Assurance Playbook

Secure Code Review

Internal pre-flight guide

Secure Code Review (Internal)

Purpose:

Catch implementation flaws before external audits and penetration tests.
Reduce the chance that security properties are undermined by “normal” web/app bugs: parsing differences, time handling, weak randomness, logging leaks, unsafe defaults.

This is written as if you have a real reference build (gateway/BB/monitor/trustees). For this repo today, you can still apply the review mindset to the local POC:

POC implementation: src/votechain-poc/poc.ts

Pre-Review Setup

1. Establish Review Scope

Split code into domains:

Protocol correctness (hashing, signing, canonicalization, proof verification)
API boundary (input validation, authz, rate limiting, replay handling)
Key handling (HSM interfaces, rotation, revocation)
Storage (append-only logs, immutability guarantees, tamper evidence)
Observability (logs, metrics, traces, audit exports)
Privacy (PII handling, correlation fields, data minimization)

Expected output:

review-scope.md listing repos/services/modules in scope.

2. Run Baseline Automated Checks

In this repo:

npm run verify

Security-specific checks already wired:

npm run security:ci

Expected output:

a single CI log artifact per run
any failures filed as issues with owners and deadlines

What To Review (Checklist)

Protocol / Crypto Boundary

Look for:

Non-canonical signing and verification (signing “pretty JSON” instead of canonical bytes)
Missing domain separators for hashes
Weak comparisons (timing leaks) on sensitive tokens
Bad randomness sources (non-cryptographic RNG)
Time window checks that can be bypassed by clock skew or timezone mistakes

Expected:

Every signature/proof verification includes explicit context binding: election_id, jurisdiction_id, manifest_id, challenge, and any policy gates.

API and Input Validation

Look for:

Accepting unknown fields that could create “confused deputy” behavior
Parsing differences across languages (float vs int, unicode normalization, NaN)
Missing payload size limits (DoS via large requests)
Idempotency edge cases (same key, different body)

Expected:

Explicit request schemas with strict rejection of unknown fields.
Deterministic error codes that do not leak sensitive details.

Replay and Uniqueness Enforcement

Look for:

Challenges that are not single-use
Challenge expiry not enforced, or enforced inconsistently across servers
Nullifier uniqueness checked only in some paths (race conditions)

Expected:

Replay attempts fail deterministically.
Nullifier uniqueness is enforced in the authoritative system of record.

Key Management and Rotation

Look for:

Keys present in filesystem/env without HSM protection
Rotation without a transparency mechanism (clients can be tricked into trusting a fake key)
No “break glass” policy or audit trail for emergency changes

Expected:

HSM-backed keys for receipt signing and STH signing (per EWP PRD guidance).
Rotation events are auditable and verifiable.

Logging and Evidence Integrity

Look for:

Logging of PII or correlation identifiers in ways that violate the privacy model
Unstructured logs that cannot be used for forensic reconstruction
Missing audit anchors (evidence objects not hashed/anchored)

Expected:

A clear event taxonomy, retention policy, and export format for auditors.

Secure Code Review Test Checklist (30 Checks)

Use this as a consistent internal baseline. Each check is written as a “review test”: what to inspect, how to sanity-test it, and what evidence should exist.

If you are reviewing the in-repo POC, the primary file is:

src/votechain-poc/poc.ts

Canonicalization, Hashing, Encoding (CR01-CR10)

CR01. Canonical JSON is used everywhere required

Inspect: all signing/hashing code paths.
Test: create two JSON objects with different key orders; ensure canonicalization outputs identical bytes.
Expect: stable manifest_id/hashes; signatures verify regardless of field order in source objects.

CR02. Domain separation on hashes

Inspect: hash construction for nullifiers, BB leaf hashes, Merkle nodes.
Test: ensure each hash input includes a clear prefix / domain tag.
Expect: no cross-protocol hash reuse ambiguity.

CR03. Base64url encoding/decoding is strict

Inspect: base64url helpers.
Test: invalid characters and incorrect padding must be rejected deterministically.
Expect: no crashes; no silent truncation.

CR04. Signature payload bytes are unambiguous

Inspect: what exact bytes are signed for manifests, receipts, STHs, anchors.
Test: verify sign and verify use the identical byte-serialization routine.
Expect: no “verify works by accident” due to forgiving parsing.

CR05. No implicit float/int parsing in security-critical fields

Inspect: JSON parsers and schema validation.
Test: attempt to pass numbers where strings are expected; ensure schema rejection.
Expect: deterministic errors; no coercion.

CR06. Timestamp parsing and UTC comparisons

Inspect: expiry and “not_before/not_after” enforcement.
Test: ensure comparisons are done in UTC with defined skew tolerance.
Expect: no timezone bugs; no bypass via clock skew assumptions.

CR07. Crypto suite identifiers are validated

Inspect: suite selection and enforcement.
Test: attempt unknown suite/zk_suite values and ensure rejection.
Expect: no downgrade acceptance.

CR08. No mixed canonicalization standards

Inspect: use of JCS (RFC 8785) or equivalent.
Test: ensure the same canonicalization standard is used in every language/component.
Expect: conformance vectors pass across implementations.

CR09. Binary-to-text conversions are explicit

Inspect: any use of string encoders/decoders around signatures/hashes.
Test: ensure there are no implicit Unicode normalization surprises.
Expect: stable bytes and hashes.

CR10. Constant-time comparisons for secrets where applicable

Inspect: comparisons of tokens/keys/credentials in server code.
Test: ensure equality checks do not leak timing in a meaningful way (language-specific).
Expect: safe compare utilities are used where needed.

Replay, Idempotency, Uniqueness (CR11-CR18)

CR11. Challenge single-use enforcement is atomic

Inspect: challenge lifecycle update.
Test: concurrent requests must not consume the same challenge twice.
Expect: deterministic rejection on second use.

CR12. Challenge expiry is enforced consistently

Inspect: where expiry is checked (gateway, downstream services).
Test: expired challenges must always fail before any state mutation.
Expect: no partial writes.

CR13. Challenge is bound to cast request context

Inspect: proof/challenge binding rules.
Test: try mixing a challenge with different election_id/jurisdiction_id in tests.
Expect: verification fails.

CR14. Idempotency semantics are exact

Inspect: idempotency key storage and request hashing.
Test: same idempotency key + different body must fail; same body must return same outcome.
Expect: no double-writes; deterministic responses.

CR15. Nullifier uniqueness enforced at authoritative write point

Inspect: uniqueness checks and storage.
Test: concurrent casts for same nullifier must not both be accepted as counted.
Expect: one accepted, others rejected/flagged.

CR16. Nullifier derivation verification

Inspect: derived vs provided nullifier checks.
Test: mismatched nullifier must always fail early.
Expect: no “accept then flag later” for cryptographic conflicts.

CR17. Revoting extension (if implemented) is monotonic and auditable

Inspect: seq monotonic rules and tally selection.
Test: seq regressions must fail; only final valid cast counted.
Expect: earlier casts remain auditable but not counted.

CR18. No state mutation on validation failure

Inspect: ordering of validation vs writes (BB, anchors, fraud flags).
Test: intentionally invalid inputs must not write leaves or anchors.
Expect: clean failure without side effects.

Bulletin Board, Anchoring, Receipts (CR19-CR25)

CR19. BB append-only semantics

Inspect: BB write path and storage immutability assumptions.
Test: verify there is no “update leaf” operation; only append.
Expect: immutability is enforced and auditable.

CR20. STH issuance and signing

Inspect: STH signing key usage and payload definition.
Test: any change to STH content must invalidate signature.
Expect: verifier catches tampering.

CR21. Inclusion proof correctness

Inspect: inclusion proof computation and verification.
Test: mutate any path element; proof must fail deterministically.
Expect: no false positives.

CR22. Consistency proof support (if claimed)

Inspect: presence and verification of consistency proofs.
Test: missing/invalid consistency proofs must be treated as high severity.
Expect: monitor alerts and preserved evidence artifacts.

CR23. Receipt contains inclusion-only data (no vote selections)

Inspect: receipt schema and its signed payload.
Test: verify no selection plaintext appears; confirm no side-channel fields are included.
Expect: receipt does not enable vote-selling/coercion proofs.

CR24. Receipt linkage checks are strict

Inspect: receipt verification path.
Test: swap bb_leaf_hash or tx_id; verifier must fail.
Expect: no partial acceptance.

CR25. Anchors are verifiable offline

Inspect: what a verifier needs to validate receipts/anchors.
Test: ensure verification does not require privileged access or hidden keys.
Expect: offline verification feasible with published keys/anchors.

Logging, Privacy, Dependencies, Build (CR26-CR30)

CR26. No PII in logs

Inspect: all log fields and event payloads.
Test: run a synthetic election flow; scrape logs for disallowed fields.
Expect: no names, addresses, biometrics, or correlating identifiers beyond spec.

CR27. Error responses are non-leaky

Inspect: API error rendering.
Test: intentionally invalid inputs; ensure no stack traces, secrets, or internal IDs leak.
Expect: stable error codes + safe messages.

CR28. Secrets are not committed

Inspect: repo scanning and CI checks (for this repo: npm run security:scan-secrets).
Test: ensure secret scanner runs in CI and blocks merges on findings.
Expect: secrets remain out of source and build artifacts.

CR29. Dependency risks are managed

Inspect: dependency audit process and lockfile hygiene.
Test: run npm run security:audit and triage high severity findings.
Expect: SLA-driven remediation with owners and deadlines.

CR30. Reproducible builds and signed releases (where applicable)

Inspect: build pipeline, artifact hashes, signing steps.
Test: rebuild the same commit twice; compare artifact hashes where reproducible builds are claimed.
Expect: transparent, auditable build outputs.

Adversarial Review Tactics (Safe)

These are “review moves” to find bugs early:

Trace one object end-to-end (manifest, cast request, receipt) and confirm the exact bytes used for hashing/signing are identical across creation and verification.
Introduce benign field reordering in JSON fixtures and ensure canonicalization removes ambiguity.
Fuzz boundary conditions:
- empty arrays, huge arrays, missing required fields, extra unknown fields
- timestamp edge cases (near expiration, leap seconds/clock skew handling)
Review error handling for disenfranchisement risk:
- rate limiting and overload must fail safely (alternate gateways, provisional paths)

How To Patch (When You Find a Bug)

Use a consistent remediation loop:

Write a minimal reproduction (test or fixture).
Patch the implementation.
Add a regression test that fails without the patch.
Update the PRD/conformance vectors if the bug reveals a spec ambiguity.
Add a short postmortem note:
- root cause category, affected invariants, and prevention step.

What To Hand Off To Third Parties

Review scope and architecture notes
A list of known issues and fixes since last audit
Conformance test results
Secure build + dependency inventory (SBOM if available)
Key management and rotation docs (even if mocked for staging)

We the People

of the United States

in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America.

Article I — The Legislative Branch

Section 1

All legislative Powers herein granted shall be vested in a Congress of the United States, which shall consist of a Senate and House of Representatives.

Section 2 — The House of Representatives

The House of Representatives shall be composed of Members chosen every second Year by the People of the several States, and the Electors in each State shall have the Qualifications requisite for Electors of the most numerous Branch of the State Legislature.

No Person shall be a Representative who shall not have attained to the Age of twenty five Years, and been seven Years a Citizen of the United States, and who shall not, when elected, be an Inhabitant of that State in which he shall be chosen.

Representatives and direct Taxes shall be apportioned among the several States which may be included within this Union, according to their respective Numbers, which shall be determined by adding to the whole Number of free Persons, including those bound to Service for a Term of Years, and excluding Indians not taxed, three fifths of all other Persons.

The actual Enumeration shall be made within three Years after the first Meeting of the Congress of the United States, and within every subsequent Term of ten Years, in such Manner as they shall by Law direct. The Number of Representatives shall not exceed one for every thirty Thousand, but each State shall have at Least one Representative.

When vacancies happen in the Representation from any State, the Executive Authority thereof shall issue Writs of Election to fill such Vacancies.

The House of Representatives shall chuse their Speaker and other Officers; and shall have the sole Power of Impeachment.

Section 3 — The Senate

The Senate of the United States shall be composed of two Senators from each State, chosen by the Legislature thereof, for six Years; and each Senator shall have one Vote.

Immediately after they shall be assembled in Consequence of the first Election, they shall be divided as equally as may be into three Classes. The Seats of the Senators of the first Class shall be vacated at the Expiration of the second Year, of the second Class at the Expiration of the fourth Year, and of the third Class at the Expiration of the sixth Year, so that one third may be chosen every second Year.

No Person shall be a Senator who shall not have attained to the Age of thirty Years, and been nine Years a Citizen of the United States, and who shall not, when elected, be an Inhabitant of that State for which he shall be chosen.

The Vice President of the United States shall be President of the Senate, but shall have no Vote, unless they be equally divided.

The Senate shall chuse their other Officers, and also a President pro tempore, in the Absence of the Vice President, or when he shall exercise the Office of President of the United States.

The Senate shall have the sole Power to try all Impeachments. When sitting for that Purpose, they shall be on Oath or Affirmation. When the President of the United States is tried, the Chief Justice shall preside: And no Person shall be convicted without the Concurrence of two thirds of the Members present.

Judgment in Cases of Impeachment shall not extend further than to removal from Office, and disqualification to hold and enjoy any Office of honor, Trust or Profit under the United States: but the Party convicted shall nevertheless be liable and subject to Indictment, Trial, Judgment and Punishment, according to Law.

Section 4 — Elections

The Times, Places and Manner of holding Elections for Senators and Representatives, shall be prescribed in each State by the Legislature thereof; but the Congress may at any time by Law make or alter such Regulations, except as to the Places of chusing Senators.

The Congress shall assemble at least once in every Year, and such Meeting shall be on the first Monday in December, unless they shall by Law appoint a different Day.

Section 5 — Rules of Proceedings

Each House shall be the Judge of the Elections, Returns and Qualifications of its own Members, and a Majority of each shall constitute a Quorum to do Business; but a smaller Number may adjourn from day to day, and may be authorized to compel the Attendance of absent Members, in such Manner, and under such Penalties as each House may provide.

Each House may determine the Rules of its Proceedings, punish its Members for disorderly Behaviour, and, with the Concurrence of two thirds, expel a Member.

Each House shall keep a Journal of its Proceedings, and from time to time publish the same, excepting such Parts as may in their Judgment require Secrecy; and the Yeas and Nays of the Members of either House on any question shall, at the Desire of one fifth of those Present, be entered on the Journal.

Section 6 — Compensation and Privileges

The Senators and Representatives shall receive a Compensation for their Services, to be ascertained by Law, and paid out of the Treasury of the United States. They shall in all Cases, except Treason, Felony and Breach of the Peace, be privileged from Arrest during their Attendance at the Session of their respective Houses, and in going to and returning from the same; and for any Speech or Debate in either House, they shall not be questioned in any other Place.

No Senator or Representative shall, during the Time for which he was elected, be appointed to any civil Office under the Authority of the United States, which shall have been created, or the Emoluments whereof shall have been encreased during such time; and no Person holding any Office under the United States, shall be a Member of either House during his Continuance in Office.

Section 7 — Revenue Bills, Legislative Process

All Bills for raising Revenue shall originate in the House of Representatives; but the Senate may propose or concur with Amendments as on other Bills.

Every Bill which shall have passed the House of Representatives and the Senate, shall, before it become a Law, be presented to the President of the United States; If he approve he shall sign it, but if not he shall return it, with his Objections to that House in which it shall have originated, who shall enter the Objections at large on their Journal, and proceed to reconsider it.

If after such Reconsideration two thirds of that House shall agree to pass the Bill, it shall be sent, together with the Objections, to the other House, by which it shall likewise be reconsidered, and if approved by two thirds of that House, it shall become a Law. But in all such Cases the Votes of both Houses shall be determined by yeas and Nays, and the Names of the Persons voting for and against the Bill shall be entered on the Journal of each House respectively.

If any Bill shall not be returned by the President within ten Days (Sundays excepted) after it shall have been presented to him, the Same shall be a Law, in like Manner as if he had signed it, unless the Congress by their Adjournment prevent its Return, in which Case it shall not be a Law.

Every Order, Resolution, or Vote to which the Concurrence of the Senate and House of Representatives may be necessary (except on a question of Adjournment) shall be presented to the President of the United States; and before the Same shall take Effect, shall be approved by him, or being disapproved by him, shall be repassed by two thirds of the Senate and House of Representatives, according to the Rules and Limitations prescribed in the Case of a Bill.

Section 8 — Powers of Congress

The Congress shall have Power To lay and collect Taxes, Duties, Imposts and Excises, to pay the Debts and provide for the common Defence and general Welfare of the United States; but all Duties, Imposts and Excises shall be uniform throughout the United States;

To borrow Money on the credit of the United States;

To regulate Commerce with foreign Nations, and among the several States, and with the Indian Tribes;

To establish an uniform Rule of Naturalization, and uniform Laws on the subject of Bankruptcies throughout the United States;

To coin Money, regulate the Value thereof, and of foreign Coin, and fix the Standard of Weights and Measures;

To provide for the Punishment of counterfeiting the Securities and current Coin of the United States;

To establish Post Offices and post Roads;

To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;

To constitute Tribunals inferior to the supreme Court;

To define and punish Piracies and Felonies committed on the high Seas, and Offences against the Law of Nations;

To declare War, grant Letters of Marque and Reprisal, and make Rules concerning Captures on Land and Water;

To raise and support Armies, but no Appropriation of Money to that Use shall be for a longer Term than two Years;

To provide and maintain a Navy;

To make Rules for the Government and Regulation of the land and naval Forces;

To provide for calling forth the Militia to execute the Laws of the Union, suppress Insurrections and repel Invasions;

To provide for organizing, arming, and disciplining, the Militia, and for governing such Part of them as may be employed in the Service of the United States, reserving to the States respectively, the Appointment of the Officers, and the Authority of training the Militia according to the discipline prescribed by Congress;

To exercise exclusive Legislation in all Cases whatsoever, over such District (not exceeding ten Miles square) as may, by Cession of particular States, and the Acceptance of Congress, become the Seat of the Government of the United States, and to exercise like Authority over all Places purchased by the Consent of the Legislature of the State in which the Same shall be, for the Erection of Forts, Magazines, Arsenals, dock-Yards, and other needful Buildings;

To make all Laws which shall be necessary and proper for carrying into Execution the foregoing Powers, and all other Powers vested by this Constitution in the Government of the United States, or in any Department or Officer thereof.

Section 9 — Limits on Congress

The Migration or Importation of such Persons as any of the States now existing shall think proper to admit, shall not be prohibited by the Congress prior to the Year one thousand eight hundred and eight, but a Tax or duty may be imposed on such Importation, not exceeding ten dollars for each Person.

The Privilege of the Writ of Habeas Corpus shall not be suspended, unless when in Cases of Rebellion or Invasion the public Safety may require it.

No Bill of Attainder or ex post facto Law shall be passed.

No Capitation, or other direct, Tax shall be laid, unless in Proportion to the Census or enumeration herein before directed to be taken.

No Tax or Duty shall be laid on Articles exported from any State.

No Preference shall be given by any Regulation of Commerce or Revenue to the Ports of one State over those of another: nor shall Vessels bound to, or from, one State, be obliged to enter, clear, or pay Duties in another.

No Money shall be drawn from the Treasury, but in Consequence of Appropriations made by Law; and a regular Statement and Account of the Receipts and Expenditures of all public Money shall be published from time to time.

No Title of Nobility shall be granted by the United States: And no Person holding any Office of Profit or Trust under them, shall, without the Consent of the Congress, accept of any present, Emolument, Office, or Title, of any kind whatever, from any King, Prince, or foreign State.

Section 10 — Limits on States

No State shall enter into any Treaty, Alliance, or Confederation; grant Letters of Marque and Reprisal; coin Money; emit Bills of Credit; make any Thing but gold and silver Coin a Tender in Payment of Debts; pass any Bill of Attainder, ex post facto Law, or Law impairing the Obligation of Contracts, or grant any Title of Nobility.

No State shall, without the Consent of the Congress, lay any Imposts or Duties on Imports or Exports, except what may be absolutely necessary for executing it's inspection Laws: and the net Produce of all Duties and Imposts, laid by any State on Imports or Exports, shall be for the Use of the Treasury of the United States; and all such Laws shall be subject to the Revision and Controul of the Congress.

No State shall, without the Consent of Congress, lay any Duty of Tonnage, keep Troops, or Ships of War in time of Peace, enter into any Agreement or Compact with another State, or with a foreign Power, or engage in War, unless actually invaded, or in such imminent Danger as will not admit of delay.

Article II — The Executive Branch

Section 1 — The President

The executive Power shall be vested in a President of the United States of America. He shall hold his Office during the Term of four Years, and, together with the Vice President, chosen for the same Term, be elected, as follows:

Each State shall appoint, in such Manner as the Legislature thereof may direct, a Number of Electors, equal to the whole Number of Senators and Representatives to which the State may be entitled in the Congress: but no Senator or Representative, or Person holding an Office of Trust or Profit under the United States, shall be appointed an Elector.

No Person except a natural born Citizen, or a Citizen of the United States, at the time of the Adoption of this Constitution, shall be eligible to the Office of President; neither shall any Person be eligible to that Office who shall not have attained to the Age of thirty five Years, and been fourteen Years a Resident within the United States.

In Case of the Removal of the President from Office, or of his Death, Resignation, or Inability to discharge the Powers and Duties of the said Office, the Same shall devolve on the Vice President, and the Congress may by Law provide for the Case of Removal, Death, Resignation or Inability, both of the President and Vice President, declaring what Officer shall then act as President, and such Officer shall act accordingly, until the Disability be removed, or a President shall be elected.

The President shall, at stated Times, receive for his Services, a Compensation, which shall neither be encreased nor diminished during the Period for which he shall have been elected, and he shall not receive within that Period any other Emolument from the United States, or any of them.

Before he enter on the Execution of his Office, he shall take the following Oath or Affirmation:—"I do solemnly swear (or affirm) that I will faithfully execute the Office of President of the United States, and will to the best of my Ability, preserve, protect and defend the Constitution of the United States."

Section 2 — Powers of the President

The President shall be Commander in Chief of the Army and Navy of the United States, and of the Militia of the several States, when called into the actual Service of the United States; he may require the Opinion, in writing, of the principal Officer in each of the executive Departments, upon any Subject relating to the Duties of their respective Offices, and he shall have Power to grant Reprieves and Pardons for Offences against the United States, except in Cases of Impeachment.

He shall have Power, by and with the Advice and Consent of the Senate, to make Treaties, provided two thirds of the Senators present concur; and he shall nominate, and by and with the Advice and Consent of the Senate, shall appoint Ambassadors, other public Ministers and Consuls, Judges of the supreme Court, and all other Officers of the United States.

The President shall have Power to fill up all Vacancies that may happen during the Recess of the Senate, by granting Commissions which shall expire at the End of their next Session.

Section 3 — Duties of the President

He shall from time to time give to the Congress Information of the State of the Union, and recommend to their Consideration such Measures as he shall judge necessary and expedient; he may, on extraordinary Occasions, convene both Houses, or either of them, and in Case of Disagreement between them, with Respect to the Time of Adjournment, he may adjourn them to such Time as he shall think proper; he shall receive Ambassadors and other public Ministers; he shall take Care that the Laws be faithfully executed, and shall Commission all the Officers of the United States.

Section 4 — Impeachment

The President, Vice President and all civil Officers of the United States, shall be removed from Office on Impeachment for, and Conviction of, Treason, Bribery, or other high Crimes and Misdemeanors.

Article III — The Judicial Branch

Section 1 — Federal Courts

The judicial Power of the United States, shall be vested in one supreme Court, and in such inferior Courts as the Congress may from time to time ordain and establish. The Judges, both of the supreme and inferior Courts, shall hold their Offices during good Behaviour, and shall, at stated Times, receive for their Services, a Compensation, which shall not be diminished during their Continuance in Office.

Section 2 — Jurisdiction

The judicial Power shall extend to all Cases, in Law and Equity, arising under this Constitution, the Laws of the United States, and Treaties made, or which shall be made, under their Authority;—to all Cases affecting Ambassadors, other public Ministers and Consuls;—to all Cases of admiralty and maritime Jurisdiction;—to Controversies to which the United States shall be a Party;—to Controversies between two or more States;—between a State and Citizens of another State;—between Citizens of different States;—between Citizens of the same State claiming Lands under Grants of different States, and between a State, or the Citizens thereof, and foreign States, Citizens or Subjects.

In all Cases affecting Ambassadors, other public Ministers and Consuls, and those in which a State shall be Party, the supreme Court shall have original Jurisdiction. In all the other Cases before mentioned, the supreme Court shall have appellate Jurisdiction, both as to Law and Fact, with such Exceptions, and under such Regulations as the Congress shall make.

The Trial of all Crimes, except in Cases of Impeachment, shall be by Jury; and such Trial shall be held in the State where the said Crimes shall have been committed; but when not committed within any State, the Trial shall be at such Place or Places as the Congress may by Law have directed.

Section 3 — Treason

Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. No Person shall be convicted of Treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.

The Congress shall have Power to declare the Punishment of Treason, but no Attainder of Treason shall work Corruption of Blood, or Forfeiture except during the Life of the Person attainted.

Article IV — The States

Section 1 — Full Faith and Credit

Full Faith and Credit shall be given in each State to the public Acts, Records, and judicial Proceedings of every other State. And the Congress may by general Laws prescribe the Manner in which such Acts, Records and Proceedings shall be proved, and the Effect thereof.

Section 2 — Privileges and Immunities

The Citizens of each State shall be entitled to all Privileges and Immunities of Citizens in the several States.

A Person charged in any State with Treason, Felony, or other Crime, who shall flee from Justice, and be found in another State, shall on Demand of the executive Authority of the State from which he fled, be delivered up, to be removed to the State having Jurisdiction of the Crime.

No Person held to Service or Labour in one State, under the Laws thereof, escaping into another, shall, in Consequence of any Law or Regulation therein, be discharged from such Service or Labour, but shall be delivered up on Claim of the Party to whom such Service or Labour may be due.

Section 3 — New States and Federal Property

New States may be admitted by the Congress into this Union; but no new State shall be formed or erected within the Jurisdiction of any other State; nor any State be formed by the Junction of two or more States, or Parts of States, without the Consent of the Legislatures of the States concerned as well as of the Congress.

The Congress shall have Power to dispose of and make all needful Rules and Regulations respecting the Territory or other Property belonging to the United States; and nothing in this Constitution shall be so construed as to Prejudice any Claims of the United States, or of any particular State.

Section 4 — Guarantee to States

The United States shall guarantee to every State in this Union a Republican Form of Government, and shall protect each of them against Invasion; and on Application of the Legislature, or of the Executive (when the Legislature cannot be convened) against domestic Violence.

Article V — Amendment Process

The Congress, whenever two thirds of both Houses shall deem it necessary, shall propose Amendments to this Constitution, or, on the Application of the Legislatures of two thirds of the several States, shall call a Convention for proposing Amendments, which, in either Case, shall be valid to all Intents and Purposes, as Part of this Constitution, when ratified by the Legislatures of three fourths of the several States, or by Conventions in three fourths thereof, as the one or the other Mode of Ratification may be proposed by the Congress; Provided that no Amendment which may be made prior to the Year One thousand eight hundred and eight shall in any Manner affect the first and fourth Clauses in the Ninth Section of the first Article; and that no State, without its Consent, shall be deprived of its equal Suffrage in the Senate.

Article VI — Supremacy Clause

All Debts contracted and Engagements entered into, before the Adoption of this Constitution, shall be as valid against the United States under this Constitution, as under the Confederation.

This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.

The Senators and Representatives before mentioned, and the Members of the several State Legislatures, and all executive and judicial Officers, both of the United States and of the several States, shall be bound by Oath or Affirmation, to support this Constitution; but no religious Test shall ever be required as a Qualification to any Office or public Trust under the United States.

Article VII — Ratification

The Ratification of the Conventions of nine States, shall be sufficient for the Establishment of this Constitution between the States so ratifying the Same.

What is a "Legislative Day"?

Secure Code Review

Secure Code Review (Internal)

Pre-Review Setup

1. Establish Review Scope

2. Run Baseline Automated Checks

What To Review (Checklist)

Protocol / Crypto Boundary

API and Input Validation

Replay and Uniqueness Enforcement

Key Management and Rotation

Logging and Evidence Integrity

Secure Code Review Test Checklist (30 Checks)

Canonicalization, Hashing, Encoding (CR01-CR10)

Replay, Idempotency, Uniqueness (CR11-CR18)

Bulletin Board, Anchoring, Receipts (CR19-CR25)

Logging, Privacy, Dependencies, Build (CR26-CR30)

Adversarial Review Tactics (Safe)

How To Patch (When You Find a Bug)

What To Hand Off To Third Parties

Introduction

Committee Review

Floor Debate

Other Chamber

Conference

Presidential Action

Theme

Font

Privacy