# Overview Multistake’s multi-environment architecture introduces distinct security considerations arising from cross-domain execution, asynchronous settlement, and isolated accounting domains. The protocol adopts a strict, zkSync-anchored trust model in which all external execution environments are treated as untrusted until their reported state has been independently validated. This section defines Multistake’s comprehensive security model, including threat assumptions, adversarial capabilities, formal invariants, execution-environment isolation, oracle correctness guarantees, cross-domain transport trust boundaries, and multi-layer failure analysis. This section is written to the depth expected for auditors, formal verification engineers, and protocol researchers. ### Security Philosophy Multistake’s security model is governed by the following foundational principles: * **Accounting correctness is invariant, even under catastrophic execution failure.**\ Execution availability is optional; correctness and solvency are mandatory. * **External execution environments contribute zero implicit trust.**\ No execution environment may modify share supply, NAV, or accounting state unless its reported state is validated and accepted by the zkSync vault. * **zkSync is the canonical truth and settlement domain.**\ Validity-proof security anchors deterministic accounting, reconciliation, and state finality. * **No single execution environment failure may cause insolvency.**\ Any localized failure may degrade performance or availability, but cannot compromise asset conservation or accounting integrity. * **NAV must remain conservative under all conditions.**\ The vault systematically favors undercounting over overcounting to prevent synthetic inflation or accounting drift. These constraints shape every layer of Multistake’s security architecture and inform all protocol-level design decisions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://multistake-1.gitbook.io/multistake-docs/documentation/security-model/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.