PrivateDO
Search or ask AI
Security
Curated in-app view
Raw file remains authoritative
Back to documents
Document route

Settlement Hardening V3

Proposal-scoped settlement policy snapshots, evidence aging, payout caps, and single-use settlement consumption.

Boundary

Curated surface only; confidential payout semantics still depend on the underlying docs and program path.

Audience: Security reviewers, operators, protocol readers

Open raw file

<!-- SPDX-License-Identifier: AGPL-3.0-or-later -->

Settlement Hardening V3

`Settlement Hardening V3` is an additive confidential-payout execution path. It does not remove or reinterpret legacy payout plans or `V2` settlement evidence.

What V3 Adds

  • DAO-level settlement policy companion account
  • Proposal-level settlement policy snapshot
  • minimum settlement evidence age before execution
  • maximum payout cap per governed payout
  • optional REFHE settlement requirement
  • optional MagicBlock settlement requirement for token payouts
  • `execute_confidential_payout_plan_v3`

Why It Exists

`V2` already added threshold-attested settlement evidence, freshness windows, and single-use consumption. V3 adds execution policy locking on top of that so a payout can be forced to respect the same economic and integration assumptions it was reviewed under.

V3 Security Goals

  • prevent executing immediately on newly recorded evidence when an operator wants a minimum evidence aging window
  • prevent executing payout amounts above a DAO-defined cap
  • force REFHE settlement when the DAO requires it
  • force MagicBlock settlement for token payouts when the DAO requires it
  • bind those requirements to a proposal-scoped snapshot so later DAO policy changes do not silently reinterpret an existing payout

Compatibility Boundary

  • legacy payout execution remains callable
  • `execute_confidential_payout_plan_v2` remains callable
  • V3 strictness applies only when the operator explicitly initializes the V3 policy, snapshots it for the proposal, and uses the V3 execute path

Current Verification Status

Implemented, locally verified, and backed by a dedicated Devnet proof packet:

  • Rust compile and unit test pass
  • TypeScript typecheck passes
  • live Devnet proof exists in [`docs/test-wallet-live-proof-v3.generated.md`](test-wallet-live-proof-v3.generated.md)

Operational note:

  • this is an additive hardening layer
  • `Settlement Hardening V3` now has a dedicated Devnet rehearsal artifact proving the V3 execute path with proposal-scoped settlement policy snapshots and verified settlement evidence
  • that artifact is still a test-wallet Devnet packet, not a production-custody or mainnet claim