Severity: High · Target window: v0.9.x
Finding: The WayforthRank conversion signal keys self-deal detection on user_id only; N sock-puppet accounts each doing search→paid-execute on a target slug inflate its conversion rate (35% weight) + volume (15%). Pre-existing accepted risk (FINDING-105).
Mitigant today: each fake conversion costs a real (small) paid call — economic friction.
Planned controls: distinct-buyer floor per service, per-user signal-weight cap in the recalc aggregation, IP/ASN/device clustering on search_analytics. RANK-2 (bind the conversion signal to the search's actual results) is a cheaper partial mitigation handled in the Medium tier.
Source: ~/wayforth-security/SECURITY_AUDIT_2026-06.md §3.5 RANK-1.
Severity: High · Target window: v0.9.x
Finding: The WayforthRank conversion signal keys self-deal detection on
user_idonly; N sock-puppet accounts each doing search→paid-execute on a target slug inflate its conversion rate (35% weight) + volume (15%). Pre-existing accepted risk (FINDING-105).Mitigant today: each fake conversion costs a real (small) paid call — economic friction.
Planned controls: distinct-buyer floor per service, per-user signal-weight cap in the recalc aggregation, IP/ASN/device clustering on search_analytics. RANK-2 (bind the conversion signal to the search's actual results) is a cheaper partial mitigation handled in the Medium tier.
Source: ~/wayforth-security/SECURITY_AUDIT_2026-06.md §3.5 RANK-1.