Detection & Slashing
How malicious resources are flagged, reviewed, and how slashing works.
Flagging a Resource
Anyone can flag a resource they believe is malicious by depositing 100 $ISNAD:
- Deposit prevents spam flags
- If guilty: deposit returned + reward from slashed stakes
- If innocent: deposit partially returned (90%)
- If no supermajority: deposit 50% returned
Jury System
When a resource is flagged, a jury of 5 auditors is randomly selected:
- Jurors cannot have stake in the flagged resource (conflict of interest)
- Selection uses on-chain randomness (VRF in production)
- Jurors have 7 days to review evidence and vote
- Supermajority (≥67%) required for verdict
Verdict Outcomes
GUILTY
Resource is malicious. All stakes are burned. Flagger gets deposit back.
INNOCENT
Resource is safe. Stakes remain. Flagger gets 90% of deposit back.
DISMISSED
No supermajority reached. Stakes remain. Flagger gets 50% back.
Appeals
Verdicts can be appealed within 3 days:
- Requires 2x the original flag deposit
- New jury selected for re-trial
- Appeal verdict is final
What Gets You Slashed
Resources that may result in slashing:
- Data exfiltration: Sending credentials, PII, or sensitive data externally
- Unauthorized execution: Running commands outside declared scope
- Behavior manipulation: Altering agent behavior maliciously
- Supply chain attacks: Compromised dependencies
- Misrepresentation: Metadata claiming safe behavior that differs from code
Avoid Getting Slashed
Only stake on resources you've thoroughly reviewed. When in doubt, don't stake. Your reputation and tokens depend on accurate attestations.