Canton DeFi

Appearance

4.1 Threat Model Definition

The hybrid architecture introduces unique security boundaries that must be managed, particularly at the Relayer/Custody interfaces. The primary threat vectors are rooted in external manipulation and key management failures.

Security Threat Analysis

Threat VectorDescriptionPrimary Mitigation LayerImplementation Details
Relayer CompromiseMalicious broadcast of forged or unauthorized intentsPublic Vault Layer (Verification)Mandatory Canton signature verification (P1 or P2). On-chain rate limits and circuit breakers in the Vault.
Replay AttacksRe-submitting a legitimate, historical, signed ExecutionIntentVault Contract (Nonce/Deadline)Strict enforcement of nonce > stored nonce and transaction expiration deadline.
Strategy LeakageExposure of proprietary allocation algorithms or risk scoresCanton Domain (Privacy Model)Data minimization via the minimal ExecutionIntent payload; policy and risk data confined to Daml stakeholder views.
Key Compromise (MPC/Canton)Loss of control over vault assets or policy issuance keyCustody Layer (HSM/KMS)Integration with Hardware Security Modules (HSM) or Key Management Services (KMS) for private key storage and signing.

Attack Surface Analysis

1. Canton Domain

Assets at Risk:

  • Policy Issuer private key
  • Sensitive strategy algorithms
  • Oracle feed data
  • Approval workflows

Attack Vectors:

  • Insider threats
  • Node compromise
  • Key exfiltration

Mitigations:

  • HSM/KMS for key storage
  • Strict role-based access control
  • Audit logging of all actions
  • Multi-party authorization requirements

2. Relayer Layer

Assets at Risk:

  • Canton API credentials
  • Transaction submission authority
  • Execution ordering

Attack Vectors:

  • Relayer impersonation
  • Message replay
  • Equivocation (sending different intents to different chains)
  • Denial of service

Mitigations:

  • Cryptographic verification of all intents
  • Strict nonce ordering
  • Rate limiting
  • High-availability cluster with leader election
  • Comprehensive monitoring and alerting

3. Public Vault Contracts

Assets at Risk:

  • Vault funds
  • Protocol adapter integrations

Attack Vectors:

  • Signature forgery
  • Replay attacks
  • Reentrancy
  • Flash loan attacks
  • Adapter exploits

Mitigations:

  • Rigorous signature verification
  • Nonce and deadline enforcement
  • OpenZeppelin security contracts (ReentrancyGuard, Pausable)
  • Modular adapter design limits blast radius
  • Emergency pause functionality
  • Formal verification (recommended)

4. Custody Layer (MPC)

Assets at Risk:

  • Private keys controlling vault funds

Attack Vectors:

  • Key share compromise
  • Threshold bypass
  • Malicious signing
  • Side-channel attacks

Mitigations:

  • Industry-standard MPC protocols (MPC-CMP)
  • Hardware security for key shares
  • Policy enforcement before signing
  • Multi-factor authentication
  • Regular security audits

Defense in Depth 

┌─────────────────────────────────────────┐
│  Layer 1: Canton Access Control         │
│  • Party authorization                  │
│  • Role-based permissions               │
└──────────────┬──────────────────────────┘

┌──────────────▼──────────────────────────┐
│  Layer 2: Cryptographic Verification    │
│  • Intent signatures                    │
│  • Proof validation                     │
└──────────────┬──────────────────────────┘

┌──────────────▼──────────────────────────┐
│  Layer 3: Smart Contract Validation     │
│  • Nonce enforcement                    │
│  • Deadline checking                    │
│  • Circuit breakers                     │
└──────────────┬──────────────────────────┘

┌──────────────▼──────────────────────────┐
│  Layer 4: Operational Monitoring        │
│  • Real-time alerts                     │
│  • Anomaly detection                    │
│  • Incident response                    │
└─────────────────────────────────────────┘

Incident Response Plan

Detection

  • Real-time monitoring of all layers
  • Automated anomaly detection
  • Security event correlation
  • User/operator reports

Response

  1. Immediate: Trigger emergency pause on affected vaults
  2. Containment: Isolate compromised components
  3. Investigation: Analyze logs and transaction history
  4. Recovery: Execute recovery procedures (compensation, key rotation)
  5. Post-Mortem: Document incident and improve defenses

Recovery Procedures

Scenario: Relayer Compromise

1. Pause all vault contracts
2. Rotate Relayer credentials
3. Audit all recent transactions
4. Re-verify Canton intent signatures
5. Resume operations with new Relayer instance

Scenario: Canton Key Compromise

1. Emergency pause all vaults
2. Revoke compromised key via Canton topology
3. Generate new Policy Issuer key (HSM)
4. Update on-chain key registry
5. Resume with new authorization

Canton DeFi - Multichain DeFi Technical Reference

Copyright © 2024