Security

Decimal is built with security-first principles. We know that your workflows touch critical systems - from financial transactions to community data - so protecting your automations, data, and keys is our top priority.

1. Core Security Principles

• Zero-Trust Architecture – every request is verified, and no implicit trust is given to nodes, connectors, or users.

• End-to-End Encryption – all data in transit uses TLS 1.2+ and sensitive data at rest is encrypted with AES-256.

2. Data Protection

• Secrets Vault – all API keys, and user credentials are stored in an isolated, encrypted TEE vault, never in plaintext.

• No Silent Data Capture – Decimal does not log or store workflow payloads beyond the immediate execution. All logs are available on the browser, and get deleted immediately after execution.

• User Ownership – you can revoke integrations or delete all data at any time.

3. Wallet & Web3 Security

• Non-Custodial by Default – Decimal does not hold or control your funds.

• Decimal wallet is powered by CDP, secured inside a TEE and tightly tied in with the User's wallet.

• Secure Signing – all on-chain transactions use secure signing mechanisms (e.g., WalletConnect, hardware wallets, or API keys provided by you).

• Audit Trails – every blockchain interaction triggered by a workflow is logged for transparency.

4. Infrastructure Security

• Containerized Execution – workflows run in isolated TEE environments, reducing risk of cross-contamination.

• Marlin TEEs (Oysters) provide computation guarantee and proofs to ensure executions are exactly as per the instructions set by the user.

• Rate Limiting & Throttling – prevents abuse and DDOS attacks ensures high reliability of shared resources.

• Regular Audits – all components and connectors undergo periodic code audits and penetration tests.

5. Compliance & Standards

• SOC 2 (in progress) – following best practices for security, availability, and confidentiality.

• GDPR / Data Privacy – our entire system is designed to safeguard user's privacy and anonymity, so no user data is ever stored on our system.

• Best Practices for Web3 – Only verified smart contracts and on-chain modules are onboarded onto the platform.

6. Shared Responsibility

Decimal provides the infrastructure and guarantees secure execution, but security is a shared responsibility:

• Always use strong authentication for your accounts.

• Rotate API keys regularly.

• Use only trusted Web3 vendors and third-party connectors.

7. Why This Matters

Security isn’t just about avoiding losses; it’s about trusting your automations to run without worry. With Decimal:

• You don’t risk losing keys or sensitive data to a silo platform.

• You retain control over your wallets and workflows.

• You gain the peace of mind that every execution is isolated, auditable, and protected.