Security

SIP Protocol is built with security as a foundational principle. This page outlines our threat model, security properties, and responsible disclosure process.

Threat Model

What SIP Protects Against

  • Transaction Linkability — Stealth addresses prevent linking sender to recipient
  • Amount Disclosure — Pedersen commitments hide transaction amounts
  • Address Reuse Analysis — One-time addresses for each transaction
  • Balance Inference — Commitment scheme prevents balance calculation

Known Limitations

  • Timing Analysis — Transaction timing may leak information
  • Network Layer — IP addresses visible without additional protection (use Tor/VPN)
  • Metadata — On-chain metadata not covered by privacy layer
  • Solver Trust — NEAR Intents solvers can observe some intent metadata

Trust Assumptions

  • Cryptographic primitives (secp256k1, SHA-256, XChaCha20-Poly1305) are secure
  • NEAR Intents infrastructure operates honestly for settlement
  • User's local environment is not compromised
  • Random number generation (CSPRNG) is unpredictable

Security Properties

Sender Privacy

Transaction origin is obscured through stealth address generation and commitment schemes.

Recipient Privacy

One-time stealth addresses prevent recipient identification and address reuse analysis.

Amount Privacy

Pedersen commitments (C = v·G + r·H) hide amounts while preserving verifiability.

Selective Disclosure

Viewing keys enable compliance without compromising user privacy broadly.

Audit Status

Pre-Audit Stage

SIP Protocol has not yet undergone a formal security audit. The codebase is designed with audit-readiness in mind, featuring comprehensive test coverage (1,331+ tests) and documented security assumptions.

We recommend using small amounts ($5-10) for testing until a formal audit is completed. Note: NEAR Intents operates on mainnet only—there is no testnet deployment. A security audit is planned for Milestone 8 (Production Hardening).

Responsible Disclosure

We take security vulnerabilities seriously. If you discover a security issue, please follow our responsible disclosure process.

Reporting Process

  1. 1Do not disclose the vulnerability publicly until it has been addressed
  2. 2Email details to security@sip-protocol.org with "SECURITY" in subject
  3. 3Include: description, steps to reproduce, potential impact, and suggested fix if any
  4. 4We will acknowledge within 48 hours and provide regular updates

Related Resources

Full Threat Model →Security Properties →Source Code →License →