Substrate Threat Model
53 views
Skip to first unread message
Michael Taufen
Jun 18, 2026, 12:01:32 PM (8 days ago) Jun 18
to ate...@googlegroups.com, Vikas Kumar, Oleg Mitrofanov
Hi everyone,
We've been working on a basic, high level threat model for Substrate. We're sharing our first iteration today for feedback from the community. The intent is to develop a shared understanding of security expectations for Substrate, merge that into the upstream repo, and use it to guide design, review, and testing from here on out. Since Substrate is changing very quickly, we are trying to keep the threat model relatively high level. We should expect to evolve it over time as upstream changes.
Note: It's currently a Google doc because it's much easier to make suggestions and follow the various comment threads in that format. Once we have decent alignment, we'll copy it to markdown and send a PR.
Thank you,
Mike, Vikas, and Oleg
Michael Taufen
Jun 18, 2026, 12:05:15 PM (8 days ago) Jun 18
to ate-dev
I'll also note, this is a first pass. We probably missed some important things. Maybe even really big things! So please comment if you think we missed something :)
Michael Taufen
Jun 22, 2026, 1:30:12 PM (4 days ago) Jun 22
to ate-dev
Bumping this - thanks folks who have provided feedback so far. I'm planning to address existing comments and then send a PR.
Michael Taufen
Jun 25, 2026, 1:00:32 PM (yesterday) Jun 25
to ate-dev
Note: if you are having trouble accessing the doc, you need to join this mailing list for access. Thank you.
Michael Taufen
2:30 PM (1 hour ago) 2:30 PM
to ate-dev
Reply all
Reply to author
Forward
0 new messages