Security Compute Layer

Overview

The Security Compute Layer of GoPlus Network aims to build a global, decentralized security computing network, providing a robust infrastructure for user security services in the Web3 environment. We have adopted the AVS (Actively Validated Services) architecture to build our decentralized security computing network. This allows anyone to join the network as an operator node without permission, executing security computation tasks and earning token incentives for helping users protect their transactions. Additionally, ordinary users can delegate tokens to operators, enhancing the network's overall security while earning returns.

Architecture

The Compute Layer architecture consists of three main components:

  • USM

  • SecWare AVS

  • AVS Manager

User Security Module (USM)

  • Function: The USM can be seamlessly integrated into chains, sequencers, RPCs, and wallets. It is designed to receive security requests, dispatch these requests to the compute network for execution and intercept the transaction when it is risky acting as the on-chain firewall.

  • Integration Points:

    • Sequencers: Intercept and evaluate transactions at the sequencer level.

    • RPC Services: Intercept and evaluate transactions at the RPC level.

    • Wallets: Intercept and evaluate transactions before the transaction sent to RPC.

  • Process:

    1. Receives security requests from integrated systems.

    2. Dispatches these requests to the appropriate operators in the compute network for processing.

    3. Receive the transaction security analysis results and decide whether to send the transaction.

  • Fanout Service: The USM has a fanout service to distribute tasks to different operators, ensuring optimal scheduling and routing. This service dispatches tasks based on SecWare type, geographical information, and the reputation data of operators, maximizing user experience and the efficiency of security services.

SecWare AVS

  • Function: This part consists of operator nodes that execute security tasks based on parameters received from the USM fanout services. Each security task is run by deploying various SecWare services in Docker containers on different operator nodes.

  • Operators:

    • Execute SecWare such as transaction simulation, wallet drainer detection, malicious address detection, malicious signature, and authorization detection risky token detection, etc.

    • Any operators need to register by the AVS service manager and follow the register rule (TBD).

  • SecWare AVS: Each type of security service is provided as a different Docker image, allowing for flexible and scalable deployment across the operator nodes. These Docker images must comply with the standards and specifications set forth by GoPlus for SecWare. Through the SecWare protocol, developers can upload and register these images, ensuring compliance and interoperability of all security services.

  • Process:

    • Operators receive computation task and corresponding parameters from the USM fanout service.

    • Call the interface service of the corresponding SecWare Docker image.

    • Return the transaction security analysis results to the USM.

AVS Manager

The AVS Manager is responsible for operators registration, compute tasks results validating and rewards distributing or operators slashing.

Core Component:

  • AVS Service Manager Contract: Handles operator registration, result validation, incentive distribution and slash operation.

  • Bookkeeper: A queue that collects and processes the execution results and work records submitted by operators from decentralized storage.

Process:

  • Bookkeeper aggregates results from decentralized storage over the defined period.

  • AVS Service Manager Contract validates the aggregated results to ensure accuracy and compliance with standards.

  • Bookkeeper receives the results and calculates the final incentives or slashing operations.

  • AVS Service Manager Contract distributes token incentives to operators who meet the performance criteria.

  • AVS Service Manager Contract applies slashes to operators who fail to meet the required standards.

This ensures only reliable and high-quality operators remain in the network, maintaining its overall security and efficiency.

Decentralized and Verifiable Security

By adopting this decentralized architecture, GoPlus Network has achieved truly decentralized and verifiable security services. This ensures that the security services themselves are secure and transparent. The decentralized nature eliminates single points of failure, and the verifiable processes guarantee that all security computations and their results can be independently validated. This enhances trust in the system and ensures that users can rely on the security measures provided.

Conclusion

The Compute Layer of the GoPlus Network represents an innovative and decentralized approach to enhancing user security in the Web3 environment. By leveraging the AVS (Actively Validated Services) architecture, it provides a flexible and scalable infrastructure for executing a wide range of security tasks. This architecture allows anyone to join as an operator, perform security computations, and earn rewards, while also enabling ordinary users to delegate tokens and contribute to the network's security.

PreviousToken Risk ClassificationNextSecWare Protocol

Last updated