Security Threat Model
Attack Surface
1. Network Layer
| Threat | Mitigation |
|---|
| Intent spam / DoS | Per-account and per-IP rate limiting; admission pool backpressure (429 response when queues full) |
| Replay attacks | Per-account monotonic nonce; duplicate envelope ID rejection |
| Eclipse attacks | Peer diversity requirements; authenticated peer connections |
| Bandwidth exhaustion | Maximum body sizes (1 MB per envelope); batch size limits |
2. Consensus Layer
| Threat | Mitigation |
|---|
| Byzantine leader | View change protocol triggers on timeout; new leader elected from highest QC |
| Equivocation | Aurora BFT safety rules prevent voting for conflicting proposals |
| Long-range attacks | Finality is immediate (no reorgs); no fork choice needed |
| Validator collusion | BFT tolerates <1/3 Byzantine per committee; committee isolation limits blast radius |
3. Execution Layer
| Threat | Mitigation |
|---|
| MEV / front-running | Encrypted batch ingress — payloads encrypted until committee decrypts for execution |
| Reentrancy | Move VM type system prevents reentrancy by design |
| Gas exhaustion | Per-intent gas limit; gas metering in Move VM |
| State bloat | Fee-based storage pricing; pruning capabilities |
4. Cross-Lane (CPC)
| Threat | Mitigation |
|---|
| Double-credit | Nullifier check — each CreditReceipt can only be applied once |
| Orphaned debits | Timeout and reclaim mechanism |
| Cross-epoch replay | Epoch binding in CommitCert prevents receipt reuse across epochs |
| Forged CommitCert | Requires >2/3 quorum signatures; committee verification |
5. Cryptographic
| Threat | Mitigation |
|---|
| Quantum attacks | CRYSTALS-Dilithium3 (NIST Level 3) for all signatures; ML-KEM-768 for encryption |
| Key compromise | Session key policies limit blast radius (contract allowlists, gas caps, expiration) |
| Hash collisions | BLAKE3 (256-bit, collision-resistant); Poseidon for ZK circuits |
Rate Limits
The admission pool enforces configurable rate limits:
- Per-account: Maximum intents per time window
- Per-IP: Maximum connections and submissions per IP
- Global: Maximum admission pool depth; backpressure (HTTP 429) when exceeded
- Body size: 1 MB maximum per envelope submission
Vulnerability Reporting
Security vulnerabilities should be reported through responsible disclosure. Do not open public issues for security bugs.
Asset Constraints
The constraint engine supports:
| Feature | Description |
|---|
| Asset freeze | Guardian can freeze a specific asset via EmergencyFreeze governance action |
| Contract pause | Halt execution of a specific contract |
| Preflight check | POST /v1/constraints/preflight validates an intent against active constraints before submission |
Constraint API
| Endpoint | Description |
|---|
GET /v1/constraints/query | Query active constraints |
GET /v1/constraints/status/:asset_id | Check if an asset is frozen |
POST /v1/constraints/preflight | Validate intent against constraints |
GET /v1/constraints/policy/:policy_id | Get constraint policy details |
Compliance
| Endpoint | Description |
|---|
POST /v1/compliance/audit_log | Query compliance audit log |
POST /v1/compliance/export | Export compliance data |
POST /v1/compliance/enterprise_report | Generate enterprise compliance report |
For the ZK privacy layer, see ZK Pipeline.
