# Sierra Security

<h3>Introduction</h3>

Sierra Security is a verification system I plan to integrate across my systems. It ensures that only people with the correct program and numeral keys can generate the same IDs, which are used to unlock my programs.

<h3>Modules</h3>

The code is designed to be pasted at the start of your program. There are many variations for this module. Ensure that you are downloading the correct one:

*   `sierra-security-combination-x-x-x.py`: Combination of uuid verification and generation. **Do not use for locks.**
*   `sierra-security-generation-x-x-x.py`: Generation only, suitable for portable "keychains".
*   `sierra-security-verification-x-x-x.py`: Verification only, suitable for locks.

---

## V. A-2 Technical Enhancements & Hardening

Compared to the original A-1 logic, the **Version A-2** suite includes several critical security and cryptographic enhancements to prevent unauthorized access and forensic recovery across all P7MJ software.

### 1. Brute-Force Immunity (Hash Stretching)
*   **The Upgrade**: Implements **50,000 rounds** of SHA-256 hashing (Hash Stretching). This forces the computer to perform significant mathematical work for every single guess.
*   **Impact**: Even if an analyst identifies the 0-999 key range, testing all 1,000 keys would now take an automated script hours to complete. Since the ID expires every 15 minutes, brute-forcing is mathematically impossible.

### 2. Cryptographic Rolling Salt (Daily Expiration)
*   **The Upgrade**: The internal cryptographic "base" of the program now shifts every 24 hours based on the current UTC date string.
*   **How it Works**: The salt remains consistent for a 24-hour window. However, at 00:00 UTC, the date changes, causing the resulting UUIDs for the exact same keys to change entirely.
*   **Impact**: If a master key or authorized UUID is leaked or captured by a listener today, it becomes **completely useless tomorrow**. This prevents long-term replay attacks.

### 3. Global Sync (UTC Persistence)
*   **The Problem**: Standard local time varies by region, causing synchronization failures between a keychain and a target PC.
*   **The Fix**: Synchronized to **Coordinated Universal Time (UTC)** using timezone-aware objects.
*   **Impact**: Your keychain (phone/laptop) and your programs will always match perfectly, regardless of travel or geographical location.

### 4. Anti-Automation Delay
*   **The Logic**: Added an artificial 1.5-second `time.sleep()` during the verification process.
*   **Impact**: Limits the speed of manual or macro-based attempts. Combined with the 3-chance limit, automated "brute-force spam" is rendered ineffective.

### 5. Premium Visual Identity
*   **Upgrade**: Switched to high-fidelity "Sierra Curvy" ASCII art and implemented ANSI color-coding (Blue/Green/Red/Yellow).
*   **Impact**: Improved user experience and a professional, "elite" software feel.

---
*Developed for All P7MJ Projects 2026. Special thanks to SpyDrone for improving upon A-1.*