This manifesto outlines the values and principles driving the development of security solutions at IPSProtocol.
Our work is rooted in rethinking industry assumptions, approaches, and vision — designing systems that are redundant and resilient by default, built for adversarial conditions, and aligned with the unique aspects of decentralized environments.
Assume failure or malicious behavior at every level of the stack attempting to undermine the system. Protection must hold even when all the components are compromised.
As foundational technologies and smart contract use cases evolve, new and unpredictable attack vectors will emerge. Systems that rely on known-pattern detection cannot scale and will always fail to protect the system.
The decentralized, permissionless nature of public blockchains introduces unique threat models and trust assumptions that cannot be solved by existing solutions.
Design with the fewest possible assumptions. Where trust is required, enforce authenticity, integrity, and confidentiality through cryptographic guarantees.
Improving interface clarity and reducing complexity lowers the risk of unintended or unsafe actions.
Do not assume users will act correctly. Build redundant mechanisms that detect, block, or recover from user mistakes.
Users should not need protocol expertise to stay safe. Protection must be by design, passive as much as possible, and embedded. - Do not claim that users need a dedicated computer running a short-term memory OS just to sign transactions safely.
Security boundaries must hold across time and evolving system state, accounting for the asynchronous and decentralized nature of the environment.
Security layers must include internal fallback mechanisms or be independently verifiable through external systems.