FortiLayer

FortiLayer — The Programmable Execution Firewall for Arbitrum Treasuries

FortiLayer is an atomic, composable execution firewall for on-chain treasuries on Arbitrum. Every outbound transfer must pass through a pipeline of independent policy modules — or it reverts. No exceptions.

4 active policies enforce AND-logic on every transfer:

• 💳 SpendingLimitPolicy (Stylus/Rust WASM) — daily cumulative + per-tx max limits

• ✅ WhitelistPolicy — per-vault recipient allowlists

• 📈 RiskScorePolicy — 0–100 address risk scoring

• ⏱ TimelockPolicy — cooldown between transfers

Key technical highlights:

• Stylus (Rust/WASM) SpendingLimitPolicy is live in the vault pipeline — replaced the Solidity version on-chain. Every transfer triggers an EVM → WASM cross-VM call.

• Live Chainlink ETH/USD oracle integration — OracleRiskScorePolicy adapts permissions based on market volatility.

• Two-phase atomic validation: validate() (view) → record() (state). Zero state pollution on failure.

• 3-layer circuit breaker: PolicyEngine + Firewall + Treasury — any single pause freezes everything.

• 12 contracts deployed & verified on Arbitrum Sepolia. 140 tests passing.

Why Arbitrum: FortiLayer's multi-policy pipeline makes 5+ inter-contract calls per transfer. This is only economically viable on Arbitrum L2 ($0.01 vs $15-50 on mainnet). Stylus WASM execution is only possible on Arbitrum.

Who it's for: DAOs, RWA issuers, institutional custodians, on-chain funds — any entity that holds and moves value on-chain.

Built with: Solidity 0.8.20 · Rust (stylus-sdk v0.10.0) · React 18 · Hardhat · Chainlink · OpenZeppelin v5.1

Not Now