Identity & Privacy Attacks

Deanonymization via Metadata

Attack: Attempting to correlate signal timing, network traffic, or submission patterns to identify contributors.

Mitigations:

• ZK relayers break timing correlation

• Batch submission windows

• No persistent contributor identifiers

• Optional delay randomization

Residual Risk: Low, assuming standard network hygiene.

Reputation Inference Attacks

Attack: Trying to infer high-reputation contributors via profit correlation.

Mitigations:

• Reputation never directly maps to payout size

• Rewards distributed probabilistically within contribution bands

• No public leaderboards or per-signal attribution

Residual Risk: Very low—no observable reputation signal exists.