Documentation
The honest FAQ
If a campaign fails after the audit starts, do I get everything back?
No. The spent audit-fee tranche is a collective good contributors knowingly purchased; refunds after finalize are pro rata net of it. Every parameter of that lottery is on-chain before you deposit.
Does a clean audit mean the token is safe to buy?
No. It means named professionals reviewed exactly this code and reported these finding counts, and what deployed is byte-identical to what they reviewed. Market risk, abandonment risk, and bad-idea risk survive every proof in this system.
What stops a founder from funding their own raise?
Nothing inside the protocol — every mechanism that could is a discretionary actor. Instead, the certificate carries a mechanical funding-concentration digest so you can see it. Read it.
What stops a lazy auditor?
Not payment structure; payment is findings-independent precisely so auditors have no stake in the verdict. Diligence is purchased from the auditor's reputation market, which is why the auditor's identity and exact reviewed bundle are permanently attributable.
Is this zero-knowledge?
Today, no. The current tier is T0 — journals attested by named operators re-executing the guest — and every certificate says so. Zero-knowledge verification (T2) arrives by verifier substitution when a production Solidity-in-zkVM pipeline exists.
Can the platform freeze, censor, or rescue a campaign?
No. No guard in the escrow references any platform key; every transition is permissionless; proofs verify in your browser. The platform's entire power is serving a website, and you can bypass the website.
Is contributing legal where I live?
The protocol can't tell you, and cryptography doesn't change securities law. Pre-token sales are the classic investment-contract fact pattern in many jurisdictions. See the paper's Section 7.2, then ask a lawyer, not a protocol.