Common questions about the Phylax Credible Layer
Welcome to the Phylax Credible Layer FAQ! Here you’ll find answers to common questions about the Credible Layer’s features, capabilities, and usage. If you can’t find what you’re looking for, please reach out in our Telegram.
The Credible Layer is a network extension that enables apps to define security rules and prevents transactions from violating them.
These rules are defined in Solidity, executed off-chain, and enforced on-chain. Since these rules are verifiable, apps can turn implicit security assumptions into an explicit security posture using our transparency dashboard so that users can trust the apps they use.
There are several key advantages:
The Credible Layer offers several key advantages:
While audits provide one-time code reviews, the Credible Layer offers continuous protection via the sequencer actively validating every transaction that interacts with your contracts. Our system provides real-time protection against:
The transparency dashboard is a tool that allows anyone to view and browse all assertions deployed by different protocols. It is a useful tool for end users as they can verify the security guarantees of any protocol, while devs can use it to copy assertions from protocols with similar contracts.
No. We are a permissionless protocol that enables hack definition and prevention. No APIs for dApps.
An assertion is a Solidity contract, that defines an invariant about your protocol, some state you want to prevent, and that is stored on-chain. You can think of it as an inverse intent - you define the state you don’t want to occur without specifying or caring about all the specifc vectors that could lead to it.
Assertions are binary in nature, implemented through Solidity’s require
statement:
require
condition is met, the transaction is validrequire
fails, the transaction is invalid and will be filtered outThis simple binary structure makes assertions both powerful and easy to reason with - there’s no ambiguity about what constitutes a violation. It either is or isn’t a hack.
Common examples include:
Invariants are properties of your protocol that you want to maintain. They are fundamental to the Credible Layer’s approach to security, and assertions are our tool to let you enforce them. While invariants define what should always be true, assertions give you the practical means to enforce these rules across your entire protocol:
For a good explainer on invariants see this article
Although assertions are stored on-chain to enable transparency, assertions run off-chain through the PhEVM (Phylax EVM) by the sequencer for performance reasons and can:
Cheatcodes are special functions provided by the PhEVM that give assertions powerful capabilities beyond standard Solidity.
For detailed documentation and examples of all available cheatcodes, see our Cheatcodes Reference Guide.
There might be cases where you want to upgrade an assertion to add new checks or modify existing ones.
Upgrading an assertion is straightforward:
Yes, you can copy and adapt assertions from other protocols and use them in your own protocol. You should make sure that the assertions are compatible with your protocol. It will make the most sense to copy assertions for standard libraries and interfaces. You will be able to see all assertions deployed by other protocols on the transparency dashboard.
The Credible Layer uses our modified Flashbots rBuilder that:
For L1 → L2 deposits and other forced transactions, the Credible Layer:
No. For single-sequencer L2s, users already trust the sequencer with transaction inclusion, because, in theory, a sequencer can censor transactions arbitrarily when it receives them at the RPC layer. The Credible Layer simply extends the sequencer’s validation logic with dApp-defined rules, expressed as Assertions (EVM bytecode).
Flashbots introduced a piece of software that enables a Sequencer to have an external block-builder that implements custom block-building logic, without changing the sequencer itself. This is also what powers Flashblocks.
Our custom block builder enables the sequencer to check each transaction against assertions defined by the dApp while staying completely Superchain compliant. This requires no changes to contracts as it is effectively middleware.
Anyone can write the assertions, but only the owner of the contract that the assertions protect can “activate” them. This way, we ensure that no malicious third party reduces functionality by writing assertions for your contract.
We are working on more authentication techniques to service dApps with non-traditional ownership architectures.
As mentioned above in “How do you extend the validation logic of the sequencer to the dApp?”, the Credible Layer is functionally middleware as it enables the sequencer to remove transactions that would break the dApp’s rules. The Credible Layer will still work with immutable contracts because the prevention happens at the sequencing step, which is where the L2 has ultimate power over transaction inclusion.
Short answer: We don’t know.
But here is what we think: If there is an owner it communicates that the protocol wants to have some power over the contracts. That is why we only allow only the owners of contracts to write assertions.
We will use timelocks on protocols with immutable contracts as many of the users may be using that protocol because it is immutable and would not want to use it any longer if there is anything resembling censorship, even if it is defined and executed by the dApp itself.
Testing assertions is similar to standard Forge testing, with additional Credible Layer-specific features:
Standard Testing Tools:
assertEq
, assertTrue
)vm.prank
, vm.deal
)Credible Layer-Specific Testing:
cl.addAssertion()
cl.validate()
For detailed examples and testing patterns, see our Testing Guide.