Every actor's phone or laptop generates a hardware-anchored key at first sign-in (Apple Secure Enclave · Android StrongBox · WebAuthn). The private key never leaves the device. Every signature they make on the chain is bound to that key — meaning nobody, not even Flip360, can forge or replay it.
A signed envelope travels through 5 stations. Each station stamps its own hardware signature and hash-links to the previous. If any link is missing, tampered with, or forged — the whole chain breaks and commission stays PENDING forever.
Two identical setups. Two different outcomes. The only difference: Sally's final tap. This is the mechanic that makes the platform trust-minimising — no provider's word is ever the last word.
The doctrine: H3b is only an accrual estimate; H4 is the release. Russel signing settled alone doesn't move a cent. Only when Sally (the client) also signs — with her own hardware-bound key — does commission become ELIGIBLE. She has veto power. Ratified in the EA constitution 2026-06-28.
A commission entry can be in exactly one of these five states at any time. It can never skip ahead. Russel cannot mark his own entry PAID — the engine controls transitions based on chain events.
src/engine/types.ts:16 — EntryStatus union · enforced in src/engine/stage-trigger.ts.
Same trust primitives as ASX CHESS, SWIFT, and NPP — applied to peer referral commissions. Hover any hex for its file citation.
When the chain closes, an evidence pack assembles automatically. Every layer references the one above. Big-4 auditors walk this from top to bottom and can verify every hash independently. No trust in Flip360 is required.
Every commission marketplace competitor (LinkUp, Refer.io, PartnerHero, referral CRMs) relies on self-reporting — the closer types "yes, I closed the deal" into a form. Flip360 doesn't. The 4-handshake chain with a customer veto is the same architectural primitive as ASX CHESS. Once we ship it, competitors need a $10M+ engineering rebuild to catch up.
AUSTRAC AML/CTF filing, ATO RCTI compliance, MFAA/CPA/MIA disclosure obligations — every one of them requires evidentiary audit trail. Our chain gives us this for free. Payment platforms without it (Rewardsly, Ambassador) end up building it retrospectively at 10× the cost.
src/chain/ · src/engine/ · src/routes/chain.tsx