eUSD's confidentiality, the integrity of the reserve, and regulator-accessible disclosure all rest on well-studied cryptographic primitives, audit-ready program logic, and a multisig governance design with no single point of failure.
Twisted ElGamal, bulletproofs, and Pedersen commitments on the Ristretto255 group. Standard hardness assumptions, no bespoke cryptography.
2-of-3 Squads v4 multisig protects the mint, the IWR, the Auditor Key, the Silent Freeze, and the reserve. No single signer can act unilaterally.
Every protocol upgrade affecting the mint, IWR, Auditor Key, or SLV is held for at least 24 hours before execution — visible to anyone in the meantime.
Every privileged operation — Auditor Key, Silent Freeze, Escrow disposition, IWR modification — is logged on-chain and becomes public after 24 hours.
The protocol consumes the audited Token-2022 program as a standard library — no modified or forked token program with bespoke audit burden.
Softseco holds no email addresses, no passwords, no customer databases; any KYC required at mint and redeem is performed by licensed ramp partners. Authentication is performed by the user's wallet — no central honeypot to breach.
The security and regulatory roadmap is sequenced across phases.
Single firm engaged to review the initial Anchor program suite. Objective: identify structural issues, common vulnerability classes, and design-level concerns before further development.
Formal pre-application dialogue with the Polish Financial Supervision Authority (KNF). Submission of preliminary documentation. Engagement of EU-qualified legal counsel.
Multiple firms in parallel review with non-overlapping methodologies. A third firm for the highest-risk components (Shielded Liquidity Vault, Auditor Key).
Formal Electronic Money Institution authorization application submitted to KNF. Authorization, once granted, is passportable across the European Union under MiCA.
Public program through Immunefi or equivalent, with rewards scaled to severity. Open to the entire program suite plus the SDK.
Ongoing audit relationship for incremental review of upgrades. Open-source publication of program source code for independent third-party review.
We don't pretend they don't exist.
Disabled on Solana since June 2025; reactivation is expected in the Agave 4.x cycle (2026) but isn't guaranteed. Both the Shielded Liquidity Vault and the token's confidential transfers depend on it, so mainnet launch is gated on its re-enablement. Contingency paths (Arcium's MPC-based Confidential SPL, or deferring the SLV) are set out in whitepaper §9.2.
The confidentiality properties rest on the discrete logarithm assumption on Ristretto255. Not protected against a sufficiently capable future quantum adversary. Migration path under review.
Material concentration in the initial USDC mint flow and the 20% liquidity tranche. Mitigated by direct fiat on-ramps post-EMI authorization in the Scale Phase.