UNTRACEDocumentation
Github

Resources

Security Model

Understand the security guarantees and threat model of Untrace Wallet.

Core Security Principles

Non-Custodial

  • Your private keys never leave your device
  • We cannot access, freeze, or move your funds
  • You are solely responsible for key management

Zero-Knowledge

  • Proofs reveal nothing beyond their claim
  • Transaction details remain encrypted
  • Balance information is never exposed

Trustless

  • No trusted third parties required
  • Smart contracts are immutable and audited
  • Open-source code for verification

Threat Model

What We Protect Against

  • Chain surveillance: Transaction graph analysis
  • Balance snooping: Wallet balance discovery
  • Front-running: MEV and sandwich attacks
  • Timing attacks: Transaction correlation by time
  • Amount correlation: Linking by transaction size

Known Limitations

  • Endpoint security: Your device must be secure
  • Social engineering: We can't prevent phishing
  • Protocol bugs: Smart contract vulnerabilities
  • Regulatory action: Legal compulsion in your jurisdiction

Security Measures

Encryption

  • AES-256 for local data
  • End-to-end encrypted backups
  • Hardware wallet integration

Key Management

  • BIP-39 seed phrase generation
  • Optional multi-signature support
  • Hardware security module compatibility

Network Security

  • Tor integration (optional)
  • RPC provider rotation
  • IP address protection

Audits

Untrace undergoes regular security audits:

  • Smart contract audits by [Audit Firm]
  • Cryptographic review by [Research Group]
  • Penetration testing quarterly

Responsible Disclosure

Found a vulnerability? Contact: security@untrace.io

We offer bug bounties for:

  • Critical vulnerabilities: Up to $100,000
  • High severity: Up to $25,000
  • Medium severity: Up to $5,000