# Security

## 1. Smart Contract Security

{% stepper %}
{% step %}

### All core contracts (minting, staking, airdrops) will be:

* Audited by third-party firms before deployment.
* Open-source for transparency and community review.
  {% endstep %}

{% step %}

### Upgradeable proxy patterns will be minimized to reduce attack surface unless needed.

{% endstep %}
{% endstepper %}

***

## 2. Frontend & User Security

* Secure Web3 integrations using trusted libraries (e.g., ethers.js, Thirdweb SDK)<br>
* Phishing protection through domain verification and MetaMask connection alerts<br>
* Rate-limiting & CAPTCHA for faucet and task systems to prevent abuse

***

### 3. AI Specific Risks

* AI modules used for NFT generation or content analysis will be sandboxed.

* AI-generated content will include provenance tracking and moderation layers to prevent abuse.

***

### 4. Governance + Treasury Safety

* DAO treasury will be protected via multi-sig wallets (initially team-controlled, later DAO-controlled)

* Timelocks on major treasury actions to give time for community review or emergency halt

<br>