DM Pairing & Senders Allowlist Security
Hiroshi OS implements a zero-trust verification gate for direct messages (validate_sender_access) targeting unauthorized remote users attempting to initiate loops.
Verification Lifecycle
- Gate Check: Before dispatching an inbound message to the ReAct loop, Hiroshi validates the message’s
sender_idagainst the trusted senders listed in configurations and the SQLite cached allowlist database. - Terminal Halt: If the sender is unverified, execution halts immediately with 0 LLM token costs.
- PIN Generation: The kernel generates a random, localized 6-character PIN (e.g.,
HZ-942) logged to the server terminal. - Approval Handshake: An operator approves the session by running the administrative CLI subcommand:
Configurations
Configure the DM policy and bootstrap trusted accounts inside your configuration file:Security Metrics
| Measurement Parameter Axis | Performance Boundaries |
|---|---|
| Sender Allowlist Validation | Verification evaluates cached records in < 0.1ms |
| Token Intercept Leakage | Halted unverified messaging pipelines require 0 bytes of LLM token costs |