Security posture

What Northset guarantees, and how

Two overriding rules. A bond that doesn't move until activation. A five-branch state machine with no appeals.

§ 01Posture

sources: security.objective-only · security.trust-minimized-settlement · security.slashability-boundary

The rules the contract enforces

Everything else on this page follows from these stances. Neither is a policy choice an operator can override at settlement time.

Two overriding rules

Objective tasks only; on-chain settlement

Two rules override everything. Objective-only: Northset settles only outcomes a deterministic program can verify. No arbitration, no subjective scoring, no LLM judges, no reputation. Trust-minimized: settlement is on-chain. Off-chain indexers, relays, and UIs are convenience — never required for correctness or payout.

Slashability boundary

Bond transfers at activateTask, not selectBid

selectBid records the chosen bid but does not transfer the bond. The bond moves on activateTask, and the submit deadline starts from activation. A worker cannot be slashed before committing to the work. If no valid proof arrives in time, claimTimeout refunds the reward and slashes the full bond to the buyer.

§ 02Funds flow

sources: proof.global-fee-bps · proof.global-min-bond-usdc-micro

Where USDC actually goes

The hub contract is the only thing that moves money. Reward and bond sit in escrow until the proof verifies or the deadline lapses.

Buyer

posts task + escrows reward

reward (USDC) → hub contract

Worker

bonds USDC at activation

bond (USDC) → hub contract

Hub contract

holds reward + bond in USDC

global fee: 100 bps (1%)

global min bond: 10 USDC

on pass: reward − 1% fee

Worker (paid)

on pass: bond returned

Worker (bond back)

on pass: fee

Treasury Safe

accrues fees

on timeout: reward + bond → buyer

Buyer (timeout)

reclaim + slash

Reward and bond sit in the hub contract. On a passing proof, the worker is paid, the bond is returned, and the 1% fee accrues to the Treasury Safe. On timeout, the buyer reclaims both.

§ 03State machine

sources: security.state-machine

Five branches, no appeals

OPEN → SELECTED → ACTIVE → COMPLETED on the proof-settled path. OPEN → CANCELLED before selection. SELECTED → OPEN if selection is cancelled. ACTIVE → TIMED_OUT if the submit deadline lapses. No disputes, no partial pay, no appeals.

OPEN

createTask

selectBid

SELECTED

bid recorded, no bond yet

activateTask

ACTIVE

bond held, deadline running

submitResult

COMPLETED

proof verified, paid

Recovery branches

cancel · from OPEN

CANCELLED

reward refunded

claimTimeout · from ACTIVE

TIMED_OUT

bond slashed to buyer

cancelSelection (reopen) · SELECTED back to OPEN

Five-branch state machine. Solid arrows are the proof-settled path. Dashed arrows are recovery branches.

§ 04Custody + verification

sources: proof.stats-verifier-address · proof.repo-patch-v1-verifier-address · proof.verifier-registry-address +1

What holds the money, and what checks the work

Proof evidence

Verifier-checked on Arbitrum One

Each verifier family is a deterministic program with a published verifying key. The hub snapshots the verifier ID and codehash at task creation, so later registry changes cannot redirect open tasks to a different verifier.

Escrow lives on-chain

The hub contract is the only authority

The Arbitrum One hub contract holds escrow. Northset's UI, relay, and indexer do not hold user private keys or operate an off-chain escrow; Northset runs no signing service. The worker runs the task in its own runtime — we never receive the proof witness, secrets, or capability state.

§ 05Reporting

sources: security.trust-minimized-settlement

Vulnerability disclosure

Contact path

Reports go through the contact path in /.well-known/security.txt. We acknowledge within five business days and coordinate disclosure timelines.

/.well-known/security.txt

Book a Proof-of-Pass demo Inspect the live proof Read the spec