Security Model
==============

Epicrypt uses versioned payloads, embedded algorithm identifiers and key-id aware rotation helpers to reduce migration risk.

Core principles:

- Secure-by-default APIs.
- Explicit opt-in for unsafe/compatibility modes.
- Strict timestamp validation for signed tokens.
- Separation of crypto capabilities by domain.

Caller responsibilities:

- Protect keys in transit and at rest.
- Rotate keys periodically.
- Re-encrypt legacy data after rotation.
- Enforce TLS and application authorization controls.