Trust the Code, Not the Middleman
A technical & regulatory overview of Adultra’s non‑custodial wallet plus escrow architecture.
1. Executive Summary
Adultra lets adult‑industry creators book shoots and settle payments in USDC on Polygon without ever ceding custody of their funds. With a threshold‑MPC wallet (Web3Auth) and a self‑contained escrow smart contract, we meet global compliance expectations while avoiding money‑transmitter licensing burdens.
2. Wallet Architecture
- MPC key‑split: one share on the user’s device, one encrypted in the Web3Auth network, one optional recovery share.
- Threshold: 2‑of‑3 required to sign; no single party—including Adultra—can move assets unilaterally.
- Gas strategy: Adultra hot‑wallet drip‑feeds
POL
for fees, but never touches users’USDC
.
3. Escrow Contract Design
Key properties:
- No upgrade proxy; byte‑code hash is immutable once deployed.
- Only the funding producer can call
releaseBooking()
. - No
onlyOwner
function can transferUSDC
4. Regulatory Positioning
- FinCEN: 2019 CVC guidance excludes pure wallet software providers.
- State MTL: Software exemption plus no custody — generally out of scope (NYDFS FAQ, TX DOB 1037, CO MTMA §102).
- OFAC: Compliance handled via TRM Labs screening and IP geofencing.
5. Security & Threat Model
- MPC shard hardening – device share encrypted at rest; cloud share rotated on sign‑in.
- Threshold immutability – 2‑of‑3 code‑locked; no admin path to 1‑of‑2.
- No contract pause switch – we prefer risk of temporary outage over centralised seizure powers.
6. On‑Boarding & Recovery
Users sign up with email or socials (WebAuthn). The recovery share lives in encrypted cloud storage only if the user opts in. A lost device can be recovered via social‑login plus guardian factor — never by Adultra alone.
7. Gas Sponsorship
A dedicated hot‑wallet tops up each new address with about 0.02 POL (roughly twenty transactions). Server logic enforces a 24‑hour throttle and TRM watch‑list check before each drip.