NativeAssetHandler
The bridge between EVM smart contracts and the Ghostmint precompile at 0x0808. Handles minting and burning native GHOST tokens on behalf of the CommitRevealVault.
Address: 0x35cdaE691037fcBb3ff9D0518725F1ae98d502b7
Why it exists
Smart contracts cannot directly call the Ghostmint precompile — only governance-authorized contracts are permitted. The NativeAssetHandler is the single authorized caller, and it restricts its own callers to the CommitRevealVault.
CommitRevealVault → NativeAssetHandler → Ghostmint Precompile (0x0808) → BankKeeper
Interface
contract NativeAssetHandler {
address public constant MINT_PRECOMPILE = 0x0000000000000000000000000000000000000808;
address public vault;
address public owner;
// Set the vault address (one-time, by owner)
function setVault(address _vault) external;
// Burn native GHOST (payable — receive GHOST as msg.value)
function burnNativeFrom(address from, uint256 amount) external payable;
// Mint native GHOST to recipient
function mintNativeTo(address to, uint256 amount) external;
// Accept native tokens from vault
receive() external payable;
}
Key behaviors
- Vault-only:
burnNativeFromandmintNativeTocan only be called by the vault - One-time vault setup:
setVault()can only be called once by the owner - Native token flow: On burn, tokens are forwarded to the precompile. On mint, the precompile creates fresh tokens.
Usage
The NativeAssetHandler is not called directly by developers. It's an internal component of the Ghost Protocol. The CommitRevealVault calls it during:
- Commit:
burnNativeFrom(user, amount)— destroys the user's GHOST - Reveal:
mintNativeTo(recipient, amount)— creates fresh GHOST for the recipient
Security
- This is the only contract authorized to call the Ghostmint precompile
- The authorization is set via the
GHOSTMINT_AUTHORIZED_CALLERSenvironment variable on the validator node - Changing the authorized callers requires a governance proposal or validator restart