Security Specification: GridGuard

1. Data Invariants

A Transformer must have a unique serialNumber.
A Transformer cannot be registered without valid Nokia SIM location metadata.
Status transitions are restricted based on location breach calculations and AI risk rating.
Alert documents are system-generated and immutable for users.
Only authenticated users can read transformer data.
Only authorized users (e.g., matching the owner email if implemented, or general authenticated for this MVP) can write.

Identity Spoofing: Attempt to create a transformer with a different user's ID as owner.
Shadow Field Injection: Attempt to set isVerified: true manually.
Ghost Update: Attempt to update registrationLocation after initial setup.
ID Poisoning: Use a 2KB string as a transformer ID.
State Shortcut: Move from GREEN to RED without distance verification data.
SMS Trigger Injection: Attempt to write a malicious message into a system alert.
PII Leak: Read phoneNumber of a transformer you don't manage.
Denial of Wallet: Flood with 1MB strings in the riskAnalysis field.
Orphaned Writes: Create an alert for a non-existent transformer.
Admin Escalation: Attempt to set isAdmin: true on user profile.
Client Timestamp Spoofing: Provide a future date for lastUpdated.
Blanket Query Scraping: Attempt to list all transformers without any filters.

(Tests will be implemented in firestore.rules.test.ts)