# The Execution Layer Gap ### Determinism Ends at the Device Web3 systems are designed to be deterministic. Smart contracts execute predictably.\ Transactions are validated through consensus.\ State transitions on-chain are transparent and verifiable. These guarantees create strong security assurances at the protocol layer. However, every Web3 interaction ultimately originates from an endpoint. A browser.\ A wallet extension.\ A local operating system.\ A network interface. And unlike the blockchain, the endpoint environment is not deterministic. *** ### The Asymmetry There is a structural asymmetry in the Web3 stack: On-chain systems are deterministic.\ Off-chain execution environments are probabilistic. The blockchain enforces rules through consensus.\ The endpoint relies on user awareness and manual intervention. Wallet signatures confirm that a user approved an action.\ They do not confirm that the surrounding environment was secure. This creates a fundamental security gap. *** ### Where Compromise Occurs In practice, many Web3 compromises occur at the execution layer: * Malicious scripts injected into browser sessions * Drainer contracts triggered through deceptive UI * Persistent session hijacking * Compromised RPC endpoints * Delayed malicious execution * Background processes interacting with wallet contexts In these scenarios, the blockchain continues to function correctly. The failure occurs before the transaction reaches the chain. *** ### Reactive Containment Is Not Infrastructure When compromise is suspected, users typically resort to reactive measures: * Revoke token approvals * Disconnect wallet sessions * Rotate private keys * Shut down the device entirely These actions are manual, discretionary, and often delayed. They are not cryptographically bound to device state. There is no standardized mechanism that allows: Cryptographic authority\ to deterministically transition an endpoint into a secure containment state. This is the execution layer gap. *** ### Why This Gap Matters As digital asset value increases, endpoint risk scales proportionally. A single compromised device may: * Control treasury funds * Execute governance actions * Authorize high-value transfers * Maintain validator operations The absence of deterministic endpoint containment introduces systemic risk. Security cannot end at the private key. The execution layer must be addressed with the same rigor as the protocol layer. *** ### A Missing Primitive Web3 introduced new primitives: * Programmable money * Trustless settlement * Cryptographic governance Yet it lacks a primitive for deterministic endpoint containment. Until such a primitive exists, Web3 security remains incomplete. Overra is designed to address this structural gap by introducing wallet-authorized, locally enforced containment as infrastructure. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://overra.gitbook.io/overra-docs/problem/the-execution-layer-gap.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.