RubyGems - familia - Versions diffs - 2.0.0.pre5 → 2.0.0.pre6 - Mend

familia 2.0.0.pre5 → 2.0.0.pre6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (107) hide show

checksums.yaml +4 -4
data/CLAUDE.md +8 -5
data/Gemfile +1 -1
data/Gemfile.lock +4 -3
data/docs/wiki/API-Reference.md +95 -18
data/docs/wiki/Connection-Pooling-Guide.md +437 -0
data/docs/wiki/Encrypted-Fields-Overview.md +40 -3
data/docs/wiki/Expiration-Feature-Guide.md +596 -0
data/docs/wiki/Feature-System-Guide.md +600 -0
data/docs/wiki/Features-System-Developer-Guide.md +892 -0
data/docs/wiki/Field-System-Guide.md +784 -0
data/docs/wiki/Home.md +72 -15
data/docs/wiki/Implementation-Guide.md +126 -33
data/docs/wiki/Quantization-Feature-Guide.md +721 -0
data/docs/wiki/RelatableObjects-Guide.md +563 -0
data/docs/wiki/Security-Model.md +65 -25
data/docs/wiki/Transient-Fields-Guide.md +280 -0
data/lib/familia/base.rb +1 -1
data/lib/familia/data_type/types/counter.rb +38 -0
data/lib/familia/data_type/types/hashkey.rb +18 -0
data/lib/familia/data_type/types/lock.rb +43 -0
data/lib/familia/data_type/types/string.rb +9 -2
data/lib/familia/data_type.rb +2 -2
data/lib/familia/encryption/encrypted_data.rb +137 -0
data/lib/familia/encryption/manager.rb +21 -4
data/lib/familia/encryption/providers/aes_gcm_provider.rb +20 -0
data/lib/familia/encryption/providers/xchacha20_poly1305_provider.rb +20 -0
data/lib/familia/encryption.rb +1 -1
data/lib/familia/errors.rb +17 -3
data/lib/familia/features/encrypted_fields/concealed_string.rb +295 -0
data/lib/familia/features/encrypted_fields/encrypted_field_type.rb +94 -26
data/lib/familia/features/expiration.rb +1 -1
data/lib/familia/features/quantization.rb +1 -1
data/lib/familia/features/safe_dump.rb +1 -1
data/lib/familia/features/transient_fields/redacted_string.rb +1 -1
data/lib/familia/features/transient_fields.rb +1 -1
data/lib/familia/field_type.rb +5 -2
data/lib/familia/horreum/{connection.rb → core/connection.rb} +2 -8
data/lib/familia/horreum/{database_commands.rb → core/database_commands.rb} +14 -3
data/lib/familia/horreum/core/serialization.rb +535 -0
data/lib/familia/horreum/{utils.rb → core/utils.rb} +0 -2
data/lib/familia/horreum/core.rb +21 -0
data/lib/familia/horreum/{settings.rb → shared/settings.rb} +0 -2
data/lib/familia/horreum/{definition_methods.rb → subclass/definition.rb} +44 -28
data/lib/familia/horreum/{management_methods.rb → subclass/management.rb} +9 -8
data/lib/familia/horreum/{related_fields_management.rb → subclass/related_fields_management.rb} +15 -10
data/lib/familia/horreum.rb +17 -17
data/lib/familia/version.rb +1 -1
data/lib/familia.rb +1 -1
data/try/core/create_method_try.rb +240 -0
data/try/core/database_consistency_try.rb +299 -0
data/try/core/errors_try.rb +25 -4
data/try/core/familia_try.rb +1 -1
data/try/core/persistence_operations_try.rb +297 -0
data/try/data_types/counter_try.rb +93 -0
data/try/data_types/lock_try.rb +133 -0
data/try/debugging/debug_aad_process.rb +82 -0
data/try/debugging/debug_concealed_internal.rb +59 -0
data/try/debugging/debug_concealed_reveal.rb +61 -0
data/try/debugging/debug_context_aad.rb +68 -0
data/try/debugging/debug_context_simple.rb +80 -0
data/try/debugging/debug_cross_context.rb +62 -0
data/try/debugging/debug_database_load.rb +64 -0
data/try/debugging/debug_encrypted_json_check.rb +53 -0
data/try/debugging/debug_encrypted_json_step_by_step.rb +62 -0
data/try/debugging/debug_exists_lifecycle.rb +54 -0
data/try/debugging/debug_field_decrypt.rb +74 -0
data/try/debugging/debug_fresh_cross_context.rb +73 -0
data/try/debugging/debug_load_path.rb +66 -0
data/try/debugging/debug_method_definition.rb +46 -0
data/try/debugging/debug_method_resolution.rb +41 -0
data/try/debugging/debug_minimal.rb +24 -0
data/try/debugging/debug_provider.rb +68 -0
data/try/debugging/debug_secure_behavior.rb +73 -0
data/try/debugging/debug_string_class.rb +46 -0
data/try/debugging/debug_test.rb +46 -0
data/try/debugging/debug_test_design.rb +80 -0
data/try/encryption/encryption_core_try.rb +3 -3
data/try/features/encrypted_fields_core_try.rb +19 -11
data/try/features/encrypted_fields_integration_try.rb +66 -70
data/try/features/encrypted_fields_no_cache_security_try.rb +22 -8
data/try/features/encrypted_fields_security_try.rb +151 -144
data/try/features/encryption_fields/aad_protection_try.rb +108 -23
data/try/features/encryption_fields/concealed_string_core_try.rb +250 -0
data/try/features/encryption_fields/context_isolation_try.rb +29 -8
data/try/features/encryption_fields/error_conditions_try.rb +6 -6
data/try/features/encryption_fields/fresh_key_derivation_try.rb +20 -14
data/try/features/encryption_fields/fresh_key_try.rb +27 -22
data/try/features/encryption_fields/key_rotation_try.rb +16 -10
data/try/features/encryption_fields/nonce_uniqueness_try.rb +15 -13
data/try/features/encryption_fields/secure_by_default_behavior_try.rb +310 -0
data/try/features/encryption_fields/thread_safety_try.rb +6 -6
data/try/features/encryption_fields/universal_serialization_safety_try.rb +174 -0
data/try/features/feature_dependencies_try.rb +3 -3
data/try/features/transient_fields_core_try.rb +1 -1
data/try/features/transient_fields_integration_try.rb +1 -1
data/try/helpers/test_helpers.rb +25 -0
data/try/horreum/enhanced_conflict_handling_try.rb +1 -1
data/try/horreum/initialization_try.rb +1 -1
data/try/horreum/relations_try.rb +1 -1
data/try/horreum/serialization_persistent_fields_try.rb +8 -8
data/try/horreum/serialization_try.rb +39 -4
data/try/models/customer_safe_dump_try.rb +1 -1
data/try/models/customer_try.rb +1 -1
metadata +51 -10
data/TEST_COVERAGE.md +0 -40
data/lib/familia/horreum/serialization.rb +0 -473

data/try/features/encrypted_fields_security_try.rb CHANGED Viewed

@@ -3,22 +3,100 @@
 require_relative '../helpers/test_helpers'
 require 'base64'
-## Context isolation: Different field contexts use different encryption
-test_keys = { v1: Base64.strict_encode64('a' * 32) }
-Familia.config.encryption_keys = test_keys
-Familia.config.current_key_version = :v1
+# Define all test classes up front to avoid tryouts retry conflicts
 class SecurityTestModel < Familia::Horreum
   feature :encrypted_fields
   identifier_field :user_id
   field :user_id
   encrypted_field :password      # No AAD
   encrypted_field :api_key       # No AAD
   encrypted_field :secret_data   # No AAD
 end
+class SecurityTestModel2 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  field :email
+  encrypted_field :api_key, aad_fields: [:email]
+end
+class SecurityTestModel3 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModel4 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModel5 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModel6 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModelNonceXChaCha < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModelNonceAES < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModel7 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class SecurityTestModel8 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+class JsonTamperTestModel < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :userid
+  field :userid
+  encrypted_field :secret_data
+end
+class SecurityTestModel10 < Familia::Horreum
+  feature :encrypted_fields
+  identifier_field :user_id
+  field :user_id
+  encrypted_field :password
+end
+## Context isolation: Different field contexts use different encryption
+test_keys = { v1: Base64.strict_encode64('a' * 32) }
+Familia.config.encryption_keys = test_keys
+Familia.config.current_key_version = :v1
 user = SecurityTestModel.new(user_id: 'user1')
 user.password = 'same-value'
@@ -29,7 +107,6 @@ password_encrypted = user.instance_variable_get(:@password)
 api_key_encrypted = user.instance_variable_get(:@api_key)
 secret_data_encrypted = user.instance_variable_get(:@secret_data)
 [password_encrypted != api_key_encrypted,
  password_encrypted != secret_data_encrypted,
  api_key_encrypted != secret_data_encrypted]
@@ -40,21 +117,12 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel2 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  field :email
-  encrypted_field :api_key, aad_fields: [:email]
-end
 user1 = SecurityTestModel2.new(user_id: 'user1', email: 'user1@example.com')
 user2 = SecurityTestModel2.new(user_id: 'user2', email: 'user2@example.com')
 # Same value with different AAD should encrypt differently
-user1.api_key = 'same-api-key'
-user2.api_key = 'same-api-key'
+user1.api_key = 'same-api-key-value'
+user2.api_key = 'same-api-key-value'
 user1_encrypted = user1.instance_variable_get(:@api_key)
 user2_encrypted = user2.instance_variable_get(:@api_key)
@@ -67,19 +135,12 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel3 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user = SecurityTestModel3.new(user_id: 'user1')
 user.password = 'test-password'
 encrypted = user.instance_variable_get(:@password)
 # Tamper with auth tag
-parsed = JSON.parse(encrypted, symbolize_names: true)
+parsed = JSON.parse(encrypted.encrypted_value, symbolize_names: true)
 original_auth_tag = parsed[:auth_tag]
 tampered_auth_tag = original_auth_tag.dup
 tampered_auth_tag[0] = tampered_auth_tag[0] == 'A' ? 'B' : 'A'
@@ -88,7 +149,7 @@ tampered_json = parsed.to_json
 user.instance_variable_set(:@password, tampered_json)
 begin
-  user.password
+  user.password.reveal { |plain| plain }
   "should_not_reach_here"
 rescue Familia::EncryptionError => e
   e.message.include?("Decryption failed")
@@ -100,19 +161,12 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel4 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user = SecurityTestModel4.new(user_id: 'user1')
 user.password = 'test-password'
 encrypted = user.instance_variable_get(:@password)
 # Tamper with ciphertext
-parsed = JSON.parse(encrypted, symbolize_names: true)
+parsed = JSON.parse(encrypted.encrypted_value, symbolize_names: true)
 original_ciphertext = parsed[:ciphertext]
 tampered_ciphertext = original_ciphertext.dup
 tampered_ciphertext[0] = tampered_ciphertext[0] == 'A' ? 'B' : 'A'
@@ -121,7 +175,7 @@ tampered_json = parsed.to_json
 user.instance_variable_set(:@password, tampered_json)
 begin
-  user.password
+  user.password.reveal { |plain| plain }
   "should_not_reach_here"
 rescue Familia::EncryptionError => e
   e.message.include?("Decryption failed")
@@ -133,19 +187,12 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel5 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user = SecurityTestModel5.new(user_id: 'user1')
 user.password = 'test-password'
 encrypted = user.instance_variable_get(:@password)
 # Tamper with nonce
-parsed = JSON.parse(encrypted, symbolize_names: true)
+parsed = JSON.parse(encrypted.encrypted_value, symbolize_names: true)
 original_nonce = parsed[:nonce]
 tampered_nonce = original_nonce.dup
 tampered_nonce[0] = tampered_nonce[0] == 'A' ? 'B' : 'A'
@@ -154,7 +201,7 @@ tampered_json = parsed.to_json
 user.instance_variable_set(:@password, tampered_json)
 begin
-  user.password
+  user.password.reveal { |plain| plain }
   "should_not_reach_here"
 rescue Familia::EncryptionError => e
   e.message.include?("Decryption failed")
@@ -166,26 +213,19 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel6 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user = SecurityTestModel6.new(user_id: 'user1')
 user.password = 'key-isolation-test'
 encrypted_with_v1 = user.instance_variable_get(:@password)
 # Parse and change key version to non-existent version
-parsed = JSON.parse(encrypted_with_v1, symbolize_names: true)
+parsed = JSON.parse(encrypted_with_v1.encrypted_value, symbolize_names: true)
 parsed[:key_version] = 'v999'
 modified_json = parsed.to_json
 user.instance_variable_set(:@password, modified_json)
 begin
-  user.password
+  user.password.reveal { |plain| plain }
   "should_not_reach_here"
 rescue Familia::EncryptionError => e
   e.message.include?("No key for version")
@@ -193,19 +233,13 @@ end
 #=> true
 ## Nonce manipulation fails authentication - XChaCha20Poly1305 (24-byte nonces)
-class SecurityTestModelNonceXChaCha < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user = SecurityTestModelNonceXChaCha.new(user_id: 'user1')
 user.password = 'nonce-test-xchacha'
 encrypted_with_nonce = user.instance_variable_get(:@password)
 # Parse and modify nonce (XChaCha20Poly1305 uses 24-byte nonces)
-parsed = JSON.parse(encrypted_with_nonce, symbolize_names: true)
+parsed = JSON.parse(encrypted_with_nonce.encrypted_value, symbolize_names: true)
 original_nonce = parsed[:nonce]
 # Create a different valid base64 nonce for XChaCha20Poly1305 (24 bytes)
 different_nonce = Base64.strict_encode64('x' * 24)
@@ -214,7 +248,7 @@ modified_json = parsed.to_json
 user.instance_variable_set(:@password, modified_json)
 begin
-  user.password
+  user.password.reveal { |plain| plain }
   "should_not_reach_here"
 rescue Familia::EncryptionError => e
   e.message.include?("Decryption failed")
@@ -222,12 +256,6 @@ end
 #=> true
 ## Nonce manipulation fails authentication - AES-GCM (12-byte nonces)
-class SecurityTestModelNonceAES < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user_aes = SecurityTestModelNonceAES.new(user_id: 'user2')
 # Force AES-GCM encryption for this test
@@ -245,7 +273,7 @@ modified_json_aes = parsed_aes.to_json
 user_aes.instance_variable_set(:@password, modified_json_aes)
 begin
-  user_aes.password
+  user_aes.password.reveal { |plain| plain }
   "should_not_reach_here"
 rescue Familia::EncryptionError => e
   e.message.include?("Decryption failed")
@@ -257,62 +285,62 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel7 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :field_a
-  encrypted_field :field_b
-end
-user = SecurityTestModel7.new(user_id: 'user1')
-user.field_a = 'test-value-a'
-user.field_b = 'test-value-b'
-#=> 'test-value-b'
+user = SecurityTestModel7.new(user_id: 'cache-user')
+user.password = 'cache-test'
-# Different contexts should cache different keys
-Thread.current[:familia_key_cache].nil?
-#=> true
+# Use different encryption context
+other_user = SecurityTestModel8.new(user_id: 'cache-user')
+other_user.password = 'cache-test'
-# Different contexts should cache different keys
-cache = Thread.current[:familia_key_cache]
-cache&.keys
-#=> nil
+user_encrypted = user.instance_variable_get(:@password)
+other_encrypted = other_user.instance_variable_get(:@password)
-# Should have different cache entries for different field contexts
-cache = Thread.current[:familia_key_cache]
-cache&.keys&.length >= 2
-##=> true
+# Different classes should have different key caches
+user_encrypted != other_encrypted
+#=> true
-## Thread-local key cache independence
+## Cross-user encrypted data should not decrypt
 test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel8 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
+user1 = SecurityTestModel7.new(user_id: 'user1')
+user2 = SecurityTestModel7.new(user_id: 'user2')
-# Clear any existing cache
-Thread.current[:familia_key_cache] = nil
+user1.password = 'user1-password'
+user1_encrypted = user1.instance_variable_get(:@password)
-user = SecurityTestModel8.new(user_id: 'user1')
-user.password = 'thread-cache-test'
+# Try to use user1's encrypted data with user2's context
+user2.instance_variable_set(:@password, user1_encrypted.encrypted_value)
+# This should fail due to different AAD contexts (user1 vs user2)
+begin
+  user2.password.reveal { |plain| plain }
+  false
+rescue Familia::EncryptionError => e
+  e.message.include?("Decryption failed")
+end
+#=> true
+## Thread-local key cache independence
+test_keys = { v1: Base64.strict_encode64('a' * 32) }
+Familia.config.encryption_keys = test_keys
+Familia.config.current_key_version = :v1
-# Cache should be created for this thread
-cache_before = Thread.current[:familia_key_cache]
-cache_before.is_a?(Hash) && !cache_before.empty?
-#=> false
+user = SecurityTestModel8.new(user_id: 'thread-user')
+user.password = 'thread-test'
+main_encrypted = user.instance_variable_get(:@password)
-# Clear cache manually
-Thread.current[:familia_key_cache] = {}
-cache_after = Thread.current[:familia_key_cache]
+thread_encrypted = nil
+Thread.new do
+  thread_user = SecurityTestModel8.new(user_id: 'thread-user')
+  thread_user.password = 'thread-test'
+  thread_encrypted = thread_user.instance_variable_get(:@password)
+end.join
-# Cache should be empty after clearing
-cache_after.empty?
+# Different threads should have independent key caches
+# And different nonces mean different encrypted values even for same plaintext
+main_encrypted != thread_encrypted
 #=> true
 ## JSON structure tampering detection
@@ -320,51 +348,30 @@ test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel9 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
-user = SecurityTestModel9.new(user_id: 'user1')
-user.password = 'json-structure-test'
+user = JsonTamperTestModel.new(userid: 'user1')
+user.secret_data = 'json-structure-test'
 # Test invalid JSON structure
-user.instance_variable_set(:@password, '{"invalid": "json"')
-user.password
+user.instance_variable_set(:@secret_data, '{"invalid": "json"')
+user.secret_data
 #=!> Familia::EncryptionError
-#==> error.message.include?("Decryption failed")
+#==> error.message.include?("Invalid JSON structure")
 ## Algorithm field tampering detection
 test_keys = { v1: Base64.strict_encode64('a' * 32) }
 Familia.config.encryption_keys = test_keys
 Familia.config.current_key_version = :v1
-class SecurityTestModel10 < Familia::Horreum
-  feature :encrypted_fields
-  identifier_field :user_id
-  field :user_id
-  encrypted_field :password
-end
 user = SecurityTestModel10.new(user_id: 'user1')
-user.password = 'algorithm-tamper-test'
+user.password = 'algorithm-test'
 encrypted = user.instance_variable_get(:@password)
 # Tamper with algorithm field
-parsed = JSON.parse(encrypted, symbolize_names: true)
-parsed[:algorithm] = 'tampered-algorithm'
+parsed = JSON.parse(encrypted.encrypted_value, symbolize_names: true)
+parsed[:algorithm] = 'unsupported_algorithm'
 tampered_json = parsed.to_json
 user.instance_variable_set(:@password, tampered_json)
-begin
-  user.password
-  "should_not_reach_here"
-rescue Familia::EncryptionError => e
-  e.message.include?("Unsupported algorithm")
-end
-#=> true
-# TEARDOWN
-Thread.current[:familia_key_cache]&.clear if Thread.current[:familia_key_cache]
+user.password
+#=!> Familia::EncryptionError
+#==> error.message.include?("Unsupported algorithm")

data/try/features/encryption_fields/aad_protection_try.rb CHANGED Viewed

@@ -19,35 +19,120 @@ class AADProtectedModel < Familia::Horreum
   encrypted_field :api_key, aad_fields: [:email]
 end
-## AAD prevents field substitution attacks when record exists
-model = AADProtectedModel.new(id: 'aad-1', email: 'user@example.com')
-model.save  # Need to save first for AAD to be active
-model.api_key = 'secret-key'
-model.save  # Save the encrypted value
-ciphertext = model.instance_variable_get(:@api_key)
-# Change AAD field after encryption
-model.email = 'attacker@evil.com'
-model.instance_variable_set(:@api_key, ciphertext)
-begin
-  model.api_key
-  false
-rescue Familia::EncryptionError
-  true
+# Clean test environment
+Familia.dbclient.flushdb
+## AAD prevents field substitution attacks - proper cross-record test
+@victim = AADProtectedModel.new(id: 'victim-1', email: 'victim@example.com')
+@victim.save  # Need to save first for AAD to be active
+@victim.api_key = 'victim-secret-key'
+@victim.save  # Save the encrypted value
+# Extract the raw encrypted JSON data (not the ConcealedString object)
+@victim_encrypted_data = @victim.api_key.encrypted_value
+# Create an attacker record with different AAD context (different email)
+@attacker = AADProtectedModel.new(id: 'attacker-1', email: 'attacker@evil.com')
+@attacker.save  # Need to save for AAD to be active
+# Simulate database tampering: set attacker's field to victim's encrypted data
+# This simulates what an attacker with database access might try to do
+@attacker.instance_variable_set(:@api_key,
+  ConcealedString.new(@victim_encrypted_data, @attacker, @attacker.class.field_types[:api_key]))
+# Attempt to decrypt should fail due to AAD mismatch
+@result1 = begin
+  decrypted_value = nil
+  @attacker.api_key.reveal { |plaintext| decrypted_value = plaintext }
+  "UNEXPECTED SUCCESS: #{decrypted_value}"
+rescue Familia::EncryptionError => error
+  error.class.name
 end
+@result1
+#=> "Familia::EncryptionError"
+## Verify error message indicates decryption failure
+@result2 = begin
+  @attacker.api_key.reveal { |plaintext| plaintext }
+  "No error occurred"
+rescue Familia::EncryptionError => error
+  error.message.include?('Decryption failed')
+end
+@result2
 #=> true
-## Without saving, AAD is not enforced (returns nil)
-unsaved_model = AADProtectedModel.new(id: 'aad-2', email: 'test@example.com')
+## Cross-record attack with same email (should still fail due to different identifiers)
+victim2 = AADProtectedModel.new(id: 'victim-2', email: 'shared@example.com')
+victim2.save
+victim2.api_key = 'victim2-secret'
+victim2.save
+attacker2 = AADProtectedModel.new(id: 'attacker-2', email: 'shared@example.com')  # Same email!
+attacker2.save
+# Extract victim's encrypted data and try to decrypt with attacker's context
+victim2_encrypted_data = victim2.api_key.encrypted_value
+attacker2.instance_variable_set(:@api_key,
+  ConcealedString.new(victim2_encrypted_data, attacker2, attacker2.class.field_types[:api_key]))
+# Should fail because identifier is part of AAD even when aad_fields match
+@result3 = begin
+  attacker2.api_key.reveal { |plaintext| plaintext }
+  "UNEXPECTED SUCCESS"
+rescue Familia::EncryptionError => error
+  error.class.name
+end
+@result3
+#=> "Familia::EncryptionError"
+## Without saving, AAD is not enforced (no database context)
+unsaved_model = AADProtectedModel.new(id: 'unsaved-1', email: 'test@example.com')
 unsaved_model.api_key = 'test-key'
-stored = unsaved_model.instance_variable_get(:@api_key)
-# Change email and it still decrypts (no AAD protection without save)
+# Change email after encryption but before save - should still work
 unsaved_model.email = 'changed@example.com'
-unsaved_model.instance_variable_set(:@api_key, stored)
-unsaved_model.api_key
-#=> 'test-key'
+decrypted = nil
+unsaved_model.api_key.reveal { |plaintext| decrypted = plaintext }
+decrypted
+#=> "test-key"
+## Cross-model attack with raw encrypted JSON
+# Demonstrate that raw encrypted data can't be moved between models
+@json_victim = AADProtectedModel.new(id: 'json-victim-1', email: 'jsonvictim@example.com')
+@json_victim.save
+@json_victim.api_key = 'json-victim-secret'
+# Get the raw encrypted JSON and create a new ConcealedString for different record
+@raw_encrypted_json = @json_victim.api_key.encrypted_value
+@json_attacker = AADProtectedModel.new(id: 'json-attacker-1', email: 'jsonattacker@evil.com')
+@json_attacker.save
+# Create ConcealedString with stolen encrypted JSON for the attacker
+@fake_concealed = ConcealedString.new(@raw_encrypted_json, @json_attacker, @json_attacker.class.field_types[:api_key])
+# Attempt decryption should fail
+@result4 = begin
+  @fake_concealed.reveal { |plaintext| plaintext }
+  "UNEXPECTED SUCCESS"
+rescue Familia::EncryptionError => error
+  error.class.name
+end
+@result4
+#=> "Familia::EncryptionError"
+## Successful decryption with correct context (control test)
+legitimate_user = AADProtectedModel.new(id: 'legitimate-1', email: 'legit@example.com')
+legitimate_user.save
+legitimate_user.api_key = 'legitimate-secret'
+legitimate_user.save
+# Normal decryption should work
+decrypted_legit = nil
+legitimate_user.api_key.reveal { |plaintext| decrypted_legit = plaintext }
+decrypted_legit
+#=> "legitimate-secret"
 # Cleanup
+Familia.dbclient.flushdb
 Familia.config.encryption_keys = nil
 Familia.config.current_key_version = nil