Network Security and Governance
Why ISBE has control mechanisms over deployed contracts?
ISBE is a public-permissioned infrastructure with governance responsibility over the network. This means that in exceptional situations (security incidents, court orders, critical business logic failures), ISBE must be able to act.
Control mechanisms are designed to be proportional and traceable, not to interfere with the normal operation of deployed contracts.
Control model by modality
| Situation | Modality 1 (Proxy Diamond) | Modality 2 (Custom contract) | Modality 3 (Direct deployment) |
|---|---|---|---|
| ISBE needs to pause the contract | ISBE pauses directly. The role is irrevocable by the owner. | ISBE attempts to pause. Risk: the owner may have revoked ISBE's role. | ISBE asks the Service Provider to pause. No technical guarantee. |
| The SP cannot or will not pause | Not applicable (ISBE has direct control) | ISBE activates address filtering at the client level (see below) | ISBE activates address filtering at the client level |
| Guarantee level for the network | Maximum | High with residual risk | Low |
Last resort mechanism: Address Filtering
When ISBE cannot technically pause a contract and the Service Provider does not cooperate, filtering is activated at the network client level:
- The contract address is marked as blocked in the ISBE network client configuration.
- No network node with the correctly configured client can process transactions directed to that address.
- This measure requires all network Node Providers to have the client updated with the filtering module implemented.
- The block is registered traceably with justification, timestamp, and the authority that activated it.
Filtering activation conditions
Address filtering is an exceptional measure that is only activated when all the following conditions are met simultaneously:
- ISBE cannot pause the contract through its own technical means.
- The Service Provider cannot or will not pause it within the required timeframe.
- There is documented justification (security incident, court order, or other legal mandate).
- The decision has been approved by the ISBE governance committee.
Why this matters for the Builder
This control model is a commercial argument. For a regulated client (financial sector, public administration, healthcare), ISBE's ability to intervene in a critical incident is equivalent to a "circuit breaker" mechanism in traditional financial infrastructure. No public blockchain network can offer this guarantee.
Modality 1 (Proxy Diamond with ISBE library) maximizes these guarantees and therefore receives preferred pricing.