---
last_verified: 2026-05-30
verified_version: 0.1.34
owner: backend
freshness_days: 30
---

# Key Patterns — pvtcoms

Master index of critical development patterns. Each links to detailed docs in `docs/patterns/`.

## How to Use

- **Quick check**: Scan this index for the relevant pattern
- **Full recipe**: Follow the link to `docs/patterns/<category>.md`
- **Severity**: CRITICAL = must follow, HIGH = should follow, MEDIUM = recommended

## Core / Crypto Patterns

| # | Pattern | Severity | Details |
|---|---------|----------|---------|
| 1 | Use only audited crypto crates; no homerolled primitives | CRITICAL | [patterns/core.md](./patterns/core.md) |
| 2 | Wrap key material in `zeroize`/`secrecy`; wipe after use | CRITICAL | [patterns/core.md](./patterns/core.md) |
| 3 | Never log plaintext/keys/tokens/IPs/onion addrs | CRITICAL | [patterns/core.md](./patterns/core.md) |
| 4 | Constant-time comparison for secrets/MACs (`subtle`) | CRITICAL | [patterns/core.md](./patterns/core.md) |
| 5 | No `unwrap()`/`panic!` on attacker-controllable input in core | HIGH | [patterns/core.md](./patterns/core.md) |
| 6 | Fail closed — no Tor→clearnet fallback | CRITICAL | [patterns/core.md](./patterns/core.md) |

## Testing Patterns

| # | Pattern | Severity | Details |
|---|---------|----------|---------|
| 1 | Deterministic crypto test vectors, committed | CRITICAL | [patterns/testing.md](./patterns/testing.md) |
| 2 | Ratchet survives out-of-order/dropped/reconnect (property tests) | CRITICAL | [patterns/testing.md](./patterns/testing.md) |