Security Model

Liminal minimizes attack surface by minimizing mutable state. The system avoids introducing new global state, privileged roles, or upgradeable mappings that could be exploited or misconfigured over time.

There is no global registry mapping tokens across chains. There is no governance-controlled association between SPL mints and ERC-20 representations. All relationships are derived deterministically rather than stored or administered.

Liminal does not introduce token-specific deployment logic. All tokens follow the same standardized deployment path, which reduces complexity and limits the potential for edge-case vulnerabilities.

Security assumptions are inherited from the underlying execution environments: Solana for SPL token semantics, Base for ERC-20 contract execution, and the selected bridging mechanism for cross-chain message passing. Liminal does not custody assets and does not introduce additional trust assumptions beyond these existing systems.

By reducing mutable state and avoiding privileged control, Liminal shifts security from policy and governance to deterministic computation.