This document provides a technical overview of the security architecture and trust assumptions for the AuthentiScan project. As an experimental prototype deployed on the Stellar Testnet, it is designed to demonstrate concepts rather than provide production-grade security guarantees.

The system utilizes a layered trust model where security is anchored at the ledger level.

graph TD
    subgraph "Client Environment (Untrusted)"
        U[End User]
        B[Local Hash Calculation]
    end

    subgraph "External Logic (Freighter Interface)"
        W[Freighter Wallet<br/>Transaction Auth]
        RPC[Soroban RPC<br/>Network Gateway]
    end

    subgraph "Stellar Testnet (Immutable Core)"
        SC[Smart Contract<br/>Prototype Logic]
        L[Stellar Ledger<br/>Permanent State]
    end

    U --> B
    B -->|content_hash + result| W
    W -->|signed transaction| RPC
    RPC --> SC
    SC -->|ledger write| L

    style SC fill:#d35400,stroke:#fff,stroke-width:2px
    style L fill:#27ae60,stroke:#fff,stroke-width:2px

• Non-Judicial Utility: The Verification Records anchored by this system are experimental indicators and do not constitute legal or judicial proof of authenticity.
• Probabilistic Findings: Results from the Prototype AI Analysis Module are estimates. The blockchain anchors the finding, not the absolute truth.
• No Formal Audit: This project has not undergone a professional third-party security audit.
• Identity Sensitivity: The Content-Based Identity is derived from exact bitstreams. Visual duplicates with different encodings will produce different hashes.

© 2026 AuthentiScan — Experimental Research Prototype