Security & Infrastructure
Enterprise-grade security designed for resilience, compliance, and scale.
Network Security
- • DDoS protection
- • Web Application Firewall (WAF)
- • Rate limiting & throttling
- • Intrusion detection
Key Management
- • HSM-ready architecture
- • Multi-signature policies
- • Cold storage strategy
- • Key rotation & backup
Monitoring & Audit
- • 24/7 security monitoring
- • Audit-ready logging
- • Access control logs
- • Incident response
Fund Protection
Our custody infrastructure uses a multi-layered approach to protect client funds:
- • Hot wallets: Limited funds for operational needs, protected by multi-sig
- • Cold storage: Majority of funds stored offline in geographically distributed locations
- • Segregated accounts: [Placeholder — Pending Legal Review] Client funds are segregated from operational funds
- • Insurance: [Placeholder — Pending Legal Review] Coverage details to be confirmed
Data Protection
Encryption
- • TLS 1.3 for data in transit
- • AES-256 encryption at rest
- • Encrypted database backups
- • End-to-end encryption for sensitive operations
GDPR Alignment
- • Data minimization principles
- • Right to erasure support
- • Data processing agreements
- • Privacy by design
Compliance & Certifications
PCI DSS
While we handle payment processing, our infrastructure is designed with PCI DSS principles in mind. We do not store full card numbers and use tokenization where applicable.
Note: Specific PCI DSS certification status to be confirmed with legal/compliance team.