Security is Our Top Priority
To create the most secure wallet for organizations and institutional crypto investors, we go beyond existing industry standards. Our commitment to exceeding these benchmarks has resulted in what we believe to be the most secure crypto wallet available today.Multi-Party Computation at the Core
Securing our users’ private keys and ensuring their exclusive control over funds is our top priority. Unlike traditional hot wallets, which store keys in browser extensions and are susceptible to system compromises, we utilize multi-party computation (MPC).How MPC Works
This advanced cryptographic approach divides the private key into multiple parts, ensuring there is no single point of failure:- Key Division: Each private key is split into multiple keyshares
- Individual Signing: Users individually sign their portion of transactions
- Signature Combination: Individual signatures are combined to produce the final signature
- No Complete Key: The complete private key never exists in one place at any time
MPC Provider Options
At Aeon, we believe customers should have the freedom to choose how they want to protect their assets. We offer two industry-leading models:- MPC (Sodot)
- dMPC (Ika)
Sodot (sodot.dev) provides highly performant MPC key management infrastructure, purpose-built for self-custodial solutions.Key Features:
- Infrastructure never signs without authorization from our fully on-chain business logic
- Verifies state proofs and submits results to Trusted Execution Environments
- Signing only occurs if on-chain business logic authorizes it
- Faster signing times
- Supports backing up of user keyshares for recovery
Fully On-Chain Business Logic
Immutable Governance
All workspace interactions governed by immutable, fully on-chain logic
deployed on Sui blockchain
User Consent Required
Any upgrades or chain additions require explicit user consent - we cannot
initiate changes unilaterally
On-Chain Assembly
All transaction bytecode assembly performed entirely on-chain, preventing
external modification
Privacy Preserved
Personal data stored off-chain for privacy, with on-chain commitments
ensuring data integrity
Smart Contract Security
Our smart contracts are written in Move - a language purpose-built for securing high-value assets:- Rigorous Auditing: Contracts undergo thorough security audits
- Formal Verification: Most security-critical components are formally verified
- Cryptographic Proofs: Only transactions authorized by smart contracts are signed
- Dual Authorization Protection: Smart contract approval followed by user co-signing ensures that even if there are bugs in contract logic, funds remain protected by the dual authorization requirement
We are the only MPC-based custody provider that mandates user consent for
changes to business-critical flows.
Authentication and Authorization
We employ a dual-approach authentication system to ensure robust security for both off-chain and on-chain operations.Non-Critical Operations
Google zkLogin or MetaMask for accessing web console and private user informationCapabilities:• Web console access for requesting transactions• Proposing workspace changes• Viewing private data
Critical Operations
Mobile device secure enclave with biometric authentication for fund movements and critical operationsCapabilities:• Fund movements and transfers• Voting on proposals• Executing any workspace change
Advanced Wallet Security
Transaction Enrichment
For every transaction on any chain, we provide:Transaction Effects
Detailed breakdown of what the transaction will accomplish
Contract Addresses
All interacting smart contract addresses clearly displayed
Balance Changes
Exact resulting balance changes before and after execution
Admin Quorum
This ensures:- No Single Point of Failure: Governance doesn’t rely on individual administrators
- Protection Against Internal Threats: Multiple approvals required for policy changes
- Malware Resistance: Compromised individual devices cannot alter critical settings
- Fund Protection: Prevents unauthorized access to organizational assets
Internal Security
Even if our infrastructure is compromised, attackers cannot steal user funds due to our MPC, secure enclave, and on-chain logic architecture.Code Auditing
Thorough business logic audits by third-party security firms and formal
verification for critical components
Development Standards
Every line of code requires peer review by two reviewers with additional
auditing for security-critical changes
Automated Security
Continuous integration with automated security scanning and regular
penetration testing
Production Access
Access strictly limited to dedicated, isolated machines accessible only by
Aeon founders
Team Security
Hardware security keys required for all team members with multi-factor
authentication for internal systems
Infrastructure Updates
All infrastructure updates require confirmation on secure machines with
strict approval processes
SOC 2 Compliance
Currently in progress for operational security standards with comprehensive
audit trails
Incident Response
Established procedures for security event handling with ongoing third-party
assessments
Security Training
Regular security training and awareness programs for all team members
Security is an ongoing process. We publish regular security updates and audit
reports. Contact [email protected] for the latest security documentation.