Decentralisation by Design

SwapBlok is built on a principle that has become the defining standard for credible decentralised infrastructure: the protocol enforces its own rules, not the company that built it. The strongest guarantee that a system cannot be abused is not a regulatory approval or a policy commitment; it is an architecture that makes abuse technically impossible regardless of who operates it.

14.1 Architecture as the Rule of Law

Traditional financial infrastructure relies on institutional enforcement: exchanges are licensed, custodians are bonded, intermediaries are regulated. The rules are enforced through legal and regulatory mechanisms that can be overridden, captured, or made ineffective under external pressure.

SwapBlok's rules are enforced by mathematics and consensus:

• Fee rates are parameters set by on-chain governance, not by a management decision
• Fund release requires two cryptographic key shares, one held by the user permanently, and cannot be compelled by any third party
• Block production is randomised and distributed across 21 independent operators per round; no single party controls transaction ordering
• The historical record cannot be altered by anyone; no party possesses the ability to modify a confirmed block

No legal instrument can compel SwapBlok Foundation to release user funds, because SwapBlok Foundation does not hold the key material required to do so. The architecture makes that impossible by design.

14.2 Non-Custody by Construction

SwapBlok is not a custodian because custody is architecturally impossible at both layers.

For SB Chain transactions, the dfns.io non-delegated signing architecture (Section 6) means Key Share A never leaves the user's device. SwapBlok holds no signing capability for SB Chain accounts. dfns.io holds only Key Share B, which is insufficient to sign unilaterally.

For cross-chain transactions, the 2MPC dWallet construction (Section 5.2) requires the user's Key Share A for every transaction on external chains. SwapBlok holds neither key share for any external chain vault.

At no point in any SwapBlok operation (deposit, swap, withdrawal, or any intermediate state) does any party other than the user hold sufficient key material to act on their behalf. This is not a policy position or a legal argument; it is a statement about what the system can and cannot do mathematically.

This places SwapBlok in the same category as other fully non-custodial protocols (Uniswap, Curve, AAVE): systems where the protocol holds no user funds, executes no discretionary decisions on behalf of users, and has no mechanism to freeze or redirect assets.

14.3 Censorship Resistance

SwapBlok's infrastructure is designed to be censorship-resistant at every layer:

Block production: RDPoS randomly selects 21 active witnesses from a pool of 63 per maintenance window. The selection is unpredictable by design (Section 4.5). Compelling any specific witness to censor transactions would require simultaneously identifying and coercing the majority of an unknown, randomly-selected set of independent node operators, in advance of the round in which they are selected. This is a practical impossibility.

Bridge relay: The relayer network is permissionless. Anyone can run a relayer. If every SwapBlok-operated relayer were taken offline simultaneously, any third-party operator could continue submitting Merkle proofs to SB Chain. The bridge continues to function regardless of the status of any specific operator.

Node access: Any user can submit transactions directly to any SB Chain node. There is no whitelist, no account approval, and no gatekeeper. A user with a wallet can interact with the protocol from anywhere in the world.

14.4 No Single Point of Legal Control

The SwapBlok Foundation deploys and maintains the protocol code and retains significant governance participation during the initial decentralisation period (Section 7.6). It does not, however, operate the live protocol exclusively. The distinction matters:

• The Foundation can release software updates. It cannot force nodes to adopt them.
• The Foundation can publish new pool parameters. It cannot execute transactions on behalf of users.
• The Foundation can wind down its own operations. It cannot stop the protocol from running.

Once deployed to the network, the protocol is operated by:

• 21 independently operated witness nodes (block production) per round
• An uncapped number of independent relayer nodes (bridge relay)
• An uncapped number of independent nodes (chain access and API)

The Foundation's governance participation is transparent, time-limited, and subject to the binding decentralisation roadmap published in Section 7.6. The distributed nature of network operations means there is no single legal entity whose shutdown would halt the protocol.

14.5 The Immutable Record

SB Chain's immutable ledger creates a historical record that is beyond the reach of any external intervention. No party, including the SwapBlok Foundation, possesses a mechanism to alter, delete, or suppress a confirmed transaction.

This has two practical consequences:

The record cannot be produced in a modified form. No party can retroactively alter what the ledger says happened. The unmodified record is enforced by every node on the network simultaneously; changing it would require rewriting the chain from the point of modification, which would require controlling a majority of the network continuously.

Confirmed transactions cannot be reversed. A transaction that has been included in a confirmed block is final. No party can retroactively exclude or undo it. This is the same finality property that makes Bitcoin transactions irreversible; it is a consequence of distributed consensus, not of any company's policy.

This immutability also serves as the foundation of user trust: every fee, every bridge event, every swap, every governance vote is permanently and publicly verifiable by any party at any time.