{ "generated": "2026-04-19T08:15:29.856Z", "tag": "security", "slug": "security", "count": 10, "url": "https://brittleboye.github.io/awesome-lattice/tags/security/", "projects": [ { "name": "Convex: Network Security", "description": "Network security on Convex — robust, decentralised end-to-end defences for open economic systems.", "category": { "id": "videos", "title": "Videos & Talks" }, "slug": "convex-network-security", "url": "https://brittleboye.github.io/awesome-lattice/projects/videos/convex-network-security/", "json": "https://brittleboye.github.io/awesome-lattice/projects/videos/convex-network-security.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/videos/convex-network-security.md", "tags": [ "convex-live", "community-call", "security" ] }, { "name": "Trust Monitors: Flexible security for open economic systems", "description": "Trust Monitors — flexible, composable security primitives for governance and authorisation on Convex.", "category": { "id": "videos", "title": "Videos & Talks" }, "slug": "trust-monitors-flexible-security-for-open-economic-systems", "url": "https://brittleboye.github.io/awesome-lattice/projects/videos/trust-monitors-flexible-security-for-open-economic-systems/", "json": "https://brittleboye.github.io/awesome-lattice/projects/videos/trust-monitors-flexible-security-for-open-economic-systems.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/videos/trust-monitors-flexible-security-for-open-economic-systems.md", "tags": [ "convex-live", "community-call", "security", "trust-monitors", "governance" ] }, { "name": "CAD000: Design Principles", "description": "Codifies the non-negotiable axioms every other CAD inherits from — immutable values, bounded resources, CRDT-safe idempotence, security-first cryptography. This is the constitution: why Convex refuses the shortcuts (mutable state, unbounded ops, bespoke crypto) that trap other decentralised platforms.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad000-design-principles", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad000-design-principles/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad000-design-principles.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad000-design-principles.md", "tags": [ "spec", "principles", "crdt", "security", "governance" ] }, { "name": "CAD007: Juice Accounting", "description": "Meters CPU and bandwidth per CVM op with hard upper bounds so an O(n) attacker cannot force O(n^2) work — DoS protection baked into the execution semantics rather than retrofitted. It plays the role Ethereum gas plays but is priced on actual worst-case resource use, and is called juice deliberately because it is a Convex concept, not a blockchain one.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad007-juice-accounting", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad007-juice-accounting/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad007-juice-accounting.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad007-juice-accounting.md", "tags": [ "spec", "juice", "security", "cvm", "tokenomics" ] }, { "name": "CAD010: Transactions", "description": "Pins down the signed transaction envelope — Ed25519 signature, origin address, strict incrementing sequence number — so replay attacks are structurally impossible and every state change has a cryptographically attributable author. The narrow interface is what lets clients from any language submit work into consensus.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad010-transactions", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad010-transactions/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad010-transactions.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad010-transactions.md", "tags": [ "spec", "transactions", "signatures", "security", "cvm" ] }, { "name": "CAD016: Peer Staking", "description": "Separates operational peer stake (slashed if the hot key leaks) from delegated stake (slashed only if the controller account is compromised), so coin holders can back good operators without running infrastructure themselves. Cleaner fault model than Ethereum validator staking, where one key loss loses everything.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad016-peer-staking", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad016-peer-staking/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad016-peer-staking.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad016-peer-staking.md", "tags": [ "spec", "consensus", "staking", "security", "tokenomics" ] }, { "name": "CAD017: Peer Operations", "description": "Sets the concrete hardware, network, and key-management bar for running a peer — 1000 CVM minimum stake, offline controller keys, commodity 8-core box. Deliberately keeps peer operation achievable by individuals, not just data centres.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad017-peer-operations", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad017-peer-operations/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad017-peer-operations.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad017-peer-operations.md", "tags": [ "spec", "peer", "operations", "security", "governance" ] }, { "name": "CAD022: Trust Monitors", "description": "Composable on-chain subject-action-object authorisation modules based on the TCSEC B3 reference-monitor model — sandboxed, callable in query mode, reusable across contracts. Access control becomes a first-class shareable component instead of ad-hoc modifiers copied into every contract.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad022-trust-monitors", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad022-trust-monitors/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad022-trust-monitors.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad022-trust-monitors.md", "tags": [ "spec", "security", "smart-contracts", "governance", "trust" ] }, { "name": "CAD023: Keystore", "description": "Standardises how peers, CLIs and wallets store Ed25519 keys — encrypted at rest, password not cached, in-memory only when needed, reusing proven formats rather than reinventing. Prevents the class of keystore bugs that have drained other ecosystems.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad023-keystore", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad023-keystore/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad023-keystore.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad023-keystore.md", "tags": [ "spec", "keystore", "security", "wallet", "identity" ] }, { "name": "CAD038: Lattice Authentication", "description": "Makes the merge step itself the security boundary — every incoming signed value is verified against its owner key (public key, Convex address, or DID) at O(delta) cost. You cannot inject data into a namespace you don't own, no matter what transport delivered it.", "category": { "id": "cads", "title": "Convex Architecture Documents" }, "slug": "cad038-lattice-authentication", "url": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad038-lattice-authentication/", "json": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad038-lattice-authentication.json", "markdown": "https://brittleboye.github.io/awesome-lattice/projects/cads/cad038-lattice-authentication.md", "tags": [ "spec", "lattice-auth", "signatures", "security", "did", "identity" ] } ] }