> For the complete documentation index, see [llms.txt](https://zokanetwork.gitbook.io/zokanetwork/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://zokanetwork.gitbook.io/zokanetwork/security/consensus-and-network-security.md). # Consensus and Network Security ## Double-Spend Prevention Private notes produce nullifiers. A nullifier can be public enough to prevent reuse while not revealing which specific output was spent. ## Proof-of-Work Security RandomX proof-of-work makes block production costly and supports open mining participation. Nodes also gate mining against local sync state so an operator does not accidentally mine from a stale local chain view. That protects operators from wasting work and helps keep new blocks aligned with the public network. ## Private Transaction Validation Private transaction validation must reject reused nullifiers, invalid proofs, invalid range/accounting constraints, and malformed private transaction data. This protects the private ledger without turning private transfers into public sender/receiver records. ## Network Attacks Operators should consider: * **Sybil attacks**: many fake peers trying to influence peer view. * **Eclipse attacks**: isolating a node from honest peers. * **Spam**: flooding mempool or RPC surfaces. * **DoS**: exhausting node, RPC, or explorer resources. ## Mitigations Use multiple peers, monitor RPC health, keep nodes updated, avoid exposing secrets, and separate public RPC from wallet custody. ## RPC Exposure Public RPC endpoints should be treated as infrastructure, not wallets. They can serve blocks, chain height, mempool status, transaction records, and private transaction bodies needed for wallet recovery. They should not receive recovery phrases, scan keys, spend keys, or wallet passwords. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://zokanetwork.gitbook.io/zokanetwork/security/consensus-and-network-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.