Zero Trust Architecture for Moltbot — Never Trust, Always Verify
Zero Trust means: no implicit trust – neither internally nor externally. Every access is continuously verified, regardless of network position or identity. This guide shows you the exact implementation for Moltbot production systems.
What is Zero Trust? Simply Explained
Traditional network security works like a castle: those outside can't get in. Those inside are trusted. The problem: once an attacker is inside (e.g., via phishing), they have free reign. Zero Trust flips this model: everyone must authenticate at all times, whether on the internal network or outside. A colleague can't simply access the database just because they're on the office WiFi. Every request needs a valid identity, authorization, and context check.
↓ Jump to implementation: middleware, micro-segmentation, code examples
ZTA Core Principles
Never Trust
Kein automatisches Vertrauen – auch nicht bei internen Netzwerken oder bekannten Geräten
Always Verify
Jeder Zugriff wird explizit authentifiziert, autorisiert und kontinuierlich verifiziert
Least Privilege
Minimale Zugriffsrechte für jeden User, Service und Device – nur was wirklich benötigt wird
Identity-Based Access Middleware
// moltbot/middleware/zero-trust.ts
import { NextRequest, NextResponse } from 'next/server';
import { verifyAccessToken } from '@/lib/access-token';
interface ZeroTrustContext {
userId: string;
deviceId: string;
riskScore: number;
permissions: string[];
}
export async function zeroTrustMiddleware(req: NextRequest): Promise<NextResponse | null> {
// 1. Verify Identity (JWT)
const token = req.cookies.get('access_token')?.value;
if (!token) return NextResponse.json({ error: 'Unauthenticated' }, { status: 401 });
const payload = await verifyAccessToken(token);
if (!payload) return NextResponse.json({ error: 'Invalid token' }, { status: 401 });
// 2. Continuous Risk Assessment
const riskScore = await calculateRiskScore({
ip: req.ip ?? '0.0.0.0',
userAgent: req.headers.get('user-agent') ?? '',
userId: payload.sub as string,
requestPath: req.nextUrl.pathname,
});
// 3. Block high-risk requests even with valid tokens
if (riskScore > 80) {
return NextResponse.json({ error: 'Step-up authentication required' }, { status: 403 });
}
// 4. Least Privilege: Check specific permission
const requiredPermission = getRequiredPermission(req.nextUrl.pathname);
if (requiredPermission && !(payload.permissions as string[]).includes(requiredPermission)) {
return NextResponse.json({ error: 'Insufficient permissions' }, { status: 403 });
}
return null; // Allow request
}Micro-Segmentation (K8s Network Policies)
# Zero Trust Network Policies für Moltbot
# Jeder Pod kommuniziert nur mit explizit erlaubten Services
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: moltbot-zero-trust
namespace: production
spec:
podSelector:
matchLabels:
app: moltbot
policyTypes: [Ingress, Egress]
ingress:
- from:
- podSelector: { matchLabels: { role: api-gateway } }
ports: [{ protocol: TCP, port: 3000 }]
egress:
- to:
- podSelector: { matchLabels: { app: postgres } }
ports: [{ protocol: TCP, port: 5432 }]
- to:
- podSelector: { matchLabels: { app: redis } }
ports: [{ protocol: TCP, port: 6379 }]
- ports: [{ protocol: UDP, port: 53 }] # DNS only