integrity independently using the public key + the zero-dependency verifier script. PICMS-internal HMAC signing remains in place for fast operational checks."},"roadmap_url":"https://www.picms.com/quantum","cbom_html_url":"https://www.picms.com/security/cbom","manifest_last_reviewed":"2026-05-08"}