Security Overlay

A security overlay defends against cyber threats—particularly DDoS attacks—and enhances privacy. In traditional setups, a single vendor (e.g., a major cloud security provider) sits between the Internet and the origin servers, filtering malicious traffic. A decentralized security overlay distributes this filtering function among many nodes, making it harder for attackers to target or bypass a single point.

Security Layer Concepts

Global Anycast DDoS Scrubbing

Distributed nodes detect and mitigate malicious traffic close to the attack source. This disperses the load, preventing any single node from being overwhelmed.

Encrypted Relay & Origin Shielding

By routing user requests through secure overlay nodes, the real IP of the origin remains hidden. Attackers can't trivially direct traffic to the origin server.

Reputation-Based Filtering

Nodes and traffic streams build reputation scores. Malicious or suspicious traffic is flagged or blacklisted through on-chain mechanisms.

Programmable Security Rules

Each node can host a local WAF or intrusion detection system. Rules can be updated in real time as threats evolve.

On-Chain Incentives & Slashing

Nodes that accurately filter out bad traffic earn additional rewards; false positives or misbehavior risk being penalized.

Distributed Attack Absorption

Multiple nodes absorb traffic from large-scale botnets, making volumetric attacks less effective.

Security Layer Benefits

No Single Point of Failure

A globally distributed overlay means attackers must overwhelm many scrubbing nodes, which is far more complex in a decentralized setting.

Enhanced Privacy

The overlay can mask user and server metadata, preventing targeted man-in-the-middle attacks.

Reduced Downtime

Even if a subset of nodes is hit, the network automatically reroutes legitimate traffic through healthy scrubbing nodes.