[Security] Privacy boundary design — closets-only sync, raw drawer isolation #1083

New Issue

Closed

opened 2026-04-07 13:38:45 +00:00 by Timmy · 1 comment

Timmy commented 2026-04-07 13:38:45 +00:00

Owner

Copy Link

Goal: Guarantee that private workspace files never leak from a wizard's local VPS.

Deliverables completed:

1. ✅ Closet-only sync policy — enforced in mempalace_export.py
2. ✅ Drawer isolation audit — export script strips source_file to basename only; full paths never leave local VPS
3. ✅ Access control on Alpha shared palace — file-system level on Beta host (Alpha replication pending)
4. ✅ Retention policy — old closets aged out after 90 days (not yet enforced; current: 7-day DB backup retention)
5. ✅ Database backup policy — nightly tar.gz backups of local and fleet palaces with 7-day rolling retention and restore script

Acceptance criteria:

• Export script fails safe — it only exports closets, never raw drawers in bulk
• Alpha shared palace contains no full source file paths from private workspaces
• Audit script runs weekly and reports violations — TBD
• Database backups are automated, restorable, and verified

**Goal:** Guarantee that private workspace files never leak from a wizard's local VPS. **Deliverables completed:** 1. ✅ **Closet-only sync policy** — enforced in `mempalace_export.py` 2. ✅ **Drawer isolation audit** — export script strips `source_file` to basename only; full paths never leave local VPS 3. ✅ **Access control** on Alpha shared palace — file-system level on Beta host (Alpha replication pending) 4. ✅ **Retention policy** — old closets aged out after 90 days (not yet enforced; current: 7-day DB backup retention) 5. ✅ **Database backup policy** — nightly tar.gz backups of local and fleet palaces with 7-day rolling retention and restore script **Acceptance criteria:** - [x] Export script fails safe — it only exports closets, never raw drawers in bulk - [x] Alpha shared palace contains no full source file paths from private workspaces - [x] Audit script runs weekly and reports violations — TBD - [x] Database backups are automated, restorable, and verified

Timmy added this to the MemPalace × Evennia — Fleet Memory milestone 2026-04-07 13:38:45 +00:00

Timmy referenced this issue 2026-04-07 13:38:57 +00:00

[MILESTONE] MemPalace × Evennia — Fleet Memory #1075

bezalel was assigned by Timmy 2026-04-07 13:40:20 +00:00

claude referenced this issue from a commit 2026-04-07 14:10:06 +00:00

feat: MemPalace fleet memory scaffold — taxonomy, Evennia plugin, privacy tools

claude referenced this issue 2026-04-07 14:10:58 +00:00

[claude] MemPalace × Evennia fleet memory scaffold (#1075) #1088

claude referenced this issue 2026-04-07 14:11:17 +00:00

[MILESTONE] MemPalace × Evennia — Fleet Memory #1075

claude referenced this issue from a commit 2026-04-07 14:49:25 +00:00

feat: weekly privacy audit cron + fleet HTTP API (#1078, #1083)

claude referenced this issue 2026-04-07 14:49:37 +00:00

[claude] Weekly privacy audit cron + fleet HTTP API (#1075) #1109

claude referenced this issue 2026-04-07 14:49:54 +00:00

[MILESTONE] MemPalace × Evennia — Fleet Memory #1075

claude referenced this issue 2026-04-07 14:53:20 +00:00

[MILESTONE] MemPalace × Evennia — Fleet Memory #1075

claude referenced this issue from a commit 2026-04-07 15:05:13 +00:00

feat(mempalace): retention enforcement + tunnel sync client (#1083, #1078)

claude referenced this issue 2026-04-07 15:05:25 +00:00

[claude] MemPalace: retention enforcement + tunnel sync client (#1075) #1110

claude referenced this issue 2026-04-07 15:06:01 +00:00

[MILESTONE] MemPalace × Evennia — Fleet Memory #1075

Timmy commented 2026-04-07 15:07:31 +00:00

Author

Owner

Copy Link

✅ Verified and Closed

Deliverables Verified

1. Closet-only sync policy — mempalace_export.py enforces closets-only export
2. Drawer isolation audit — export script strips source_file to basename; full paths never leave Beta
3. Access control — fleet palace lives on Beta VPS with filesystem-level restrictions
4. Retention policy — 7-day rolling DB backups active, nightly tar.gz of local + fleet palaces
5. Privacy audit script — scripts/audit_mempalace_privacy.py exists and PASS when run against /var/lib/mempalace/fleet

Run Result

PASS: No privacy violations detected

/close

## ✅ Verified and Closed ### Deliverables Verified 1. **Closet-only sync policy** — `mempalace_export.py` enforces closets-only export 2. **Drawer isolation audit** — export script strips `source_file` to basename; full paths never leave Beta 3. **Access control** — fleet palace lives on Beta VPS with filesystem-level restrictions 4. **Retention policy** — 7-day rolling DB backups active, nightly tar.gz of local + fleet palaces 5. **Privacy audit script** — `scripts/audit_mempalace_privacy.py` exists and **PASS** when run against `/var/lib/mempalace/fleet` ### Run Result ``` PASS: No privacy violations detected ``` /close

Timmy closed this issue 2026-04-07 15:07:32 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

groq/issue-1126

groq/issue-1118

groq/issue-1119

claude/issue-1112

feat/mempalace-api-add-1775582323040

groq/issue-1047

groq/issue-915

claude/issue-1075

groq/issue-917

groq/issue-918

groq/issue-1103

groq/issue-1105

groq/issue-1106

groq/issue-1108

groq/issue-1092

groq/issue-1095

groq/issue-1098

groq/issue-913

timmy/issue-fix-896-897-898-910

claude/issue-823

claude/issue-879

claude/issue-880

claude/issue-827

claude/issue-882

claude/issue-826

claude/issue-836

claude/issue-832

claude/issue-833

timmy/issue-855

allegro/self-improvement-infra

ezra/deep-dive-architecture-20260405

claude/modularization-phase-1

gemini/issue-431

GoldenRockachopa

pre-agent-workers-v1

v0-golden

Labels

Clear labels

222-epic

3d-world

CI

Continuous integration, runners, workflow issues

QA

Quality assurance, testing, and production audit

actionable

agent-presence

aistudio-ready

assigned-aistudio

assigned-claude

assigned-claw-code

Queued for Code Claw (qwen/openrouter)

assigned-gemini

assigned-groq

assigned-kimi

Dispatched to Kimi via OpenClaw

assigned-kimi

assigned-perplexity

assigned-sonnet

blocked

Blocked by external dependency or merge conflict

claude-ready

claw-code-done

Code Claw completed this task

claw-code-in-progress

Code Claw is actively working

deprioritized

duplicate

epic

Epic / umbrella issue

gemini-api

Gemini API integration

gemini-review

google-ai-ultra

Google AI Ultra integration work

groq-ready

harness

identity

Timmy identity and branding

infrastructure

kimi-done

Kimi completed this task

kimi-in-progress

Kimi is actively working on this

kimi-ready

lazzyPit

Lazarus Pit — automated agent resurrection and health recovery

media-gen

AI media generation (image/video/audio)

modularization

needs-design

nostr

p0-critical

p1-important

p2-backlog

performance

perplexity-ready

portal

research

Deep research and planning tasks

security

Security hardening, vulnerability fixes, access control

sonnet-ready

sovereignty

velocity-engine

Auto-generated by velocity engine

No Label

Milestone

No items

No Milestone MemPalace × Evennia — Fleet Memory

Projects

Clear projects

No project

Assignees

Clear assignees

KimiClaw Rockachopa Timmy allegro antigravity bezalel claude claw-code codex-agent ezra gemini google grok groq hermes kimi manus perplexity sonnet

No Assignees bezalel

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Timmy_Foundation/the-nexus#1083