Search

Search for projects by name

Onchain costsMilestones & IncidentsRisk summaryRisk analysisRollup stageData availabilityState derivationState validationOperatorWithdrawalsPermissionsSmart contracts

Cartesi PRT Honeypot v2 logo
Cartesi PRT Honeypot v2

Badges

About

Cartesi PRT Honeypot v2 is an application-specific Stage-2 rollup that stress-tests Cartesi Rollups’ security. Protected solely by Cartesi’s PRT (Permissionless Refereed Tournaments) fraud-proof algorithm, it turns its locked funds into an open bounty for...

  • Website
  • Total Value SecuredTVS
    No data
  • Past day UOPSDaily UOPS
    No data
  • Stage
  • Type
    Optimistic Rollup
  • Purpose
    Bug bounty

    • Tokens breakdown

    Value secured breakdown

    View TVS breakdown
    Sequencer failureState validationData availabilityExit windowProposer failure
    Explore more in Discovery UI

    Badges

    About

    Cartesi PRT Honeypot v2 is an application-specific Stage-2 rollup that stress-tests Cartesi Rollups’ security. Protected solely by Cartesi’s PRT (Permissionless Refereed Tournaments) fraud-proof algorithm, it turns its locked funds into an open bounty for...

    Onchain costs

    The section shows the operating costs that L2s pay to Ethereum.

    Data in this section may be temporarily out of date due to third-party provider issues. We're working to resolve this.

    2025 Nov 12 — Dec 03

    Total cost
    $1.19
    Avg cost per L2 UOP
    $1.196293
    Avg cost per day
    $0.07
    Milestones & Incidents

    Cartesi PRT Honeypot v2 deployed on Ethereum

    2025 Nov 8th

    Cartesi PRT Honeypot v2 deployed to Ethereum mainnet.

    Learn more

    Dave: decentralized, secure, lively fraud-proofs

    2025 May 9th

    Dave paper published on ACM DLT, a peer-reviewed journal.

    Learn more
    Risk summary
    The challenge protocol can be subject to delay attacks.

    Funds can be stolen if

    1. there is no one that checks the published state. Fraud proofs assume at least one honest and able validator.
    Risk analysis
    The challenge protocol can be subject to delay attacks.
    Sequencer failureState validationData availabilityExit windowProposer failure
    Sequencer failure
    Self sequence

    Users can self sequence transactions by sending them on L1. There is no privileged operator.

    State validation
    Fraud proofs (INT)

    Fraud proofs allow actors watching the chain to prove that the state is incorrect. Interactive proofs (INT) require multiple transactions over time to resolve.

    Data availability
    Onchain

    All of the data needed for proof construction is published on Ethereum L1.

    Exit window
    Not applicable
    Bug bounty Appchain: The single hardcoded address can withdraw all funds.

    Users cannot exit their funds as all deposits are considered donations.

    Proposer failure
    Self propose

    Anyone can be a Proposer and propose new roots to the L1 bridge.

    Rollup stage
    Cartesi PRT Honeypot v2
    Cartesi PRT Honeypot v2 is a
    Stage 2
    Appchain
    Optimistic Rollup.

    Rollup operators cannot compromise the system, but being application-specific might bring additional risk.

    Users can deposit (donate) CTSI tokens to the Honeypot. The funds can only be withdrawn by the Cartesi Multisig to its own address. The appchain has the very specific purpose of a bug bounty on the proof system, incentivizing security researchers to break it and claim the deposited funds.

    Note:
    We're still in the process of formalizing how to properly integrate appchains in the Stages framework.
    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.
    Data availability

    All transaction data is recorded on chain

    All executed transactions are submitted to an on chain smart contract. The execution of the rollup is based entirely on the submitted transactions, so anyone monitoring the contract can know the correct state of the rollup chain.

    1. InputBox.sol#18 - Etherscan source code, addInput function
    Learn more about the DA layer here: Ethereum logoEthereum
    State derivation
    Node software

    The source code for the Cartesi node software is available here.

    Genesis state

    The genesis state comes from the Honeypot Cartesi Machine template included in the Honeypot v3 release. Alternatively, you can recreate it by following the build steps in the Honeypot GitHub Repository.

    Data format

    The reference implementation for ERC20 deposits can be found here. To learn about the withdrawal request format, please refer to the documentation here.

    State validation
    Under Review

    The information in the section might be incomplete or outdated.
    The L2BEAT Team is working to research & validate the content before publishing.

    Fraud proofs

    After some period of time, the published state root is assumed to be correct. For a certain time period, usually one week, anyone can submit a fraud proof that shows that the state was incorrect.The initial bond for joining the tournament is set to 0.23219805 ETH.

    • Funds can be stolen if there is no one that checks the published state. Fraud proofs assume at least one honest and able validator.

    1. Permissionless Refereed Tournaments
    2. MultiLevelTournamentFactory.sol#L48 - dispute resolution factory
    3. DaveConsensus.sol#L111 - application consensus
    Operator

    There is no central operator

    There is no privileged entity that sequences transactions or produces blocks. This activity is permissionless and open to anyone.

    1. Honeypot Docs - Running a validator node

    Users can force any transaction

    Because the state of the system is based on transactions submitted on the underlying host chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract on the host chain directly.

    Withdrawals

    No user withdrawals

    No address apart from the Cartesi Multisig can trigger a withdrawal and deposits are considered donations to the Honeypot. If a withdrawal is requested by them, all funds in the escrow are withdrawable to the permissioned address as soon as the next settlement on L1 occurs (min. every 7d 1h).

    1. Requesting withdrawals, Honeypot Wiki
    Permissions
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco

    Ethereum

    Actors:

    Cartesi Multisig 0x6024…2Ff5

    A Multisig with 3/6 threshold.

    • Can interact with Application
      • withdraw the entire balance in the escrow

    Participants (6):

    0xD91C…60320x53cf…D9610xF455…990E0xA7Dd…24b10xccD5…53250xC826…0F30
    Smart contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    InputBox 0x1b51…Cfac

    Serves as both the canonical log for arbitrary dApp inputs and a portal for depositing assets (one possible type of input). It ensures data availability and that all off-chain participants process the same inputs in the same order.

    DaveConsensus 0xF0D8…9259

    Contract managing PRT fraud-proof tournaments, application epochs and input validation, as well as settlement and challenge periods. Dispute tournaments are started here and the final, verified computation result (as an outputsMerkleRoot) is recorded when they are resolved.

    Application 0xfDDF…e998

    Main dApp contract that escrows assets and executes the verified results (outputs) from off-chain computation. It relies on the DaveConsensus contract to validate outputs before releasing assets or triggering on-chain actions. The immutable template hash of the dApp is 0x144d45af1181b35f2b11c4b1150d6cb16934c28093707fb97c911ff16b3fe609.

    • Roles:
      • withdrawer: Cartesi Multisig
    • This contract can store any token.
    MiddleTournament 0x0a88…d2D9

    Handles the intermediate stages of a dispute following the TopTournament targeting a more granular bisection game.

    CartesiStateTransition 0x31EE…10F6

    Onchain verifier that can execute a single, disputed instruction of the Cartesi machine. It is the ultimate arbiter that BottomTournament calls to determine which party’s claimed state transition is correct.

    MultiLevelTournamentFactory 0xa029…Ea6b

    Responsible for creating and orchestrating the multi-stage dispute process. It instantiates the correct tournament contract (Top, Middle, or Bottom) depending on the current stage of the dispute game.

    TopTournament_example 0xA283…627fImplementation (Upgradable)

    Represents the entry point and highest level of a dispute in PRT. Disagreeing validators join this tournament to resolve conflicts over the entire computation trace through a bisection game. The required bond amount for joining the Tournament is calculated from worst case gas estimates and currently is 0.23219805 ETH.

    ERC20Portal 0xACA6…562D

    Contract that allows anyone to perform transfers of ERC-20 tokens to Cartesi DApps.

    CanonicalTournamentParametersProvider 0xc8d8…3113

    Provides constant configuration data for the tournament system. It defines parameters like the number of levels (3), the minimum challenge period of ~7d, and the size of computation segments at each stage of a dispute.

    BottomTournament 0xe6B4…2962

    Referees the dispute over a single contested Cartesi machine step as the final stage of arbitration in a dispute. It calls the CartesiStateTransition contract to get a definitive on-chain ruling and identify the winner.

    Value Secured is calculated based on these smart contracts and tokens:

    Generic escrow 0xfDDF…e998

    Contract storing bounty funds.