Liquidium LogoLiquidium
TechnicalSecurity

Security

Protocol security guarantees - atomicity, authentication, and reliability

Security Principles

Liquidium implements multiple layers of security:

1. Cryptographic Security

  • Native-chain signature verification (BIP322 for Bitcoin, EIP-191 for Ethereum, Ed25519 for Solana)
  • Nonce-based replay protection
  • Threshold ECDSA for Bitcoin transactions, threshold ECDSA for Ethereum, threshold EdDSA for Solana

2. State Consistency

  • Two-phase execution model
  • Write-ahead logging for async operations
  • Idempotent handlers prevent double-execution

3. Economic Security

  • Overcollateralization requirements
  • Liquidation incentives maintain solvency
  • Supply/borrow caps limit exposure

4. Access Control

  • Caller validation for inter-canister calls
  • Admin-only configuration methods requiring authorized principals
  • Profile ownership verification

Trust Boundaries

Boundary Protections

BoundaryAttack VectorMitigation
User → LendingSignature forgeryNative-chain signature verification
User → LendingReplay attacksNonce-based protection
User → LendingUnauthorized accessProfile ownership validation
Lending → PoolUnauthorized withdrawalsCaller validation
Lending → PoolDouble executionWAL idempotency
Pool → ckMinterInvalid burn amountsPre-flight validation
Oracle → LendingPrice manipulationCaching, deviation alerts
Liquidator → LendingGriefing attacksClose factor limits

Key Security Properties

Atomicity

All critical state changes happen atomically in a single execution:

  • No partial state updates
  • Rollback on validation failure
  • State committed before async work

Durability

Pending operations survive canister upgrades:

  • Write-ahead log in stable storage
  • Automatic retry on failure
  • No data loss on crashes

Idempotency

Operations can be safely retried:

  • Unique operation IDs
  • Processed ID tracking
  • Ledger-level deduplication

Authorization

Every operation is properly authorized:

  • Signature verification for user requests
  • Caller validation for inter-canister calls
  • Admin checks for configuration changes