Security Architecture

Built on Safe's
$100B+ Foundation

Kleidi extends Safe—the most battle-tested smart contract wallet infrastructure—with time-delayed execution, on-chain policy enforcement, and guardian systems designed for treasury-scale security.

Immutable infrastructure that continues operating even if every company involved ceases to exist.

Schedule a Briefing
Kleidi Defense in Depth Architecture
Independently Verified - 2 Audits, 0 Critical, 0 High

Verification

Independently Audited.
Zero Critical Issues.

Our smart contracts have undergone rigorous security audits by industry-leading firms and formal verification with the Certora Prover. Mathematical proofs of correctness, not just testing.

2
Audits
0
Critical
0
High
Alex (Recon)Code4renaCertora Prover
View Audit Reports

Defense in Depth

Five Layers of Protection

Time-Delayed Execution - Temporal Security Layer
1

Time-Delayed Execution

Every transaction moving funds enters a mandatory waiting period before execution. This creates a critical window to detect and cancel unauthorized transactions, whether from compromised keys, phishing attacks, or coercion under duress.

1-30 day delayCancellation windowDuress protection
On-Chain Policy Engine - Protocol-Level Enforcement
2

On-Chain Policy Engine

Smart contract rules enforce whitelisted addresses and transaction patterns at the protocol level. A transaction signed by a compromised wallet simply won't execute if it violates your policy rules.

Address whitelistPolicy enforcementRisk firewalling
Guardian System - Human Oversight Layer
3

Guardian System

Designated guardians can immediately pause pending transactions upon detecting compromise. This human review layer catches threats that automated systems miss, buying time for cancellation of malicious transactions.

Instant freezeSocial recoveryHuman oversight
Immunefi Bug Bounty - Continuous External Review
4

Immunefi Bug Bounty

Kleidi's Immunefi bug bounty program creates an incentive for over 45,000 security researchers worldwide to find and report vulnerabilities, with payouts up to $50,000 for critical findings.

Up to $50K per critical45,000+ researchersContinuous review
SEAL Safe Harbor - Whitehat Rescue Framework
5

SEAL Safe Harbor

Kleidi has adopted the SEAL Safe Harbor Framework, pre-authorizing whitehat security researchers to intervene and rescue funds during active exploits — with legal protection — without waiting for explicit permission.

Pre-authorized rescueLegal protectionWhitehat Researchers

Threat Model

Treasury-Scale Threats

Cyber Threat Protection

Supply chain attacks, clipboard malware, and phishing can compromise signing devices without your knowledge.

The on-chain policy engine validates every transaction against your security rules before execution. A compromised hot wallet can only perform pre-approved actions, containing the blast radius.

Physical Threat Protection

High-value holders face coercion risks that don't apply to smaller holders. The $5 wrench attack is real.

Time-delayed execution creates a mandatory waiting period—from 24 hours to 30 days—before funds can move. If you're forced to sign under duress, the transaction can still be canceled during the delay window.

External Security

Security Ecosystem

Immunefi Bug Bounty

Continuous external review from over 45,000 security researchers on the largest crypto bug bounty platform. Up to $50,000 for critical smart contract vulnerabilities.

$50K
Max Payout
45K+
Researchers
View on ImmunefiAnnouncement

SEAL Safe Harbor

Pre-authorized legal protection for whitehat security researchers to rescue funds during active exploits.

$56B+
TVL Covered
20+
Protocols
Announcement

Hot Wallet Speed.
Cold Wallet Security.

Five layers of on-chain enforcement between signing and settlement. No tradeoff between operational velocity and treasury-grade protection.

Talk to Our Team