Security & Abuse Resistance

Authentication

• Wallet-signature authentication — Miners prove wallet ownership via personal_sign
• Short-lived tokens — Bearer tokens expire after 10 minutes
• Nonce freshness — Each auth handshake requires a fresh nonce

Eligibility Enforcement

• Dual enforcement — Coordinator checks tier eligibility off-chain; mining contract re-verifies on-chain at receipt submission
• Stake-based gating — Mining requires active stake (not just token balance)
• Forward-only progression — Each solve updates nextIndex and lastReceiptHash on-chain, preventing replay

Trace Validation

• Citation verification — Extracted facts must cite the correct paragraph
• Math chain validation — Compute steps must produce correct results
• Programmatic detection — Behavioral signals identify scripted/fabricated traces
• Bogus rejection — Traces with duplicate IDs, fabricated quotes, or broken compute chains are rejected

Anti-Gaming

• Constraint values are never revealed in prompts — miners must derive them from the document
• Artifact equation validation rejects multi-equation stuffing attempts
• Trace validator detects and blocks common automation patterns
• Quality gates filter low-effort submissions from the dataset pipeline