> For the complete documentation index, see [llms.txt](https://wiki.decimal.at/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://wiki.decimal.at/technical/security.md). # Security Decimal is built with security-first principles. We know that your workflows touch critical systems - from financial transactions to community data - so protecting your automations, data, and keys is our top priority. ### 1. Core Security Principles * Zero-Trust Architecture – every request is verified, and no implicit trust is given to nodes, connectors, or users. * End-to-End Encryption – all data in transit uses TLS 1.2+ and sensitive data at rest is encrypted with AES-256. ### 2. Data Protection * Secrets Vault – all API keys, and user credentials are stored in an isolated, encrypted TEE vault, never in plaintext. * No Silent Data Capture – Decimal does not log or store workflow payloads beyond the immediate execution. All logs are available on the browser, and get deleted immediately after execution. * User Ownership – you can revoke integrations or delete all data at any time. ### 3. Wallet & Web3 Security * Non-Custodial by Default – Decimal does not hold or control your funds. * Decimal wallet is powered by [CDP](https://www.coinbase.com/en-in/developer-platform/products/wallets), secured inside a TEE and tightly tied in with the User's wallet. * Secure Signing – all on-chain transactions use secure signing mechanisms (e.g., WalletConnect, hardware wallets, or API keys provided by you). * Audit Trails – every blockchain interaction triggered by a workflow is logged for transparency. ### 4. Infrastructure Security * Containerized Execution – workflows run in isolated TEE environments, reducing risk of cross-contamination. * Marlin TEEs (Oysters) provide computation guarantee and proofs to ensure executions are exactly as per the instructions set by the user. * Rate Limiting & Throttling – prevents abuse and DDOS attacks ensures high reliability of shared resources. * Regular Audits – all components and connectors undergo periodic code audits and penetration tests. ### 5. Compliance & Standards * SOC 2 (in progress) – following best practices for security, availability, and confidentiality. * GDPR / Data Privacy – our entire system is designed to safeguard user's privacy and anonymity, so no user data is ever stored on our system. * Best Practices for Web3 – Only verified smart contracts and on-chain modules are onboarded onto the platform. ### 6. Shared Responsibility Decimal provides the infrastructure and guarantees secure execution, but security is a shared responsibility: * Always use strong authentication for your accounts. * Rotate API keys regularly. * Use only trusted Web3 vendors and third-party connectors. ### 7. Why This Matters Security isn’t just about avoiding losses; it’s about trusting your automations to run without worry. With Decimal: * You don’t risk losing keys or sensitive data to a silo platform. * You retain control over your wallets and workflows. * You gain the peace of mind that every execution is isolated, auditable, and protected. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://wiki.decimal.at/technical/security.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.