The threat model doc (docs/threat-model-and-design-rationale.md) needs additional entries for:
- Unauthenticated WS/relay transport (MITM, impersonation)
- Policy server compromise scenarios
- Presignature pool attacks (exhaustion, tampering)
- DoS on signing ceremonies
- Key share encryption at rest threat analysis
- Mark TEE mode as '(planned)' not current
- Clarify key rotation requires full re-keygen + fund transfer
Ref: PR #14 CodeRabbit review
The threat model doc (docs/threat-model-and-design-rationale.md) needs additional entries for:
Ref: PR #14 CodeRabbit review