Skip to main content
Tip Stack is built around a simple principle: you stay in control of your money at all times. Every architectural decision — from how tips are routed to how wallets are managed — is designed to eliminate the need to trust Tip Stack with your funds. Here’s exactly what that means in practice.
Tip Stack is a non-custodial protocol. Always verify transaction details in your wallet before signing.

Core Security Guarantees

Non-Custodial by Design

Tip Stack never holds your funds. Every transaction goes directly from the supporter’s wallet to the creator’s wallet on-chain. Tip Stack cannot access, freeze, move, or reverse your funds at any point.

On-Chain Verification

Every tip is confirmed by querying the Solana blockchain directly. A tip only appears as “confirmed” in the creator’s dashboard after the transaction has been finalized on-chain — no spoofing, no fake confirmations.

Rate Limiting

Automated rate limiting is enforced across all API endpoints to protect creators and supporters from spam tips, abuse, and denial-of-service attempts.

Slippage Protection

When you tip using a token that needs to be swapped via Jupiter, Tip Stack enforces strict server-side slippage caps — 0.5% for stablecoins and 1.5% for SOL — to protect you against price manipulation and sandwich attacks.

Origin Whitelisting

The embedded tip widget only loads on domains you’ve explicitly authorized in your dashboard. This prevents your widget from being copied and used on unauthorized sites without your permission.

Fiat Payment Security

Credit card and bank payments processed via Fossa Pay use HMAC-SHA512 signature verification on every webhook. Each payment intent also carries a unique idempotency key, preventing duplicate charges.

Your Private Keys

Tip Stack never has access to your private key — not at signup, not at any point during normal use. If you create an account with your email address, Tip Stack provisions an embedded wallet through Dynamic Labs. This wallet is secured by MPC (Multi-Party Computation), a cryptographic approach that splits your key across multiple independent parties so that no single party — including Tip Stack — can reconstruct or use it on your behalf. If you connect an existing wallet such as Phantom or Solflare, your private key stays entirely within your wallet extension or device. Tip Stack only ever requests a transaction signature; it never receives your key.
For maximum security, use a hardware wallet or a dedicated wallet address for receiving tips. This separates your tip income from any wallet you use for other on-chain activity.

Transaction Integrity

Every crypto tip flows through the following verification chain:
  1. You sign the transaction in your wallet — nothing moves without your explicit approval.
  2. The transaction is submitted to the Solana network and processed by validators.
  3. On-chain confirmation is detected via cryptographically signed blockchain event notifications delivered to Tip Stack.
  4. Tip Stack marks the tip as confirmed only after on-chain finality is validated.
This means a tip cannot be faked, replayed, or credited without a genuine on-chain transaction backing it.

Responsible Disclosure

If you discover a security vulnerability in Tip Stack, please report it responsibly by contacting the team directly rather than disclosing it publicly. Do not attempt to exploit vulnerabilities against real user accounts or funds.