Security is paramount. With Ambire Wallet, users can rest assured that their digital assets are safeguarded by a robust security model built on careful development practices, transparency, advanced security through account abstraction, rigorous auditing, and proactive bug bounty initiatives.
Careful and deliberate development
We understand that security begins at the development stage. Every line of code undergoes thorough scrutiny and review, ensuring that each change is deliberate and in line with best security practices. We prioritize security over expediency, meticulously locking in dependency versions to shield ourselves from potential supply chain attacks. While new features are essential, we never compromise on security, fostering a culture where it takes precedence in every aspect of our development process.
Open-Source Foundation
Transparency is fundamental to trust. That's why Ambire Wallet is proudly open-source. We firmly believe that in matters of security, having as many eyeballs as possible scrutinizing our code is imperative. By making our source code accessible to everyone, we empower users to inspect, validate, and contribute to the integrity of our platform.
Account Abstraction
Using account abstraction, we've elevated security standards through the following examples:
- Eliminating open ERC20 token approvals. Ambire automatically batches an exact limited approval amount together with each action that requires one (or a batch of actions), resulting in no open token approvals after transaction execution. Note: dApp needs to support this.
- Security checks and transaction simulation ensure safety by simulating every transaction or batch of transactions in a secure environment and providing detailed information on the outcome post-signing.
- Account abstraction allows for on-chain security checks like spending limits.
- We developed a recovery mechanism based on DKIM that was funded by the Ethereum Foundation.
Rigorous Auditing
Ambire Wallet continuously undergoes auditing processes to ensure its resilience against potential threats. Over 5 audits have been recently completed, see all audits at Ambire Audit Github.
In addition to external audits, we’ve been hosting a bug bounty with Immunefi since 17 December 2021, and we regularly run security competitions such as the one we did with Code4rena.
Privacy matters
The Ambire wallet prioritizes user privacy by strictly refraining from collecting any user data, ensuring utmost confidentiality and security for its users.