# Trust & Safety

How Streamlock protects users and maintains platform integrity.

***

## Smart Contract Security

### Verified Programs

Streamlock uses verified, audited smart contracts on Solana:

| Program           | Purpose                         |
| ----------------- | ------------------------------- |
| Token Factory     | AMM trading and pool management |
| Streamlock Router | Entitlement rights and gaming   |
| Streamflow        | Token vesting and escrow        |

### Code Transparency

* Smart contract code is verifiable on-chain
* Program IDs are verifiable on-chain
* No admin keys that can drain user funds from escrow
* RouterAuthority has operational permissions (settlement, stream updates) but cannot access user escrow funds

***

## Token Safety

### Token-2022 Standard

All Streamlock tokens use Solana's Token-2022 program:

* Industry standard token implementation
* Battle-tested by the Solana ecosystem
* Additional features for security and compliance

### Escrow Protection

When you buy tokens:

1. Tokens go to Streamflow escrow (not our wallets)
2. Escrow is non-custodial (smart contract controlled)
3. Only you can withdraw (when conditions met)

Your tokens are never in Streamlock's custody.

***

## Price Integrity

Token prices are determined by the **on-chain bonding curve** (constant-product AMM):

* Prices derived directly from on-chain pool reserves
* Calculated deterministically: `price = SOL_reserves / Token_reserves`
* No external oracle dependency — price is intrinsic to the pool
* No manual price manipulation possible

### AMM Guarantees

The constant-product AMM provides:

* Deterministic pricing (x \* y = k)
* No order book manipulation
* Always available liquidity (within caps)

***

## Anti-Manipulation

### Throughput Caps

To prevent pump-and-dump schemes:

| Limit    | Amount                        | Window    |
| -------- | ----------------------------- | --------- |
| Buy cap  | 2% of supply                  | 5 minutes |
| Sell cap | 0.5% of initial SOL liquidity | 5 minutes |

No single actor can move the market significantly in a short period.

### Holding Limits

The 1% anti-whale mechanism:

* Maximum 1% per address in price-gated streams
* Excess goes to 134-day timelock (67-day cliff + 67-day vesting)
* Prevents supply concentration

### Slippage Protection

All trades include:

* Minimum output amounts
* Transaction simulation before execution
* Automatic revert if slippage exceeded

***

## Gaming Safeguards

### Dispute Windows

All game results have a dispute period:

1. Results submitted by operator
2. 1-hour dispute window opens
3. Players can challenge incorrect results
4. Valid disputes → results invalidated

### Operator Accountability

Game operators:

* Must stake collateral (future)
* Are publicly identified
* Can be disputed and penalized
* Build reputation over time

### Zero-Sum Verification

The smart contract enforces:

```
Sum of all deltas = 0

If Alice loses 30%, someone must gain 30%.
No value created or destroyed.
```

***

## User Protections

### Transaction Safety

Before any transaction:

* Full quote shown (fees, slippage, output)
* Server-side simulation prevents failed txs
* Wallet confirmation required

### No Hidden Fees

All fees are:

* Displayed before confirmation
* Calculated deterministically
* Consistent with published rates

### Private Keys

Streamlock never:

* Asks for your seed phrase
* Stores your private keys
* Has access to your wallet

Always verify you're on the official site.

***

## Current Status

### Audit Status

| Component         | Status                                                                |
| ----------------- | --------------------------------------------------------------------- |
| Token Factory     | Audited — all findings addressed (C-1 to C-7, H-1 to H-7, M-1 to M-3) |
| Streamlock Router | Audited — all findings addressed                                      |
| Frontend          | Internal review                                                       |

### Network

**Current deployment: Solana Mainnet**

***

## Best Practices

### For Users

1. **Verify URLs** - Always check you're on streamlock.fun
2. **Check quotes** - Review fees and outputs before confirming
3. **Start small** - Test with small amounts first
4. **Understand locks** - Know when tokens unlock before buying
5. **Secure wallet** - Use hardware wallets for large amounts

### Red Flags

Be cautious if:

* Someone asks for your seed phrase
* A site looks like Streamlock but has a different URL
* You're promised guaranteed returns
* Someone claims to be "Streamlock support" in DMs

***

## Reporting Issues

Found a bug or security concern?

1. **Security issues**: Contact team directly (do not post publicly)
2. **Bugs**: Report via GitHub issues
3. **Disputes**: Use the on-chain dispute system

***

## Disclaimer

Streamlock is experimental software on Solana.

* Not financial advice
* No guarantee of returns
* Use at your own risk
* Only use amounts you can afford to lose

***

## Related

* [FAQ](https://streamlock.gitbook.io/streamlock-docs/resources/faq) - Common questions
* [Quick Start](https://streamlock.gitbook.io/streamlock-docs/getting-started/quick-start) - Getting started safely