Emergency Situations

Emergency Switch

Security is prioritized through a robust architecture, comprehensive audits, and thoroughly reviewed circuit implementations. In the event of an attack on a ZKP verification module, an emergency switch can be activated to halt minting, redemption, or both, effectively limiting potential damage. Once activated, this switch is irreversible to prevent misuse.

Users accessing the official portal for minting or redemption will not experience disruptions; however, caution is advised for those using unofficial software. A transaction safelist, governed by the community, will facilitate the retrieval of funds from locked modules.

As the system matures, emergency switches will be phased out based on expert evaluations. For instance, final modules may be validated using formal methods, and extended bug bounty programs may be implemented to enhance security.

Remedy Procedures

In the event of an attack that enables minting of $zkBTC without a corresponding $BTC deposit or redemption of $BTC without burning $zkBTC, the risk of de-pegging may arise. Timely activation of the emergency switch typically limits the extent of damage. Users will still be able to redeem $zkBTC for $BTC at a 1:1 ratio, provided that sufficient $BTC reserves are available, as this ratio is hardcoded in the smart contract. During such incidents, the foundation will not redeem any $zkBTC tokens; however, addressing de-pegging can be accomplished by burning excess $zkBTC tokens.

The timing for burning specific amounts of $zkBTC will be strategically chosen to restore the peg, ensuring a thoughtful and calculated approach to the situation. Community input will guide the foundation in managing funds, promoting transparency, and preventing bank runs during de-pegging incidents.