ShainShain/docs
GitHub ↗X ↗Back to site
Shain/Docs/Security
Reference

Security

The threat model, trust assumptions, and audit status. Read this before depending on Shain for anything that matters.

In scope

  • Front-running protection during the session window. Dapps that gate on gated_action route their CPI past mempool watchers for the life of the session.
  • Anti-sniper bootstrap. Holders with a live session avoid the class of bot that listens to the public mempool and mirrors profitable wallets.
  • Deterministic on-chain state. Every session is a PDA with a known lifecycle. No off-chain secrets.

Out of scope

  • Long-term anonymity. Sessions expire after 24 hours. Shain is not a mixer, not a VPN, not a persistent privacy layer.
  • Anonymity-set guarantees. No k-anonymity. Correlation resistance during the session is the only claim.
  • Protection after expiry. Once a session closes, subsequent transactions are visible as usual.
  • Protection of non-holders. The gate is holder-only by design.

Trust assumptions

  • The signer's private key is the only custody primitive. Shain never takes possession of user funds or keys.
  • The program's upgrade authority is discarded at mainnet deployment. The IDL exported to idl/shain.json is the canonical contract shape.
  • The treasury PDA is program-owned. Session fees accrue to it but cannot be withdrawn by any admin key — dispositions (buyback, burn) are published in the changelog.
  • The $SHAIN mint authority is discarded after the initial supply issuance on mainnet. Supply is frozen from that moment.

Audit status

Pre-deployment. The program is not live on any public network yet. A mainnet deployment is gated on an independent audit. The current state:

  • ✓ 9/9 litesvm integration tests green on every commit.
  • ✓ No admin mutation path; no pausable flag.
  • ✗ Independent audit — scheduled, not yet scheduled.
  • ✗ Devnet deployment — program ID reserved, not deployed.
  • ✗ Mainnet deployment — pending audit.

Reporting a vulnerability

Do not open a public GitHub issue for security problems. Email security@shain.fun with:

  • A description of the vulnerability.
  • Steps to reproduce or a proof-of-concept.
  • The commit hash or release version affected.
  • The impact you observed.
  • Your preferred disclosure timeline.

You'll get an acknowledgement within 48 hours and an initial assessment within 5 business days.

Bounty

A bounty program will open once the program is deployed to mainnet and an independent audit has completed. In the interim, responsible disclosure is welcomed and credited.