Security

Layered defense. Audit-ready foundations. Honest disclosure.

eUSD's confidentiality, the integrity of the reserve, and regulator-accessible disclosure all rest on well-studied cryptographic primitives, audit-ready program logic, and a multisig governance design with no single point of failure.

How it's secured

Six layers of defense.

Cryptographic primitives

Twisted ElGamal, bulletproofs, and Pedersen commitments on the Ristretto255 group. Standard hardness assumptions, no bespoke cryptography.

Multisig governance

2-of-3 Squads v4 multisig protects the mint, the IWR, the Auditor Key, the Silent Freeze, and the reserve. No single signer can act unilaterally.

24-hour time-lock

Every protocol upgrade affecting the mint, IWR, Auditor Key, or SLV is held for at least 24 hours before execution — visible to anyone in the meantime.

Public disclosure log

Every privileged operation — Auditor Key, Silent Freeze, Escrow disposition, IWR modification — is logged on-chain and becomes public after 24 hours.

Token-2022 substrate

The protocol consumes the audited Token-2022 program as a standard library — no modified or forked token program with bespoke audit burden.

Wallet-native; no PII held by Softseco

Softseco holds no email addresses, no passwords, no customer databases; any KYC required at mint and redeem is performed by licensed ramp partners. Authentication is performed by the user's wallet — no central honeypot to breach.

Future commitments

Audits and licensing — what's planned.

The security and regulatory roadmap is sequenced across phases.

Development Phase · 2027

First security audit

Single firm engaged to review the initial Anchor program suite. Objective: identify structural issues, common vulnerability classes, and design-level concerns before further development.

Development Phase · 2027

MiCA EMI pre-application

Formal pre-application dialogue with the Polish Financial Supervision Authority (KNF). Submission of preliminary documentation. Engagement of EU-qualified legal counsel.

Compliance Phase · 2028

Comprehensive audits

Multiple firms in parallel review with non-overlapping methodologies. A third firm for the highest-risk components (Shielded Liquidity Vault, Auditor Key).

Compliance Phase · 2028

EMI authorization

Formal Electronic Money Institution authorization application submitted to KNF. Authorization, once granted, is passportable across the European Union under MiCA.

Mainnet Beta · 2029

Bug bounty program

Public program through Immunefi or equivalent, with rewards scaled to severity. Open to the entire program suite plus the SDK.

Ongoing

Continuous review

Ongoing audit relationship for incremental review of upgrades. Open-source publication of program source code for independent third-party review.

Known dependencies and risks.

We don't pretend they don't exist.

ZK ElGamal Proof Program

Disabled on Solana since June 2025; reactivation is expected in the Agave 4.x cycle (2026) but isn't guaranteed. Both the Shielded Liquidity Vault and the token's confidential transfers depend on it, so mainnet launch is gated on its re-enablement. Contingency paths (Arcium's MPC-based Confidential SPL, or deferring the SLV) are set out in whitepaper §9.2.

Post-quantum cryptography

The confidentiality properties rest on the discrete logarithm assumption on Ristretto255. Not protected against a sufficiently capable future quantum adversary. Migration path under review.

USDC dependency in Phase 1

Material concentration in the initial USDC mint flow and the 20% liquidity tranche. Mitigated by direct fiat on-ramps post-EMI authorization in the Scale Phase.