Security

This section is dedicated to discussing common attack vectors and strategies to mitigate them.

Liquid Staking

  • Slashing: Validators act maliciously or unreliably. Users risk having their funds slashed.

    • Delegate staked assets to reputable and high-performance validators.

    • Distribute staked assets across multiple validators to minimize the impact of any single validator's slashing.

    • Set up insurance to compensate users.

  • Smart Contract Vulnerabilities: Malicious actors exploit vulnerabilities in the liquid staking protocol, leading to potential loss of funds.

    • Ensure that the smart contract is thoroughly audited by multiple trustworthy security firms.

Re-Staking

  • Incentives Farming: Creators register random or low-quality IPs to farm the incentives pool.

    • Adjust incentives using a scoring system based on the quality or utility of an IP Asset.

    • Start with lower rewards for new IPAs and gradually increase them as an IPA proves its value and stability over time.

  • Yield Farming: Users move their liquid staking tokens between different IPAs repeatedly to earn rewards. This behavior renders the staking pool invalid as a measure for an IPA's compliance and thus destabilizes the protocol.

    • Require users to lock their staked tokens for a certain period or charge a fee for early withdrawal.

    • Monitor users behavior. Reward long-term stakers and penalize short-term excessive farmers.

Dispute

  • Self-Dispute: An attacker creates an honest IPA and a fake IPA that violates the honest one. Subsequently, they raise a dispute against the fake IPA and walk away with the slashed portion of users' staked assets (i.e. rug pulls).

    • Encourage IPVSs and users to perform a thorough analysis on an IPA before staking.

    • Identify whether the creator itself has provided stake on the IP Asset, since creator's stake will be slashed first in our slashing mechanism when a dispute is successful.

  • Spam Disputes: Malicious disputers spam dispute requests and overload honest IP Assets.

    • Require disputers to deposit funds for their disputes.

    • Adjust the dispute bond price dynamically based on the IP Asset.

PreviousSlashing

Last updated