search

Failure Modes

hashtag
3.2 Failure Modes

Modulexo is designed so that invalid state transitions revert rather than partially execute.

This section describes how the system behaves under failure or edge conditions.

hashtag
I. Asset Disabled

hashtag
Condition

A user attempts to recycle a token not enabled in Registry.

hashtag
Result

Transaction reverts:

ENGINE_ASSET_NOT_ENABLED

hashtag
Effect

• No units consumed • No native routed • No weight minted

System state unchanged.

hashtag
II. Insufficient Units

hashtag
Condition

User attempts to recycle more native than available units allow.

hashtag
Result

Revert:

hashtag
Effect

• No partial consumption • No rail routing • No weight minted

Atomic rollback.

hashtag
III. Ledger Cap Exceeded

hashtag
Condition

Inventory provision exceeds registry-defined cap.

hashtag
Result

Revert:

hashtag
Effect

• No tokens burned • No units credited

Cap cannot be bypassed.

hashtag
IV. Zero Native Payment

hashtag
Condition

msg.value == 0 in recycle call.

hashtag
Result

Revert:

hashtag
Effect

No unit consumption. No ledger mutation.

hashtag
V. Router Misconfiguration

hashtag
Condition

Router address invalid or rails misconfigured.

hashtag
Result

Revert:

hashtag
Effect

• No value split • No weight minted • No partial routing

This protects from unintended fee capture.

hashtag
VI. Division by Zero

hashtag
Condition

Distribution math would divide by zero (e.g., totalWeight == 0 in certain contexts).

hashtag
Result

Revert:

hashtag
Effect

Prevents corruption of:

Ledger remains intact.

hashtag
VII. Claim Transfer Failure

hashtag
Condition

Native transfer during claim() fails.

hashtag
Result

Revert:

hashtag
Effect

• rewardDebt not updated • No partial settlement • User may retry

This prevents silent loss.

hashtag
VIII. Reentrancy Attempt

hashtag
Condition

Nested call attempt during recycle or claim.

hashtag
Result

Revert:

hashtag
Effect

Prevents:

• Double claim • Double mint • Rail duplication

hashtag
IX. Ownership Misuse Attempt

hashtag
Condition

Unauthorized call to owner-only function.

hashtag
Result

Revert:

hashtag
Effect

No control escalation possible.

hashtag
X. Governance Failure

hashtag
Condition

Proposal fails quorum or vote threshold.

hashtag
Result

Proposal cannot be queued or executed.

No state change occurs.

Timelock cannot execute without successful proposal.

hashtag
XI. Bridge or FeeVault Failure (If Used)

hashtag
Condition

Bridge transfer fails.

hashtag
Result

Funds remain in FeeVault.

Recycle distribution unaffected.

Fund treasury may receive delayed inflow.

No impact on:

• weight ledger • accNativePerWeight • claimable balances

Execution layer remains isolated.

hashtag
XII. Early System State (Low Participation)

hashtag
Condition

Recycle rail distribution occurs when totalWeight is very low.

hashtag
Result

Large proportional allocation to early weight holders.

This is mechanical.

No dynamic dampening unless parameterized.

Behavior is transparent and deterministic.

hashtag
XIII. Parameter Misconfiguration

hashtag
Condition

Owner sets extreme pricing parameters.

hashtag
Result

Weight pricing changes accordingly.

Distribution math remains correct.

Economic consequences follow parameter logic.

No ledger corruption possible.

hashtag
XIV. Contract Pauseless Design

Modulexo does not rely on pause flags in core distribution logic (unless implemented in deployment).

If no pause exists:

System continues operating deterministically.

If pause exists (per deployment):

Pause must be verifiable via public read function.

hashtag
XV. Systemic Failure Containment

Failure in one layer does not propagate automatically.

Example:

• Fund governance failure does not affect recycle execution. • Registry error does not corrupt weight ledger. • Claim failure does not alter distribution math.

Each layer is modular.

hashtag
XVI. Summary of Failure Handling

Failure Type
Behavior
State Integrity

Invalid asset

Revert

Preserved

Insufficient units

Revert

Preserved

Router error

Revert

Preserved

Claim transfer fail

Revert

Preserved

Governance fail

No execution

Preserved

Bridge delay

Funds isolated

Preserved

The system favors revert over partial mutation.

PreviousConstraints & LimitsNextRisk Disclosures

Last updated