Security

Security in PromptHub is not limited to smart contract correctness—it encompasses execution provenance, licensing enforcement, misuse resistance, and auditability.

1. PromptSig Execution Integrity

• Each invocation is signed with the caller's wallet or agent ID

• Includes input/output hash, prompt version, timestamp

• Prevents prompt tampering, impersonation, or replay attacks

2. Licensing Enforcement

• PromptVault enforces rights (public, gated, restricted)

• Token-gated access ensures SPL/NFT holders are the only valid invokers

• Expiring licenses and invocation caps prevent overuse or resale without consent

3. Governance and Fork Controls

• All prompt versions are linkable by ancestry tree

• Forks are visible and traceable via PromptVault diff view

• DAO-controlled governance can:

  • Mark malicious forks

  • Suspend compromised modules

  • Resolve royalty disputes

4. Formal Verification and Audits

• Vault and Router contracts will undergo formal spec modeling

• Audits are performed for Anchor smart contracts (via trusted third parties)

• Attack vectors including fork spamming, DAG abuse, and ranking manipulation are modeled and mitigated

PromptHub is built with a trust-minimized philosophy: proof of behavior, cryptographic traceability, economic incentive alignment, and decentralized resolution all contribute to the long-term security of the system.