Market · Security Architecture

Pots Market Security
Your Keys. Your Orders.

Pots Market is non-custodial by design. Every order is signed by your private key via EIP-712 — verified on-chain before execution. No intermediary, including Pots Market itself, can alter, block, or touch your funds.

Explore Pots Market Protocol SecurityProtocol Security
EIP-712 Order signing
Non-custodial Fund model
Polygon Settlement layer
Your Wallet
Funds never leave your control
Self-custody
EIP-712 signed order
Pots Market Router
Routes to shared orderbook — no fund access
No fund access
Cryptographic verification
CTF Exchange · Polygon
Atomic, deterministic settlement
ChainSecurity
↩ Proceeds return directly to your wallet
Key Takeaways
  • Pots Market never holds user funds — all assets remain in your wallet
  • Every order is EIP-712 signed — cryptographically unforgeable by any intermediary
  • Settlement via Polymarket CTF Exchange on Polygon — audited by ChainSecurity
  • No admin keys, no hidden fee contracts, no account freezing capability
Risk Architecture

Where Prediction Market Risks Exist

Every prediction market carries six categories of structural risk. Understanding them is the baseline for verifying any platform's security claims.

Risk Layer
What Can Go Wrong
Custody
Platform holds user funds → funds can be frozen, stolen, or mismanaged
Order Integrity
Orders can be modified, front-run, or forged by intermediaries
Settlement
Payouts depend on discretionary decisions rather than deterministic contracts
Data
Price feeds or resolution data can be manipulated or delayed
Access
Accounts can be locked, censored, or arbitrarily restricted
Smart Contract
Bugs or exploits in on-chain logic can drain funds
Security Principles

Three Principles Behind Every Decision

Every architectural decision in Pots Market is guided by one rule: limit the damage any single point of failure can cause.

01

No Abuse of Functions

Every API endpoint and contract interaction is designed with minimal privilege. If a function does not need write access, it does not have write access. If an interface cannot touch user funds, it will not have that access.

02

No Abuse of Permissions

No hidden fee contracts — all fees are transparent and on-chain. No admin keys with fund access — there is no "god mode." No backend-controlled withdrawal logic — users sign every transaction themselves.

03

Minimize Single Points of Failure

Non-custodial architecture eliminates a central fund pool to attack. On-chain settlement removes single operator control. Inherited Polymarket security means no reliance on a single team's code.

Risk Responses

How Pots Market Addresses Each Risk

Each of the six structural risk categories has a specific architectural response — not a policy promise.

Custody

Non-custodial by design

Pots Market never holds user funds. All assets remain in the user's own wallet. Orders are signed by the user's private key — Pots Market cannot move, freeze, or access funds under any circumstance.

Order Integrity

Cryptographic signing

Every order is an EIP-712 signed message. The signature is verified on-chain before execution. No intermediary — including Pots Market — can alter the price, size, or direction of a signed order.

Settlement

Audited smart contracts

All trades settle via the CTF Exchange contract on Polygon, audited by ChainSecurity. Settlement is atomic and deterministic — no human discretion, no manual intervention possible.

Data

Public resolution sources

Market resolution relies on publicly verifiable data sources such as Binance price feeds and official election results. Resolution criteria are defined before market creation and cannot be changed after the fact.

Access

Permissionless

No KYC gate, no geographic restriction enforced by Pots Market, no account freezing capability. No admin key exists that can block a user. If you have a wallet, you can trade.

Smart Contract

Inherited security

Pots Market does not deploy its own settlement contracts. It inherits the security of Polymarket's battle-tested, ChainSecurity-audited infrastructure — the same contracts securing billions in cumulative trading volume.

Supervision

Three Independent Oversight Layers

Security claims require external verification. Pots Market operates under three independent supervision layers — each accountable to parties outside the Pots team.

01
Market Supervision — Polymarket

External marketplace accountability

Polymarket actively monitors Builder behavior. Builders engaging in abusive practices — unauthorized fee extraction, order manipulation, misrepresentation — face penalties including badge revocation and program removal. Pots Market cannot bypass this accountability layer.

02
Self Supervision — Internal Audit

Continuous internal security review

Dedicated code audit team reviews all deployments. Automated audit tools are integrated into the CI/CD pipeline. A documented audit history records every issue found and every fix applied. Regular internal penetration testing supplements automated checks.

03
Third-Party Supervision — External Verification

Independent external audits

Platform listing requirements — such as MetaMask integration — require passing independent code audits before listing. Scheduled engagements with professional third-party security firms run on an ongoing basis. A public bug bounty is open for responsible disclosure of vulnerabilities.

Verifiability

Everything Is On-Chain. Verify It Yourself.

You do not need to trust Pots Market. Every position, order, fee, and settlement is independently verifiable on Polygon — no special access required.

Positions

All positions are on-chain ERC1155 balances. Queryable by any Polygon block explorer at any time — no permissions needed.

Order History

Every order is recorded with its EIP-712 signature, verifiable against your public key. No order can be silently altered or deleted from the chain.

Fee Transparency

No hidden deduction contracts. Fee structures are on-chain. What the interface shows is exactly what the contract executes — no silent charges.

Settlement

Every trade settlement is permanently recorded on Polygon. CTF Exchange source code is publicly auditable on GitHub — anyone can read the contract logic.

Don't trust — verify. Every claim on this page has a matching on-chain record.

Frequently Asked Questions

01 Does Pots Market hold user funds?
No. Pots Market is non-custodial by design. All assets remain in the user's wallet. There is no central fund pool to attack — Pots Market cannot move, freeze, or access funds under any circumstance.
02 What is EIP-712 signing and why does it matter?
EIP-712 is the Ethereum standard for typed structured data signing. Every order on Pots Market is an EIP-712 signed message. The signature is verified on-chain — no intermediary, including Pots Market itself, can alter the price, size, or direction of a signed order.
03 Who audited the settlement contracts?
All trades settle via Polymarket's CTF Exchange contract on Polygon, audited by ChainSecurity. Pots Market does not deploy its own settlement contracts — it inherits battle-tested infrastructure already securing billions in trading volume.
04 Can Pots Market restrict or freeze my account?
No. Access is permissionless — no KYC gate, no geographic restrictions enforced by Pots Market, no account freezing capability. No admin key exists with fund access. If you have a compatible wallet, you can trade.
05 How can I verify my positions and order history on-chain?
All positions are on-chain ERC1155 balances queryable by any Polygon block explorer. Every order is recorded with its EIP-712 signature, verifiable against your public key. Fee structures are on-chain — no hidden deduction contracts exist.
Explore

Continue Exploring

Verified.
Start trading.

Non-custodial. EIP-712 signed. ChainSecurity-audited settlement on Polygon. You own every step of the process.

Join EcosystemJoin Ecosystem Explore MarketExplore Market
Join Pots