Scope & Safety

Understanding what xMerch Launch Pad does and does not expose is critical for using it safely. This page outlines the security model and scope limitations.

What this PoC does NOT expose

Non-custodial: users sign with Xaman.

No user-accessible write RPC.

No backend signing or private keys.

No on-ledger Hooks deployed.

Safety features

All write operations require explicit Xaman signatures
No private keys are stored or handled by the application
Transaction payloads are generated client-side
All data is read directly from the Xahau ledger

Security model

xMerch Launch Pad is designed to be non-custodial. The application never has access to your private keys or funds.

All write operations (token issuance, swaps, etc.) require you to review and sign the transaction payload in your Xaman wallet before execution.

The application reads data directly from the Xahau ledger and does not maintain any backend database of user funds or transactions.

Important notes

This is a Proof of Concept - use appropriate caution when dealing with real assets.
Always verify transaction details in Xaman before signing.
The Market Maker (MM v1) is admin-controlled and its internals are not exposed.

Next steps

Architecture

Return to system design

FAQs

Common questions answered