ChainStateVerifier
sec.chainstateverifier
Security
planned
Spec started
frozen
Cross-check every order’s chain-derived inputs (nonce, balance, allowance) against multiple sources before signing.
What it does
Cross-check every order’s chain-derived inputs (nonce, balance, allowance) against multiple sources before signing.
Pipeline placement
runs after: RPCFailoverManager elects primary provider
→
ChainStateVerifier
→
runs before: Order signing
Applies to: Every order before signing — verifies chain-derived fields against multiple RPC sources
Why it matters
| If this fails | Consequence |
|---|---|
| Single RPC source used for nonce/balance without cross-checking | A stale or compromised RPC causes double-spend attempts or orders built on wrong nonce. |
| Reorg not detected before signing | An order signed on top of a reorged block may reference a state that no longer exists, causing failed settlement. |
| Balance check skipped | Orders submitted without sufficient pUSD collateral fail at settlement, wasting gas and degrading UX. |
Inputs
Polymarket inputs
| Input | Source | Required | Use |
|---|---|---|---|
| pUSD balance of trading wallet | onchain | required | Verify wallet has sufficient collateral before signing. |
| Latest block number and block hash | onchain | required | Cross-check across providers to detect reorg or fork. |
Internal inputs
| Input | Source | Required | Use |
|---|---|---|---|
| Elected primary RPC provider from RPCFailoverManager | RPCFailoverManager | required | Determine which provider to use as primary; verify against secondary. |
| KillSwitch active flag | KillSwitch | required | Block all chain reads during global pause. |
Authority
What this bot is permitted to do
Reject Pause
State
Readiness
Spec started
Status
planned
Class
Guardrail
Default mode
shadow_only
Developer owner
Polytraders core
Capital impact
Direct
Reason codes emitted
| Code | Severity | Meaning | Action |
|---|---|---|---|
| KILL_SWITCH_ACTIVE | HARD_REJECT | Global kill switch is active. | Immediately return DENY. |
| CHAIN_STATE_MISMATCH | HARD_REJECT | Block hash disagreement across providers, reorg detected, or insufficient wallet balance. | Return DENY; emit alert. |
| RPC_QUORUM_LOST | HARD_REJECT | Fewer than require_quorum providers responded. | Return DENY; defer to RPCFailoverManager. |
| CHAIN_STATE_REORG_WARN | WARN | Reorg depth approaching reorg_depth_alert threshold. | Emit warn; continue checking. |
| CHAIN_STATE_OK | INFO | All checks passed; chain state verified. | Emit RiskVote(APPROVE). |
Related bots in Security
Used by
Reverse index — strategies that currently reference sec.chainstateverifier. If you change this bot's authority or reason codes, these strategies must re-pass shadow.
| Strategy | State | Activity |
|---|---|---|
| NBA H2H — moneyline market-make | demo-wired | last triggered 41m ago |
Showing 1 of 1 · demo-wired ≠ production-live
Why this matters
Security bots does NOT propose or execute trades; only guards signing and wallet operations. Understanding the authority boundary prevents misuse and makes promotion-gate reviews faster and more reliable. View raw spec JSON →