# Safety Properties

Safety is guaranteed in the MOI network. Safety is achieved by Modulated Trust which is a combination of ICS mechanism and Proof of Context (PoXt) consensus mechanism. These two concepts are used to facilitate clusters comprised of a majority of random nodes as well as eligible nodes that are associated with the wallets, based on their previous interactions. Also, requirements driven by the user or developer in the Modulated Trust Preferences (MTP) can be used to facilitate the ICS.

Let us try to understand this by taking an example:

## Proof of Safety​

Consider a scenario where, an interaction exists between 2 users with wallets W1 and W2. There are 80 nodes in the network out of which W1 is associated with 10 nodes (i.e., Node N1 to Node N10) and W2 is associated with other 14 nodes (i.e., Node N15 to N28). In this case, a minimum number of eligible nodes required from W1 and W2 will be any number of nodes from 6 nodes to 10 nodes for W1, and for W2 it will be 8 nodes to 14 nodes (i.e., greater than 2/3rd of the eligible nodes). If a minimum of 14 eligible nodes joins the ICS, a minimum of 28 random nodes should also join the ICS. Meaning, the minimum size of the ICS accepted will be 32.

However, if all the nodes in the account context of W1 and W2 are available to join the ICS, the optimal number of nodes required to for the ICS = (10 + 14) + 2*(10+14) = 72.

$n(ICS)_{MIN} = 32 \\ n(ICS)_{MAX} = 72$

In this case, the optimal number of nodes required to form an ICS cluster will be 2*(10+14) which equal 48 nodes out of which 24 (i.e., 10 nodes belonging to W1’s context+ 14 nodes belonging to W2’s context) nodes are the context-driven nodes for this particular interaction and remaining 24 nodes are the random nodes for this particular interaction.

With the above explanation, we can conclude that the network is secured to byzantine faults and we can say that tesseract is confirmed locally within an ICS cluster and finality is achieved globally. And with this type of randomized context-driven cluster formation, we can eliminate the risk of network scalability (in terms of nodes) which byzantine consensus tends to limit to a few thousand nodes.

Hence, the account states of the users W1 and W2 are preserved, thereby offering safety from the corruption of account states from attackers.

Also, the network is secured by ensuring all validators maintain a verifiable identity with cryptographic proofs using the Proof of Identity. Apart from the identity, we also secure the network by ensuring that every validator node is running the latest desirable version of the MOI client, which must be agreed upon by a majority of the validators in the network.