cacti icon indicating copy to clipboard operation
cacti copied to clipboard
verified publisher icon hyperledger

Define and implement incident response mechanism

Open RafaelAPB opened this issue 1 year ago • 1 comments

It is still not clear what a good incident response framework and interfaces should be for cross-chain applications. [Some info in our recent paper ](https://www.techrxiv.org/users/687326/articles/691934-sok-security-and-privacy-of-blockchain-interoperability(more). We expect the requirements of this issue to be clearer in the next months.

Requirements:

  1. Define processes that deal with a violation for the cross-chain model (and their different scenarios). Processes should include defense mechanisms (such as implementing circuit breakers in the smart contracts)
  2. Implement defense mechanisms in the smart contract
  3. Implement defense mechanisms in SATP core, namely the ability to send transactions to the bridge that trigger such behaviour.
  4. Expose endpoint in SATP that administers the defense mechanisms (for example, manually enable and disable bridge pausing)
  5. Update Prometheus metrics for incidents (number of incidents, average time to resolve incident, etc)

RafaelAPB avatar Mar 15 '24 15:03 RafaelAPB

I will do this task.

brunoffmateus avatar Mar 16 '24 14:03 brunoffmateus