Bundlr

πŸš€ Bundlr Security Policy

Last Updated: February 2025

At Bundlr, security is our top priority. We have implemented robust security measures to protect users' private keys, transactions, and personal data. This document outlines the security protocols we follow to ensure a safe and trustless environment for token bundling and trading.

πŸ” 1. Client-Side Security

  • In-memory handling of private keys to prevent long-term storage.
  • Immediate clearing of sensitive data after transaction execution.
  • Secure input masking to protect private key entry from being exposed.

πŸ“ 2. Transaction Signing Flow

  • All transactions are signed locally in the user's browser.
  • Only signed transactions are sent to the backend, ensuring no raw private key exposure.
  • Bundlr never transmits or stores private keysβ€”users maintain full control.

πŸ›‘οΈ 3. Secure Key Handling

We have implemented a SecureKeyHandler class that ensures:

  • βœ… Sensitive data is immediately cleared from memory after signing.
  • βœ… All private keys are used only in-memory and never persist.
  • βœ… Validation of secure execution context to ensure safety.
  • βœ… Detection of potential security risks, such as browser vulnerabilities.

πŸ›‘ 4. Enhanced Input Security

  • Clipboard auto-clearing to prevent private keys from being copied and leaked.
  • Screen capture prevention during sensitive operations.

🌍 5. Context & Risk Validation

Bundlr actively monitors the security of the environment in which it operates:

  • πŸ”’ Ensures HTTPS usage for secure communication.
  • πŸ› οΈ Detects developer tools to prevent potential debugging-based attacks.
  • 🧩 Flags conflicting wallet extensions that could interfere with security.

πŸ”— 6. Secure Bundle Creation

Our createBundle function follows strict security protocols:

  • βœ… Uses secure key handling to prevent memory leaks.
  • βœ… Immediately clears private keys after transaction signing.
  • βœ… Ensures robust error handling to avoid data persistence in case of failure.

🌐 7. Network Security

  • All connections use HTTPS for encrypted communication.
  • Content Security Policy (CSP) headers prevent cross-site attacks.

πŸ“’ 8. User Warnings & Education

  • Clear security warnings near private key input fields.
  • Education on Bundlr's policy: We never store private keysβ€”users maintain full custody of their wallets.

πŸ” Continuous Security Audits

Security is an ongoing process. We regularly:

  • βœ”οΈ Conduct internal security audits to identify vulnerabilities.
  • βœ”οΈ Implement updates and patches to strengthen security.
  • βœ”οΈ Provide educational resources to help users stay secure.

πŸ“© Contact Us for Security Concerns

If you identify a security issue or have concerns, please contact us:

  • πŸ’¬ Community Chat: Telegram

πŸš€ Bundlr is committed to providing a safe and secure trading experience. Stay protected, stay in control! πŸ”πŸ”₯

Return to Home