> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hiroshios.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# Dm pairing security

# DM Pairing & Senders Allowlist Security

Hiroshi OS implements a zero-trust verification gate for direct messages (`validate_sender_access`) targeting unauthorized remote users attempting to initiate loops.

## Verification Lifecycle

1. **Gate Check:** Before dispatching an inbound message to the ReAct loop, Hiroshi validates the message's `sender_id` against the trusted senders listed in configurations and the SQLite cached allowlist database.
2. **Terminal Halt:** If the sender is unverified, execution halts immediately with 0 LLM token costs.
3. **PIN Generation:** The kernel generates a random, localized 6-character PIN (e.g., `HZ-942`) logged to the server terminal.
4. **Approval Handshake:** An operator approves the session by running the administrative CLI subcommand:
   ```bash theme={null}
   hiroshi pairing approve <channel> <sender_id>
   ```

## Configurations

Configure the DM policy and bootstrap trusted accounts inside your configuration file:

```yaml theme={null}
pairing:
  dm_policy: "pairing" # Options: "pairing" or "open"
  trusted_senders:
    - "admin_user_123"
```

## Security Metrics

| Measurement Parameter Axis      | Performance Boundaries                                                       |
| ------------------------------- | ---------------------------------------------------------------------------- |
| **Sender Allowlist Validation** | Verification evaluates cached records in **\< 0.1ms**                        |
| **Token Intercept Leakage**     | Halted unverified messaging pipelines require **0 bytes** of LLM token costs |
