Tip Stack is a non-custodial protocol. Always verify transaction details in your wallet before signing.
Core Security Guarantees
Non-Custodial by Design
Tip Stack never holds your funds. Every transaction goes directly from the supporter’s wallet to the creator’s wallet on-chain. Tip Stack cannot access, freeze, move, or reverse your funds at any point.
On-Chain Verification
Every tip is confirmed by querying the Solana blockchain directly. A tip only appears as “confirmed” in the creator’s dashboard after the transaction has been finalized on-chain — no spoofing, no fake confirmations.
Rate Limiting
Automated rate limiting is enforced across all API endpoints to protect creators and supporters from spam tips, abuse, and denial-of-service attempts.
Slippage Protection
When you tip using a token that needs to be swapped via Jupiter, Tip Stack enforces strict server-side slippage caps — 0.5% for stablecoins and 1.5% for SOL — to protect you against price manipulation and sandwich attacks.
Origin Whitelisting
The embedded tip widget only loads on domains you’ve explicitly authorized in your dashboard. This prevents your widget from being copied and used on unauthorized sites without your permission.
Fiat Payment Security
Credit card and bank payments processed via Fossa Pay use HMAC-SHA512 signature verification on every webhook. Each payment intent also carries a unique idempotency key, preventing duplicate charges.
Your Private Keys
Tip Stack never has access to your private key — not at signup, not at any point during normal use. If you create an account with your email address, Tip Stack provisions an embedded wallet through Dynamic Labs. This wallet is secured by MPC (Multi-Party Computation), a cryptographic approach that splits your key across multiple independent parties so that no single party — including Tip Stack — can reconstruct or use it on your behalf. If you connect an existing wallet such as Phantom or Solflare, your private key stays entirely within your wallet extension or device. Tip Stack only ever requests a transaction signature; it never receives your key.Transaction Integrity
Every crypto tip flows through the following verification chain:- You sign the transaction in your wallet — nothing moves without your explicit approval.
- The transaction is submitted to the Solana network and processed by validators.
- On-chain confirmation is detected via cryptographically signed blockchain event notifications delivered to Tip Stack.
- Tip Stack marks the tip as confirmed only after on-chain finality is validated.