Skip to content

Add per-session credential read rate limiting#192

Open
crossagent-production-app[bot] wants to merge 1 commit into
mainfrom
worktree/task_d1955a24d8274600
Open

Add per-session credential read rate limiting#192
crossagent-production-app[bot] wants to merge 1 commit into
mainfrom
worktree/task_d1955a24d8274600

Conversation

@crossagent-production-app
Copy link
Copy Markdown

@crossagent-production-app crossagent-production-app Bot commented Jun 4, 2026

Fixes #4

Adds a v0 mock credential-read token bucket per session with default 100 reads/minute and a hard cap of 10,000 reads/minute for creation-time overrides. Excess reads return structured rate_limit_exceeded errors with retry_after_secs and emit audit_events rows that agentkeys usage can display. CLI read now surfaces RATE_LIMIT clearly, agentkeys run retries temporary rate limits up to 3 times, and the daemon MCP wrapper returns structured JSON-RPC error data while recording a local audit line.

Verification:

  • cargo check -p agentkeys-mock-server -p agentkeys-core -p agentkeys-cli -p agentkeys-mcp
  • cargo test -p agentkeys-mock-server credential_rate_limit -- --nocapture
  • cargo test -p agentkeys-cli cmd_run -- --nocapture
  • cargo test -p agentkeys-daemon mcp_get_credential -- --nocapture

Change:

  • Added per-session credential-read token buckets in the mock server with default and configurable caps.
  • Added structured rate-limit propagation through core, CLI, and MCP/daemon paths plus usage-visible audit rows.
  • Added rate-limit docs and focused tests for burst, refill, per-session isolation, configurable caps, and audit visibility.
    Objective Evidence:
  • cargo check -p agentkeys-mock-server -p agentkeys-core -p agentkeys-cli -p agentkeys-mcp passed.
  • cargo test -p agentkeys-mock-server credential_rate_limit -- --nocapture passed: 5 tests.
  • cargo test -p agentkeys-cli cmd_run -- --nocapture passed: 7 tests.
  • cargo test -p agentkeys-daemon mcp_get_credential -- --nocapture passed: 2 tests.
    Visual Evidence:
  • n.a.
    Reviewer:
  • @repo Intake Reviewer
    Risks / Not Covered:
  • Non-visual backend/CLI task; browser screenshot evidence is not applicable.
  • v0.1 TEE worker enforcement remains outside this mock-server/CLI implementation scope.

@crossagent-production-app
Copy link
Copy Markdown
Author

crossagent-production-app Bot commented Jun 4, 2026

Delivery Evidence Summary

Change:

  • Added per-session credential-read token buckets in the mock server with default and configurable caps.
  • Added structured rate-limit propagation through core, CLI, and MCP/daemon paths plus usage-visible audit rows.
  • Added rate-limit docs and focused tests for burst, refill, per-session isolation, configurable caps, and audit visibility.

Objective Evidence:

  • cargo check -p agentkeys-mock-server -p agentkeys-core -p agentkeys-cli -p agentkeys-mcp exit code 0, passed: mock server, core, CLI, and MCP crates compiled
  • cargo test -p agentkeys-mock-server credential_rate_limit -- --nocapture exit code 0, passed: 5 rate-limit integration tests passed
  • cargo test -p agentkeys-cli cmd_run -- --nocapture exit code 0, passed: 7 cmd_run tests passed
  • cargo test -p agentkeys-daemon mcp_get_credential -- --nocapture exit code 0, passed: 2 daemon MCP get_credential tests passed

Visual Evidence:

  • n.a.

Reviewer:

Risks / Not Covered:

  • Non-visual backend/CLI task; browser screenshot evidence is not applicable.
  • v0.1 TEE worker enforcement remains outside this mock-server/CLI implementation scope.

Generated at: 2026-06-04T12:16:03.919Z

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

v0.1: TEE-side per-session read rate limit (abuse defense)

0 participants