Security

Program Overview

Raiku’s security program spans threat modeling, transaction vetting, infrastructure hardening, and ongoing monitoring. The goal is to make deterministic blockspace safe enough for mission-critical transactions.

Domains

Infrastructure

Hardens RPC endpoints, WebSocket gateways, and validator sidecars. Includes TLS mutual auth, replay protection, and continuous drift detection.

User Safety

Transaction preview, risk scoring, wallet consent flows, and audit logs ensure humans always know what they are signing.

Controls Checklist

  • Threat models for auctions, reservations, slot drift, and wallet UI.
  • Security store tracking MEV status, RPC integrity, and signing state.
  • Structured logging (auditLogger, performanceLogger) for every critical action.
  • Monitoring dashboards with alerting hooks for PagerDuty/Slack.