Integration Notes for Auditors
Understanding Context is Critical
Common Misconception: "Why can't users withdraw freely? This is centralized censorship!"
Reality: This is a settlement platform for commercial counterparties, not a consumer wallet.
Analogous to: Banking (can't withdraw during fraud investigation), Escrow (can't withdraw without counterparty release), Clearing House (can't exit during settlement period).
Proper Audit Question: "Can withdrawal permission be abused to steal funds?" "Are there safeguards against validator refusing legitimate withdrawals?"
What Makes This Different from DeFi
| DeFi Standard | WERC7575 Settlement |
|---|---|
| Permissionless access | KYC required (regulatory) |
| Instant withdrawals | Permission required (settlement safety) |
| No operator control | Validator controls (operational necessity) |
| Code is law | Code + legal agreements |
| Trust-minimized | Trust professional operators |
This is NOT a bug, it's the business model.