⚠️ Developer Preview: Not yet live

Security

Understanding security best practices and how Amica Personas keeps your assets safe.

Smart Contract Security

Audit Status

Amica Personas smart contracts have been:

  • Internally reviewed by experienced Solidity developers
  • Tested extensively on Arbitrum Sepolia testnet
  • Built using battle-tested OpenZeppelin libraries

⚠️ Important: Like all smart contracts, there are inherent risks. Never invest more than you can afford to lose. Third-party audit is planned for Q2 2025.

Contract Design

Our contracts implement multiple security features:

  • Access Control: Role-based permissions for administrative functions
  • Reentrancy Protection: Guards against reentrancy attacks
  • Safe Math: Overflow/underflow protection via Solidity 0.8+
  • Pausability: Emergency pause mechanism for critical issues
  • Upgradeability: Proxy pattern for bug fixes without migration

Known Limitations

Be aware of these design considerations:

  • Persona tokens are standard ERC-20s with no admin controls after deployment
  • Liquidity pool ownership transfers to creators (not locked by default)
  • No built-in token burning or minting after initial creation
  • Price manipulation possible in low-liquidity pools

Wallet Security

Best Practices

Protect your wallet and assets by following these guidelines:

Never Share Private Keys

  • Amica will NEVER ask for your private keys or seed phrase
  • Support team cannot access your wallet
  • No legitimate service requires your private keys

Use Hardware Wallets

  • Consider using Ledger or Trezor for large holdings
  • Hardware wallets keep keys offline and secure
  • Fully compatible with Amica via WalletConnect

Verify Transactions

  • Always review transaction details before signing
  • Check recipient addresses carefully
  • Verify token amounts and gas fees
  • Be suspicious of unexpected transaction requests

Secure Your Device

  • Keep your OS and browser updated
  • Use antivirus software
  • Avoid public WiFi when transacting
  • Don't install suspicious browser extensions

Common Scams

Phishing Attacks

Attackers may try to trick you into revealing sensitive information:

🚨 Red Flags

  • Emails asking for wallet credentials or seed phrases
  • Fake Amica websites with similar domains (check URL carefully)
  • Urgent messages claiming your account is compromised
  • Too-good-to-be-true investment opportunities
  • Unsolicited direct messages offering "support"

Rugpulls

A rugpull occurs when creators drain liquidity, leaving token holders with worthless assets.

Warning Signs:

  • Anonymous team with no history
  • Excessive creator token allocation (>20%)
  • Promises of guaranteed returns
  • Unusually high APY or rewards
  • No locked liquidity
  • Copied/generic website and branding

Protection:

  • Research the creator's history and reputation
  • Check if liquidity is locked (view on arbiscan.io)
  • Start with small investments to test legitimacy
  • Look for community activity and engagement

Fake Tokens

Scammers may create tokens with names similar to popular personas.

Protection:

  • Always verify contract addresses
  • Use Amica's official interface for trading
  • Check token creation date and history
  • Look for verification badges (coming soon)

Trading Safely

Do Your Own Research (DYOR)

Before buying any persona token:

  • Research the creator and their background
  • Read the persona description and roadmap
  • Check liquidity depth and trading volume
  • Review holder distribution (avoid highly concentrated holdings)
  • Look for red flags in contract code

Risk Management

  • Never invest more than you can afford to lose
  • Diversify across multiple personas
  • Set stop-losses for volatile positions
  • Take profits gradually rather than all at once
  • Keep some liquidity for opportunities

Slippage and MEV

Understand risks related to transaction execution:

  • Slippage: Price changes between submission and execution
  • Front-running: Bots may see and copy profitable trades
  • Sandwich attacks: Bots manipulate price around your trade

Mitigation:

  • Use appropriate slippage settings (1-3% typical)
  • Trade during high liquidity periods
  • Consider using MEV protection services
  • Split large orders into smaller chunks

Reporting Security Issues

Bug Bounty Program

We take security seriously. If you discover a vulnerability:

  1. Do NOT exploit the vulnerability
  2. Do NOT publicly disclose the issue
  3. Contact us immediately via secure channels
  4. Provide detailed information about the vulnerability

Contact:

Rewards may be provided for valid, critical vulnerabilities at the project's discretion.

Scam Reporting

If you encounter a scam or suspicious activity:

  • Report in our Telegram
  • Include contract addresses and evidence
  • Warn others in the community

Emergency Procedures

If Your Wallet is Compromised

  1. Immediately transfer remaining assets to a new wallet
  2. Revoke all token approvals using revoke.cash
  3. Document the incident with transaction hashes
  4. Report to relevant authorities if large amounts involved
  5. Create a new wallet with a fresh seed phrase

If You Fall for a Scam

  1. Accept that recovery is unlikely (blockchain transactions are final)
  2. Document everything: addresses, transactions, communications
  3. Report to local law enforcement (for large amounts)
  4. Warn others in community channels
  5. Learn from the experience and improve security practices

Stay Safe

Join our community to stay updated on security best practices and warnings.

Join Telegram