# Security

Black Pearl Market combines on-chain escrow settlement with public tooling. The EVM contract is the USDC settlement layer. The web app, Telegram bot, indexer, wallet, APIs, and RPC providers make that lifecycle easier to use and monitor.

## Trust Boundaries

```mermaid
flowchart LR
  User[User] --> Wallet[Wallets]
  User --> Bot[Telegram Bot]
  Wallet --> RPC[RPC Providers]
  Bot --> API[Public API]
  API --> State[(Indexed State)]
  RPC --> Escrow[EVM Escrow Contract]
```

Different layers can update at different times. The product uses lifecycle states, refresh actions, explorer links, and recovery paths to keep settlement clear.

## Public Security Considerations

* Pearl and EVM settlement happen on separate networks.
* Indexed state may refresh after confirmations.
* RPC availability can affect transaction submission and visibility.
* Bot-Assisted Orders automate eligible steps without taking custody.
* Sellers should claim USDC before the claim window expires.
* Buyers may become eligible for refund according to contract rules.
* Advanced users can use the verified Arbiscan contract as a fallback.

## User Checklist

* Use official links only.
* Verify the escrow contract address.
* Confirm Arbitrum One before EVM actions.
* Review wallet prompts before signing.
* Never share seed phrases or private keys.
* Contact support with public transaction details only.

## Documentation Boundary

Private security documentation covers infrastructure, credentials, monitoring, incident response, and privileged operations. These details are intentionally excluded from the public GitBook.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.blackpearlmarket.com/threat-model.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.