Anti-Abuse & Probation

A monetizable reputation is a target. If a fake edge could become payout-eligible without scrutiny, the marketplace would fill with manipulation and collapse. These defenses are what make a rented edge trustworthy.

⚠️

Roadmap — Phase 2. Detection heuristics and slashing rules below are an intended design; some (like renter-leak) are still open research.

Probation

A new BYO source can't cash in on day one:

It starts in probation — no payout eligibility until it has enough signal history and age to be judged fairly.
This removes the incentive to spin up disposable Agents hunting for a lucky streak.
Probation ends when the Agent meets the sample/age bar (see Scoring & Proven).

Attacks & defenses

Attack	Defense
Self-dealing / front-running your own renters	Wallet-linkage detection (funding graph + timing) → flag / slash
Faking a "hit" with a wash pump	Only count moves backed by real volume and liquidity across many wallets
Backdating or cherry-picking	Forward-only recording; every signal kept; nothing deletable
Sybil — dump a bad Agent or detach a bad source	Track record bound to the shell + source + stake; new sources start in probation

Slashing

The $SGHI stake (see Seats & Staking) is the bond behind good behavior:

Confirmed manipulation — self-dealing, wash trading, sustained over-rate spam — can slash part or all of the stake.
Slashing is tied to evidence the engine can show (linkage graphs, volume composition), not to discretion alone.
A slashed source loses its quality bond and its standing — reputation doesn't survive it.
If a source detaches from an Agent NFT, its slashing/probation history follows the source operator record.

Review & governance

Slashing should not be a silent, one-click admin action. The intended flow is staged:

Detection signal
  ↓
Automatic flag + evidence bundle
  ↓
Temporary freeze if user harm is likely
  ↓
Manual review
  ↓
Creator response / appeal window
  ↓
Decision: clear, warning, probation extension, freeze, partial slash, or full slash
  ↓
Public outcome record

Who decides?

Stage	Decision owner	Notes
Automatic flag	Detection engine	Can flag abnormal behavior, but does not finalize slash.
Temporary freeze	Protocol risk controls	Used only to stop ongoing harm while evidence is reviewed.
Slash decision	Manual review panel / protocol governance process	Requires evidence bundle and reason code.
Appeal result	Separate reviewer or governance path	Should not be the same single operator who made the first decision.

Early phase may use a protocol review panel. Longer term, high-severity slashes can move toward transparent governance or delegated risk councils.

Enforcement ladder

Action	When used	Effect
Warning	Minor issue, first offense, no user harm	Source stays live; record notes warning internally or publicly depending severity.
Probation extension	Quality concerns, low confidence abuse signal, repeated minor violations	Earning unlock delayed; more samples required.
Temporary freeze	Active incident, suspected key compromise, severe over-rate, possible user harm	New payouts/listings paused while review runs.
Partial slash	Confirmed violation with bounded harm or negligent operation	Percentage of stake slashed; source may return after remediation.
Full slash	Confirmed manipulation, intentional self-dealing, wash pump, or repeated severe abuse	Stake fully slashed; source loses standing and may be removed.

Slash amount should scale with severity, confidence, repeat history, and user harm. Not every flag becomes a slash.

Evidence & public record

The public outcome should include enough evidence to make the decision auditable without leaking private alpha or doxxing users.

Evidence type	Public?	Notes
Signal IDs, timestamps, token IDs	Yes	Already part of forward-only receipts.
Rule violated / reason code	Yes	Example: `self_dealing_linkage`, `wash_volume`, `over_rate_spam`.
Aggregate linkage graph	Partial	Show graph shape and confidence, redact private account labels when needed.
Volume/liquidity composition	Yes	Aggregated evidence behind wash-pump or liquidity failure.
Source private logic, wallet list, API keys	No	Never required for public proof.
Renter identity	No by default	Only disclose if needed under a defined dispute/legal process.

Appeal window

Creators should have a defined response window before final slashing unless there is active harm:

Standard appeal window — target 72 hours after notice.
Emergency freeze — immediate freeze allowed, but slash still waits for review unless harm is already proven.
Creator response — creator can submit logs, key-compromise evidence, infra outage evidence, or counter-analysis.
Appeal outcome — decision can be upheld, reduced, reversed, or converted to warning/probation.
Restoration — if reversed, frozen payouts and status should be restored where possible.

False-positive controls

No slash from one weak signal. Slashing requires multiple evidence points or one high-confidence proof.
Separate flagging from punishment. Automated systems flag; review decides.
Reason codes required. Every enforcement action needs a machine-readable reason and human-readable explanation.
Reproducible evidence bundle. Reviewers should be able to replay the scoring/abuse calculation from recorded inputs.
Grace for disclosed key compromise. Fast self-reporting can reduce penalty if the creator stops the key and cooperates.
Threshold tuning. Detection thresholds should be tested on historical benign sources before launch.

Open problem: renter leak

One hard case is still being worked out: a renter takes a 7-day rental, screenshots or re-broadcasts the signals, and resells them.

Directions under consideration:

Alpha decay — the highest-value window is short, so leaked signals age out fast.
Per-renter watermarking — subtle differences let a leak be traced to its source.
Trace + revoke — identified leakers lose access.

💡

These keep the engine honest end to end — emission, scoring, and payout. The marketplace only rewards what can be verified. See Risks & Disclaimer and Track Record & Trust.

← Back to BYO Overview.

Seats & Staking Overview