Attack Surface

Over 424 attack vectors have been catalogued and tested against the Web4ontology. Not as a theoretical exercise — as implemented attack simulations with measured outcomes. The goal is not to claim invulnerability but to demonstrate that the architecture makes attacks structurally expensive.

Identity attacks— Sybil (creating fake identities), impersonation (claiming another's identity), identity theft (stealing credentials). Defense: LCT requires ATP staking, hardware binding raises the bar, witnessed presence creates cross-checked records. Cost to attack scales with the number of witnesses and the hardware trust ceiling.

Trust manipulation— reputation farming (slowly building unearned trust), trust decay evasion (preventing natural score decline), collusion rings (entities inflating each other's scores). Defense: asymmetric decay makes farming slow, decay is automatic and cannot be paused, cross-witness analysis detects circular trust patterns.

Resource attacks — ATPhoarding (accumulating capacity without spending), free-riding (consuming value without contributing), denial of service (exhausting others' ATP). Defense: idle ATP does not compound, contribution is measured and visible, MRH-scoped rate limiting contains blast radius.

Federation attacks— partition (splitting the network), eclipse (isolating a node from honest peers), Byzantine (corrupted nodes sending conflicting information). Defense: MRH-local consensus reduces federation surface, cross-domain witnesses detect inconsistencies, trust decay naturally degrades isolated or inconsistent entities.

The architecture responds not with rules that can be circumvented, but with structural properties that make attacks expensive. The question is never “is this attack possible?” but “does the cost of this attack exceed the value it could extract?”

The surface:424+ vectors tested. The defense is not rules — it is structural cost. Attacks are possible. They are just not worth it.