Chain Social — Litepaper

← Back to chainsocial.io

Social media has trained a generation to give attention (and mental health) away for free and to trust opaque servers with the data they hand over. Chain Social rebuilds the same services from the other side: your attention earns, your messages and friendships stay private by cryptographic design, and every value flow is verifiable on-chain — not because the platform promises it, but because the code makes it impossible to do otherwise. There are no shareholders to extract from, no founder premine, no exit. It’s a public-good project that succeeds when its users do.

Own your data. Own your earnings. Own the platform.

The economic model is simple. Every SOCIAL token is backed 1:1 by cryptocurrency held in an on-chain reserve that anyone can verify. Deposit $100 of SUI, receive ~100 SOCIAL. When you want your money back, redeem your tokens for your pro-rata share of the reserve:

Token Price = Total Reserve Value / Total Token Supply

This is not a promise. It is an on-chain invariant enforced by smart contracts.

This document describes a working system, not a roadmap. The protocol is ~56,000 lines of open-source code across 25 on-chain Move modules, an Express/Prisma server, and a Next.js app. The contracts are extensively tested — 267 Move contract tests pass with zero failures (independently run). Final production wiring of the settlement scheduler is a deployment step, not new code. An independent third-party security audit — funded by this participation round — is the gating milestone before mainnet; the full report will be published.

	Chain Social	Twitter/X	YouTube	Instagram	Farcaster	Steemit
Creator share of ad revenue	55% from day 1, no platform cut	Unknown, tiny (requires Blue)	~55% (requires 1K subs + 4K hours)	0%	No ads	Inflationary token
Viewer earnings	30% of ad revenue	$0	$0	$0	$0	$0
Token backing	1:1 reserve (always redeemable)	N/A	N/A	N/A	No token	Speculative (crashed 98%)
Encrypted DMs	Quantum-resistant (PFS + ML-KEM)	Basic (paid tier only)	None	Basic	None	None
Content ownership	On-chain (user owns)	Platform owns	Platform owns	Platform owns	On-chain	On-chain
Governance	1-person-1-vote + amendments (KYC-deduplicated)	None	None	None	None	Stake-weighted
Revenue-share NFTs	Yes	No	No	No	No	No
Founder premine	None	N/A	N/A	N/A	VC-backed	Large premine
Marketplace	Built-in with escrow	No	No	No	No	No
Wellbeing design	Reward decay after 10h	Addictive by design	Addictive by design	Addictive by design	None	None

How It Works

Deposit and Redeem

Users deposit cryptocurrency into the protocol’s reserve contract. In return, they receive SOCIAL tokens proportional to the current backing ratio. At any time, users can redeem their tokens for their pro-rata share of the reserve, minus a small fee (2.5%) that makes the remaining tokens worth more.

There are no deposit fees. The system grows when more people deposit than redeem.

Diversified Reserve (Planned)

At launch, the reserve accepts SUI only. The protocol is designed to expand into a diversified portfolio of real assets and crypto, managed by the elected management team. No fiat stablecoins—the reserve holds only assets that cannot be debased. The target allocation (voteable by the community) is:

Asset	Target weight	Why
BTC (wrapped)	25-35%	Hardest money in existence, fixed supply, uncorrelated
ETH (wrapped)	15-20%	DeFi ecosystem, staking yield
SUI	15-20%	Native ecosystem alignment
Gold (tokenized)	10-15%	Inflation hedge, 5000-year track record
Silver (tokenized)	5-10%	Industrial demand, undervalued vs gold
XMR	5-10%	Privacy asset, fungible digital cash

Why no fiat stablecoins? USDC, EURC, and similar tokens lose 2-7% purchasing power annually due to inflation. They carry counterparty risk (Circle, banks) and are not truly decentralized. A “stable” coin is only stable in nominal terms—the real value depreciates. The Chain Social reserve opts out of this trap.

Multi-asset deposits land in Phase 2 of the roadmap. Once enabled, this diversification means that if any single asset drops 80%, the reserve drops only 4-28% (depending on weight) — not 80%. The management team rebalances periodically within community-approved target ranges. Even before multi-asset support, burns continuously reduce the token supply, so backing per token grows even in a flat market.

The reserve composition and rebalancing thresholds can be adjusted by community governance vote, giving the community direct influence over the platform’s financial strategy.

Value Appreciation

Every transaction on the platform burns a small amount of tokens:

Transactions (marketplace sales): 0.5% fee, half burned
Withdrawals: 2.5% fee, 1.5% burned
Membership payments: 50% burned on renewal months

Since burned tokens are removed from circulation but the reserve stays the same, the backing ratio increases. Early depositors benefit most: their tokens are worth more over time as the platform grows and burns accumulate.

Earning

Users earn SOCIAL tokens through platform activity:

Creating content that others view (55% of ad revenue goes to creators — the platform takes no cut)
Viewing content (30% of ad revenue goes to viewers)
Selling goods and services in the marketplace
Receiving tips from other users

Earnings come from the treasury (funded by protocol fees), not from new token minting. This means earnings don’t dilute existing holders.

Privacy by Default

When you tip a creator, send a like, or buy a small item, the chain doesn’t see it. Individual interactions stay off-chain; the platform settles them in batches every few minutes with a Merkle root anchored on-chain that you can verify cryptographically.

An observer of the blockchain sees “Creator X earned $47 this period” — never “Alice sent Bob $5 at 3:42 PM.” Your social graph stays your own. (For the technical mechanics — how batching, Merkle proofs, and per-event verification work — see the Off-Chain Settlement Mechanics section below.)

Features

Marketplace with Escrow

Any user can create a shop page (called a “collection”) and list items for sale. When a buyer purchases, funds are held in escrow until both parties confirm the transaction. Disputes are resolved by the elected management team.

Collection limits scale with subscription tier: 1 shop for free users, up to 10 for businesses.

For purchases above ~$10, buyer and seller can use stealth escrow: an ECDH-derived stealth address holds the funds, the item description is stored only as a blake2b hash on-chain, and the escrow is submitted in a 15-minute batch with other escrows so timing correlation is broken. Both parties can prove their right to release funds without revealing identities to chain observers.

Creators can mint NFTs from their popular posts. Each NFT represents a percentage of the post’s future revenue (tips and ad earnings). NFTs are tradeable on the marketplace, creating a secondary market for content investment. The creator always retains at least 10% of their post’s revenue. Up to 90% can be sold as NFTs (max 10 per post, min 1% per NFT).

Creators can also offer paid subscription tiers to gate posts and content. Subscriptions split revenue automatically between creator, management, and burns.

Communities, Groups, and Topics

Communities: public, discoverable spaces with elected moderators and per-community proposals
Groups: invite-only spaces for closed circles
Topics: federated content threads users can follow

Voice Rooms

Live audio rooms with listener and speaker roles, scheduled or ad-hoc. Listeners can request to speak; hosts promote speakers up and down. Tips can flow to active speakers in real time, with the platform automatically splitting the tip between speaker and host.

Courses and Certificates

The platform supports structured learning content: instructors create courses with modules and lessons, learners enroll and track progress, and on completion learners can mint a verifiable on-chain certificate NFT. Reviews and completion stats are public.

Apps Marketplace

Third-party developers can publish apps that run inside the Chain Social shell, communicating with the host through a sandboxed message-passing SDK. Apps go through a review queue before becoming installable. This makes Chain Social an open platform — not a single product — without compromising user trust.

Off-Chain Settlement Mechanics

The privacy guarantee in the Privacy by Default section above works as follows. To tip or make micro-purchases you first move TOKEN into a personal Tip/Spend Jar — an on-chain balance whose withdrawals are time-locked for at least one settlement cycle. Individual tips, engagement signals (likes, follows, comments), and micro-purchases are then recorded off-chain (so per-event amount, timing, and counterparty never hit the chain). Each settlement cycle a worker computes a blake2b256 Merkle root over the period’s events and calls the on-chain settlement contract, which debits the jar (asserting solvency on-chain), routes funds per recipient, and records the root — replay-protected so a batch cannot settle twice. Because every recorded event is backed by real locked collateral, the aggregate is always solvent; because the root is on-chain, you can request a Merkle inclusion proof for any event and verify cryptographically that it was included. The jar makes the off-chain window bounded by collateral, not trust.

This pathway is built and proven end-to-end (a server-built tree verifies against the real on-chain settlement in automated tests). Activating it in production is a deployment step — the settlement scheduler defaults to dry-run until enabled. Advertiser ad spend uses the same primitive: a per-campaign Budget Escrow locked at campaign creation and debited per the published split.

Quantum-Resistant Encrypted Messaging

All direct messages use hybrid X25519 + ML-KEM-768 encryption (the same approach used by Signal’s PQXDH protocol). This provides:

End-to-end encryption: the server never sees message content
Forward secrecy: compromising today’s keys cannot decrypt yesterday’s messages, via an HKDF chain-key ratchet per message
Quantum resistance: secure against future quantum computers

Key backup uses your wallet signature (for wallet users) or a 12-word recovery phrase (for others).

Private Friendships

Friend connections are mutual, private, and cryptographically hidden from the server and from chain observers. The two friends derive a shared key via ECDH and each store an encrypted edge that names the other party. The server stores the blobs but cannot decrypt either side, so even a server breach cannot reconstruct the social graph.

Community Governance

Verified users vote on proposals that shape the platform: one account, one vote (not token-weighted), with a minimum account age. Both rules are enforced on-chain: a vote requires the caller’s own active KYC record (the contract derives account age from the on-chain KYC registration — it is not a self-reported number), and each proposal records its voters so the same account cannot vote twice. A whale and a first-week creator carry the same weight on platform decisions — by design, because the platform exists to serve users, and only users get to decide what it becomes. Sybil resistance comes from KYC face deduplication — every primary account corresponds to a unique human, so vote-buying farms cannot scale by creating new identities. Proposals can be amended: users can suggest new options for active votes, making governance genuinely deliberative rather than binary.

Community Impact Fund

10% of all ad revenue flows into a Community Impact Fund. At small scale, the management team can draw from it for operational needs. As the platform grows, the community votes on where this money goes: research grants, open source development, charitable causes, community projects.

Wellbeing by Design

The platform includes a reward decay system: after 10 hours of daily active use, earning rewards begin to taper, reaching zero at 14 hours. This:

Promotes healthy usage patterns
Preserves the value of ad impressions (fatigued viewers are less valuable)
Redirects unclaimed rewards (50% burned, 50% to reserve, benefiting all holders)

Users can create bot accounts for automated tasks, but bots pay 50% of the human reward rate to consume content, preventing AI-driven engagement farming.

Pseudonymous Alt Accounts

A single KYC-verified human can register up to 4 accounts (one primary plus three alts). Alt relationships are never exposed publicly — others see them as independent profiles. This lets users separate work, personal, and creative identities without creating bot farms: the underlying nullifier is still unique per human.

Privacy-Tiered Polls

Polls are first-class on Chain Social: anyone can run them — for the whole platform, a community, or a subscriber audience — and creators choose how much privacy each poll guarantees:

Public: every vote is publicly attributed (governance-style accountability).
Private tally (default): the platform shows counts and demographic breakdowns. Nobody — not the platform, not chain observers — sees who voted for what. Each ballot is committed in advance and revealed during a separate window with a blinding salt; the chain only ever sees the aggregate.
Anonymous (planned): full ZK voting where individual ballots are unlinkable even to the server.

Three properties make poll results trustworthy without exposing voters:

One human, one vote. A per-poll nullifier tag is derived deterministically from the voter’s KYC secret. Even if a person owns four alt accounts, all four produce the same tag for a given poll — so the vote counts once, regardless of which alt they signed with. The tag itself reveals nothing about the human or about other polls they entered.
Per-alt selective disclosure. A voter can optionally have each of their alts sign their ballot. The vote still counts only once. Later, the voter can publicly release any specific alt’s signature — proving “this account voted this way” — without touching the others. This lets users prove their position selectively, after the fact, on the accounts they choose, while nobody else can correlate alts.
Attribute-based breakdowns without tracking. Poll creators can request anonymous breakdowns by attributes the platform already knows: country (from KYC document), verification badges (NFC passport, Identity Confirmed), community/group membership, account age. Voters’ clients attach attestor-signed claims to their ballots, so the server can publish, for example, “65% of NFC-passport voters in Germany chose option B” without ever linking individual voters to choices. Buckets with fewer than 5 voters automatically merge into “Other” so small groups stay anonymous.

Finalization writes the poll’s Merkle root and per-option counts on-chain via the poll contract, anchored by the management team. Anyone can verify that their commitment was included in the final tally.

This same machinery lets businesses, communities, and creators run private feedback votes, rough-consensus polls inside paid subscriptions, or formal community decisions — without leaking the voter set or their choices.

Content Moderation

Any user can flag content for review. Flags accumulate into a moderation queue that the management team and community moderators (in communities they govern) can act on, hiding or unhiding content. Every moderation action is logged for auditability — moderation is accountable, not hidden.

Decentralized Infrastructure Pools

Anyone with hardware and the minimum TOKEN stake (slashable for misbehavior) can register as an infrastructure operator and run nodes that serve the platform: indexers, settlement workers, content delivery, search. Each piece of infrastructure has its own pool: operators meter their work and are paid per metered unit in micropayments, settled on-chain each cycle with a Merkle root. This makes the backend community-runnable rather than dependent on a single hosted server.

The operator registry, per-resource pools, metered work attestation, and on-chain Merkle-rooted settlement of operator payments are built and wired today. What funds those pools is staged:

Today (built): contributor-funded pools, with the management pool (fed by the 0.5% transaction fee and other protocol fees — never a slice of the creator/viewer ad split) as a backstop. At launch scale this is enough because usage, and therefore infrastructure cost, is small.
Planned (designed, not yet implemented): at scale the intended dominant funding source is advertiser activity, routed through the transaction-fee layer — every ad settlement is a transaction, and the management-pool share of that standard fee is earmarked to operator pools as metered micropayments. The platform still takes 0% of ad revenue and users never pay extra; infrastructure is paid from the fee layer that advertiser volume scales naturally. This routing is on the roadmap; it is not in the deployed code yet (the per-campaign Budget Escrow that makes ad spend on-chain-real is built — the fee-to-pool routing on top of it is the remaining piece).

We call this honestly: decentralized infrastructure is contributor- and treasury-funded at launch, with advertiser-funded scaling as a designed next step, not a present capability.

Identity and Privacy

Verification Without Surveillance

Every user verifies their identity using a government-issued document (passport, national ID, driver’s license, or residence permit) plus a short selfie video for liveness verification. No NFC scanning required. The protocol stores only a “nullifier” — a unique identifier derived from biometric face matching that cannot be reversed to reveal personal information.

Face deduplication across all verifications ensures one person = one account, regardless of which document they use.

Chain Social never stores document images, ID numbers, or biometric video. Only the nullifier and verification status.

Business accounts are an exception: they store encrypted identity information (accessible only via management team multisig) for accountability in commerce.

Verification Badges

Users can earn three independent trust badges:

Verified Human (automatic with KYC): “This is a real, unique person.” Included in the $4 verification fee.
NFC Passport (optional): “This person’s passport chip is cryptographically genuine.” Free during initial verification, $2 later.
Identity Confirmed (optional): “This profile displays their verified legal name.” Free during initial verification, $2 later. The confirmed name appears alongside the user’s chosen display name. Users can hide it anytime (which removes the badge) and show it again later (which restores it).

Nobody is required to go beyond Verified Human. The additional badges are voluntary trust signals for creators, businesses, and public figures who want to build credibility.

Privacy-Gated Ad Targeting

Users control how much data they share via three privacy tiers:

Minimal (default): community topics only — generic, community-based ads (lowest earnings)
Standard: adds engagement patterns and content interests — relevant ads (moderate earnings)
Full: adds demographic signals and browsing behavior — most relevant ads (highest earnings)

Advertisers never see individual user data. The protocol matches users to campaigns without revealing who they are.

Account Recovery Without Seed Phrases

If you lose your wallet, your biometric nullifier can recover your account. You re-verify with any accepted government ID (same face = same nullifier), submit a recovery request, and after a 7-day security cooldown, your account transfers to your new wallet. The old wallet can approve immediately (skipping the wait) or cancel (if it was a fraudulent attempt).

No seed phrases to write down. Your face is your backup.

Governance Structure

Elected Management Team

The platform is governed by an elected management team of up to 9 seats. Members serve 5-year terms and are compensated at approximately $4,000-$5,000/month (denominated in USD, paid in TOKEN — the amount of TOKEN decreases as the token appreciates, so management never captures depositor upside).

During the bootstrap period, the founding team holds initial seats and appoints additional members with staggered terms. All seats transition to community elections as terms expire. Any seat can be recalled at any time by community vote through the governance contract.

Three Separate Pools

The protocol maintains strict separation between three pools of funds:

Reserve: backs the token 1:1. Never spent on operations. Only changes during deposits and redemptions.
Management Pool: funded by protocol fees. Pays for salaries, moderators, infrastructure, and operations. All spending logged on-chain.
Community Impact Fund: funded by 10% of ad revenue. Community votes on disbursement for research, public goods, and charitable causes.

This separation ensures that operational costs and community programs never reduce token backing.

No Founder Premine

The founding team does not receive any special token allocation. They earn tokens the same way as any other user: through deposits, engagement rewards, and approved work proposals. This eliminates the “founder dump” dynamic that has destroyed trust in many crypto projects.

How Creators Earn

Ad Revenue Split

When an advertiser pays for an impression or click on a creator’s content:

Recipient	Share	Why
Creator	55%	They created the content
Viewer	30%	Their attention generated the revenue
Impact Fund	10%	For community-directed public goods
Burned	5%	Benefits all token holders
Platform / Management	0%	The platform takes no slice of ad revenue

The platform takes no cut of ad revenue — the split is applied off-chain at impression time, and on-chain ad-earnings settlement currently charges 0% (it only disburses the already-split amount and records the Merkle root). A small transaction fee on the ad-settlement payout is part of the planned fee layer (the same roadmap item as advertiser-funded infrastructure) — it is not in the deployed contracts yet. When it ships it mirrors the tip/marketplace transaction fee; the platform earns from facilitating the payment, never from the advertiser’s spend.

The fee principle: money is taxed once, when it enters the economy. Value entering — a tip, a micro-purchase, an ad impression — pays the 0.5% transaction fee at that ingress. Moving already-earned money around is never re-taxed: revenue-share NFT distributions and settlement payouts to you carry a 0% fee, because the underlying revenue was already fee’d when it was earned. Creators and NFT holders receive their full share with no second cut. This is enforced in the settlement contracts, not just policy.

No other social platform gives creators 55% of ad revenue from day one with no follower minimum and no platform cut. And no other platform pays the viewer at all.

What Can Creators Realistically Earn?

At minimum ad rates ($1 CPM): ~2,500 views for $1. As the platform grows and advertisers compete for attention, rates rise naturally to $3-8 CPM (typical for crypto/tech sectors), meaning 250-800 views for $1.

Three creator personas (assuming 10,000 platform users, $3 CPM average):

Persona	Activity	Monthly views	Ad earnings	Tips	NFTs	Total
Casual poster (3 posts/week, ~100 followers)	Light	~3,000	$5	$2	-	$7/month
Active creator (daily posts, ~1K followers)	Regular	~30,000	$49	$15	$10	$74/month
Power creator (2x daily, ~5K followers, NFTs, shop)	Heavy	~150,000	$245	$75	$100+	$420+/month

At 100,000 users these numbers scale roughly 10x. A power creator on a mature Chain Social could earn $2,500-6,000/month — comparable to a mid-tier YouTube channel, but without needing 100K subscribers to qualify for monetization (and with no platform cut on the ad revenue).

Subscription Tiers

Tier	Price	Highlights
Free	$4 one-time KYC	Basic platform access, 85% earning rate, ads shown
Member	~$6/month	Full earning rate, ad-free option, 3 bots, NFT minting
Creator	~$15/month	Analytics, creator badge, lower NFT fees, 5 shop collections
Business	~$30/month	Verified business identity, employees, 10 collections, bulk tools

All prices are stabilized against a basket of USD, EUR, BTC, ETH, and Gold, so they remain approximately constant regardless of market conditions.

Technical Architecture

Chain Social is built on three layers:

Smart Contracts (Sui Move): 23 modules handling deposits, redemptions, governance, marketplace escrow, stealth escrow, KYC, account recovery, post and certificate NFTs, tip and engagement settlement, fee buckets, infrastructure pools, membership, and poll anchoring. All contracts are open source and verifiable on-chain.
Backend Server (Express + Prisma): indexes on-chain events via structured event subscription, serves cached data for fast reads, handles WebSocket messaging relay (blind encrypted relay), manages off-chain features (ad matching, tip batching, demographics, notifications), and runs a standalone settlement worker for periodic on-chain batch operations.
Frontend (Next.js 16 + React 19): progressive web app with mobile-first design, wallet connection (Sui Wallet or Google OAuth via zkLogin), and client-side quantum-resistant encryption.

The frontend can be hosted on IPFS for censorship resistance. Content storage uses Walrus (Sui-native decentralized storage). The backend is designed to be replaceable — anyone can run their own instance that syncs from the chain.

Economic Model

How the Reserve Grows

User deposits $100 SUI -> 100 SOCIAL minted -> Reserve = $100
User tips creator 10 SOCIAL -> 0.5% fee = 0.05 SOCIAL (0.025 burned + 0.0125 mgmt + 0.0125 Impact Fund)
Supply: 99.975 SOCIAL, Reserve still $100, Token price: $100 / 99.975 = $1.00025

Over thousands of transactions, the cumulative burns create meaningful appreciation. A platform with $10M in reserves and 5% annual transaction volume would see meaningful burns per year from transaction fees alone, plus membership burns, withdrawal burns, and wellbeing decay redirections.

Revenue Sources for the Treasury

Source	Flow
Withdrawal fees (1% of 2.5%)	TOKEN to management pool
Transaction fees — marketplace (0.25% of 0.5%)	TOKEN to management pool
Tip/micro-purchase settlement (0.125% of 0.5%)	TOKEN to management pool (a further 0.125% → Impact Fund)
Ad-settlement transaction fee	Planned — not deployed (roadmap, with advertiser-funded infra)
Ad revenue (10% of all impressions)	TOKEN to community impact fund
Membership fees (50% on renewals)	TOKEN to management pool
KYC fees ($4 per user)	TOKEN to management pool
Bot creation, NFT minting, campaign review, badge fees	TOKEN to management pool

No Inflation

Unlike platforms that print tokens to reward users (diluting existing holders), Chain Social’s rewards come from the treasury — which is funded by real economic activity. If the treasury runs out, rewards decrease rather than new tokens being minted. This makes the system sustainable rather than dependent on perpetual growth.

Roadmap

Phase 1 (Current): Core Protocol — Built

Deposit-backed token with on-chain reserve
Marketplace with escrow and collections (shop pages)
Stealth escrow for large purchases (ECDH addresses, item descriptor hashing, batched submission)
Quantum-resistant E2E messaging with forward secrecy
Private friendships (server-blind encrypted edges)
Communities, groups, topics, voice rooms
Courses with on-chain completion certificates
Apps marketplace with sandboxed host SDK
Community governance with amendments
KYC with face deduplication (passport, national ID, driver’s license, residence permit)
Verification badges (Verified Human, NFC Passport, Identity Confirmed)
Revenue-share NFTs
Creator subscriptions
Privacy-preserving settlement with Merkle proofs (tips, ad earnings, NFT distributions, micro-purchases, engagement)
Wellbeing reward decay
Bot allocation system
Community Impact Fund
Decentralized infrastructure pools (operator registry, contributor funding, settlement worker)
Walrus decentralized storage integration
Privacy-tiered polls (commit-reveal, one-human-one-vote across alts, optional per-alt receipts, attestor-signed attribute breakdowns with k-anonymity, on-chain Merkle anchor)

Phase 2: Growth

Fiat onramp integration (MoonPay/Transak)
Multi-asset deposits (wBTC, wETH, tokenized Gold & Silver) — currently SUI-only; no fiat stablecoins, ever
DEX integration (Cetus) for TOKEN/SUI swaps
Mobile app (native, beyond the current PWA)
Full Double Ratchet messaging (out-of-order delivery, multi-device)
Pyth oracle integration for live multi-asset price feeds

Phase 3: Maturity

Full decentralization (IPFS frontend, community-run backends)
Cross-chain bridges
Advanced governance (quadratic voting, delegation)
Parental accounts (under-18 access with restrictions)
Multi-signature treasury with hardware key support
Confidential amounts (Pedersen commitments)

Risks and Limitations

We believe in honest disclosure. Here are the real risks:

Market risk

The reserve holds crypto assets whose USD value fluctuates. At launch the reserve is SUI-only, which means SOCIAL’s USD price tracks SUI’s USD price 1:1 (minus the deflationary effect of burns). A SUI crash translates directly into a token-price drop. Once Phase 2 multi-asset support ships, the reserve will diversify into hard, non-debaseable assets only — BTC, ETH, SUI, tokenized Gold and Silver, and XMR (no fiat stablecoins). Under that target allocation, a single-asset 80% crash translates into roughly a 12-28% reserve drop depending on weight. Over time, the continuous burn of tokens from platform activity creates a deflationary floor: even in a flat market, each token’s share of the reserve grows.

Early-stage liquidity risk

With a small reserve (say $10,000), a single large redemption ($5,000) represents 50% of the pool. The 2.5% fee creates a small disincentive, and the remaining holders benefit from the burn, but early users should understand that the reserve is small until the platform grows.

Regulatory uncertainty

Token classification varies by jurisdiction. SOCIAL is designed as a utility token with verifiable reserve backing, not a speculative security. The founding team has no premine, which reduces securities risk. However, global regulatory frameworks for crypto are evolving. The platform geoblocks jurisdictions with hostile regulatory environments.

Face deduplication limitations

Identical twins: ~5% false match rate. Twins may need manual review and a management exception.
Major facial changes: surgery, significant aging, or hormonal transition may require re-verification through a manual compliance review with a two-person reviewer model.
Provider model upgrades: if the biometric model changes, a 90-day migration window allows existing users to re-verify without losing access.

Off-chain tip trust model

Individual tips are recorded off-chain and settled in periodic on-chain batches. Within a batch window the server is the real-time attributor, so it could in principle misattribute a tip before settlement. This risk is bounded, not merely promised: (1) every tip is backed by the sender’s on-chain Tip/Spend Jar, whose balance caps total unsettled tips and whose withdrawals are time-locked past the settlement cycle, so the aggregate is always solvent and funds cannot be pulled out from under an in-flight batch; (2) each settlement writes a Merkle root on-chain and is replay-protected, so any user can prove their tip’s inclusion and a batch cannot be settled twice; (3) omission or misattribution is detectable from the proof and challengeable through governance. The residual trust is the server’s within-window ordering, capped by real collateral — not custody of user funds.

Smart contract risk

Software can have bugs. An independent third-party security audit of all Move contracts is the gating milestone before mainnet, funded directly by this participation round — that is the round’s primary purpose. The audit report will be published in full, findings and resolutions included. In the interim the contracts are open source and have 267 automated Move tests passing with zero failures (independently run), including negative tests proving the mint authority is unforgeable and the settlement Merkle root reconciles between server and chain.

Frequently Asked Questions

Is SOCIAL a security? We don’t believe so. SOCIAL is a utility token backed 1:1 by an on-chain reserve (SUI at launch, diversifying across multiple assets in Phase 2), with no founder premine, no expectation of profit from the “efforts of others” (the Howey test), and mechanical pricing based on reserve math rather than speculation. However, token classification is jurisdiction-dependent. Consult local counsel if you are uncertain.

What happens if the reserve drops in value? The token price drops proportionally (since price = reserve / supply). At launch the reserve is SUI-only, so SOCIAL tracks SUI 1:1 in USD terms (minus the deflationary effect of burns). Once Phase 2 multi-asset support ships, diversification will dampen single-asset crashes. Ongoing burns from platform activity continuously improve the backing ratio: a 50% reserve drop with 5% annual burns recovers to pre-drop levels in roughly 10 years from burns alone — faster if deposit activity resumes.

Can the management team steal the reserve? No. The reserve is a separate on-chain pool that cannot be spent on operations. Management can only spend from the management pool (funded by protocol fees) and must log every expense on-chain. The community can recall any management member at any time through a governance vote.

What if I lose my phone and wallet? Re-verify your identity with any accepted government ID. Your face produces the same nullifier, which initiates a 7-day account recovery process. No seed phrases needed. Your old wallet can approve the transfer instantly or cancel it if the request is fraudulent.

Can I use Chain Social anonymously? Partially. You must verify as a real human (document + selfie, no names stored by the platform). Your on-chain address is pseudonymous. Individual tips are private (off-chain). You are NOT required to display your legal name (that’s an optional badge). But you cannot use the platform without KYC — this is by design, to prevent bot farms and sybil attacks.

What about users under 18? Currently, Chain Social requires users to be 18 or older. The KYC provider verifies age from the government ID. Parental accounts (for 13-17 year olds with restrictions) are planned for Phase 3.

How is this different from Steemit, DeSo, or BitClout? Those projects used inflationary token models: tokens were printed to reward users, which diluted holders and led to price crashes. Chain Social creates tokens only from deposits, with real reserves behind every token. Burns are the only source of appreciation — not speculation. Additionally, those projects had founder premines; Chain Social has none.

Security

A professional audit of all 23 Move smart contracts is planned before mainnet deployment. The audit is budgeted as part of the Sui Foundation ecosystem grant application. The audit report will be published in full, including any findings and their resolutions.

In the interim:

All contracts are open source
267 automated Move contract tests pass with zero failures (independently run); the server has additional isolated test coverage
The contract architecture follows Sui best practices for object ownership (owned objects for high-frequency actions, shared objects only for settlement and governance)

References:

ML-KEM-768: NIST FIPS 203 (2024) — post-quantum key encapsulation
X25519: RFC 7748 — elliptic curve Diffie-Hellman
PQXDH: Signal Protocol post-quantum key agreement
AES-256-GCM: NIST SP 800-38D — authenticated encryption

Get Involved

Chain Social is a public-good project. No VCs, no founder premine, no exit. The platform succeeds when its users do.

Use it. Deposit, post, tip, build a following. Your attention earns and your data stays yours.
Build with it. The full stack is open source; the protocol is yours to extend, fork, or replace pieces of.
Govern it. Run for a management seat, propose a change, vote on the next direction. One human, one voice.

This document is not financial advice. SOCIAL tokens are utility tokens backed by a diversified crypto reserve. Token value fluctuates with reserve asset prices and platform activity. Do not deposit more than you can afford to lose. Consult local counsel for jurisdiction-specific regulatory guidance.

Chain Social: Where your attention has real, verifiable value.

Join the Presale →

Chain Social: A Deposit-Backed Social Platform

What is Chain Social?

How Chain Social Compares