docs: proof-gated in-transit accounting token (ADR 0002)#28
Draft
0xgleb wants to merge 1 commit into
Draft
Conversation
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
0xgleb
force-pushed
the
docs/security-design
branch
from
a7a5f18 to
67747b9
Compare
0xgleb
force-pushed
the
docs/in-transit-accounting-token
branch
from
2bd571a to
e6a7ca2
Compare
The LayerZero x Centrifuge "Unlocking Tokenized Fund Composability" report proposes "accounting tokens" to keep capital mid-transfer from disappearing from NAV. Adopt that pattern only in a proof-gated form: in-transit principal contributes to NAV solely against rail 6's consume-once repatriation proof tuple, fails safe to the security-design Section 8 exclusion, prices adverse-to-actor, and nets to zero against the cumulative-outflow latch -- so it smooths the repatriation NAV dip without reintroducing the bridge/manager trust Section 8 refuses. Candidate refinement, not ratified; ships failing-tests-first if adopted.
0xgleb
force-pushed
the
docs/in-transit-accounting-token
branch
from
e6a7ca2 to
9c7764d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
The LayerZero x Centrifuge "Unlocking Tokenized Fund Composability" report
proposes "accounting tokens" so capital mid-transfer between chains does not
disappear from NAV. Our security-design Section 8 deliberately does the
opposite — bridged principal is excluded from
verifiable_navuntil itprovably lands — which is the safe direction but leaves a real cost: NAV dips
while principal is mid-bridge and jumps when it arrives, a temporary mispricing
window across exactly the repatriation that rail 6 already touches.
Solution
Add an In-transit accounting token refinement to ADR 0002 that adopts the
report's pattern only in a proof-gated form:
repatriation proof tuple — never manager-assertable; a forged, replayed, or
double-counted proof contributes
0(rail 6's existing failing-test vectorextends to it).
nets to zero against the cumulative-outflow latch, and counts against the
destination venue's total-loss-tolerable cap.
Candidate refinement, not ratified — strictly optional on top of the Section 8
exclusion, ships failing-tests-first if adopted. Its architectural context is
ADR 0004 (stacked above). Stacked on #11, which introduces ADR 0002.
This is part 1 of 2 in a stack made with GitButler: