Trust & safety
Fairness and anti-abuse
How we keep the loop honest: single-use codes, email-locking, one-coupon-per-account, and what we do about bad-faith shares.
For owners3 min readUpdated 2026-05-31
The whole product only works if a share is a fair trade. We invest in this because the alternative is a coupon-graveyard.
Built-in protections
- Single-use codes — a coupon is redeemed exactly once.
- Email-locked codes — the email at checkout must match the email at earn-time.
- One coupon per X account, per campaign — even if a customer tries with a different email.
- Real post verification — the post must exist on X with the right tracked link and any required mention/hashtag.
- Public-only data — follower counts are read live, not self-reported.
What to do if you spot a bad-faith share
- Find the share on the Customers tab. The share row carries the sharer’s email, X handle, post URL, and the issued code.
- Delete or disable the corresponding coupon directly in your provider (Stripe / Polar) so it can’t be redeemed.
- Email support@sharecount.app with the share and we’ll invalidate it on the ShareCount side and add the X handle to a block list so the same account can’t earn another code.
Subresource Integrity: by design, off
We don’t document a Subresource Integrity (SRI) hash for embed.jsbecause the script is intentionally a live asset: when we ship a security or behavior fix, every embed picks it up automatically. If your environment requires SRI, email us and we’ll work through a pinned-version arrangement.