Security and Abuse Prevention

The paradox of building a “chaos tool” is that it can itself be abused if not carefully controlled. Key security considerations Glitch Gremlin takes:

1. Multi-sig Control: The upgrade authority for the program and mint is locked behind a multi-sig. This prevents unilateral changes or malicious re-deployments.

2. Request Throttling: We rate limit how many chaos requests can be initiated within a certain time to avoid spam or overloading the system.

3. KYC or Access Controls (Coming Soon): In advanced scenarios, the team may require certain verifications for large-scale or potentially destructive chaos tests, especially if they risk collaterally damaging public networks.

4. Verified Off-Chain Engine: The AI engine signs finalization transactions with a known, verifiable keypair. This ensures that only the official chaos simulations can mark requests as completed.

5. Third-Party Audits: Coming Soon