>Security considerations

Eavesdropping and impersonation. Mitigated at the transport boundary by encryption to the recipient's public key + signed messages verified against the registered key. These are cryptographic mitigations baked into the protocol; failure of either is a configuration bug, not a design gap.

Forged result, replay, collusion. These attack the data integrity of the dispatch and return path. Mitigations are the hash commitment, the unique task_id binding, and statistical analysis of result agreement across nodes. The collusion mitigation is the only one that does not scale gracefully (§7.5); a flagged node is dropped from the active set and earns nothing while its stake sits idle, which backstops it.

Sybil identity, coordinator offline, coordinator dishonest. Operational threats span node-side and coordinator-side. Behavioural fingerprinting addresses sybil. The coordinator offline failure mode is the network's documented single point of failure today. Coordinator dishonesty is mitigated socially today and by decentralised validator quorums, which are planned.

Tax-wallet compromise, $PRLX contract exploit, NodeRegistryLocker exploit. Smart contract attack surface. Mitigations are owner-key destination rotation, transfer-pause + audited migration path, and the NodeRegistryLocker audit + emergency pause. Stake custody, reward accrual, and the 7-day unstake cooldown are the audited surfaces; there is no slash path. Stake and reward balances are kept logically separate so the reward path can never drain principal.