Add TorchLean verifications#1
Open
siennathesane wants to merge 49 commits into
Open
Conversation
Burn stores Linear weight row-major as [d_input, d_output]. The export was chunking the flat data assuming [hidden, input] row-major (or [input, hidden] column-major), producing scrambled gen W1. Inference reading the scrambled gen file produced garbage that never showed up in production because the tree handled 100% of traffic. With the tree yanked, the bug becomes load-bearing. Fix: swap_dims(0, 1) before flatten so the resulting flat data matches the gen file's [hidden, input] chunk layout. Also adds a layout diagnostic test.
All 5 adversarial features (request_rate, error_rate, burst_score, path_repetition, suspicious_path_ratio) now satisfy W2[j] * W1[i,j] >= 0 for every hidden neuron j by construction: W1[adv,j] = softplus(gamma)*W2[j] guarantees the product is softplus(gamma)*W2[j]^2 >= 0. Audit: min(W2.W1[:,i]) = 0.000321 across all adversarial features.
…ures All 5 adversarial features (indices 0, 2, 8, 10, 11) satisfy W2[j] * W1[i,j] >= 0 for every hidden neuron j by construction. Audit: min(W2.W1[:,i]) = 0.004529 across all adversarial features. Valid accuracy: 98.08%.
Adds fp32_above_threshold_stable_under_monotone_perturbation: under the per-neuron sign constraint on the trained weights, if the R-ideal score on the original input has margin above the threshold + FP32 error term, the FP32 score on any monotone-upward perturbation of that input is also above the threshold. This is the 'one-way street' guarantee on real IEEE-754 binary32 hardware: adversaries raising adversarial features cannot weaken a certified Block verdict, regardless of perturbation magnitude. Trust base: mlp_forward_monotone_in (Tier 2 over R) + fp32_above_threshold_when_real_above_margin (Tier 4). Axiom-clean modulo Mathlib baseline (propext, Classical.choice, Quot.sound). Applies to both DDoS (audit: min product 0.000321) and scanner (audit: min product 0.004529) since both share the 2-layer MLP shape and have weights satisfying the sign constraint via hard reparameterization.
Iterates up to 1000 samples per detector from dataset.bin, computes the FP32-sound certified L∞ robustness radius via ensemble::crown, and reports percentile + threshold-crossing summaries in normalized feature space. Run with --nocapture to see distribution tables. Snapshot results (Sunbeam synthetic + CSIC scanner / CICIDS DDoS): Scanner: 99.9% any cert, 45.4% at r≥0.05, median 0.0350 DDoS: 100.0% any cert, 91.5% at r≥0.05, median 0.1028
siennathesane
added a commit
that referenced
this pull request
May 15, 2026
Addresses CodeQL cleartext-logging alerts (#1, #2, #3) by implementing session ID redaction for CLI output. Changes: - Extract marathonctl into standalone crate (crates/marathonctl) - Add session ID redaction showing only first 8 characters by default - Add --show-sensitive/-s flag for full session IDs when debugging - Implement beautiful ratatui-based UI module with inline viewport - Add .envrc to .gitignore for secure token management - Document GitHub token setup in CONTRIBUTING.md The CLI now provides a secure-by-default experience while maintaining debugging capabilities through explicit opt-in flags. Session IDs are redacted to format "abc-def-..." unless --show-sensitive is specified. UI module provides easy-to-use builder APIs (ui::table, ui::grid, ui::list) that render beautiful terminal output without hijacking the terminal. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
siennathesane
added a commit
that referenced
this pull request
May 15, 2026
Addresses CVE regarding IterMut violating Stacked Borrows in lru crate. Changes: - Update lru v0.16.2 -> v0.16.3 (patched version) - Remove vulnerable lru v0.12.5 and v0.13.0 - Update ratatui v0.29 -> v0.30 in marathonctl - Remove unnecessary ratatui/crossterm from app crate - Update pkarr v5.0.0 -> v5.0.2 - Bump libmarathon v0.1.1 -> v0.1.2 - Bump marathonctl dependency on libmarathon to 0.1.2 All lru versions now use the patched 0.16.3 release. Fixes: https://github.com/r3t-studios/marathon/security/dependabot/1 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
siennathesane
pushed a commit
that referenced
this pull request
May 15, 2026
…9688) Had another random failure in `webauthn.test.e2e.ts`: ``` Retry #1 ─────────────────────────────────────────────────────────────────────────────────────── TimeoutError: locator.click: Timeout 3000ms exceeded. Call log: - waiting for getByText('Sign out') - waiting for" http://localhost:3003/user/settings/security" navigation to finish... - navigated to "http://localhost:3003/user/settings/security" - locator resolved to <a href="" tabindex="-1" role="menuitem" id="_aria_auto_id_10" data-url="/user/logout" class="item link-action">…</a> - attempting click action 2 × waiting for element to be visible, enabled and stable - element is not visible - retrying click action - waiting 20ms 2 × waiting for element to be visible, enabled and stable - element is not visible - retrying click action - waiting 100ms 6 × waiting for element to be visible, enabled and stable - element is not visible - retrying click action - waiting 500ms 41 | // Logout. 42 | await page.locator('div[aria-label="Profile and settings…"]').click(); > 43 | await page.getByText('Sign out').click(); | ^ 44 | await expect(async () => { 45 | await page.waitForURL(`${workerInfo.project.use.baseURL}/`); 46 | }).toPass(); at /workspace/forgejo/forgejo/tests/e2e/webauthn.test.e2e.ts:43:36 ``` While attempting to click `Sign out`, playwright waited for page navigation to `http://localhost:3003/user/settings/security` to complete, and then the `Sign out` button never became visible. This suggests to me that the test: - Clicked `Add security key` - There was a race between the browser, which began reloading `/user/settings/security`... - And the test clicked on `Profile and settings…` immediately *before* the new page loaded, since that was visible and available on the old page - Therefore `Sign out` never appeared on the new page to be clicked This PR addresses the race by ensuring that after the security key is added, the page with the security key added is visible (specifically the Remove button). This should prevent the click on "Profile and settings" and "Sign out" from potentially occurring on different pages (as would happen if the reload occurred between the two clicks). I have not been able to reproduce this exact failure locally, but I have tricked my e2e testing situation into reproducing other errors in this test by introducing a synthetic 100ms wait on every web request in the gitea server. After adding this fix, the test does not fail in that scenario. (🤷 Probably good, but no guarantee that we're not going to see another issue.) ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [x] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [x] I do not want this change to show in the release notes. - [ ] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/9688 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Mathieu Fenniak <mathieu@fenniak.net> Co-committed-by: Mathieu Fenniak <mathieu@fenniak.net>
siennathesane
pushed a commit
that referenced
this pull request
May 15, 2026
…re foreign key errors (#9709)
Discovered while testing #9708:
Fresh install databases, which is also a process used by the integration tests, create tables by using `SyncAllTables`. The order that tables are created is ungoverned -- it occurs based upon the order that Go calls each module's `init` to register their schema models. With the current foreign keys in the database, this does not yet cause an error. But it will shortly.
I've manually tested this fix in this way:
- The correct order to create tables is that indicated by `foreignKeySortInsert`. This creates tables that are *referenced* by foreign keys before creating tables that do the referencing (eg. `user` before `tracked_time`).
- If I modify this PR and sort the keys the opposite way `foreignKeySortDelete`, then integration tests fail:
```
??? [TestLogger] 2025/10/15 22:37:58 models/db/engine.go:270:InitEngineWithMigration() [E] [Error SQL Query] CREATE TABLE IF NOT EXISTS "gtestschema"."tracked_time" ("id" BIGSERIAL PRIMARY KEY NOT NULL, "issue_id" BIGINT NULL, "user_id" BIGINT NULL, "created_unix" BIGINT NULL, "time" BIGINT NOT NULL, "deleted" BOOL DEFAULT false NOT NULL, CONSTRAINT "tracked_time_issue_id_fkey" FOREIGN KEY ("issue_id") REFERENCES "gtestschema"."issue" ("id"), CONSTRAINT "tracked_time_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "gtestschema"."user" ("id")); [] - pq: relation "gtestschema.issue" does not exist
??? [TestLogger] 2025/10/15 22:37:58 routers/common/db.go:36:InitDBEngine() [E] ORM engine initialization attempt #1/10 failed.
```
Therefore this PR which doesn't appear to fix anything today fixes a latent bug that will occur shortly (possibly in #9397, possibly when another foreign key is added, possibly if Go changes the order in which `init` functions are invoked).
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
- [ ] in `web_src/js/*.test.js` if it can be unit tested.
- [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/9709
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Mathieu Fenniak <mathieu@fenniak.net>
Co-committed-by: Mathieu Fenniak <mathieu@fenniak.net>
siennathesane
added a commit
that referenced
this pull request
May 15, 2026
When boringtun returns ConnectionExpired, the daemon previously entered a catatonic loop — the dead Tunn kept returning the same error on every tick without ever re-handshaking. The tunnel is now rebuilt immediately on ConnectionExpired (fix #1), eliminating the deadlock. A per-peer consecutive-rebuild counter escalates to a node-key rotation signal after three rebuilds without a successful handshake, covering the case where the server-side session is also stuck and needs a NodeKey change to force a PeersChanged push (fix #2). Per-peer warn rate-limiting suppresses the 30+ duplicate log lines that previously appeared within 100ms when NoCurrentSession errors flooded decapsulate (fix #4). The Running daemon status now carries last_handshake_fail so operators can see when the most recent expiry occurred via sunbeam vpn status (fix #3). Signed-off-by: Sienna Meridian Satterwhite <sienna@r3t.io>
siennathesane
added a commit
that referenced
this pull request
May 15, 2026
…artup DERP-received CallMeMaybe/Ping/Pong were silently fed to WgTunnel::decapsulate instead of the disco classifier, so the entire peer discovery exchange was dropped before WireGuard handshakes could complete. Disco shared keys were not seeded from the initial peer set, causing decryption to fail until the next Full netmap push; and Pong replies always went via UDP regardless of which transport the Ping arrived on, so DERP-only peers never received them. These three compounding bugs are the actual root cause the prior fix #1+#2 commits did not address. Signed-off-by: Sienna Meridian Satterwhite <sienna@r3t.io>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds support for TorchLean CROWN verification and gets the proxy one step closer to certified verification for extremely high-risk deployment environments.