Soothmark

Scope

What Soothmark Checks

Soothmark audits GenLayer intelligent contracts to verify that nondeterministic logic is protected by the right validation or equivalence mechanism before it can change saved state.

Soothmark is not a general smart-contract security scanner. It focuses on one critical path: intent, nondeterminism, state impact, and verification.

Core path

The Soothmark audit path.

Every report follows the same focused review path: identify intent, detect nondeterminism, trace state impact, and verify the protection mechanism.

Intent

Nondeterminism

State Impact

Verification Check

Intent

Soothmark identifies what the submitted contract is trying to do.

Nondeterminism

Soothmark detects executable logic that may produce different results across validators, such as web calls, rendered pages, AI prompts, and external unpredictable inputs.

State impact

Soothmark checks whether nondeterministic output can affect persistent contract state.

Verification Check

Soothmark checks whether the exact nondeterministic state-changing path is protected by the correct GenLayer validation or equivalence mechanism.

Nondeterminism

What Counts as Nondeterminism

Executable sources

gl.nondet.web.get(...)
gl.nondet.web.request(...)
gl.nondet.web.render(...)
gl.nondet.exec_prompt(...)
AI output
Web/API output
Rendered external pages
Other external or unpredictable inputs

Executable usage only

Only executable usage counts. Mentions inside comments, strings, prompts, schema examples, documentation text, or recommendations do not count by themselves.

State impact

What Counts as State Impact

State impact means nondeterministic output can affect persistent contract state.

Unsafe nondeterministic state impact

response = gl.nondet.web.get("https://api.example.com/price")
price = response.body.decode("utf-8")
self.last_price = price

This has state impact because external web output is saved into contract state.

Safe deterministic state writing

self.message = new_message
self.update_count = self.update_count + u256(1)

This is deterministic state writing. It does not create nondeterministic state impact by itself.

Mechanisms

Validation and Equivalence Mechanisms

Known mechanisms

gl.vm.run_nondet_unsafe
gl.eq_principle.strict_eq
prompt_comparative
prompt_non_comparative

Path coverage matters

Soothmark does not judge protection by mechanism name alone. A mechanism is properly used only when it protects the same nondeterministic value that can affect persistent state.

Protection may come from run_nondet_unsafe, strict_eq, prompt_comparative, or prompt_non_comparative when applied to the correct state-changing path.

prompt_comparative is not automatically rejected. It can be valid when the equivalence rule is tight enough for the stored value.

Non-goals

What Soothmark Does Not Check

General smart-contract security

Storage design unrelated to nondeterministic state safety

Frontend or app completeness

Dependency formatting

Public method completeness

Pagination or indexing

Dispute flow

Broad GenLayer documentation compliance

Unrelated error handling

Business logic quality unless it affects nondeterministic state validation

Intentionally narrow

Soothmark is intentionally narrow. It certifies one critical GenLayer safety question: does nondeterministic logic get validated before it affects saved state?

Classification

Classification Meaning

Certified

No executable nondeterminism exists, or nondeterministic output does not affect saved state, or the state-changing nondeterministic path is properly protected.

Certified

Conditional

Nondeterministic state impact exists and validation is present, but coverage, validator quality, or equivalence tightness may need improvement.

Conditional

Rejected

Nondeterministic output can affect saved state and no appropriate validation or equivalence mechanism protects that path.

Rejected

Ready to check a contract?

Audit Contract View Examples