security
Security is not a feature—it's the foundation of everything we build.
Core Security Principles
Non-Custodial Architecture
Client-Side Key Generation: All private keys generated on user device
No Server Storage: Zero private key transmission or storage on servers
User Sovereignty: Only users have access to their assets
Cryptographic Standards
Key Management
BIP32 Hierarchical Deterministic wallets
BIP39 Mnemonic seed phrases (12/24 words)
BIP44 Multi-account hierarchy
Secure enclave storage (iOS) / Keystore (Android)
Encryption
AES-256-GCM for local data encryption
Scrypt/PBKDF2 for password derivation
End-to-end encryption for sensitive operations
Hardware Wallet Integration
Support for leading hardware security modules:
Ledger: Nano S, Nano X
Trezor: One, Model T
Future: Additional vendors based on demand
Multi-Signature Support
Enterprise-grade security for institutional users
Configurable signature thresholds (2-of-3, 3-of-5, etc.)
Time-locked transactions
Recovery mechanisms
Security Best Practices
Regular Security Audits
Independent third-party audits
Continuous automated security scanning
Penetration testing programs
Bug Bounty Program
Community-driven vulnerability discovery
Competitive rewards for responsible disclosure
Transparent issue tracking and resolution
Local Data Protection
All sensitive data encrypted at rest
Secure memory handling (no plaintext key exposure)
Auto-lock and biometric authentication
Screenshot prevention for sensitive screens
Network Security
Certificate pinning for API communications
TLS 1.3 encryption for all network traffic
No analytics or tracking libraries
Minimal permission requirements