Skip to main content

Security & Architecture

Stable Genius is built with a non-custodial, on-chain-first architecture. This page explains the security guarantees, trust model, and how you can independently verify every transaction.

Non-Custodial Design

Stable Genius never holds merchant funds. Every merchant has a dedicated smart contract (GenieIntake proxy) deployed on Base that they control.

What This Means

For merchants: Your funds sit in a smart contract you control. Even if Stable Genius goes offline, you can call emergencyWithdraw() directly on your contract to retrieve all funds to your own wallet. No one — not Stable Genius, not an attacker — can redirect your funds to a different address. For integrators: You never touch USDC. Your system creates payment intents and receives webhooks. All fund movement happens on-chain between the customer’s wallet and the merchant’s contract. For compliance: Every transaction is recorded on-chain with full traceability. Transaction hash, sender, receiver, amount, block number — all publicly verifiable on Basescan.

Trust Model

RoleWhat It Can DoWhat It Cannot Do
MerchantWithdraw funds to their own wallet at any time via emergencyWithdraw()N/A — full control of their contract
Operator (Stable Genius)Call settle() to split fees and move net amount to merchant walletRedirect funds to a different address, change fee rate without merchant consent, access merchant’s private keys
IntegratorCreate payment intents, read transaction dataAccess merchant funds, modify settlement configuration
CustomerSend USDC to payment addressesReverse a confirmed payment (blockchain finality)

On-Chain Verification

Every payment processed through Stable Genius can be independently verified:
  1. Transaction hash — Returned in the webhook and GET responses. Look it up on Basescan to see the exact USDC transfer.
  2. Fee split — The settle() transaction on-chain shows the fee amount sent to the treasury and the net amount sent to the merchant.
  3. Contract code — GenieIntake proxy contracts are verified on Basescan. Anyone can read the contract logic and confirm the fee split mechanics.
# Example: Verify a payment on Basescan
https://basescan.org/tx/{tx_hash}

Data Security

DataProtection
API keysSHA-256 hashed at rest. Only shown once at creation.
Webhook signing secretsUnique per endpoint. HMAC-SHA256 verification.
Merchant PII (KYC data)Held by our identity verification partner, not by Stable Genius. We store only the verification status and customer ID.
Bank account detailsConnected via Plaid (tokenized). We store only bank name and last 4 digits.
Transaction dataStored in Supabase with row-level security. Each merchant can only access their own data.

Infrastructure

ComponentProviderPurpose
API & DashboardVercelEdge-deployed, auto-scaling
DatabaseSupabase (PostgreSQL)Row-level security, real-time subscriptions
Blockchain monitoringAlchemyWebhook-based transaction detection
Identity verificationBridge (Stripe)KYC/KYB for merchant onboarding
Bank linkingPlaidInstant bank account verification
Smart contractsBase (Ethereum L2)GenieIntake proxy contracts

Compliance

Stable Genius is designed for US regulatory compliance:
  • KYC/KYB is required for all merchants before they can accept payments
  • Non-custodial architecture means we don’t fall under money transmitter licensing requirements for fund custody
  • On-chain audit trail provides full transaction traceability for any regulatory inquiry
  • Bank-grade off-ramping via Bridge (a Stripe company) for USDC-to-USD conversion
This is not legal advice. Consult with your legal team regarding compliance requirements for your specific use case and jurisdiction.

Reporting Vulnerabilities

If you discover a security vulnerability, please report it responsibly to security@stablegenius.co. Do not disclose vulnerabilities publicly before we’ve had a chance to address them. We aim to acknowledge reports within 24 hours and provide a resolution timeline within 72 hours.