CleanPlate

CleanPlate is a roommate chore organizer that allows users to post and complete chores for their household. Run completely from the command line, this tool is a practice and showcase in system security and quality assurance, with no external libraries.

Among other things, I was in charge of the assurance documentation and testing. The system assumed an honest-but-curious threat model, where users may attempt to:

Bypass authorization rules

Brute-force authentication mechanisms

Tamper with the application or audit state

Intercept or manipulate network traffic

I made sure that the system protected against:

Credential compromise (via strong password policies and rate limiting)

Privilege escalation (via strict role enforcement)

Unauthorized access (via session-based authentication)

Audit log tampering (hash chaining with hmac verification)

Network eavesdropping (via TLS 1.3)

My main testing strategy was a suite of unit and integration tests, as well as some targeted end to end testing of main project workflows.

Ensuring that actions were consistent was a main priority- if a task fails, all of its related tasks need to fail as well, and we rollback our db, if we commit a success to the db, its because everything succeeded at the same time.