PRODUCT UPDATE!
We've made a significant upgrade to how your execution wallet private keys are stored and protected on our platform.
What changed
Your execution wallet private keys are now encrypted using HashiCorp Vault's Transit encryption engine, a dedicated secrets management system used by financial institutions and security-critical infrastructure. Previously, keys were protected by a single server-side master key. Now, decryption requires both the Vault service and the database to be present, neither alone is sufficient to access your keys.
Additionally, our authentication tokens now use asymmetric cryptography (ES256), meaning the secret used to verify your sessions can no longer be used to forge them.
What this means for you
- Your execution wallet keys are significantly harder to access, even in the event of a partial infrastructure compromise
- The key reveal flow works exactly as before — your owner wallet signature is still required to export your private key
- No action is required on your part
Our recommendation
As always, we strongly encourage you to export and securely store your execution wallet private key as a backup. While our infrastructure is now hardened, self-custody of your backup key remains the gold standard. You can do this anytime from the wallet settings page.