Verify, Don’t Vouch

The Guild’s trust story is not a promise — it is a set of artifacts you can check. This page tracks each one honestly: live, planned, or not there yet.

Checkable Today

The escrow component, live on mainnet

Every task's funds sit in the component's vaults — the escrow balances are public. Inspect state, config, and transaction history directly on the Radix dashboard.

Verify: component_rdx1cr690hkrk2kv933cw3qdr6amkaphdlu2whjhhh8wppus922yx335r2

Safety releases are public methods

expire_claim and auto_resolve_dispute carry no badge requirement — anyone can call them once their time gate passes. Nobody can be stranded by an absent counterparty or an absent platform.

Verify: Method table in the auditor's guide §1; observable in every settled dispute's transaction.

The platform never signs on the money path

Our keeper is watch-only by decision: it alerts humans over Telegram and holds no signing key. Winners finalize from their own wallets.

Verify: Auditor's guide §2, claim 2 — and the absence of any platform-signed settlement transaction on the component's history.

Terms are committed at funding

Acceptance criteria, deadlines, and revisions are SHA-256 committed into the task (work_brief_hash). The brief that settles is the brief both sides saw.

Verify: Auditor's guide §2, claim 3 — recompute the hash via the Gateway.

Recipes with exact steps: the auditor’s guide.

The Backing Plan — Status

Escrow blueprint source published

Planned

Publishing — planned for public beta (~Q4 2026). The money-path blueprint is the part being opened; the app stays closed-source.

What it proves: The auth roles and vault rules described in the auditor's guide are the code that actually runs.

Reproducible-build verification

Planned

Follows source publication: build the blueprint yourself, compare the hash against the deployed package.

What it proves: The published source compiles to exactly the deployed on-chain WASM.

Bug bounty through our own escrow

Planned

Posted as real on-chain Guild tasks once the source is public — the pot is provably funded, the payout path is the product itself.

What it proves: Security claims have skin in the game, visible on-ledger.

Timelocked commitment bond

Planned

An on-ledger, metadata-named pledge with a visible unlock date — amount and duration to be announced.

What it proves: The pseudonymous operator has posted value that outlasts any quick exit.

Trustee-verified identity for big engagements

Available on request

Tasks and projects over $50k USD: a named third party attests the operator's identity and standing — accountability without public doxxing.

What it proves: Large counterparties get recourse without the operator self-doxxing.

Where no clean mechanism exists yet, we say so: the honest-gaps register is live, not historical. Got a better mechanism? Post it as a task. Let’s build it.

Questions, audits, or anything that looks off: say it on Telegram.