Security hardening: fail-open decrypt, key-fingerprint mismatch, L2 poison, config-drift reads

[27Bslash6]

Summary

A tranche of security-posture hardening items (documented tradeoffs, not exploitable 0-days — AES-GCM remains the real boundary):

• Fail-open decrypt with no tamper signal — AES-GCM auth failure (wrong key / tampered ciphertext) is caught as a WARNING and the function recomputes; no metric distinguishes tampering from corruption. decorators/wrapper.py:1037-1048, encryption_wrapper.py:338
• Key-fingerprint mismatch warns and proceeds — a rotated/misconfigured key only logs a debug warning before the eventual fail-open. encryption_wrapper.py:309-316
• Non-constant-time checksum compare / corruption-only integrity — ByteStorage uses a plain != on a non-cryptographic xxHash3; document explicitly that this is corruption detection, not tamper-resistance, and that the plaintext @cache path stores attacker-forgeable bytes. cachekit-core/src/byte_storage.rs:134-139
• Config-drift read — an unencrypted handler reading a stale encrypted entry routes on metadata.encrypted and falls back to settings.master_key, decrypting or failing-open silently. cache_handler.py:680-691,497-498, encryption_wrapper.py:124-139

Notes

Tenant mismatch and empty cache_key correctly fail closed; nonce design and HKDF are sound (verified). Related: #128 (auto-encryption convergence — a present master key turns all caching encrypted).

Fix

Add a distinct tamper/integrity metric + fail-closed option; harden the fingerprint-mismatch path; clarify the integrity-vs-tamper docs.