Proposal: Daml Security Framework

OPENPull Request
by 1D0n20-02-2026Incoming
View on GitHub ↗← All Proposals

Development Fund Proposal Submission

Proposal file: /proposals/daml-security-framework.md ---

Summary

This proposal delivers the first security framework for the Daml smart contract language: a 12-class vulnerability taxonomy, a 45-item pre-deployment audit checklist, and a static analysis CLI (daml-check) with detectors for the 6 highest-severity vulnerability classes. A working proof-of-concept scanner with two detectors is already published at https://github.com/1D0n/daml-security-framework ---

Checklist

  • [*] Proposal file added under /proposals/
  • [*] Milestones and funding amounts defined
  • [*] Acceptance criteria included
  • [*] Alignment with Canton priorities described

---

Notes for Reviewers

This proposal is security-focused and may warrant Security Subcommittee review. The PoC repo includes runnable Daml Script exploits for CLASS-6 (ledger time manipulation) and CLASS-7 (nonconsuming side effects), demonstrating the scanner's detection capabilities against real vulnerability patterns.