§ Security

The non-custodial posture, in detail.

Last updated · 2026-04-27

Softmax Finance is built around the assumption that we should never be able to take your money. This page explains how that posture is enforced — architecturally, operationally, and contractually — plus how to report a vulnerability if you find one.

Custody — we never have it

  • Wallet keys live on your device. Thirdweb's embedded wallet uses a key fragment stored client-side; hardware wallets and Safe multisigs never expose the key at all. Softmax never sees the private key in any form.
  • We never co-sign. We're not a signer on your Safe, never ask for one, and the architecture would refuse it if you tried.
  • Every money-moving action is constructed unsigned by Softmax, handed to your wallet, and signed by you. We watch the on-chain receipt, parse it, and update the action ledger — we never broadcast on your behalf.

Data security

  • Postgres at Supabase (eu-west-1). Per-tenant isolation enforced by application-layer workspace_id checks AND row-level security policies at the database. Service-role access (RLS bypass) is restricted to a small set of admin server endpoints.
  • File attachments live in a private Supabase Storage bucket; the bucket isn't publicly listable. Reads happen via signed URLs with a 1-hour TTL, issued only after a tenancy check.
  • All client → server traffic is HTTPS via Vercel's edge. Database connections use TLS.
  • Authentication is Supabase Auth — bcrypt password hashing, OAuth (Google), and TOTP MFA for accounts that opt in (strongly recommended for any workspace handling material funds).

AI surface

AI extractions and drafts run on Anthropic Claude (primary) or OpenAI (configurable fallback). Per the providers' API policies, prompts and outputs are not used to train base models. We never ask the AI to construct on-chain transactions or to produce signing material; the AI's output is treated as a proposal that the human reviews before any transaction is built.

Operational

  • Code review on every PR — no direct pushes to main on the production branch.
  • Secrets in Vercel Environment Variables; never committed. Anyone with production access has TOTP MFA on their auth provider.
  • Continuous dependency monitoring via npm audit + GitHub Dependabot. Moderate-severity advisories patched within 14 days; high/critical within 72 hours.
  • Sentry for error telemetry — we scrub PII, addresses, and payload bodies before reporting.

Responsible disclosure

Found a vulnerability? Email legal@softmax.finance with:

  • A description of the issue + the impact you think it has.
  • Steps to reproduce — be precise; we'll move faster on something we can replay than on a video.
  • Your wallet address (optional) if you'd like to receive a bounty in USDC.

Our SLA: acknowledge within 48 hours; assign a severity within five business days; ship a patch on a timeline proportional to severity (critical: hours; high: days; medium: weeks; low: in the next regular release). We don't have a public bounty scale yet — we'll match a fair industry rate per finding.

Do not access data that isn't yours. Do not deny service. Do not exfiltrate beyond what's needed to demonstrate the issue. We'll work with you in good faith if you do the same.

Abuse + law-enforcement requests

For abuse reports (phishing, fraud, sanctions concerns about a customer of a Softmax workspace) and law-enforcement / subpoena / government requests, email legal@softmax.finance with the relevant detail or formal process. We respond to lawful requests; we don't pre-emptively share customer data.