πŸ’‚β€β™€οΈSecurity

Private Keys ( Payer Wallet )

When wallet private keys are entered into the users admin panel, they are encrypted, and cannot be exposed to front end at all. If your front end login details are compromised the private keys to your UA wallet cannot be accessed.

Delegate Wallet

You can define the wallet address of your choice to become the delegate wallet, ensuring you have full control of the NFTs that have been frozen for staking.

Staking / Unstaking

When staking, it parses the tx in the backend and will only sign/send if everything in the tx is correct and there is no duplicates.

Claiming

When claiming, a β€œlock” is used in many places to ensure no duplicate claims. If someone attempted to send multiple requests at once using a third party application such as postman, the backend will only accept one at a time. In the slim chance (which theoretically isn't possible), they were able to get 2 requests in at once, there is a backup β€œlock” where it writes to the database β€œclaim attempt for x user”… it waits a few seconds for latency, then reads how many of those are written to the database within the last 5 minutes. If it’s more than 1, it will fail and not go through.

Unstaking

2 minute delay. With the lock/freeze staking method, if a failed unstake occurs against an NFT you have to wait 2 minutes before re attempting to stake or unstake the same NFT again.

Last updated