Ctrlk

Slashing

Overview

The slashing mechanism penalizes Maintainers who fail to fulfill their duties or act maliciously, ensuring the security and reliability of the cross-chain system. This document covers penalty scenarios, Slash Points, and Jail Epoch mechanisms.

Penalty Types

Type
Description

Slash Point

Accumulated penalty points affecting rewards and election priority

Jail Epoch

Imprisonment period during which nodes cannot participate in elections

Stake Slash

Direct deduction from staked MAPO

Penalty Scenarios

Arbitrary Voting

When Maintainers vote on observations (TxIn, TxOut, KeyGen failures, etc.), they receive Slash Points to discourage arbitrary voting. Points are recovered when the vote reaches 2/3+ consensus.

Vote Absence or Delay

When voting reaches 2/3+ consensus, Maintainers who haven't voted are penalized. Points can be recovered if the vote is submitted within the delay tolerance period after consensus.

TSS KeyGen Failure

When the KeyGen process fails, nodes are penalized based on blame information:

  • Current Maintainer members receive Slash Points

  • Non-current Maintainers receive Jail Epochs

This penalty is not recoverable.

TSS KeySign Failure

When KeySign fails, blamed nodes receive both Slash Points and Jail Epochs. This penalty is not recoverable.

TSS Switching Timeout

When KeyGen success vote reaches consensus, Maintainers who haven't voted are penalized. Points can be recovered within the delay tolerance period.

Migration Timeout

During asset migration, vote delays result in both Slash Points and Jail Epochs. Partial recovery is possible within the delay tolerance period.

Asset Theft

If a transaction on the target chain doesn't match the initiated TxOutItem (wrong memo, mismatched data, or excessive gas), the system calculates the stolen value, converts it to MAPO, and applies a penalty multiplier.

If the slash amount exceeds the pause threshold, the affected chain is paused. Each Maintainer in the Vault is slashed proportionally based on their stake relative to total Vault stake.

Slash Point Mechanism

Effects on Rewards

Maintainer rewards are reduced based on accumulated Slash Points:

When Slash Points exceed or equal EpochBlocks, the reward becomes zero.

Effects on Election

During election, the system:

  1. Filters out jailed nodes

  2. Prioritizes removal of nodes with Slash Points exceeding the bad maintainer threshold

  3. Sorts remaining candidates by stake amount

Jail Epoch Mechanism

Jail Effect

Jailed nodes cannot participate in elections until their Jail Epoch count reaches zero.

Jail Release

On each TSS switching completion:

  • All nodes' Jail Epoch is decremented by 1

  • Nodes reaching zero can rejoin elections

Unstaking While Jailed

When a Validator unstakes, MAPO is deducted for remaining Jail Epochs. The jail record is retained even after unstaking.

Penalty Handling During TSS Switching

On Churn Start

  • Nodes with Jail Epoch > 0 are excluded from election

  • Nodes exceeding the Slash Point threshold are prioritized for removal

On Churn Complete

  1. Jail Epoch decremented by 1 for all nodes

  2. MAPO deducted based on Slash Points and consumed Jail Epochs

  3. Slash Points cleared

Parameter Configuration

Slash Point Parameters

Parameter
Description
Recommended

ObserveSlashPoint

Points on voting

1

LackOfObservationSlashPoint

Vote absence penalty

2

KeyGenFailSlashPoint

KeyGen failure penalty

500

KeySignFailSlashPoint

KeySign failure penalty

10

KeyGenDelaySlashPoint

KeyGen vote delay

500

MigrationDelaySlashPoint

Migration delay

360

Jail Epoch Parameters

Parameter
Description
Recommended

KeyGenFailJailEpoch

KeyGen failure jail

4

KeySignFailJailEpoch

KeySign failure jail

1

MigrationDelayJailEpoch

Migration delay jail

2

Other Parameters

Parameter
Description

ObserveDelayTolerance

Vote delay tolerance in blocks

BadMaintainerSlashPointThreshold

Threshold for bad node classification

MAPOPerSlashPoint

MAPO deducted per Slash Point

MAPOPerJailEpoch

MAPO deducted per Jail Epoch

PauseOnSlashThreshold

Threshold triggering chain pause

Penalty Summary

Scenario
Slash Point
Jail Epoch
Recoverable

Arbitrary voting

+1

-

Yes

Vote absence

+2

-

Yes

KeyGen failure (member)

+500

-

No

KeyGen failure (non-member)

-

+4

No

KeySign failure

+10

+1

No

KeyGen vote delay

+500

-

Yes

Migration delay

+360

+2

Yes

Asset theft

-

-

No (direct slash)

PreviousSecurityNextOverview

Last updated