// Section 5.3 · Protocol
End-to-End Encryption
Plaintext in transit is a configuration error.
// 5.3 · end-to-end encryption · the channel binding primitive
Request payloads dispatched to nodes are encrypted to the recipient node's RSA public key. Only that node can decrypt. The network treats plaintext-in-transit as a configuration error, not an option.
Dispatch encryption flow
// hybrid scheme · rsa-encrypted symmetric key · symmetric-encrypted body
Coordinator assembles the request payload (workload class, hardware tier, input data references).
Coordinator generates a per-payload AES-256-GCM key. Used once, never reused, never logged.
Per-payload key is RSA-encrypted to the assigned node's registered public key. Only that node's private key can unwrap.
Payload body is symmetric-encrypted under the per-payload key. Wrapped envelope dispatches to the node.
What the protocol claims
// explicit boundary of confidentiality
Payload confidentiality in transit
Even a man-in-the-middle observer with full network capture cannot read the dispatched payload. The RSA-wrapped symmetric key is decryptable only by the node's private key, which never leaves the node.
Confidentiality after execution
Once decrypted on the node, the payload is plaintext in the node's memory. Side-channel attacks against the node's local hardware are out of scope (§16.4). Operators treat the node as a trusted-but-verified execution environment.