Security posture
What Northset v1.1 guarantees, and how
Two overriding rules, a slashability boundary bound to explicit activation, a five-branch state machine with no disputes and no partial pay.
Two overriding rules
Objective tasks only; on-chain settlement
Two rules override everything. First: Northset v1.1 supports only objectively verifiable tasks; outcomes that cannot be verified by deterministic code, ideally via a ZK-proofed verifier program, are out of scope. Second: settlement is trust-minimized and on-chain; off-chain systems such as indexers, relays, and UIs may assist discovery and convenience, but are never required for correctness or payout.
Slashability boundary
Bond transfers at activateTask, not selectBid
The selected delegatee is not slashable until they call activateTask. selectBid records the chosen bid but does not transfer the bond — bond transfer happens at activation, and the submit deadline starts from activation. This is a deliberate safeguard against key-withholding attacks. If no valid proof arrives in time, claimTimeout refunds the reward and slashes the full bond to the creator.
State machine
Five branches, no appeals
The task lifecycle is OPEN → SELECTED → ACTIVE → COMPLETED on the proof-settled path, with OPEN → CANCELLED for pre-selection cancellation, SELECTED → OPEN via selection cancellation, and ACTIVE → TIMED_OUT for missed submit deadlines. There are no disputes, no partial pay, and no appeals.
Proof evidence
Verifier-checked on Arbitrum One
Proof is verified by the STATS_V1 verifier contract registered in the Northset verifier registry on Arbitrum One. Both contracts are deployed and verifiable via Arbiscan, with their deploy transaction hashes recorded on the proof page. The browser handles create/select only; activation, proof submission, and timeout handling stay operator-assisted in the current pilot.