# Security, Sybil & Cheating Prevention

#### Audited, Open, Immutable

* The core program runs on Solana.
* Two independent security firms have audited the protocol smart contact.
* A perpetual bug-bounty pool (funded by the Master Pool) will be set-up to reward white-hat disclosures.

#### Sybil Resistance by Design

* Every player signs in with a Solana wallet + Twitter OAuth, linking a social graph to an on-chain identity.
* One Twitter handle ↔ one wallet ↔ one leaderboard slot.
* Combined with fee escalation, this makes mass-bot farms economically irrational.

#### Dynamic Anti-Spam Throttling

Smart-round contracts enforce per-address rate limits and surge pricing when question velocity spikes, deterring grief attacks without freezing honest play.

#### Real-Time Anomaly Oracle

A watch-tower script streams game data, flagging suspicious address clusters and unnatural fee patterns for rapid response.

#### Transparent Game Logs

After each round, the contract emits an event including the final answer, and timestamp is sealed on-chain, letting third-party explorers verify fairness line-by-line.

#### Privacy-Conscious OAuth

We only store [public Twitter tokens](https://help.x.com/en/rules-and-policies/x-api) or personal data such as the Handle, Name, Verification Status, Amount of Likes, Profile Picture... ; OAuth is used once to prove “human-ness,” then discarded.

Together these layers guard the protocol’s sovereignty while giving players, and auditors, full visibility into every move Aiki makes.