Security

Security is fundamental to ZcashBridge's design. This page explains our security architecture and best practices.

Non-Custodial Design

Core Principle

ZcashBridge never takes custody of your funds or private keys.

What This Means

  • No Pooled Deposits: Your funds never enter a shared pool

  • No Shared Accounts: No exchange-style accounts

  • Direct Control: You maintain control at every step

  • Wallet-Based: Everything happens through your connected wallet

How It Works

1

You connect a wallet you trust

2

Transactions are initiated directly from your wallet

3

We never have access to your private keys

4

You can verify everything on-chain independently

Key Management

Your Responsibility

  • Seed Phrases: Never share with anyone, including ZcashBridge

  • Private Keys: Keep secure, we never ask for them

  • Wallet Security: Use trusted wallets and keep them updated

  • Backup: Always backup your wallet recovery phrases

Best Practices

  • Hardware Wallets: Use for large amounts

  • Software Wallets: Keep software updated

  • Multi-Sig: Consider for institutional use

  • Backup: Multiple secure backups of recovery phrases

Transaction Verification

On-Chain Verification

Every transaction can be verified independently:

  • Source Chain: Verify on source chain explorer

  • Destination Chain: Verify on Zcash blockchain explorer

  • Transaction Hashes: All transactions have verifiable hashes

  • Status Updates: Real-time status in platform UI

What You Can Verify

  • Source chain transaction confirmations

  • Bridge processing status

  • Destination chain transaction details

  • Final ZEC receipt in your wallet

Verification Tools

  • Block Explorers: Use public blockchain explorers

  • Transaction Hashes: Provided for all transactions

  • Status Page: Real-time status updates

  • Receipts: Complete transaction receipts

Infrastructure Security

Monitored Systems

  • Real-Time Monitoring: Continuous infrastructure monitoring

  • Alert Systems: Immediate notification of issues

  • Performance Tracking: Monitor bridge performance

  • Error Detection: Automatic detection of problems

Redundancy

  • Multiple Systems: Redundant infrastructure

  • Failover: Automatic failover capabilities

  • Backup Systems: Backup systems ready

  • High Availability: 99.9%+ uptime target

Updates

  • Regular Updates: Regular security updates

  • Patch Management: Timely security patches

  • Vulnerability Management: Proactive vulnerability management

  • Security Audits: Regular security audits

Compliance & Monitoring

Compliance Checks

  • Policy Validation: Checks against compliance policies

  • Travel Rule: Automated travel rule data collection

  • Risk Assessment: Transaction risk evaluation

  • Address Verification: Validates destination addresses

Monitoring

  • Transaction Monitoring: Monitor all transactions

  • Anomaly Detection: Detect unusual patterns

  • Fraud Prevention: Prevent fraudulent transactions

  • Compliance Reporting: Generate compliance reports

Best Practices

For Users

1

Verify Addresses: Always double-check destination addresses

2

Use Trusted Wallets: Only connect wallets you trust

3

Check Quotes: Review fee breakdowns before confirming

4

Monitor Status: Keep an eye on transaction status

5

Verify On-Chain: Verify transactions on public explorers

Wallet Security

  • Keep Keys Secure: Never share seed phrases or private keys

  • Use Hardware Wallets: Consider for large amounts

  • Verify Connections: Always verify you're connecting to official site

  • Check URLs: Ensure you're on app.zcashbridge.com

  • Keep Updated: Keep wallet software updated

Transaction Security

  • Review Details: Carefully review all transaction details

  • Check Amounts: Verify source and destination amounts

  • Understand Fees: Make sure you understand all fees

  • Start Small: For first-time use, consider starting with small amount

  • Double-Check: Always double-check before confirming

Privacy Protection

Shielded Addresses

  • Encrypted Transactions: Transactions encrypted on blockchain

  • Zero-Knowledge Proofs: Verification without revealing details

  • Private Amounts: Transaction amounts are private

  • Private Parties: Sender and receiver remain private

Data Collection

  • Minimal Data: We collect minimal necessary data

  • No Personal Info: No personal information required

  • Wallet Addresses: Only public wallet addresses

  • Transaction Data: Only transaction data necessary for bridging

Incident Response

If You Notice Issues

1

Contact Support: Reach out immediately

2

Provide Details: Share transaction hashes and details

3

Verify On-Chain: Verify transactions on-chain

4

Check Status: Check our status page for known issues

Support Response

  • Quick Response: Rapid response to security issues

  • Investigation: Thorough investigation of issues

  • Transparency: Transparent communication about issues

  • Resolution: Quick resolution of problems

Security Guarantees

What We Guarantee

  • Non-Custodial: We never take custody of your funds

  • Transparency: Full visibility into the bridging process

  • Monitoring: Continuous monitoring of infrastructure

  • Compliance: Institutional-grade compliance checks

What You Control

  • Your Keys: You maintain full control of your keys

  • Your Wallets: You choose which wallets to use

  • Your Transactions: You initiate and approve all transactions

  • Your Privacy: You control your privacy settings

Reporting Security Issues

How to Report

  • Email: [email protected]

  • Support: Through support channels

  • Responsible Disclosure: We appreciate responsible disclosure

What to Include

  • Description of the issue

  • Steps to reproduce (if applicable)

  • Transaction hashes (if relevant)

  • Any other relevant information

Additional Resources

  • Privacy Guide - Learn about privacy options

  • FAQ - Common security questions

  • Troubleshooting - Security-related issues

  • Getting Started - Secure setup guide

FAQ

For common security questions, see: FAQ

Security is our priority. If you have security concerns, please contact us immediately at [email protected].

PreviousFeaturesNextFees Pricing

Last updated