SpectraStrike Documentation

Operational, architecture, SDK, and integration guidance

SpectraStrike SDK Developer Guide

Architecture Overview

How Federation Signing Works

Canonical Telemetry Schema Definition

Required normalized fields include:

How To Extend Tool Wrappers (Metasploit, Sliver, Mythic)

  1. Add execution method in wrapper module.
  2. Normalize command output into SDK event schema.
  3. Attach tenant/operator metadata.
  4. Attach attestation_measurement_hash.
  5. Emit through telemetry ingestion pipeline.

How To Emit Signed Telemetry

  1. Configure VECTORVUE_FEDERATION_SIGNING_KEY_PATH.
  2. Configure mTLS cert/key and CA file.
  3. Use VectorVueClient.send_federated_telemetry(...).
  4. Ensure nonces/timestamps are unique and current.

How To Validate Feedback Signatures

  1. Configure VECTORVUE_FEEDBACK_VERIFY_KEYS_JSON.
  2. Validate kid, signature_algorithm, signed_at, nonce, schema_version.
  3. Verify Ed25519 signature on canonical response tuple.
  4. Reject replayed nonce or stale timestamp.

Test Strategy

Key Rotation Strategy