# Security & Trust ### **Smart Contract Overview** SpurSwap leverages the power of **decentralized smart contracts** that interact directly with blockchain networks.\ Rather than creating new or unverified liquidity pools, SpurSwap routes transactions through **established DEX infrastructures** such as PancakeSwap, Uniswap, or SushiSwap, ensuring your funds always move through **audited, proven, and open-source protocols**. **Key Design Highlights:** * **No intermediary custody:** all transactions occur directly between your connected wallet and the DEX router. * **Transparent interactions:** users can view and verify every transaction on-chain. * **Compatibility with major networks:** supports BNB Chain, Ethereum, Polygon, Base, and other EVM-compatible blockchains. * **Minimal permissions:** SpurSwap never requests unnecessary approvals or signatures beyond what’s required for swaps. This ensures that users remain in **full control** of their assets from start to finish. *** ### **Transparency & Reliability** SpurSwap’s smart contracts are developed with transparency and open verification in mind, ensuring users can review and track all swap operations directly on-chain.\ Users and developers can freely inspect our frontend code and interaction methods to confirm that: * All swap actions are executed via **direct smart contract calls** to DEX routers. * The platform does **not store or forward private keys, mnemonics, or sensitive data**. * Token data and rates are pulled in **real-time** from public APIs or blockchain calls, never hardcoded or manipulated. Additionally, we maintain open channels for: * **Community feedback** on contract behavior and security improvements. * **Bug reporting** or responsible disclosure to enhance protocol integrity. Our philosophy is simple, **trust is built on openness**, not promises. *** ### **Non-Custodial Policy** SpurSwap operates under a **strict non-custodial model**.\ This means: * You maintain **full ownership** of your tokens at all times. * Your wallet’s private keys never leave your device. * SpurSwap never has the ability to withdraw, transfer, or freeze your funds. Every swap you perform is **executed directly from your connected wallet** via smart contracts, no accounts, no deposits, no withdrawals through SpurSwap servers. This approach eliminates the risks associated with centralized platforms while preserving complete user sovereignty over digital assets. *** ### **How We Protect Users** While decentralization inherently increases security, SpurSwap implements several layers of additional protection to keep users safe: 1. **Verified Token Data**\ Token information is sourced from trusted DEX APIs and verified contract addresses to reduce the risk of fake or malicious tokens. 2. **Transaction Validation**\ Before any swap executes, users are prompted to review transaction details, expected output, and slippage tolerance to avoid accidental loss. 3. **Smart Routing Safety**\ The Aggregator Engine automatically chooses routes that minimize gas consumption and avoid low-liquidity pools or potential honeypots. 4. **Phishing Prevention**\ Official SpurSwap domains are always publicly listed, and wallet connections are only initiated via secure, HTTPS-based endpoints. 5. **Data Privacy**\ We do not track or store user activity, wallet addresses, or analytics that could compromise anonymity.\ All session data stays locally on your browser. 6. **Community-Led Security**\ Our roadmap includes a **public bounty program** and **third-party audit partnerships** once core features stabilize.\ Until then, transparency, code review, and responsible user participation remain key security layers.