VIII. Threats, Protections & Assumptions
Security Model
Unlinkability: Withdrawals are cryptographically unlinkable from deposits
Non-custodial: Users retain full control over funds at all times
Double-spend protection: Nullifiers are unique and cannot be reused
Integrity: All contract logic is deterministic and verifiable
Auditing: Code has undergone internal audits, and a third party audit will be conducted in the near future.
Last updated