Security

Decimal is built with security-first principles. We know that your workflows touch critical systems - from financial transactions to community data - so protecting your automations, data, and keys is our top priority.

1. Core Security Principles

  • Zero-Trust Architecture – every request is verified, and no implicit trust is given to nodes, connectors, or users.

  • End-to-End Encryption – all data in transit uses TLS 1.2+ and sensitive data at rest is encrypted with AES-256.

2. Data Protection

  • Secrets Vault – all API keys, and user credentials are stored in an isolated, encrypted TEE vault, never in plaintext.

  • No Silent Data Capture – Decimal does not log or store workflow payloads beyond the immediate execution. All logs are available on the browser, and get deleted immediately after execution.

  • User Ownership – you can revoke integrations or delete all data at any time.

3. Wallet & Web3 Security

  • Non-Custodial by Default – Decimal does not hold or control your funds.

  • Decimal wallet is powered by CDP, secured inside a TEE and tightly tied in with the User's wallet.

  • Secure Signing – all on-chain transactions use secure signing mechanisms (e.g., WalletConnect, hardware wallets, or API keys provided by you).

  • Audit Trails – every blockchain interaction triggered by a workflow is logged for transparency.

4. Infrastructure Security

  • Containerized Execution – workflows run in isolated TEE environments, reducing risk of cross-contamination.

  • Marlin TEEs (Oysters) provide computation guarantee and proofs to ensure executions are exactly as per the instructions set by the user.

  • Rate Limiting & Throttling – prevents abuse and DDOS attacks ensures high reliability of shared resources.

  • Regular Audits – all components and connectors undergo periodic code audits and penetration tests.

5. Compliance & Standards

  • SOC 2 (in progress) – following best practices for security, availability, and confidentiality.

  • GDPR / Data Privacy – our entire system is designed to safeguard user's privacy and anonymity, so no user data is ever stored on our system.

  • Best Practices for Web3 – Only verified smart contracts and on-chain modules are onboarded onto the platform.

6. Shared Responsibility

Decimal provides the infrastructure and guarantees secure execution, but security is a shared responsibility:

  • Always use strong authentication for your accounts.

  • Rotate API keys regularly.

  • Use only trusted Web3 vendors and third-party connectors.

7. Why This Matters

Security isn’t just about avoiding losses; it’s about trusting your automations to run without worry. With Decimal:

  • You don’t risk losing keys or sensitive data to a silo platform.

  • You retain control over your wallets and workflows.

  • You gain the peace of mind that every execution is isolated, auditable, and protected.

Last updated

Was this helpful?