Original text: Starknet Security Council's New Framework for Network Security
Translation and proofreading: Starknet Chinese Community
📑 Please indicate the source for reprinting🕹️
The Starknet Security Committee V1.0 has been established to ensure the security and integrity of the Starknet network.
The committee is composed of 12 members, focusing on geographic and organizational diversity and expertise. The committee's initial mission is to ensure the security of staking, and will gradually expand to the protection of Starknet's core infrastructure in the future. The committee will evaluate and approve proposed upgrades, manage emergency response and transparent reporting to carry out this mission.
Here is a brief overview of the Starknet Security Council’s new cybersecurity framework. For full details, visit the community forum post and its supporting SNIPs .
Core Responsibilities
The committee’s responsibilities are to balance security and operational transparency, including:
Security Risk Assessment — Evaluate proposed upgrades to Starknet and new contracts to identify potential vulnerabilities.
Emergency Response – In an emergency, expedited action may be taken with approval by a 75% majority vote of the committee.
Approval Process — Upgrades are authorized after a full security review and require approval by at least 50% of the committee members.
Transparency — Publish reports of approvals, vetoes, and emergency decisions to maintain the trust of the Starknet community.
The Security Committee's responsibilities are limited to ensuring network security and it cannot reject upgrade proposals for reasons other than security.
Operation process: Upgrade process
The Safety Committee follows two main escalation processes:
Reviewed Time Delay Process
For regular upgrades, proposals will go through a 7-day delay period after passing the security review. After more than 50% of the committee votes and the time delay has passed, the upgrade will proceed. If the review is not completed at the end of the delay period, the upgrade will be rejected. And publish a "Review Failure Report".
Unreviewed emergency procedures
In an emergency, the Commission can implement the upgrade immediately with more than 75% of votes cast. Once the upgrade is implemented, a report will be published explaining the emergency action.
Contract suspension and resumption
In the event of a serious security incident, the Commission may take one of two actions:
Pause — Temporarily stop the functionality of a contract to respond to an imminent security threat.
Restoration - After the committee confirms that the system is stable, more than 50% of the committee members will need to vote in favor to restore normal functions.
Safety issues and emergencies
The committee is tasked with evaluating potential safety issues, which may include the following:
Smart contract vulnerabilities — errors, bugs, or exploitable flaws that could lead to theft of funds, manipulation of the network, or other unintended consequences.
Malicious attacks — Sybil attacks, denial of service attacks (DoS), phishing attacks, social engineering attacks, double spend attack, etc.
Stability or liveness issues
Malicious Nodes
Oracle manipulation
While these examples are illustrative and not exhaustive, the committee’s role is to ensure the continued stability and integrity of the network.
When an actual or anticipated security threat (such as a vulnerability, defect, or stability issue) arises, the Starknet Security Committee has the authority to take preventive action without prior approval from the Governance Department. If such action is taken, the Committee will comply with Provide a comprehensive post-event report to the community in a timely manner, subject to confidentiality obligations.
Phased implementation
The Commission's oversight functions will be expanded in two phases:
Phase 1
The initial focus is on staking-related contracts on Starknet and Ethereum.
Phase II
Extends to oversight of all Starknet core infrastructure contracts.
A secure and responsible Starknet
With a new cybersecurity framework, the Starknet Security Council V1.0 will ensure that as the Starknet infrastructure and ecosystem continue to grow, the network remains secure and accountable to its community.
The committee's responsibilities are limited to security risk assessment, incident response, upgrade approval (after review and voting), and full transparency. The committee will not reject an upgrade for any reason other than cybersecurity.
To track the phased implementation of the Starknet Security Council and witness its transparent work in action, please follow the Starknet Community Forum .
For full details on the committee, check out the Community Forum post and the SNIPs it supports .
