Terms of Service
Last updated: May 17, 2026
1. Acceptance of Terms
These Terms of Service ("Terms") are a legal agreement between you and Zauth, Inc. ("we," "us," or "our"). By creating an account, accessing our websites (zauthx402.com, zauth.inc), using our APIs, or interacting with any of our products or services, you agree to be bound by these Terms in full.
If you do not agree to these Terms, do not use our services. If you are using our services on behalf of an organization, you represent that you have the authority to bind that organization to these Terms, and "you" refers to both you individually and the organization.
These Terms incorporate our Privacy Policy by reference. Together, they govern your use of all zauth products and services.
2. Our Services
Zauth, Inc. provides security infrastructure for the agentic internet. Our current products include:
- Vector — an automated vulnerability scanner that performs blackbox, whitebox, and hybrid security testing against web applications.
- RepoScan — a code trust scoring engine that analyzes GitHub repositories and produces security and quality assessments.
- x402 Protocol — a payment protocol enabling machine-to-machine transactions using cryptocurrency (USDC on Base and Solana).
- Provider Hub — a control plane for x402 endpoint operators to register services, monitor health, track agent interactions, and configure automatic refunds.
- Database — a live registry of x402 protocol endpoints, continuously discovered and monitored by our AI agents for success rates, pricing, and response data.
We may add, modify, or discontinue products or features at any time. We will make reasonable efforts to notify you of changes that materially affect your use of the platform, but we are not obligated to maintain any specific feature or service indefinitely.
Our services are provided on an "as available" basis. We target high availability but do not guarantee uninterrupted access. Scheduled maintenance, infrastructure updates, and upstream provider outages may temporarily affect service availability.
3. Accounts
To use most of our services, you must create an account. You can sign up using an email address, a cryptocurrency wallet, or through a third-party provider (Google, GitHub, Bitbucket, or X). You are responsible for maintaining the security of your account credentials, including your session tokens and any linked wallet private keys.
You must provide accurate information when creating your account. You may not impersonate another person or entity, or create multiple accounts to circumvent rate limits, abuse promotions, or evade enforcement actions. We reserve the right to suspend or terminate accounts that violate these rules.
You are responsible for all activity that occurs under your account. If you suspect unauthorized access to your account, contact us immediately at [email protected]. We are not liable for any loss resulting from unauthorized use of your account where you failed to maintain adequate security of your credentials.
4. Payments and Credits
4.1 Credit System
Vector scans are paid for using a prepaid credit system. Credits are denominated in US dollars, where $1.00 deposited equals $1.00 in scan credits. You must have a sufficient credit balance before starting a scan. Scans are charged at a flat rate: $15 for Quick scans and $49 for Deep scans.
4.2 Payment Methods
We accept payment through two channels: cryptocurrency deposits (SOL and USDC on the Solana network) and card payments processed through Stripe. Cryptocurrency deposits are credited automatically upon blockchain confirmation. Card payments are credited upon successful payment confirmation from Stripe.
4.3 All Sales Are Final
All purchases of credits, whether made via cryptocurrency or card, are final and non-refundable. Once credits have been added to your account, they cannot be converted back to cash, cryptocurrency, or any other form of payment. This applies regardless of whether you use the credits or not.
We do not offer refunds for unused credit balances or account closures where a credit balance remains. If a scan fails due to a system error on our side, the scan fee is automatically returned to your balance in full.
4.4 Pricing
Scans are charged at a flat rate: Quick scans cost $15 and Deep scans cost $49. Staking ZAUTH tokens may entitle you to a discount of up to 50% on scan fees. Discounts are applied automatically at checkout.
We reserve the right to change our pricing at any time. Price changes apply to future purchases and scans only. Credits already in your account retain their dollar value regardless of pricing changes.
4.5 Cryptocurrency Transactions
Cryptocurrency transactions are processed on the Solana blockchain and are subject to network conditions, confirmation times, and transaction fees that are outside our control. You are responsible for sending the correct token to the correct deposit address on the correct network. We cannot recover funds sent to the wrong address, on the wrong network, or using an unsupported token. Minimum deposit amounts apply: 0.001 SOL and $0.50 USDC.
4.6 Card Payments
Card payments are processed by Stripe. By making a card payment, you also agree to Stripe's Terms of Service. We do not store your card details. All card payment disputes should be directed to us at [email protected] before initiating a chargeback with your card issuer.
4.7 Promotional Credits
We may offer promotional credits from time to time, such as a free scan for following our X account. Promotional credits are subject to additional terms, may expire, and cannot be exchanged for cash. We reserve the right to revoke promotional credits obtained through fraud or abuse.
5. Staking
5.1 Overview
zauth offers a staking program through an immutable smart contract deployed on the Solana blockchain. By staking $ZAUTH tokens, you lock your tokens for a chosen duration (between 30 days and 1 year) and become eligible to receive a share of protocol revenue distributions and scan discounts. Staking is entirely voluntary and optional.
5.2 Smart Contract
The staking smart contract is deployed as an immutable Solana program with no upgrade authority. Once deployed, its code cannot be modified by anyone, including zauth. The contract is open-source and its behavior is governed entirely by the on-chain code. You acknowledge that you have had the opportunity to review the contract source code before staking.
The contract administrator can adjust certain operational parameters (minimum lock duration, maximum lock duration, minimum stake amount, referral commission rate, and epoch duration), pause or unpause staking operations, and distribute dividends. The administrator cannot access, withdraw, or redirect staked tokens. Only the staker (or the staker and administrator together via a co-signed rescue transaction) can withdraw staked funds.
5.3 Lock Duration and Weight
When you stake, you choose a lock duration. Your tokens cannot be withdrawn without penalty until the lock period expires. Longer locks receive a higher weight multiplier (1x at 30 days, up to 2x at 365 days), which increases your proportional share of distributions. The weight formula is hardcoded in the contract and cannot be changed.
5.4 Early Unstaking Penalties
You may withdraw your tokens before the lock expires, subject to the following penalties which are hardcoded in the contract and cannot be modified:
- More than 50% of lock remaining: 50% penalty
- 25% to 50% of lock remaining: 30% penalty
- Less than 25% of lock remaining: 15% penalty
Penalty amounts are transferred to the protocol treasury. After the lock period expires, you may withdraw your full staked amount with no penalty.
5.5 Distributions
Distributions are funded from protocol revenue at the discretion of the administrator. There is no guaranteed distribution schedule, amount, or return. Distributions are made in $ZAUTH tokens. Past distributions do not guarantee future distributions. The value of $ZAUTH tokens may fluctuate and distributions may have little or no monetary value.
5.6 Risks
You acknowledge and accept the following risks associated with staking:
- Smart contract risk — while the contract has been extensively tested and internally reviewed for security, no smart contract is guaranteed to be free of vulnerabilities.
- Token price risk — the value of $ZAUTH may fluctuate significantly during or after your lock period.
- Liquidity risk — your tokens are locked for the chosen duration and cannot be accessed without penalty.
- Blockchain risk — the Solana network may experience outages, congestion, or other issues that temporarily prevent you from interacting with the contract.
- Regulatory risk — the legal and regulatory status of token staking and distributions may change in your jurisdiction.
- No guaranteed returns — staking does not constitute an investment and no return is guaranteed or promised.
5.7 Not an Investment
Staking $ZAUTH is not an investment, security, or financial product. Distributions are discretionary allocations of protocol revenue, not dividends, interest, or yield. Nothing in these Terms or in our marketing materials should be construed as a promise of financial return. You should consult a qualified financial or legal advisor before participating in any token staking program.
5.8 Scan Discounts
Stakers may receive discounts on Vector scans based on the USD value of their weighted stake. Discount rates and maximum discount percentages are configurable by the administrator and may change at any time. Discounts are applied at the time of scan and are not retroactive.
5.9 Emergency Operations
In the event of a security incident or critical bug, the administrator may pause staking and unstaking operations. If the minimum lock duration is reduced to zero (emergency unlock), all stakers can withdraw immediately regardless of their original lock period. The administrator may also co-sign rescue transactions to help users move funds to a new wallet in the event of a wallet compromise, but only with the user's explicit participation and signature.
6. Acceptable Use
You agree to use our services only for lawful purposes and in accordance with these Terms. When using Vector, you may only scan domains and applications that you own or have explicit written authorization to test. Scanning targets without proper authorization is a violation of these Terms and may be illegal under applicable computer fraud and abuse laws.
You agree not to:
- Scan, probe, or test any system you do not own or have authorization to test.
- Use our services to launch denial-of-service attacks or otherwise disrupt third-party systems.
- Attempt to gain unauthorized access to our infrastructure, other user accounts, or internal systems.
- Reverse-engineer, decompile, or attempt to extract the source code of our proprietary tools.
- Circumvent rate limits, authentication mechanisms, or other security controls.
- Use automated means to create accounts, purchase credits, or interact with our APIs outside of documented integrations.
- Resell, sublicense, or redistribute our services without a written agreement from us.
- Submit false vulnerability reports, fabricate scan results, or otherwise misrepresent findings.
- Use our services in any way that violates applicable local, state, national, or international law.
We reserve the right to investigate suspected violations and to suspend or terminate your account at our discretion if we determine that you have violated these rules. In cases of serious or repeated violations, we may report the activity to law enforcement.
7. Intellectual Property
All content, code, designs, logos, trademarks, and other materials that make up our services are owned by Zauth, Inc. or our licensors and are protected by intellectual property laws. You may not copy, modify, distribute, or create derivative works from our materials without our written permission.
Scan reports, findings, and analyses generated by our tools for your account are provided to you for your use. You retain ownership of any source code or materials you provide to us for whitebox scanning. We do not claim ownership of your code. However, we may retain anonymized, aggregate data derived from scans for the purpose of improving our products and services.
The zauth name, logo, Vector, RepoScan, and x402 are trademarks of Zauth, Inc. You may not use our trademarks in any way that suggests endorsement, affiliation, or sponsorship without our prior written consent. Partners with active Provider Hub agreements may use our marks in accordance with their specific licensing terms.
8. Disclaimers
Our services are provided "as is" and "as available" without warranties of any kind, whether express, implied, or statutory. We disclaim all warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
We do not warrant that our vulnerability scans will identify all security issues in your application. A clean scan result does not guarantee that your application is free of vulnerabilities. Security testing is inherently limited by scope, time, and methodology. You should not rely solely on our tools as your only security measure.
RepoScan trust scores and code analyses are generated by automated systems and reflect a point-in-time assessment. They are informational and should not be treated as a comprehensive security audit or a guarantee of code quality.
We are not responsible for any damage, data loss, or service disruption that occurs as a result of vulnerability testing performed through our platform. You acknowledge that security testing can potentially affect the availability or integrity of the target system and accept this risk when initiating a scan.
9. Limitation of Liability
To the maximum extent permitted by law, Zauth, Inc. and its officers, directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from or related to your use of our services. This includes, without limitation, damages for loss of profits, data, goodwill, or other intangible losses.
Our total aggregate liability for any claims arising out of or related to these Terms or your use of our services shall not exceed the amount you have paid to us in the twelve (12) months immediately preceding the event giving rise to the claim.
This limitation of liability applies regardless of the theory of liability (contract, tort, strict liability, or otherwise) and even if we have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of certain damages, so some of the above limitations may not apply to you.
10. Indemnification
You agree to indemnify, defend, and hold harmless Zauth, Inc. and its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, costs, and expenses (including reasonable attorney fees) arising out of or related to:
- Your use of our services in violation of these Terms.
- Your scanning of any system without proper authorization.
- Any breach of applicable law resulting from your use of our services.
- Any claim by a third party that your use of our services caused them harm.
- Your failure to maintain the security of your account credentials.
This indemnification obligation survives the termination of your account and these Terms.
11. Termination
You may close your account at any time by contacting us at [email protected]. Upon account closure, your access to our services will be revoked, any active scans will be cancelled, and your account data will be handled in accordance with our Privacy Policy.
We may suspend or terminate your account at any time, with or without notice, for any reason, including but not limited to violation of these Terms, suspected fraud, abusive behavior toward our systems or team, or prolonged inactivity. In the event of termination for cause, any remaining credit balance is forfeited.
Sections of these Terms that by their nature should survive termination will survive, including but not limited to: Payments and Credits (Section 4), Staking (Section 5), Intellectual Property (Section 7), Disclaimers (Section 8), Limitation of Liability (Section 9), Indemnification (Section 10), and Governing Law (Section 12).
12. Governing Law
These Terms are governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions. Any legal action or proceeding arising under these Terms shall be brought exclusively in the federal or state courts located in Delaware, and you consent to the personal jurisdiction of such courts.
If any provision of these Terms is found to be unenforceable or invalid by a court of competent jurisdiction, that provision will be enforced to the maximum extent permissible and the remaining provisions will remain in full force and effect. Our failure to enforce any right or provision of these Terms will not be considered a waiver of that right or provision.
These Terms constitute the entire agreement between you and Zauth, Inc. regarding your use of our services and supersede any prior agreements, communications, or proposals, whether oral or written, between you and us regarding the subject matter of these Terms.
13. Changes to These Terms
We may revise these Terms at any time by posting an updated version on our website. When we make changes, we will update the "Last updated" date at the top of this page. For material changes that affect your rights or obligations, we will provide at least 30 days of notice through the email address associated with your account or through a prominent notice on our platform.
Your continued use of our services after the revised Terms take effect constitutes your acceptance of the changes. If you do not agree with the updated Terms, you should stop using our services and contact us to close your account. Changes to these Terms do not apply retroactively and will not affect any disputes arising before the effective date of the revised Terms.
14. Contact
If you have questions about these Terms or need to report a violation, email us at [email protected]. You can also reach us on our Discord server where you can open a ticket for faster responses.
For legal notices or formal communications, please use the email address above and include "Legal Notice" in the subject line. We will acknowledge receipt of legal notices within 5 business days.