Skip to main content

Security Model

LCP assumes the availability and consensus correctness of the two interoperating blockchains, in addition to satisfying the security assumption of the TEE. Furthermore, ELC assumes that the state of an LCP client is recoverable based on data from both chains. That is, the liveness of the LCP client instance is independent of the availability of a particular LCP node.

We also assume that the adversary can control the OS and network stack of all LCP nodes except one LCP node. Therefore, it is possible to roll back or lose the state of the attacked node at will and thus corrupt the node. However, since an honest Relayer can set up a new LCP node of its own at any time, the liveness of the relay is guaranteed.