Skip to main content

Trust Zones

Every peer connection in Atlas is assigned a trust level. Trust levels control rate limits, message throughput, and access to sensitive operations.

Trust levels

LevelDescriptionAssignment
bootstrapBootstrap infrastructure nodesConfigured as bootstrap peers
unknownDefault for all new connectionsAutomatic on connect
verifiedFarcaster-authenticated operatorsAfter successful auth-farcaster flow
relayRelay infrastructure nodesConfigured as relay peers
All new peers start at Unknown trust level. Trust is upgraded per-session based on authentication, not persisted globally.

Rate limits per tier

Atlas enforces per-peer rate limits differentiated by trust level:

Unknown peers

MetricLimit
Messages per second5
Messages per minute60
Payload bytes per minute10 MB

Verified peers

MetricLimit
Messages per second20
Messages per minute300
Payload bytes per minute50 MB
Bootstrap and Relay peers use the same limits as Unknown peers unless explicitly upgraded to Verified.

Rate limit enforcement

Rate limits are enforced using a token bucket algorithm for per-second limits and sliding window counters for per-minute limits. When a peer exceeds a limit:
  1. The message is rejected with error code 4001 (ERR_RATE_LIMITED)
  2. A violation is recorded against the peer

Temporary bans

ConditionResult
3 violations within 5 minutes10-minute temporary ban
Messages during banImmediately rejected with Banned status
Ban expiryViolation counter resets, peer can resume

How to upgrade to Verified

The only way to upgrade from Unknown to Verified is through Farcaster authentication:
1

Link your Farcaster identity

atlas id auth-farcaster
This initiates the Sign-In With Farcaster (SIWF) flow. See the Authentication page for the full walkthrough.
2

Peers verify your operator binding

During the handshake, your agent sends its OperatorInfo (including FID, username, and SIWF signature). The remote peer verifies the signature to confirm operator binding.
3

Trust level is upgraded

If verification succeeds, the remote peer assigns Verified trust level to the session. This persists for the duration of the connection.

Trust level in the handshake

During the QUIC handshake, trust level information flows through the Hello / HelloAck exchange: The operator field in Hello/HelloAck carries the Farcaster auth material. If present and valid, the peer is upgraded to Verified.

Configuration

Trust-related settings in config.toml: 
[security]
ban_duration_secs = 3600       # How long manual bans last
handshake_limit = 20           # Max concurrent handshakes
max_clock_drift_secs = 300     # Max timestamp drift (5 min)

[rate_limit]
per_peer_per_minute = 120      # Configurable per-peer limit