🔒 Security Model

Token Delegation

• Users approve spending authority once via SPL Token contract
• No funds locked in smart contracts—payments from user wallets
• Users retain full custody and can revoke delegation anytime
• Delegation scoped to specific max amount, re-approval required afterwards

Smart Contract Security

• Anchor framework provides type safety and security best practices
• Comprehensive test suite covering payment flows and edge cases
• Open source for community auditability

Provider Responsibilities

• Secure user data handling
• API security
• Customer support
• Compliance requirements