SecureIoT-Protocol implements well-specified, standardized cryptographic primitives (SHA-256, HMAC, HKDF, ChaCha20-Poly1305, X25519) from scratch and validates each one against the official test vectors from its RFC/FIPS specification. The protocol design follows established patterns (an AEAD record layer, an HKDF key schedule, ephemeral-DH forward secrecy, and IPsec-style anti-replay).

That said, this is an independent, not formally audited implementation built for learning and demonstration. For production systems, prefer a vetted library such as libsodium or your platform's TLS stack. Known caveats:

• The code has not undergone third-party cryptographic review.
• Constant-time behaviour is implemented for tag/Finished comparisons, the X25519 ladder, and secret wiping, but has not been verified against every compiler/architecture's optimizer or microarchitectural side channels.
• The PSK provisioning and rotation lifecycle is out of scope (see the threat model).

If you find a security issue, please open a GitHub issue describing the problem and how to reproduce it, or contact the maintainer privately. Please do not include working exploits against third-party systems.

In scope: cryptographic correctness, protocol logic, memory safety of the parsers, and the security properties claimed in the threat model.

Out of scope: the security of the example transport/tooling beyond what the protocol itself guarantees, and any deployment-specific key management.