Trust the contract, not the infrastructure. Every action is validated by ErgoScript on-chain. The bot, frontend, and node are replaceable — the contract is permanent.
Security
Security Model
Every concern about trust has a concrete, verifiable answer rooted in the smart contract.
Concern
Answer
Can the bot steal collateral?
No — contract enforces destination address from R9
Can the bot mint extra tokens?
No — contract validates token count formula
Can the bot redirect fees?
No — contract checks fee output matches R9[1]
Can someone exercise twice?
No — burn verification requires tokens destroyed
What if the bot disappears?
Nothing lost — anyone can submit the same TXs
What if someone runs a bad bot?
Can't do anything the contract doesn't allow
Is any off-chain server trusted?
No — all state is on-chain, read from Ergo node
Trust
The Contract Is the Authority
The smart contract is the only thing you need to trust. It holds the collateral. It validates every transaction. It enforces every rule. The bot constructs transactions, but the Ergo node rejects anything the contract doesn't approve. The frontend displays data, but it reads everything from the chain. The node is your source of truth, but any Ergo node will give the same answers.
The smart contract is the only thing you need to trust. Everything else — the bot, the frontend, the node — is just tooling to interact with it.
Reference
Glossary
Term
Meaning
Writer
The person who creates an option by locking collateral
Buyer
The person who purchases an option token and can exercise it
Collateral
The underlying asset locked in the contract (rsADA, DexyGold, ERG, stablecoin)
Strike price
The agreed price at which the buyer can exercise
Premium
The price the buyer pays for the option token
Singleton
A special single token that stays in the reserve — proves the contract exists
Exercise
Using your option to trade at the strike price
Exercise window
720 blocks (~24 hours) after maturity when exercise is allowed
American style
Can exercise anytime before expiry
European style
Can only exercise after maturity date
Physical delivery
Actual tokens change hands (rsADA, DexyGold, ERG)
Cash-settled
Profit paid in stablecoin, no underlying tokens move
USE
Dexy USD stablecoin (3 decimal places, $1.000)
SigUSD
SigmaUSD stablecoin (2 decimal places, $1.00)
Reserve box
The on-chain box that holds collateral + singleton
Definition box
The initial box before tokens are minted
Burn
Permanently destroying tokens by not including them in any output
Key Takeaway
Trust the contract, not the infrastructure. Every action is validated by ErgoScript on-chain. The bot, frontend, and node are replaceable — the contract is permanent.