ForgeZero security model
ForgeZero uses a trust-store based security model for package installation and verification.
Principles
- Packages must be signed.
- Signatures are checked against a local trusted-key list.
- Untrusted keys are rejected.
- Signature verification is enabled explicitly with --verify-signatures.
Verification flow
1. The manifest is parsed.
2. The signature key is extracted.
3. The key is checked against the trusted-key store.
4. The package is accepted only when the key is trusted.