Security features and best practices implemented in Percent Wallet Privacy
Security is not a feature—it's the foundation of everything we build.
Client-Side Key Generation: All private keys generated on user device
No Server Storage: Zero private key transmission or storage on servers
User Sovereignty: Only users have access to their assets
BIP32 Hierarchical Deterministic wallets
BIP39 Mnemonic seed phrases (12/24 words)
BIP44 Multi-account hierarchy
Secure enclave storage (iOS) / Keystore (Android)
AES-256-GCM for local data encryption
Scrypt/PBKDF2 for password derivation
End-to-end encryption for sensitive operations
Support for leading hardware security modules:
Ledger: Nano S, Nano X
Trezor: One, Model T
Future: Additional vendors based on demand
Enterprise-grade security for institutional users
Configurable signature thresholds (2-of-3, 3-of-5, etc.)
Time-locked transactions
Recovery mechanisms
Independent third-party audits
Continuous automated security scanning
Penetration testing programs
Community-driven vulnerability discovery
Competitive rewards for responsible disclosure
Transparent issue tracking and resolution
All sensitive data encrypted at rest
Secure memory handling (no plaintext key exposure)
Auto-lock and biometric authentication
Screenshot prevention for sensitive screens
Certificate pinning for API communications
TLS 1.3 encryption for all network traffic
No analytics or tracking libraries
Minimal permission requirements
Notify affected users as soon as a security issue is confirmed or strongly suspected.
Provide clear, factual information about the scope and impact of the issue.
Deploy fixes and mitigations rapidly across affected systems and provide instructions to users if action is required.
Conduct a detailed root-cause analysis and implement improvements to prevent recurrence.