NEW

CCIP is now live for all developers. See what's new.

Back

Chainlink CCIP Service Responsibility

The Chainlink Cross-Chain Interoperability Protocol (CCIP) is a secure, reliable, and easy-to-use interoperability protocol for building cross-chain applications and services. The use of CCIP involves application developers, blockchain development teams, and Chainlink node operators, among others. These participants share responsibility for ensuring that operation and performance match expectations. Please note that CCIP support of a particular blockchain, application, or token does not constitute endorsement of such blockchain, application, or token.

Application Developer Responsibilities

Application developers are responsible for the correctness, security, and reliability of their application. This includes:

  • Code and application audits: Developers are responsible for auditing their code and applications before deploying to production. Developers must determine the quality of any audits and ensure that they meet the requirements for their application.
  • CCIP upgrades and best practices: Developers are responsible for following CCIP documentation regarding implementing CCIP upgrades and best practices for integrating CCIP in their applications.
  • Code dependencies and imports: Developers are responsible for ensuring the quality, reliability, and security of any dependencies or imported packages that they use with Chainlink CCIP, as well as reviewing and auditing these dependencies and packages.
  • Code quality and testing: Developers are responsible for ensuring that their application code, onchain and offchain, meets the quality expectations and has undergone rigorous testing.
  • Application monitoring and alerting: Developers must monitor their applications, inform their users of any abnormal activity, and take appropriate action to restore normal operations.
  • Blockchain risk assessment: Developers are responsible for the risk assessment of any blockchain network where they choose to deploy their application on or decide to interoperate with, when using Chainlink CCIP. This includes reviewing the time-to-finality formally documented by a blockchain’s development team, which is used to inform how long CCIP waits for finality when outbound transactions are initiated from that chain.
  • Token risk assessment: Developers are responsible for the risk assessment of any tokens they choose to support or list in their application and expose to their users.
  • Risk communication: Developers must clearly articulate and communicate identified risks to their users.
  • Manual execution: Developers must monitor their CCIP transactions and take action when transactions require manual execution. For example, informing their users and directing them to the appropriate page on the CCIP Explorer.

Blockchain Development Team Responsibilities

Blockchain development teams are responsible for the correctness, security, and reliability of their blockchain software. This includes:

  • Block finality: Blockchain development teams must ensure that blocks with a commitment level of finalized are actually final. The properties of the finality mechanism, including underlying assumptions and conditions under which finality violations could occur, must be clearly documented and communicated to application developers in the blockchain ecosystem. The documented time-to-finality informs how long CCIP waits for finality for outbound transactions from that chain; however, an additional buffer may be added.
  • Governance model: Blockchain development teams are responsible for setting up a clear and effective governance model and communicating its participants and processes clearly to its stakeholders and application developers.
  • Fixes and upgrades: Blockchain development teams must communicate availability of fixes immediately and announce planned upgrades as much in advance as possible so blockchain validators and application developers can prepare themselves accordingly.
  • Incident management: Blockchain development teams are responsible for clearly articulating and communicating any security, reliability and availability incidents to their community. This includes root cause analysis, post-mortem details and a clear plan of action to recover and prevent from happening in the future.
  • Blockchain liveness: Blockchain development teams must take appropriate action to ensure their blockchain maintains a high degree of liveness and aligns with set expectations towards their community members and applications developers.

Stay updated on the latest Chainlink news