This sends USDC through the protected-transfer contract with the poisoning firewall running by default. If the recipient looks like a poisoning lookalike or has baited you with a zero-value transfer, the send is refused before any funds move.
1

Register a config once

A config encodes your integrator behaviour (recall window, claim mode, optional fee). It is content-addressed, so calling it on every boot is free.
2

Create a claim secret

The recipient will claim with a short code; the salt is the entropy that keeps the 6-digit code safe from brute force.
3

Send, protected

sendProtected runs the firewall itself and throws RiskBlockedError on a block before it submits. No funds move on a block.
Deliver the code to the recipient through your normal channel with them. The protection is that a wrong or poisoned recipient cannot claim without it, and you can cancel to reclaim.
4

Recipient claims

What just happened

Layer 1 — firewall

sendProtected scanned the recipient and would have refused a lookalike or bait address. See the firewall guide.

Layer 2 — escrow

Funds were held by the contract, claimable only with the code, refundable to you. See protected transfer.

Payer privacy

To also hide your wallet from the recipient, use Private Pay.