Security News
ESLint is Now Language-Agnostic: Linting JSON, Markdown, and Beyond
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
@cruna/protocol
Advanced tools
Dive into the realm of Cruna Protocol, a revolutionary advancement reshaping the landscape of Non-Fungible Tokens (NFTs). Cruna Protocol transcends traditional NFT functionalities, offering an innovative fusion of security and adaptability. At the heart of our protocol are the Cruna Vault tokens, a new class of Protected NFTs, ingeniously engineered to fortify digital asset management while maintaining unparalleled flexibility.
Our protocol is adeptly designed to synergize with ERC-6551 smart wallets, setting a new standard for asset security. Cruna Vaults, working alongside ERC-6551, create a dynamic ecosystem where NFTs not only hold value but also actively secure and manage it with unparalleled efficiency.
Through the Cruna Protocol, NFTs evolve beyond static assets, transforming into expandable, secure entities capable of owning and interacting with a wide range of digital assets and applications. This shift marks a remarkable leap in NFT technology, opening doors to endless possibilities in the digital asset space.
Join us as we explore the forefront of NFT innovation, where security meets scalability, and every digital asset gains the power to be more than just a token – a safeguarded, expandable asset in the ever-evolving digital world.
ERC-6551 creates accounts bound to NFTs, allowing any NFT to own assets and interact with applications without necessitating changes to existing smart contracts or infrastructure.
While the ERC-6551 standard heralds a groundbreaking advancement in NFT functionality, focusing on interoperability and utility, it does not specifically address security protocols. Therefore, if the NFT that owns the token-bound account is compromised, the entire wallet could be at risk. Cruna aims to enhance the capabilities of NFTs by ensuring that token-bound accounts are protected against unauthorized access, thereby complementing ERC-6551’s innovative framework with robust security solutions.
Protectors are like personal guardians for your NFT. As an NFT owner, you can appoint one or more Protectors who must approve any transfer or change. This dual-level security means even if your account is compromised, your NFT stays safe. For added convenience in specific scenarios, like in a company setting, you can set up special rules where certain transfers don't need Protector approval.
Once you set up your first Protector, adding or removing others requires approval too, ensuring no single person can make unilateral changes. This setup is ideal for those who value robust security in managing their digital assets.
It is advisable to assign multiple Protectors to maintain access to the vault even if one Protector becomes inaccessible. Reasonably, someone may use their hot wallet to buy the NFT and one or more hard wallets as protectors. A company, most likely, would use a multisig wallet as protector.
Imagine a system that safeguards your assets even if you lose access or in case of unforeseen life events. That's what Sentinels do in Cruna Vault. They work on a Proof-of-Life system – you periodically signal that you're still in control. If you can't, Sentinels can start a process to pass your assets to a chosen Beneficiary.
This feature is not just about security; it's about peace of mind and ensuring your digital legacy is preserved and passed on as intended.
The Cruna Protocol introduces a flexible Plugin Architecture with every Cruna Vault minted. Alongside the Vault, a Manager contract owned by the Vault is deployed, acting as the central hub for managing various functionalities.
The Manager plays a key role in overseeing crucial aspects of the Vault:
When users want to enhance their Vault with additional features, they can integrate plugins into the Manager:
Despite the integration of various plugins, the ultimate control and ownership remain with the Cruna Vault owner:
This architecture offers significant benefits in terms of scalability and flexibility:
Cruna Vault's flexibility means it can be used in various ways:
Cruna Vault isn't just limited to ERC-6551 integrations; it offers a robust foundation for white-labeled NFTs aiming to boost their security, regardless of their association with ERC-6551. This makes Cruna Vault an ideal choice for NFT creators and platforms seeking to offer enhanced security features under their own brand.
For NFT Creators and Platforms:
For Collectors and Investors:
Cruna Vault's adaptable architecture makes it suitable for a wide range of applications, transcending traditional NFT use cases:
In summary, Cruna Vault's flexibility and advanced security features open up a world of possibilities, not only for ERC-6551 related applications but also for a wide array of digital assets, offering enhanced protection and legacy planning. Whether it's for individual collectors, NFT platforms, or diverse digital asset markets, Cruna Vault stands as a beacon of security and trust in the digital world.
While smart contract upgradeability is beneficial, it poses security risks, such as the potential for deploying malicious updates. To prevent this, all contracts, including the Manager and any associated plugins, are immutable, safeguarding against unauthorized alterations.
Despite this, user-driven upgrades are essential. To achieve this, Cruna Protocol utilizes the approach outlined in ERC-6551. This involves deploying a new proxy contract for each token ID, connected to the protocol's Manager. This Manager, controlled by the NFT, empowers the token ID holder with ownership rights.
Crucially, the Manager can integrate plugins—additional smart contracts—that are also upgradeable exclusively by the NFT owner. This ensures that when a new trusted version of the Manager or a plugin is released, the NFT owner can independently upgrade, accessing new features and security enhancements.
Thus, the Cruna Protocol guarantees that no unilateral contract upgrades occur. Only the NFT owner has the authority to initiate updates for the Manager and its plugins, balancing robust security with user autonomy and flexibility.
We're continuously evolving and have exciting features in the pipeline:
This specialized vault is all about automating asset distribution. Load it with assets, set a schedule, and let it do the rest, perfect for companies distributing tokens to investors or employees.
We're introducing secure USB keys as an extra layer of security. These keys are tailored for Cruna Vaults, making them a simple yet powerful addition to your asset management toolkit.
A new family of Zero Knowledge based vaults will allow a high level of privacy.
In addition to ERC-721, Cruna Protocol may support ERC-1155 tokens in a near future. We are investigating the best way to do it and if there are reasonable use cases for it. For example, the plugin architecture could extend what an ERC-1155 token could do.
Cruna Vault is more than just an NFT; it's a comprehensive solution for securing and managing your digital assets, today and in the future. Join us in embracing this new era of digital asset security.
Cruna is in beta stage, and to use it you must specify the version you want to install. Install it with, for example
npm install @cruna/protocol@1.0.0-rc.4
or similar commands using Yarn or Pnpm, and use in your Solidity smart contracts, for example, as
import {CrunaManagedNFTOwnable} from "@cruna/protocol/contracts/manager/CrunaManagedNFTOwnable.sol";
contract MySuperToken is CrunaManagedNFTOwnable {
constructor() CrunaManagedOwnable("My Super Token", "MST") {}
// add your special features here
}
If your goal is to build a plugin, look at the contracts in contracts/mocks/plugin-example to start from.
1.0.0-rc.6
1.0.0-rc.5
1.0.0-rc.4
1.0.0-rc.3
1.0.0-rc.2
1.0.0-rc.1
1.0.0-beta.10
1.0.0-beta.9
1.0.0-beta.8
1.0.0-beta.7
1.0.0-beta.6
1.0.0-beta-5
1.0.0-beta.4
1.0.0-beta.3
1.0.0-beta.2
1.0.0-beta.1
authorizePluginToTransfer
so that it disallows only temporarily a plugin to transfer the NFT1.0.0-beta.0
1.0.0-alpha.7
1.0.0-alpha.6
activate
to later activate the vault, creating a manager for the tokenId1.0.0-alpha.5
1.0.0-alpha.4
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0-alpha.1
1.0.0-alpha.1
35 passing
------------------------------------|----------|----------|----------|----------
File | % Stmts | % Branch | % Funcs | % Lines
------------------------------------|----------|----------|----------|----------
canonical/ | 100 | 50 | 83.33 | 75
CanonicalAddresses.sol | 100 | 100 | 100 | 100
CrunaGuardian.sol | 100 | 50 | 100 | 75
CrunaRegistry.sol | 100 | 100 | 0 | 0
ICanonicalAddresses.sol | 100 | 100 | 100 | 100
ICrunaGuardian.sol | 100 | 100 | 100 | 100
ICrunaRegistry.sol | 100 | 100 | 100 | 100
interfaces/ | 100 | 100 | 100 | 100
IERC6454.sol | 100 | 100 | 100 | 100
IERC6982.sol | 100 | 100 | 100 | 100
manager/ | 99.01 | 70.11 | 98.31 | 99.1
Actor.sol | 100 | 80 | 100 | 100
CrunaManager.sol | 99.4 | 69.74 | 100 | 99.45
CrunaManagerBase.sol | 94.44 | 66.67 | 83.33 | 95
CrunaManagerProxy.sol | 100 | 100 | 100 | 100
ICrunaManager.sol | 100 | 100 | 100 | 100
plugins/ | 100 | 78.57 | 100 | 100
CrunaPluginBase.sol | 100 | 78.57 | 100 | 100
ICrunaPlugin.sol | 100 | 100 | 100 | 100
plugins/inheritance/ | 100 | 70.31 | 100 | 97.5
IInheritanceCrunaPlugin.sol | 100 | 100 | 100 | 100
InheritanceCrunaPlugin.sol | 100 | 70.31 | 100 | 97.5
InheritanceCrunaPluginProxy.sol | 100 | 100 | 100 | 100
token/ | 94.64 | 64.81 | 95.83 | 95.16
CrunaManagedNFTBase.sol | 94.12 | 63.04 | 94.74 | 94.83
CrunaManagedNFTOwnable.sol | 100 | 50 | 100 | 100
CrunaManagedNFTTimeControlled.sol | 100 | 83.33 | 100 | 100
ICrunaManagedNFT.sol | 100 | 100 | 100 | 100
IManagedNFT.sol | 100 | 100 | 100 | 100
utils/ | 95.74 | 70.83 | 100 | 98.21
ERC6551AccountProxy.sol | 90 | 75 | 100 | 90.91
FlexiTimelockController.sol | 100 | 50 | 100 | 100
INamed.sol | 100 | 100 | 100 | 100
INamedAndVersioned.sol | 100 | 100 | 100 | 100
ITokenLinkedContract.sol | 100 | 100 | 100 | 100
IVersioned.sol | 100 | 100 | 100 | 100
SignatureValidator.sol | 100 | 90 | 100 | 100
TokenLinkedContract.sol | 90 | 50 | 100 | 100
------------------------------------|----------|----------|----------|----------
All files | 98.21 | 69.44 | 97.18 | 97.36
------------------------------------|----------|----------|----------|----------
Copyright (C) 2023 Cruna
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You may have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/gpl-3.0.en.html.
FAQs
The Cruna protocol
The npm package @cruna/protocol receives a total of 3 weekly downloads. As such, @cruna/protocol popularity was classified as not popular.
We found that @cruna/protocol demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
Security News
Members Hub is conducting large-scale campaigns to artificially boost Discord server metrics, undermining community trust and platform integrity.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.