Security

CORA’s primary security boundary is operational authority. The system is designed so that state changes are explicit, auditable, and resistant to informal control.

Treasury authority

• The treasury is the only authority that can issue and revoke CORA state.
• Treasury authority can be migrated via an explicit on-chain action.
• Treasury execution is expected to be handled by a Safe to reduce single-key risk.

Governance safety

• Voting weight is derived from snapshotted state at a fixed block.
• State changes after snapshot do not affect active votes.
• Quorum is computed from snapshotted total state.

Separation of concerns

• The public site is informational only and never requests signatures.
• The ops interface submits actions; authority is enforced on-chain.
• Governance is transparent and verifiable by on-chain state and events.

Security depends on disciplined operations: clear rationales, review procedures, and key management appropriate to the stakes.