Security
Security isn't a feature at Nonce — it's the foundation. The platform is non-custodial by design: your keys, your funds, your control.
Non-custodial architecture
Nonce never stores, accesses, or transmits your private keys. The platform interacts with your funds exclusively through smart contract approvals — the same mechanism used by every major DeFi protocol. You maintain full custody of your assets at all times.
You can revoke smart contract approvals at any time through your wallet or a tool like Revoke.cash. Revoking access immediately prevents Nonce from interacting with your funds.
Smart contract audits
All Nonce smart contracts undergo independent security audits before deployment. Audits cover access control, reentrancy protection, overflow handling, and economic exploit vectors.
Audit reports are published publicly. The contract source code is verified on block explorers for each supported network.
Atomic execution guarantees
Instant Snipe transactions use atomic execution — all operations within a single transaction either complete successfully or revert entirely. This is enforced at the blockchain protocol level, not by Nonce code. There is no way to partially execute an atomic transaction.
Infrastructure security
Beyond smart contracts, the platform infrastructure is secured with industry-standard practices:
- All API communications encrypted with TLS 1.3
- Sensitive data encrypted at rest with AES-256-GCM
- No private keys or sensitive wallet data ever stored on platform servers
Authentication
Authentication is entirely wallet-based. When you connect, you sign a message with your wallet to prove ownership — no passwords, no email, no personal data collected.
Sessions use JWT tokens stored in httpOnly cookies. There is no account creation process and no personal data to leak.