Cryptographic Protocol

Hash-Chain Trust Handshake (HCTH)

Joel Johnston 2026-04-06 Pre-stroke design

Hash-Chain Trust Handshake (HCTH)

Author: Joel Johnston Date: 2026-04-06 Domain: Cryptographic Protocol Stroke Timeline: Pre-stroke design

Abstract

HCTH is a lightweight trust protocol for roboNet mesh connections. Core insight: trust is earned through sustained cryptographic chain continuity, not granted by authority. No certificate authority. No PKI infrastructure. No trusted third party. Each peer evaluates trust independently based on the other peer's demonstrated history of chain continuity. Patent candidate — no known prior art for challenge-response trust accumulation through hash chain continuity in mesh networks.

The Problem

Distributed mesh networks need to answer one question about every peer: can this node be trusted to receive sensitive work?

Traditional answers:

Approach Mechanism Failure Mode
PKI / Certificate Authority Trusted third party signs certs CA compromise = all trust invalidated
Web of Trust Peers vouch for each other Sybil attacks, trust transitivity abuse
Pre-shared Keys Out-of-band key distribution Key rotation is operationally expensive
Zero Trust (current industry default) Verify every request, trust nothing Per-request overhead, no accumulated trust

All of these either require a central authority, out-of-band coordination, or treat every interaction as if the peer has no history.

HCTH rejects all four models. Trust accumulates through behavior. There is no shortcut.

Core Insight

In human relationships, trust is not granted — it is earned through sustained reliable behavior over time. A new contact starts at trust zero. Repeated reliable behavior increases trust. A single betrayal damages trust and requires sustained reliable behavior to rebuild.

HCTH applies this model cryptographically. The "sustained reliable behavior" in the mesh context is maintaining an unbroken hash chain across all messages.

A peer that sends messages consistent with its declared chain is behaving reliably. A peer whose chain breaks (gap in sequence, hash mismatch, replay) is behaving unreliably. Trust is the quantification of chain continuity history.

Wire Format

Chain Header

Every message in the HCTH protocol includes a chain header:

ChainHeader {
    prev_hash:    bytes[32]   // SHA-256 of previous message in this chain
    nonce:        uint64      // Monotonically increasing sequence number
    timestamp:    uint64      // Unix timestamp, millisecond precision
    payload_hash: bytes[32]   // SHA-256 of the message payload
    chain_sig:    bytes[64]   // Ed25519 signature over (prev_hash + nonce + timestamp + payload_hash)
}

Invariants:

  • prev_hash of message N must equal SHA-256(chain_header[N-1] + payload[N-1])
  • nonce must be strictly monotonically increasing (no gaps, no reuse)
  • timestamp must be within configurable drift tolerance (default: 2 seconds)
  • chain_sig must verify against the peer's declared public key

Any violation of these invariants is a chain break. Chain breaks are recorded, not just rejected.

Genesis Message

The first message in a chain (nonce = 0):

ChainHeader {
    prev_hash:    bytes[32] = 0x00...00   // 32 zero bytes — no predecessor
    nonce:        0
    timestamp:    <current>
    payload_hash: SHA-256(payload)
    chain_sig:    Ed25519(prev_hash + nonce + timestamp + payload_hash)
}

The genesis message is the trust anchor. Both peers record it. All subsequent trust evaluation references back to genesis.

Trust Scoring Algorithm

Trust Score Computation

trust_score(peer) = base_trust(peer) × decay(peer) × consistency(peer)

base_trust(peer) = min(chain_length(peer) / TRUST_FULL_THRESHOLD, 1.0)

decay(peer) = e^(-λ × time_since_last_message(peer))
              where λ = configurable decay constant (default: 0.001 per second)

consistency(peer) = 1.0 - (chain_breaks(peer) / total_messages(peer))

Trust Thresholds

Score Level Capabilities Granted
0.0 – 0.2 New Public information only, no task execution
0.2 – 0.5 Low Read-only mesh operations
0.5 – 0.8 Established Standard task execution, no high-risk operations
0.8 – 0.95 Trusted Full mesh operations, limited high-risk
0.95 – 1.0 High Trust All operations including quorum participation

Trust thresholds are configurable per deployment. A high-security mesh deployment can require higher thresholds for the same operations.

Trust Decay

Peers that go silent lose trust slowly. The decay function is exponential — a peer that was at 0.9 trust and goes silent for 1 hour decays to approximately 0.83 (with default λ). A peer silent for 24 hours decays to approximately 0.1.

Decay is not a penalty for going offline. Nodes go offline legitimately. Decay is a time-based staleness signal: recent consistent behavior is more meaningful than old consistent behavior.

A peer that reconnects after 24 hours silence and immediately resumes consistent chain continuity will rebuild trust within the TRUST_FULL_THRESHOLD message count. The history is not erased — it is weighted.

Attack Surface Analysis

Replay Attack

Attack: Capture a valid message from a trusted peer. Replay it later to gain trust credit.

HCTH defense: The nonce is monotonically increasing. A replayed message has a nonce lower than the current expected nonce. The receiver rejects it as a chain break. The replayer's trust score decreases for the chain break. The attack harms the attacker.

Man-in-the-Middle (MITM)

Attack: Intercept messages between A and B. Substitute malicious content while maintaining the chain appearance.

HCTH defense: The chain signature (Ed25519) covers the payload hash. A MITM attacker who modifies the payload cannot produce a valid chain signature without the sender's private key. The recipient detects the signature mismatch as a chain break.

Sybil Attack

Attack: Create many low-cost fake identities to game trust scores or flood the mesh with seemingly-trustworthy peers.

HCTH defense: Trust starts at 0 for all new peers regardless of how many there are. Building trust requires sustained correct behavior over time. A Sybil attacker needs to run each fake identity at the cost of maintaining unbroken hash chains for TRUST_FULL_THRESHOLD messages before the identity reaches meaningful trust. The cost scales linearly with the number of Sybil identities. There is no shortcut.

Chain Fabrication

Attack: A new peer attempts to present a long pre-fabricated chain history to start with high trust.

HCTH defense: The genesis message timestamp is recorded by the receiver. A chain that claims 10,000 messages of history but has a genesis timestamp from 3 seconds ago is physically impossible. The receiver calculates expected minimum chain age from genesis timestamp and current message count. Any chain that arrived "too fast" is flagged.

What HCTH Is Not

Not blockchain: HCTH uses hash chains but has no distributed ledger, no global consensus on chain state, no mining, and no token economics. Each peer maintains its own chain. Each peer evaluates the other peer's chain independently. There is no shared truth about a peer's chain history — only each observer's local record.

Not TLS/DTLS: TLS provides encryption and authentication via certificate chains. HCTH provides trust quantification through behavioral history. They address different problems. HCTH and TLS can coexist — HCTH operates at the trust layer, TLS at the transport layer.

Not a reputation system: Traditional reputation systems are global and aggregated. HCTH trust is per-peer-pair and local. Node A's trust of Node B is A's independent assessment based on A's observations of B. There is no global reputation score. This eliminates the reputation poisoning attack that affects global systems.

Prior Art Assessment

Literature search conducted April 2026 across:

  • Academic: IEEE Xplore, ACM Digital Library, arXiv
  • Commercial: Consul (HashiCorp), Istio service mesh, libp2p
  • Security: NIST cryptographic standards, RFC trust mechanisms

No equivalent found for: challenge-response trust accumulation through hash chain continuity in mesh networks with per-pair independent evaluation and decay-weighted scoring.

Adjacent work:

  • Blockchain / distributed ledgers (hash chains without per-pair independent evaluation)
  • PGP web of trust (reputation without chain continuity)
  • Zero Trust Architecture (no accumulation model)
  • TLS certificate pinning (trust without behavioral scoring)

The specific combination of hash chain continuity + per-pair local evaluation + decay-weighted accumulation + Sybil resistance through chain cost is novel.

Implementation Notes

HCTH is implemented in robonet.mesh.trust. The core classes:

  • ChainHeader — wire format serialization/deserialization
  • TrustLedger — per-peer chain state and trust score computation
  • TrustEngine — manages all peer ledgers, evaluates incoming messages
  • GenesisVerifier — genesis message validation and timestamp anchor

All cryptographic operations use Python cryptography library (Ed25519, SHA-256). No custom cryptography. The trust scoring algorithm is custom.

Test coverage: 47 tests in tests/test_trust_engine.py covering all chain invariants, all attack scenarios, decay curves, and threshold transitions.