Safeguarding Your Cryptocurrency Is Our Top Priority

Safeheron's self-developed multi-layer security solution utilizes cutting-edge MPC cryptography and hardware isolation to shield your network from external hackers and malicious insiders.

The Industry’s Security vs. Efficiency Conundrum

Blockchain is a SPOF(single point of failure) eliminated computational economic network. However, the centralization of control over private keys poses a significant security concern. There have already been thousands of security incidents due to it, resulting in billions of dollars in annual losses for businesses and individuals.

Existing Solutions

Efficiency

Wallet Software
Online-Hot
Single Private Key
Single Signature

Security

Wallet Hardware
Offline-Cold
Private Key Shard
Multi-Signature

How do you strike a balance between security and efficiency? This answer calls for a synergistic combination of cryptographic advances and hardware, which is exactly what you get with Safeheron's cutting-edge security solutions.

First-Ever Security

Safeheron Multi-Layer Security Technology

Safeheron adopts next-generation revolutionary security technologies to help you overcome operation & security challenges. Our multi-layer security model and hundreds of designs including MPC, hardware isolation (Intel SGX), policy engine, deposit address verification and customer privacy protection to provide you the most impenetrable protection in the market.

100% Asset Control

MPC Privacy Network for Private Key

Safeheron's proprietary MPC cryptography utilizes key shards to compute signatures without exposing the private key and shards to any third party, protecting the single private key from external hackers and malicious insiders.

Check out our code on GitHub
Secure Multi-Party Computation And Multisignature

Intel SGX

Hardware Isolation

Safeheron incorporates SGX technology into private key shards, policy engines, customer profiles, and a variety of other areas. Even if hackers and malware take control of the server's operating system, sensitive data stored in SGX will not be compromised.

Intel SGX Data Sealing
Remote Attestation : DCAP Certificate Chain

Business Approval Workflow

Policy Engine

Safeheron's policy engine allows for advanced control over the approval process for each transaction across a wide range of parameters (up to 5 dimensions) to meet the needs of even the most intricate business requirements.

Learn more

Offline Public Key Exchange

Offline Member Authorization

Safeheron employs peer-to-peer encrypted authorization of member joining, ensuring that no man-in-the-middle attacks occur, even by Safeheron.

What You See is What You Sign

Secure Transfers

Transfers are initiated within the team, and the transaction details for approval are the same as for on-chain transfers, with the target address always subjected to security checks.

ZERO Data Leaks

Multi-Factor Authentication

Secure your account and sensitive data with multi-factor authentication, which includes email verification, account password, face ID, and a one-time password.

Risk Free

Offline Private Key Recovery

You alone maintain possession of all private key shards, allowing you to recover the original key offline without any external assistance.

How to recover original private key offline

Open-Source & Transparent

Don't Trust, Always Verify!

Open source code is the simplest method of establishing reliability. As a result, our code is readily available for review by any developer to ensure that we deliver as promised.

Learn more
  • Software Architecture Security

    The security of software architecture is systemic. It enables the architecture's modules and data flows to operate in a secure and continuous manner. Furthermore, the zero trust architecture ensures that every step of the process is verified and secure. This can reduce the risks of collaborative attacks while also ensuring the system's security and reliability.

  • DevSecOps

    We use the industry-standard technical development approach, DevSecOps (development, security, and operations), which means we consider application and infrastructure security from the beginning and throughout the development, operation, and maintenance process. This significantly reduces future risks while ensuring long-term security and advances for technical development.

  • Anti-Money Laundering

    We place a high value on financial compliance policies. In terms of AML, we have partnered with the industry's leading service providers to mitigate the risks associated with digital assets due to noncompliance.

  • Security Risk Management

    Our security risk management policy identifies and mitigates risks such as asset liquidity risks, business operational risks, and internal security operational risks. Our risk management engine can identify each entity's anomalous properties and behavior and issue warnings or block unusual traffic.

  • Security Operations

    We have created detailed guidelines and policies for both your and our security operations to ensure that every key action is under your control. Furthermore, our internal operations are audited to effectively prevent internal malicious attacks.

  • Supply Chain Security

    We have integrated well-known third-party services into our system architecture, such as the system software module, CDN module, and WAF module. Although these third-party services have their own security policies, we have strict continuous security audits built into our DevSecOps process to ensure that the services are always reliable and are never used in supply chain attacks.

  • Full-Chain Authentication

    Our system is made up of multiple modules, each of which corresponds to a different chain. The authentication of each chain and link is critical to the zero trust architecture. The entire system can only be trusted if the entire chain is trusted. Each link in the chain rigorously validates the security and reliability of the previous one. When a link is compromised, all subsequent actions on the chain are automatically detected and blocked.

  • Customer's Environment Security

    As the least controllable aspect of the total security architecture design and practice environment, we have prioritized the security of your environment. Although it’s not directly related to us, teams may also be vulnerable to internal malicious attacks. A comprehensive security architecture must take into account uncontrollable factors, that’s why our technical support team will assist you in creating a secure environment.

  • Disaster Recovery

    For highly secure products and services, we feel that a robust disaster recovery mechanism is required. Our disaster recovery policy includes information, code, data, and logs pertaining to private key computation. Utilizing a sustainable drill mechanism, we verify that the policy is thorough, prompt, and operational. Even if a catastrophic event occurs in our system, you can still safely retrieve all of your digital assets.

Enterprise-Level

Maximum Security Compliance

MPC algorithm audited by Kudelski Security, regular white-box audits and penetration testing by SlowMist, as well as ISO 27001 and SOC 2 Type II certifications were obtained to ensure the highest degree of security.

In Progress

Transparency

Security Audits

Every major feature upgrade will be thoroughly audited by internal and external security experts, and is available to view upon request.

  • July 2nd, 2021

    Safeheron (v 0.0.1) code audited by SlowMist

    View
  • December 8th, 2021

    MPC Algorithm Library audited by Kudelski

    Contact us to view
  • December 24th, 2021

    Safeheron obtained ISO 27001 Certification

    Contact us to view
  • June 15th, 2022

    Safeheron (v 1.0.0) code audited by SlowMist

    View

Always Be Skeptical: Don’t Trust, Verify!

Check out Safeheron's open source code