Centralization Risk: Benefactor Privileges

The protocol grants significant control to benefactors with no mechanism for removal or governance oversight. Benefactors can add merkle roots (enabling potential allocation_id collisions), fund or defund the contract at will, and terminate allocations through cancel or revoke operations. While this centralized trust model is common for vesting protocols where benefactors represent the token-issuing organization, it concentrates substantial power without checks or time delays. Users must trust that benefactors will act honestly and maintain secure operational practices, as compromised benefactor credentials enable direct fund manipulation through defunding or malicious merkle root injection.