Trust & Security
Security at Design Skills Hub.
Last updated: July 3, 2026 · Report a vulnerability
Money and executable content both move through this site, so this page is written for the person who wants to check our claims — not just read them. Everything below links to something you can verify yourself: source code, on-chain state, or a live endpoint.
How a payment actually moves
Paid skills settle in USDC on Base over the open x402 protocol:
- The buyer signs an EIP-3009
transferWithAuthorization— a gasless, single-use, time-boxed authorization for the exact amount. We never hold your funds and cannot spend more than you signed. - Funds land in a per-seller splitter contract and the seller's share (94%) is released to the seller's own wallet in the same purchase flow. There is no balance sitting with us and no "withdraw from the platform" step.
- The 6% platform fee is immutable in each deployed splitter — it is set when the contract is initialized and cannot be raised afterwards. Changing the fee would require deploying a visibly new factory.
Why the contract can't redirect your money
- Each seller's splitter is a minimal clone whose payout destination is fixed at initialization. The release function is permissionless: anyone may trigger it, and it always pays the seller's wallet. Neither our settlement relayer nor anyone else can point it somewhere new.
- The relayer only broadcasts the buyer's signed authorization and pays gas. The signature itself binds the recipient, amount, and validity window — a malicious relayer could at worst fail to deliver a transaction, never alter one.
- Delivery of the encrypted skill bundle is gated on verified on-chain settlement or a proven prior purchase — not on any client-supplied claim.
Verify it yourself
- Source code: the contracts (splitter factory + splitter), settlement library, and their test suite are public at github.com/VaporAviator/skill402marketplace.
- Live network state: /api/skill-bundle?action=relayer-health is a public endpoint that returns the active network and the relayer's public address — inspectable on Basescan at any time.
- Beta status: commerce currently runs on Base Sepolia testnet — no real money is at risk during the beta. Mainnet launch is gated on: a verified-source factory deployment on Basescan, a mainnet-ready payment facilitator, and a dedicated funded relayer. Mainnet contract addresses will be published on this page at launch.
Marketplace content security
- Every listing is scanned before it goes live — static analysis tuned to catch genuine capability (code execution, credential access, data exfiltration, prompt-injection patterns) rather than flag ordinary code.
- Suspicious paid submissions are quarantined, fail-closed. A flagged bundle is stored encrypted, hidden from every public surface, and never delivered to anyone until a human reviews it. Sellers see the review status in My Skills.
- Paid bundles are encrypted at rest (AES-256-GCM). Plaintext only ever leaves the server toward a buyer with verified entitlement.
- Multi-skill collections are installed in isolation — install commands use per-skill isolation so listing one skill from a collection never puts its siblings on your disk.
Accounts & keys
- Sign-in is GitHub OAuth with minimal scopes: your public profile and email. The
public_reposcope is requested only when you publish via the converter, to create your skill repository. - We never see or store wallet private keys. Wallets are self-custodial — your own wallet, or an embedded wallet (Privy) under your control.
- Paid-content entitlements are bound to your authenticated session or a signed unlock token — never to a bare wallet address, which is public information.
Responsible disclosure & bug bounty
Found something? Email vaporaviator@gmail.com with subject SECURITY. We acknowledge within 48 hours.
- Good-faith security research is welcome — we will not pursue legal action for responsible disclosure.
- We pay discretionary bounties for verified critical vulnerabilities, with the payment path (contracts, settlement, bundle delivery) as top priority. There is no formal program with fixed tiers yet; we're a small team and we'd rather be honest about that.
- Please don't test against other users' data or run denial-of-service experiments; use your own accounts and testnet funds.