Fund Safety
Signa is built on the principle that users should not have to trust a platform with their funds. This page explains how that principle is expressed in the protocol's design.

How funds move
When you take a position in a market, your funds are transferred directly to the market's smart contract on-chain. They are not held by Signa in a centralized account, custodied by a third party, or moved off-chain. The contract holds them according to its defined logic until the market resolves and claims become available.
Every fund movement — entering a position, claiming a payout, receiving a refund, withdrawing creator or referral rewards — is a blockchain transaction. It is verifiable, auditable, and does not require trusting Signa's word.
Smart contract audits
Signa's smart contracts have been independently audited by four security firms:
- CertiK
- QuillAudits
- Scalebit
- Beosin
Independent audits reduce the risk of contract vulnerabilities by subjecting the code to external review before deployment. Having multiple auditors provides broader coverage across different audit methodologies and areas of focus.
Audits are a meaningful security measure, not a guarantee of zero risk. Smart contracts operating on public blockchains remain subject to the inherent risks of the chain and the broader ecosystem.
Pull-payment design
All fund withdrawals on Signa use a pull-payment model. This means you initiate the action — the protocol does not push funds to your wallet automatically.
This design choice is deliberate. Automatic fund pushes create attack surfaces: a contract attempting to send funds to an address can be manipulated if that address is a malicious contract, subject to token-level restrictions, or causes unexpected execution. By requiring users to pull funds, Signa avoids the class of vulnerabilities that arise from unsolicited outbound transfers.
Fallback mechanisms
The protocol includes safeguards for failure cases in fund transfers:
- If a transfer to a recipient fails — for example, because of a token-level block or an unresponsive contract — the funds are held in a pending withdrawal state rather than lost. They remain claimable.
- Unclaimed dispute bonds that remain uncollected after 30 days can be swept to the treasury by anyone, preventing funds from being permanently locked in the contract.
These mechanisms exist to ensure that edge cases in fund movement do not result in permanently inaccessible capital.
What fund safety does not cover
Being clear about scope:
- Wallet security. The protocol cannot protect you if your wallet's private key is compromised. Keeping your seed phrase and private key secure is your responsibility.
- Chain-level risk. Signa operates on BSC. Risks inherent to the BNB Smart Chain — network outages, chain-level exploits, or validator issues — are outside the protocol's control.
- Market outcomes. Losing a position because your chosen outcome did not win is not a fund safety issue. That is the expected behavior of a prediction market.
