- State Root Uniqueness: Same input → same state root
- Transaction Ordering: Canonical block ordering
- Arithmetic Safety: No overflow/underflow
- Storage Isolation: Contract storage separated
- All nodes must produce identical state roots
- Determinism tested via test vectors
- Fuzzing for edge cases
- Follow protocol correctly
- Produce valid state transitions
- Attempt double-spending
- Submit invalid state roots
- Try to break consensus
| Threat | Defense |
|---|---|
| Double spend | BFT finality (2/3+1) |
| Invalid state | Signature verification |
| Replay | Nonce + chain_id |
| Reentrancy | Checks-effects-interactions |
- Safety: No conflicting blocks finalized
- Liveness: System makes progress
- Finality: 2/3 validator agreement
- Stake locked as collateral
- Slashing for malicious behavior
- Jailing for downtime
Σ balances = TOTAL_SUPPLY - burned
No unauthorized minting.
- Gas metering prevents infinite loops
- Storage deposits prevent state bloat
- Nonce prevents replay attacks
- Slashing for insufficient capacity
- Slashing for downtime
- Governance override for extreme cases
- No direct system access
- Isolated storage
- Limited call depth
- Check-inputs-early
- Effects-interactions pattern
- Use safe math
- Emit events
- Pausable functions
- Cannot modify past blocks
- Cannot confiscate without rule
- Bounded emergency powers
- Constitutional limits
- Snapshot prevents flash loans
- Timelock allows exit
- Quorum prevents capture
- Double voting
- Equivocation
- Invalid block proposals
- Failed availability proof
- Incorrect shard submission
- Repeated service failure
- Detection: Anomaly detection
- Containment: Pause affected modules
- Recovery: Revert state if possible
- Analysis: Post-mortem
- Improvement: Protocol update
Required audit areas:
- Consensus implementation
- VM security
- Cryptographic primitives
- Economic model
- Governance logic