security_review/audit/topics/snapshot_sync_import.md

632 bytes
Bundle Index Verify JSON 
# SpaceCash Security Review Topic: snapshot_sync_import

- Severity if failed: `high`
- Status: `not_reviewed`
- Reviewer:
- Reviewed at:

## Required Questions

- [ ] Can a non-append-only or malicious producer snapshot be imported?
- [ ] Does backup/rollback protect local state after failed import?

## Expected Controls

- snapshot verification
- producer allowlist
- append-only fork choice
- pre-import backup

## Evidence Collected

- Source files reviewed:
- Commands/tests run:
- Artifacts reviewed:

## Findings

- None recorded yet.

## Closure Notes

- Decision: `not_reviewed`
- Notes: