From keys to sessions, we layer protections so you don’t have to think about them.
Hardware-backed or multi-party key management to protect private keys.
Data encrypted in transit (TLS) and at rest with strong ciphers.
TOTP 2FA, device approvals, session history, and logout-all.
Anomaly detection, rate limits, and withdrawal controls.
MPC/HSM-backed custody with segregated shards and strict access controls.
Tiered cold storage and withdrawal windows to reduce operational risk.
Production access is tightly scoped; changes reviewed and auditable.
Principle of least privilege, periodic access reviews, and logging.
TLS for data in motion; strong ciphers and hardened storage at rest.
Managed keys, regular rotation, and secure secrets management.
Encrypted backups with scheduled restore drills to validate recovery.
Email verification, TOTP 2FA, optional approvals for higher risk actions.
Approve devices, review sessions, and one‑click sign‑out everywhere.
Login notifications, unusual activity flags, and helpful guidance.
Velocity limits, pattern checks, and hold reviews for unusual flows.
Restrict withdrawals to trusted destinations for additional safety.
Optional approvals and per‑asset limits reduce impact of mistakes.
Documented runbooks, on‑call rotations, and clear stakeholder comms.
Peer review, staged rollouts, and monitoring for safe releases.
Disaster recovery plans and tested backups for business continuity.
We engage third‑party reviews and embrace responsible disclosure. Contact security.
Clear status updates, incident postmortems, and roadmap notes where applicable.
Yes. Enable TOTP 2FA in Settings → Security. Store backup codes securely.
Keys are protected via HSM/MPC custody, strict access, and monitored operations.
Yes. Use address allowlisting and per‑asset limits for extra protection.
We aim to communicate clearly via our Status page and postmortems where applicable.
