Cryptographic Core: Multi-Party Computation (MPC) 🔐
The biggest risk in digital assets has always been the private key—a single piece of data that can unlock and control all your funds. Our platform eliminates this risk by using Multi-Party Computation (MPC). When you create a Dfns wallet, a complete private key is never generated. Instead, multiple secret “key shares” are created and stored on separate, independent servers. To sign a transaction, these servers collaborate using a cryptographic protocol that produces a valid signature without ever combining the shares or revealing a private key. This means there is no single secret to steal. An attacker would need to breach multiple secure, independent systems simultaneously, which is practically impossible.Learn more about MPC
Understand how MPC wallets work, the separation between wallet keys and authentication credentials, and our signing process.
Driven by Cutting-Edge Research 🔬
Our leadership in cryptography is no accident. Dfns is powered by a dedicated, in-house research team composed of world-class cryptographers and security engineers. This team is at the forefront of MPC and digital asset security, responsible for:- Designing Novel Protocols: Developing and implementing proprietary, state-of-the-art cryptographic protocols that enhance security and performance.
- Publishing Academic Research: Contributing to the broader security community by publishing peer-reviewed papers and advancing the field of applied cryptography.
- Continuous Vetting: Constantly analyzing the threat landscape and stress-testing our own systems to stay ahead of future vulnerabilities.
Authentication: Passwordless & Phishing-Resistant 🛡️
Securely storing keys is only half the battle; user access must also be ironclad. Dfns eliminates the risks of traditional passwords by using Passkeys, built on the FIDO2 WebAuthn standard.- No Passwords to Compromise: Passkeys create unique cryptographic credentials on your device (like your phone or laptop). There are no passwords to be stolen, forgotten, or reused, which means users a less susceptible to phishing attacks.
- Built-in 2FA: This method natively incorporates two-factor authentication, using something you have (your device) and something you are (your biometric data like a fingerprint or face scan) to prevent impersonation.
- Secure Recovery: Users can add multiple devices and recovery keys to their accounts, ensuring they never lose access.
Governance & Policy Enforcement ⚖️
Technology alone isn’t enough. Human error is a major security risk, which is why we built a powerful and flexible Wallet Entitlement Management (WEM) policy engine. This acts as a programmable rule book for your wallets. You can enforce strict, automated rules before any transaction is even signed, such as:- Approval Quorums: Require multiple team members to approve high-value transactions.
- Address Whitelisting: Only allow transfers to pre-approved, trusted addresses.
- Velocity Limits: Set limits on transaction amounts or frequency to prevent unauthorized drainage of funds.
Audits, Certifications, and Compliance 📜
Trust must be earned and verified. We are committed to transparency and adhere to the highest industry standards, validated by continuous third-party audits and certifications. Certifications:- SOC 2 Type II: This certification affirms that our information security practices, policies, and procedures meet rigorous standards for security, availability, confidentiality, and privacy.
- ISO 27001: An international standard for information security management, demonstrating our commitment to a systematic and robust security program.
- White box and Black box Penetration Tests
- Cryptographic Library Audits
- Full Security Model Reviews
- AML/KYT Integrations: Real-time transaction monitoring with partners like Chainalysis and Elliptic.
- Travel Rule Support: Integrations to help you comply with global data transfer regulations.