🔒 Security & Trust
ARCX MarketPlace is committed to providing a secure, transparent, and trustworthy platform for decentralized content trading.
Smart Contract Security
- ✓ VERIFIED Contract source code verified on Arc Explorer ↗
- ✓ OPEN SOURCE All code is publicly auditable and transparent
- ✓ NON-CUSTODIAL You control your funds at all times - we never hold your assets
- ✓ NO ADMIN KEYS No backdoors, no privileged access, no hidden controls
- ✓ IMMUTABLE Contract logic cannot be changed after deployment
Website Security
- ✓ HTTPS/SSL All traffic encrypted with TLS 1.3 (256-bit encryption)
- ✓ SECURITY HEADERS CSP, HSTS, X-Frame-Options, X-XSS-Protection enabled
- ✓ CONTENT SECURITY POLICY Only trusted resources allowed to load
- ✓ STRICT TRANSPORT SECURITY HTTPS enforced for all connections
- ✓ NO TRACKING No analytics, no cookies, no user tracking
How We Protect You
- ✓ We never ask for your private keys, seed phrase, or password
- ✓ All transactions require your explicit approval in MetaMask
- ✓ Payments go directly from buyer to creator (peer-to-peer, no middleman)
- ✓ Your wallet, your control - we cannot access your funds
- ✓ No personal data collection - only public blockchain transactions
- ✓ Content creators maintain 100% ownership of their content
Smart Contract Details
- Contract Address:
0x9Dfd6AD5919Cfbb5Bfe7eDc8E739BA891f923875
- Network: Arc Testnet
- Chain ID:
5042002
- Type: ContentMarketplace (Pay-to-Access)
- Compiler: Solidity 0.8.30
- Verification: View on Arc Explorer ↗
What We Don't Do
- ❌ We don't store your private keys
- ❌ We don't custody your funds
- ❌ We don't track your browsing behavior
- ❌ We don't sell your data (we don't even collect it!)
- ❌ We don't have access to your wallet
- ❌ We don't charge platform fees
- ❌ We never ask for seed phrases or private keys
⚠️ About Phishing Warnings (False Positives)
Some wallet extensions (like UniSat) may show phishing warnings for our site. This is a FALSE POSITIVE.
Web3 dApps are sometimes flagged incorrectly because they:
- 🔗 Request wallet connections (standard Web3 behavior)
- ✍️ Ask users to sign transactions (required for blockchain interactions)
- 🆕 Are new domains not yet in whitelists
- 🏷️ Use Web3-related keywords that trigger false alarms
Why ARCX MarketPlace is Safe:
- ✅ Verified Smart Contract: All code is public and auditable on Arc Explorer
- ✅ No Private Key Requests: We NEVER ask for seed phrases or private keys
- ✅ Transparent Transactions: All payments go directly to creators via smart contract
- ✅ Security Headers: Industry-standard protection (CSP, HSTS, etc.)
- ✅ Open Source: Standard Web3 patterns, no obfuscation
If you see a phishing warning:
1. Verify our contract on Arc Explorer
2. Check this security page
3. Report as false positive to your wallet provider
4. Proceed safely knowing we're legitimate
Report Security Issues
Found a vulnerability? We appreciate responsible disclosure and will respond promptly.
Please do not disclose vulnerabilities publicly until we've had a chance to address them.
Transparency Commitment
- 📜 All smart contract code is open source and verifiable
- 🔍 Blockchain transactions are publicly auditable
- 💬 We encourage community code review and feedback
- 🛡️ Security is our top priority
Best Practices for Users
- ✓ Always verify you're on
www.arcxpay.xyz before connecting your wallet
- ✓ Never share your private keys or seed phrase with anyone
- ✓ Double-check transaction details before confirming in MetaMask
- ✓ Use a hardware wallet for large amounts
- ✓ Keep your MetaMask and browser updated