Skip to content

Centurion Protocol Handbook

Misconfiguration Risks

Initializing search

ctnstaker/centurion-protocol-handbook

Home
Getting Started
Architecture
Smart Contracts
Governance
Deposits
Vaults
Economics
Claims
Formal Verification
Testing
Security
Operations
Runbooks
State Machines
Glossary
Onboarding Paths
Appendices

Centurion Protocol Handbook

ctnstaker/centurion-protocol-handbook

Home
Getting Started
Getting Started
Architecture
Architecture
Smart Contracts
Smart Contracts
Governance
Governance
Deposits
Deposits
Vaults
Vaults
- Vault System Overview
- Vault Binding And Credentials
- Exit, Receipts, Claims
- Misconfiguration Risks Misconfiguration Risks
  Table of contents
Economics
Economics
Claims
Claims
Formal Verification
Formal Verification
Testing
Testing
Security
Security
Operations
Operations
Runbooks
Runbooks
State Machines
State Machines
Glossary
Glossary
Onboarding Paths
Onboarding Paths
Appendices
Appendices

Table of contents

Wrong Vault
Wrong Beacon
Wrong Controller
Wrong Gatekeeper
Wrong Exit Request Wiring
Validation Controls

Vault Misconfiguration Risks¶

Wrong Vault¶

If credentials point to non-factory vault, deposit should fail. If checks are bypassed by bad upgrade, funds can route outside approved custody path.

Wrong Beacon¶

Beacon mismatch can connect vault proxy to unauthorized implementation logic.

Wrong Controller¶

Controller mismatch can break claim, settlement, and readiness logic; this is a critical configuration fault.

Wrong Gatekeeper¶

Incorrect gatekeeper binding can alter claim-state derivation and cap enforcement.

Wrong Exit Request Wiring¶

Primary/fallback exit endpoints with wrong code or wrong semantics can prevent exits or create operational deadlocks.

Validation Controls¶

baseline metadata checks in deposit path
policy assertions against governor registry
readiness checks from controller
immutable config and derivation-version matching

May 20, 2026

Exit, Receipts, Claims

Economic Model Overview

Made with Material for MkDocs