Behavioral security

Boosting a fire-and forget experience with staggered security

Behavioural Security is a foundational component of SurferMonkey's infrastructure. It leverages the behavioural patterns of users, dApps, and the system itself to tailor security constraints required for message settlement. This approach not only boosts the system's adaptability and security, but it also significantly enhances the user experience. A key feature of this strategy is the "fire-and-forget" experience.

Fire-and-Forget Experience

SurferMonkey takes a unique approach to transaction validation and signing. In many scenarios, the signing engine signs the Merkle root instead of each individual signature leaf. This innovation allows users to submit their transactions and move on, embodying the "fire-and-forget" principle, without waiting for individual validation and signing. It provides an efficient and seamless user experience, enhancing overall system operation and transaction throughput.

However, it's crucial to note that individual leaf signature validation is not obsolete or inefficient. On the contrary, it forms a vital part of our enhanced security measures in certain situations. When the system raises its security level, for instance, during high-risk transactions or abnormal behavioural patterns, individual leaf signature verification becomes necessary. In these cases, the signature can be provided by the dApp or another trusted entity.

Leveraging Behavioural Patterns

Behavioural patterns of users and dApps play a critical role in SurferMonkey's dynamic security model. For instance, if a user frequently conducts low-risk transactions, the system can implement lighter security constraints for these transactions, expediting the process. Conversely, if a user or a dApp initiates high-risk transactions or deviates from their usual behaviour, the system can elevate security measures, including invoking individual leaf signature verification, to maintain the transaction's integrity and overall system security.

In essence, Behavioural Security is a vital aspect of SurferMonkey's strategy for delivering secure, efficient, and user-friendly infrastructure for decentralized applications. By dynamically adapting to the behavioural patterns of users and dApps, SurferMonkey optimizes system performance and enhances user experience while maintaining rigorous security and compliance standards.