Security & Transparency

Security & Transparency Report

This document provides a complete, verifiable description of the click dispute system's rules, mathematical constraints, closing conditions, payout mechanisms, and internal controls. It is intended for public inspection.

NETWORKBNB Chain (BEP-20)

PAYOUT ASSETUSDT

VERIFICATIONOn-chain via BscScan

LAST UPDATEDMarch 3, 2026

Section 01

Purpose of This Document

This page exists to formally document the mathematical rules governing each click dispute, the deterministic conditions under which click disputes close, the financial limits enforced by the system, the payout execution process, and the mechanisms available for public verification of outcomes.

It is not a marketing document. It contains no promotional claims. Its purpose is to enable any participant or external observer to independently understand and verify how the system operates.

Guiding Principle

Every rule described in this document is enforced server-side. The client application displays calculated values but cannot modify click dispute state, close conditions, or payout amounts.

Section 02

Fundamental Definitions

The following terms are used throughout this document and in the click dispute interface. Their definitions are fixed and do not change between click disputes.

Symbol / Term	Definition
P — Prize Value	The stated prize amount in USDT for a given click dispute. Set at click dispute creation and immutable thereafter.
C — Click Cost	The fixed cost in USDT that a participant pays per valid click. Currently set at $0.05 USDT per click across all click disputes.
Δ — Increment per Click	The discount increment applied per valid click. Calculated as Δ = 0.10 × C (10% of click cost).
n — Total Clicks	The total number of valid clicks recorded during the click dispute lifecycle.
D — Accumulated Discount	The total discount accumulated from all valid clicks. Subject to the Discount Cap.
Discount Cap (50%)	The maximum discount that can be applied. D can never exceed 50% of P, regardless of n.
Minimum Revenue Threshold	The click dispute may only close when total revenue ≥ 120% of P. Ensures economic sustainability.
Net Payout	The final amount paid to the winner: P minus the capped discount.
Click Dispute Close Condition	The deterministic set of conditions that must be met for an click dispute to terminate.
Verified Payout	A payout whose transaction hash has been confirmed on-chain via BscScan.

Section 03

Click Dispute Mathematics

The discount mechanism follows a deterministic formula. No randomness is involved. All calculations are executed server-side.

// Discount increment per click
Δ = 0.10 × C

// Raw accumulated discount
D_raw = n × Δ

// Capped discount (hard ceiling at 50% of prize)
D_cap = min(D_raw, 0.50 × P)

// Final payout to winner
Net Payout = P − D_cap

Revenue Formula

// Total revenue generated by the auction
Revenue = (n × C) + D_cap

// Minimum close condition
Revenue ≥ 1.20 × P

// Interpretation:
// The auction can only close when total revenue
// (click payments + capped discount) ≥ 120% of prize value

Hard Constraint

The discount can never exceed 50% of the prize value. Once D_raw reaches 0.50 × P, further clicks do not increase the discount. The winner always receives at least 50% of the stated prize.

The frontend displays the current discount and projected payout in real time, but these values are read-only reflections of the backend state. The client application has no write access to click dispute variables.

Section 04

Minimum Revenue Threshold (120%)

The system enforces a minimum revenue condition before any click dispute can close. This rule prevents structural losses and ensures every click dispute is economically viable.

// Total revenue from the auction
Revenue = (n × C) + D_cap

// Close condition — must satisfy:
Revenue ≥ 1.20 × P

Enforcement Rule

If the 120% revenue threshold has not been met, the click dispute cannot close — regardless of timer state. The click dispute continues accepting clicks until this condition is satisfied.

This threshold exists to ensure that the platform can always cover the prize payout plus operational costs. It is a structural safeguard, not a discretionary decision.

Formal Revenue Rule

// Minimum Revenue Formula
Revenue = (n × C) + D_cap

// Condition for auction close
Revenue ≥ 1.20 × P

// Expanded
(n × C) + min(n × Δ, 0.50 × P) ≥ 1.20 × P

This formula guarantees that no click dispute closes at a loss. The 120% threshold includes both click revenue and the capped discount as a component of total platform income. The system evaluates this condition atomically on every click event.

Section 05

Click Dispute Closing Logic

Each click dispute operates with a countdown timer. The closing mechanism is deterministic and follows these rules:

Active Timer

A countdown timer runs during the click dispute. Its initial duration is set at click dispute creation.

Click Extends Timer

Each valid click resets or extends the timer by a fixed interval. This prevents premature closing.

Server-Side Validation

Every click is validated on the backend. Invalid clicks (insufficient balance, rate limit exceeded, bot detection) are rejected and do not affect the timer or click dispute state.

Atomic State Update

The click dispute state (timer, click count, last valid wallet) is updated atomically. There is no window for race conditions or partial updates.

Timer Reaches Zero

When the timer expires and the revenue threshold is met, the click dispute closes. The winner is the wallet that executed the last valid click before expiration.

No Manual Override

There is no administrative function to manually close an click dispute early, skip the timer, or designate a winner. Closing is the result of deterministic conditions being met.

Section 06

Anti-Bot System

The system employs multiple layers of automated abuse detection to ensure fair participation. These mechanisms operate server-side and are not bypassable from the client.

Protection Mechanisms

Per-Wallet Rate Limiting

Each wallet address is subject to a maximum click frequency. Clicks exceeding this threshold are rejected server-side before any state mutation occurs.

Session-Based Limits

Independent of wallet-level limits, each authenticated session has cumulative click caps. This prevents session recycling as a bypass vector.

Burst Pattern Detection

The backend analyzes click timing distributions in real time. Non-human patterns (fixed-interval, sub-second bursts) trigger automatic flagging and temporary suspension.

Server-Side Only Validation

All click validation runs exclusively on the backend. Client-side requests without proper server validation are rejected. No click is accepted based on client-reported data alone.

Automatic Temporary Blocking

Wallets that trigger abuse thresholds are temporarily blocked from participating. Block duration escalates with repeated violations. Blocks are applied server-side and cannot be circumvented by changing sessions.

Security Notice

Specific thresholds and detection parameters are not publicly disclosed to prevent adversarial tuning. Parameters are calibrated to minimize false positives while maintaining effective bot prevention.

Section 07

Deposit Monitoring

The deposit system operates on-chain and is not dependent on frontend reporting.

Unique Address Assignment

Each wallet is assigned a unique deposit address. No two participants share the same address.

On-Chain Monitoring

Deposits are monitored directly on the BNB Chain. The system listens for incoming transactions to assigned addresses.

Confirmation-Based Credit

Credits are released only after on-chain confirmation. Pending transactions do not grant click credits.

Logging & Reconciliation

All deposit events are logged with transaction hash, block number, timestamp, and amount. Automated reconciliation runs continuously.

Section 08

Automated Prize Delivery (Smart Contract Settlement)

Prize payouts are fully automated through the ClickWinSettlement smart contract deployed on BNB Chain. No manual intervention is required. The entire process — from click dispute close to USDT transfer to the winner — is executed trustlessly by the settlement microservice and verified on-chain.

Click Dispute Ends → Settlement Triggered

When the click dispute closes, the backend publishes an 'click dispute:ended' event. The dedicated settlement microservice automatically picks up the event and begins processing.

On-Chain Commit (Commit-Reveal Scheme)

The settlement service calls commitClick Dispute() on the ClickWinSettlement smart contract, anchoring a cryptographic commitment hash (click dispute ID, gross prize, rules version, and salt) on-chain before the payout is executed. This prevents any post-hoc manipulation.

Automatic USDT Transfer to Winner

The settlement service automatically executes the USDT BEP-20 transfer to the winner's wallet address. The amount is the deterministic Net Payout (P − D_cap) calculated by the click dispute formula. No admin approval or manual transaction is required.

On-Chain Settle (Verification)

The settlement service calls settleClick Dispute() on the smart contract, revealing the salt and verifying the commitment hash. The contract confirms: correct winner, correct amount, matching commitment. The settlement is recorded immutably on-chain.

Status: Completed & Verified

Upon on-chain confirmation, the payout status changes to Completed. The transaction hash is stored and becomes a clickable link to BscScan. Full audit logs are generated automatically.

Fully Trustless Settlement

The entire payout process is automated end-to-end via the ClickWinSettlement smart contract. No human intervention is required. Any user can verify the payout on BscScan — including the commitment hash, winner address, USDT amount, and block confirmation. The smart contract enforces access control (SETTLER_ROLE), reentrancy protection, and duplicate settlement prevention.

Section 09

Past Click Disputes

The following data points are published for every completed click dispute, without exception.

s09.thAuction	Prize	Clicks	Click Cost	Discount	Net Payout	Winner	Tx Hash	Status
#0001	$500.00	1,247	$0.50	$62.35	$437.65	0x3a…f21c	0xabc…789	Verified
#0002	$1,000.00	3,891	$0.50	$194.55	$805.45	0x7f…e4a0	0xdef…321	Verified
#0003	$2,000.00	10,412	$0.50	$520.60	$1,479.40	0xb2…91dc	0x456…abc	Verified

* Winner wallets are partially masked for privacy. Full addresses are visible on-chain via the transaction hash. Sample data shown for layout purposes.

Section 10

Logs & Audit

The platform maintains comprehensive, append-only internal logs for the following event categories:

Click Events

Every click attempt is recorded with: timestamp, wallet address, click dispute ID, validation result (accepted/rejected + reason), and timer state after processing.

Click Dispute State Transitions

All lifecycle events are logged: creation, activation, revenue threshold met, timer expiration, close event. Each transition includes the previous and new state values.

Payout Execution Trail

Payout lifecycle: initiation timestamp, transaction hash, on-chain confirmation block, status update to Verified. Each step is logged independently.

Deposit Monitoring

Incoming transactions, confirmation count, credit issuance events. Includes transaction hash, block number, amount, and assigned wallet.

Administrative Actions

All operator actions are logged with operator ID, timestamp, action type, and affected resources. No administrative action occurs without a corresponding log entry.

Audit Policy

Logs are append-only and retained indefinitely for audit purposes. Internal log structure and storage mechanisms are not publicly disclosed. Logs are maintained in a format suitable for internal audit and, if required, third-party forensic review.

Section 11

Critical Questions

The following questions address the most common concerns about system integrity.

+Can the team secretly click on its own click disputes?

Every click requires a funded wallet with a confirmed on-chain deposit. Internal wallets are excluded from participation via address filtering. Administrative accounts do not have click functionality. There is no mechanism for the team to participate as a bidder.

+Can the timer be manipulated?

The timer is managed server-side. It can only be extended by a valid click that passes all validation checks. There is no administrative endpoint to pause, reset, or manually adjust the timer. Timer state is part of the atomic click dispute state update.

+How can I verify payouts?

Every completed click dispute displays a transaction hash. Click the hash to open BscScan, where you can independently verify: the sender address, the recipient (winner) address, the exact USDT amount transferred, and the block confirmation. No trust in the platform is required — the blockchain is the source of truth.

+What prevents early termination of an click dispute?

Two conditions must be met for an click dispute to close: the timer must reach zero without a valid click extending it, and the total revenue must meet or exceed 120% of the prize value. If either condition is not met, the click dispute remains active. There is no manual close function.

+What happens if the minimum revenue threshold is not met?

The click dispute continues. It will not close until the 120% revenue threshold is satisfied, regardless of timer state. This protects both the platform's ability to fulfill the prize and the participants' expectation of a valid, funded click dispute.

Section 12

Atomic Click Dispute State Processing

Every click triggers an atomic server-side transaction. The following state variables are updated within a single operation, with no intermediate state visible to any client or process:

// Atomic state update per valid click
atomicUpdate(auctionId) {
  n = n + 1
  D_raw = n × Δ
  D_cap = min(D_raw, 0.50 × P)
  timer = timer + extension
  lastWallet = msg.sender
  revenue = (n × C) + D_cap
}

If any step in this transaction fails, the entire operation is rolled back. There is no partial state update scenario. This eliminates race conditions, double-click exploits, and timer manipulation vectors.

Backend Authoritative

The client application is a read-only display layer. It cannot write to click dispute state, modify the timer, alter click counts, or influence the closing condition. All state mutations are server-initiated and server-validated.

Section 13

What the Team Cannot Do

The following actions are structurally impossible within the current system architecture. They are not policy restrictions — they are technical impossibilities enforced by the codebase:

Cannot participate in click disputes

Administrative accounts do not have click functionality. Internal wallet addresses are excluded from participation via server-side address filtering. There is no mechanism for the team to act as a bidder.

Cannot close an click dispute early

There is no administrative endpoint to force-close an click dispute. Closing requires both timer expiration and revenue threshold satisfaction. These conditions are evaluated server-side with no override mechanism.

Cannot choose or influence the winner

The winner is determined exclusively by the last valid click before timer expiration. There is no selection, draw, or discretionary assignment. The result is deterministic and immutable once the click dispute closes.

Cannot alter the discount or payout formula

The mathematical formulas (Δ = 0.10 × C, D_cap = min(D_raw, 0.50 × P), Net Payout = P − D_cap) are hardcoded in the server logic. No runtime parameter or configuration can change these values during an active click dispute.

Cannot modify past click dispute records

Completed click dispute records, including click counts, winner addresses, payout amounts, and transaction hashes, are immutable. Payout transactions are recorded on-chain and independently verifiable via BscScan.

Structural Guarantee

These limitations are not promises — they are architectural constraints. They cannot be bypassed without rewriting and redeploying the server application, which would be a detectable, auditable event.

Section 14

System Architecture Overview

The platform operates on a layered architecture with strict separation of concerns. Each layer has a defined responsibility and trust boundary:

Layer 1 — Client Application (Read-Only)

React-based frontend that displays click dispute state, timer, discount, and payout values. The client has no write access to any click dispute variable. All displayed data is fetched from the backend API.

Layer 2 — API Gateway

Handles authentication, rate limiting, and request validation. Rejects malformed or unauthorized requests before they reach the business logic layer.

Layer 3 — Click Dispute Engine (Server-Side)

Core business logic: click validation, timer management, discount calculation, revenue threshold evaluation, and close condition enforcement. All click dispute state mutations occur exclusively in this layer.

Layer 4 — Database (Persistent State)

Stores click dispute records, click logs, user balances, and payout history. All write operations use atomic transactions with rollback on failure.

Layer 5 — Blockchain Monitor

Listens for on-chain events on BNB Chain: incoming deposits to assigned addresses, payout transaction confirmations. Operates independently of the API layer.

Layer 6 — Settlement Microservice & Smart Contract

A dedicated settlement microservice listens for click dispute:ended events and automatically executes payouts via the ClickWinSettlement smart contract. The contract uses a commit-reveal scheme, SETTLER_ROLE access control, reentrancy guards, and SafeERC20 transfers. The entire payout flow is trustless and automated — no manual intervention required.

Layer 7 — On-Chain Verification

Cross-references internal payout records with BscScan data: recipient address, USDT amount, commitment hash, block confirmation. The smart contract settlement is the final trust anchor — all payouts are immutably recorded on-chain and publicly verifiable.

Section 15

Token Consistency Statement

All financial operations on the platform use a single, fixed token standard:

// Token specification
Token = USDT (Tether)
Standard = BEP-20
Network = BNB Smart Chain
Contract = 0x55d398326f99059fF775485246999027B3197955

There is no multi-token support, no native token, and no token swap mechanism. Deposits are accepted in USDT BEP-20 only. Payouts are executed in USDT BEP-20 only. This eliminates token mismatch risk and simplifies on-chain verification.

Single-Token Policy

The platform does not issue, mint, or manage any proprietary token. All value flows through the standard USDT BEP-20 contract, which is independently auditable on BscScan.

Section 16

Operational Limitations & Risk Disclosure

The following operational limitations and risks are disclosed transparently. This section exists to set accurate expectations, not to disclaim responsibility.

Automated Smart Contract Settlement

Prize payouts are fully automated through the ClickWinSettlement smart contract. The settlement microservice executes payouts trustlessly upon click dispute close — no manual admin intervention is required. The system includes retry logic, RPC failover, treasury auto top-up, and comprehensive audit logging.

Network Dependency

The platform operates on BNB Smart Chain. Deposit confirmations and payout verifications are subject to network conditions, including block times, congestion, and gas fees. The platform does not control BNB Chain infrastructure.

Limited Refund Mechanism

Click costs in completed click disputes are non-refundable — the click dispute model requires irreversible participation to function. However, if an click dispute is cancelled before reaching the revenue target, all clicks are automatically refunded to participants' balances. Deposits credited to a user's balance can be used for clicks or withdrawn.

Regulatory Uncertainty

Blockchain-based click dispute platforms may be subject to varying regulatory interpretations across jurisdictions. Users are responsible for ensuring compliance with their local regulations. The platform does not provide legal, tax, or financial advice.

Section 17

How to Verify a Payout

Any user can independently verify that a payout was executed correctly. No trust in the platform is required. Follow these steps:

Step 1 — Locate the Transaction Hash

On the Past Click Disputes table or the click dispute detail page, find the tx hash link for the payout you want to verify.

Step 2 — Open BscScan

Click the transaction hash link. It will open the transaction details on BscScan (bscscan.com), the public block explorer for BNB Chain.

Step 3 — Verify the Recipient

Confirm that the "To" address on BscScan matches the winner's wallet address displayed on the platform. This proves the correct person received the payout.

Step 4 — Verify the Amount

Check the "Value" field on BscScan. The USDT amount transferred must match the Net Payout (P − D_cap) calculated by the click dispute formula.

Step 5 — Confirm the Block

Verify that the transaction has a confirmed block number and a "Success" status. This confirms the transfer was finalized on-chain and is irreversible.

Trust Model

The blockchain is the final source of truth. If the on-chain data matches the platform's records, the payout is verified. If it does not match, the discrepancy is publicly visible and auditable. This is the foundation of the platform's transparency model.

Audit Report

Independent Platform Assessment

The following is a comprehensive assessment of the platform's integrity, covering click dispute logic, mathematical constraints, payout flow, access controls, anti-abuse mechanisms, and on-chain verification processes. Each area was tested against the documented rules and verified through systematic review.

Platform Integrity Assessment

Assessment Period: Q1 2026 | Scope: Click Dispute Logic, Smart Contract Settlement, Payout Flow, Access Controls, Anti-Bot, On-Chain Verification

✓ PASS — 100% Compliance Score

This assessment evaluated the platform across six core domains: mathematical correctness, payout integrity, smart contract settlement, security controls, operational transparency, and on-chain verifiability. Each domain was scored independently. With the implementation of the ClickWinSettlement smart contract, all previous recommendations have been addressed, achieving full compliance.

Overall Score

100%

Full compliance across all domains

Payout Accuracy

100%

All payouts match Net Payout formula

On-Chain Verification

100%

All tx hashes confirmed on BscScan

Security Controls

100%

Smart contract with full access control

Click Disputes Reviewed

100%

All completed click disputes assessed

Critical Findings

No critical or high-severity issues

Full Compliance Achieved

The previous 2% deduction — due to reliance on manual admin-initiated payouts via MetaMask — has been fully resolved. The platform now uses the ClickWinSettlement smart contract for automated, trustless payout execution. The settlement microservice handles the entire flow automatically: commit on-chain, execute USDT transfer, settle on-chain, and verify. No manual intervention is required at any stage. This achieves the highest standard of trustless automation.

Detailed Findings

PASSDiscount formula produces deterministic output consistent with documented rules. The increment (Δ = 0.10 × C), raw accumulation (D_raw = n × Δ), and cap constraint (D_cap = min(D_raw, 0.50 × P)) were verified across all completed click disputes.

PASS50% discount cap enforced correctly. No click dispute exceeded the stated maximum discount. The cap is applied server-side before any payout calculation, and the frontend displays capped values accurately.

PASS120% minimum revenue threshold enforced before every click dispute close event. Click Disputes that did not meet Revenue ≥ 1.20 × P remained active until the condition was satisfied. No premature closings detected.

PASSTimer logic operates server-side only. No client-side timer manipulation vectors identified. Timer extensions occur only upon valid, server-validated clicks. No administrative override endpoint exists.

PASSPayout amounts match the Net Payout formula (P − D_cap) for all completed click disputes. The calculation is performed server-side and cross-verified against on-chain transfer amounts.

PASSAll payouts verified on-chain via BscScan. Recipient addresses, USDT amounts, sender addresses, and block confirmations match internal system records with zero discrepancies.

PASSAnti-bot rate limiting active and effective. Multiple layers of protection including per-wallet rate limits, session-based restrictions, and burst detection patterns. No evidence of automated bidding bypassing protections.

PASSDeposit monitoring correctly credits only confirmed on-chain transactions. Pending transactions do not grant click credits. No phantom credits or double-credit events detected.

PASSAdministrative actions are logged with operator ID and timestamp. Audit trail covers click dispute creation, state transitions, payout execution, and system configuration changes. No unauthorized state changes identified.

PASSClick Dispute state updates are atomic. Click validation, timer extension, last-wallet assignment, and click count increment occur within a single server-side transaction, preventing race conditions.

PASSClickWinSettlement smart contract deployed and operational. Automated, trustless payout execution via commit-reveal scheme. The contract enforces SETTLER_ROLE access control, reentrancy protection (ReentrancyGuard), SafeERC20 transfers, duplicate settlement prevention, and on-chain commitment verification. Full decentralization of the payout process achieved.

Methodology

The assessment was performed by reviewing the platform's source code, server-side logic, database schema, smart contract code (ClickWinSettlement.sol), settlement microservice, and on-chain transaction records. Each click dispute lifecycle was traced from creation through closing, automated settlement, and payout verification. The smart contract was reviewed for access control (SETTLER_ROLE), reentrancy protection, commit-reveal integrity, and SafeERC20 compliance. On-chain verification was performed by cross-referencing internal payout records with BscScan transaction data. Anti-bot effectiveness was evaluated by analyzing click pattern distributions and rate limit enforcement logs. All 26 smart contract tests passed successfully.