> ## Documentation Index
> Fetch the complete documentation index at: https://docs.phylax.systems/llms.txt
> Use this file to discover all available pages before exploring further.

# High-Level Overview

> High-level overview of the Credible Layer system that explains how exploit prevention works, without requiring deep technical knowledge.

This explanation describes how the Credible Layer prevents invalid transactions before execution and why that model matters for protocol teams and networks.

## Introduction

Phylax's real-time security system detects and pre-emptively removes exploits before losses can be realized.

<img src="https://mintcdn.com/phylaxsystems/2ycHLT5VUDlI5cTV/images/overview-step-0.png?fit=max&auto=format&n=2ycHLT5VUDlI5cTV&q=85&s=1018186be0b8ead3cba3768fc128590c" alt="System Overview" width="2057" height="1202" data-path="images/overview-step-0.png" />

<Info>
  **The Credible Layer** is a network extension that lets protocols define security rules and enforces them at the network level. Transactions that would violate these rules are dropped *before* they can execute, preventing exploits rather than detecting them after the damage is done.
</Info>

At a glance:

* **Security rules** are defined by the protocol team as [assertions](/credible/glossary#assertion), with assertion IDs registered on-chain and bytecode served through [Assertion DA](/credible/assertion-da)
* **The network** validates every transaction against relevant assertions before adding them to blocks
* **Invalid transactions** are [dropped](/credible/glossary#drop). If an assertion fails, the transaction never executes

<Check>
  **Easy to adopt**

  * Written in Solidity with familiar Forge patterns
  * No contract modifications or downtime required
  * Works with immutable contracts
  * All rules are publicly verifiable on the [transparency dashboard](/credible/glossary#transparency-dashboard)
  * [Implementation effort](/credible/development-effort) is comparable to writing Forge invariant tests
</Check>

## Use Cases

Assertions enable a wide range of security and compliance use cases:

<CardGroup cols={2}>
  <Card title="Parameter Protection" icon="shield-halved">
    Prevent unauthorized changes to critical protocol parameters such as owner and implementation addresses
  </Card>

  <Card title="Market Integrity" icon="chart-line">
    Ensure market prices don't move beyond specified thresholds inside of a single transaction
  </Card>

  <Card title="Lending Protocol Safety" icon="building-columns">
    Guarantee lending positions maintain the required collateralization ratios
  </Card>

  <Card title="Oracle Monitoring" icon="satellite-dish">
    Verify oracle prices stay within specified ranges to detect price manipulation
  </Card>

  <Card title="Balance Invariants" icon="scale-balanced">
    Ensure that the sum of all positions match the total balance of a protocol
  </Card>

  <Card title="Compliance Rules" icon="clipboard-check">
    Enforce KYC/AML requirements by validating that transaction participants meet regulatory criteria
  </Card>
</CardGroup>

For concrete examples and implementations, explore the [Assertions Book](/assertions-book/assertions-book-intro).

## Who It's For

<CardGroup cols={2}>
  <Card title="Protocol Teams" icon="code" href="/credible/dapp-integration">
    Deploy and manage assertions to protect your contracts
  </Card>

  <Card title="Networks & Sequencers" icon="sitemap" href="/credible/network-integration">
    Integrate enforcement into block building
  </Card>
</CardGroup>

## How It Works

### Defining Security Rules

<img src="https://mintcdn.com/phylaxsystems/2ycHLT5VUDlI5cTV/images/overview-step-1.png?fit=max&auto=format&n=2ycHLT5VUDlI5cTV&q=85&s=02149234648c4d4d3da0ee64cb6e63fa" alt="Mapping and defining invariants" width="2057" height="1202" data-path="images/overview-step-1.png" />

Security rules (technically called [invariants](/credible/glossary#protocol-invariants)) are statements about your contract that must remain true no matter how users interact with it. They express the essential conditions that keep your system secure and functional.

Instead of exhaustively predicting every exploit path, you define the *states that must never occur*. If one of these states is violated, something fundamental has gone wrong.

These rules are then implemented as [assertions](/credible/glossary#assertion), which are Solidity smart contracts that verify the rules hold true. For a deeper understanding of how assertions work, see the [Assertions Overview](/credible/assertions-overview).

**Beyond Security Rules**

While invariants are the most common use case, assertions also enable:

* **Timelocks and Access Control**: Add time-based restrictions or multi-factor authentication requirements for sensitive functions like contract upgrades
* **Business Logic Enforcement**: Ensure operational rules are followed, such as transaction limits or authorized contract interactions

### Real-World Example: Balancer V2

In November 2025, an attacker exploited Balancer V2 stable pools through a complex rounding error attack, causing over \$120M in losses. Through 84 crafted swap operations, pool rates changed by 20x in a single transaction.

**The key insight:** While the root cause was complex (involving rounding errors and specific balance configurations), the security rule violation was simple:

> *"Pool rates should not change drastically within a single transaction"*

A simple assertion checking that pool rates don't change by more than 3x would have detected and prevented this attack, regardless of the specific exploit mechanism used.

<Accordion title="View the assertion code">
  ```solidity theme={null}
  import {AssertionSpec} from "credible-std/SpecRecorder.sol";

  contract BatchSwapDeltaAssertion is Assertion {
      uint256 constant MAX_RATE_CHANGE_MULTIPLIER = 3e18; // 3.0x

      constructor() {
          registerAssertionSpec(AssertionSpec.Reshiram);
      }

      function triggers() external view override {
          registerFnCallTrigger(this.assertionBatchSwapRateManipulation.selector, IVault.batchSwap.selector);
      }

      function assertionBatchSwapRateManipulation() external view {
          address vault = ph.getAssertionAdopter();
          PhEvm.TriggerContext memory ctx = ph.context();

          // Get affected pools from swap parameters
          bytes32[] memory uniquePoolIds = _getUniquePoolIds(swaps);

          for (uint256 i = 0; i < uniquePoolIds.length; i++) {
              (address poolAddress, ) = IVault(vault).getPool(uniquePoolIds[i]);
              PhEvm.ForkId memory preCall = PhEvm.ForkId({forkType: 2, callIndex: ctx.callStart});
              PhEvm.ForkId memory postCall = PhEvm.ForkId({forkType: 3, callIndex: ctx.callEnd});

              uint256 preRate = uint256(ph.loadStateAt(poolAddress, RATE_SLOT, preCall));
              uint256 postRate = uint256(ph.loadStateAt(poolAddress, RATE_SLOT, postCall));

              require(
                  (postRate * 1e18) / preRate <= MAX_RATE_CHANGE_MULTIPLIER,
                  "BatchSwap: Extreme pool rate manipulation detected"
              );
          }
      }
  }
  ```
</Accordion>

This demonstrates the power of assertions: by focusing on *what should never happen* rather than *how it might happen*, you protect against both known and unknown attack vectors.

Read the [full Balancer V2 exploit analysis](/assertions-book/previous-hacks/balancer-v2-stable-rate-exploit) to see how this assertion was tested against the actual exploit transaction.

### Network Enforcement

Once assertions are defined, they need to be deployed to protect your contracts. This involves submitting the assertion to your project, then linking it to your contract address.

<img src="https://mintcdn.com/phylaxsystems/2ycHLT5VUDlI5cTV/images/overview-step-2.png?fit=max&auto=format&n=2ycHLT5VUDlI5cTV&q=85&s=757717ceb8c13601cb8406d7a9271cf9" alt="Submitting assertions for enforcement" width="2057" height="1202" data-path="images/overview-step-2.png" />

The [Phylax platform](https://app.phylax.systems) creates releases and submits assertion changes to the Credible Layer smart contracts. Those contracts are the source of truth for which assertion IDs protect which contract addresses and when changes become active. Assertion bytecode is stored in [Assertion DA](/credible/assertion-da) and fetched by the enforcer before validation.

#### How Enforcement Works

A network node running the Credible Layer [sidecar](/credible/glossary#sidecar) does not care *how* a transaction violates the protocol's rule. All that matters is *whether* the assertion passes or fails. If the assertion fails, the node drops the transaction before it can be included in a block.

When a user opens a position on a yield protocol, the transaction may touch multiple contracts:

<img src="https://mintcdn.com/phylaxsystems/2ycHLT5VUDlI5cTV/images/phylax-multi-contract-interaction.png?fit=max&auto=format&n=2ycHLT5VUDlI5cTV&q=85&s=64de4ec885db37daa7d9cb2d518ae896" alt="A single transaction can interact with multiple contracts" width="1758" height="1030" data-path="images/phylax-multi-contract-interaction.png" />

Each contract that has assertions is checked by the sidecar, which simulates the cumulative end states:

<img src="https://mintcdn.com/phylaxsystems/2ycHLT5VUDlI5cTV/images/phylax-assertion-checking.png?fit=max&auto=format&n=2ycHLT5VUDlI5cTV&q=85&s=7b261c73b587837f1fce26cf6903eaec" alt="Each contract with assertions is checked by the sidecar" width="2104" height="946" data-path="images/phylax-assertion-checking.png" />

#### Validation Process

1. User submits a transaction to the network
2. The network node passes it to the sidecar for validation
3. The sidecar simulates the transaction and checks all relevant assertions
4. If all assertions pass, the transaction is included in the block
5. If any assertion fails, the transaction is dropped

The validation path is designed to keep assertion lookup and execution bounded for each network integration. The Credible Layer adapts to each network's architecture while preserving the same core model: protocol-authored assertions inform the block inclusion decision.

For the full technical flow, see [Architecture](/credible/architecture-overview).

<Note>
  The Credible Layer is designed as neutral middleware that preserves decentralization for both protocols and networks. Learn more about [why neutrality matters](/credible/neutrality).
</Note>

For interface boundaries and integration touchpoints, see [Interface Overview](/credible/interfaces-overview).

## Next Steps

Ready to dive deeper?

<CardGroup cols={2}>
  <Card title="Architecture" icon="gears" href="/credible/architecture-overview">
    Technical deep dive into system architecture and transaction flow
  </Card>

  <Card title="Quickstart Guide" icon="rocket" href="/credible/pcl-quickstart">
    Write and deploy your first assertion
  </Card>

  <Card title="Assertions" icon="diagram-project" href="/credible/assertions-overview">
    How assertions work and how to write them
  </Card>

  <Card title="FAQ" icon="circle-question" href="/credible/faq">
    Common questions about the Credible Layer
  </Card>
</CardGroup>