Wallet Security and Non-Custodial Design

Senpi's wallets are managed by Privy with a defense-in-depth architecture. The system is non-custodial - you can export your private keys at any time from senpi.ai and move funds independently onchain.

Key protection

Private keys are never stored in complete form. They are sharded across separate security boundaries. Sensitive operations like transaction signing run inside AWS Nitro Enclaves - Trusted Execution Environments with processor-level isolation that protect the keys even if surrounding systems are compromised.

Audits and compliance

Privy is SOC 2 Type I and Type II certified, has been audited by Cure53, Zellic, and Doyensec, runs a HackerOne bug bounty program with 24/7 incident response and SLAs, and its core cryptographic implementations are open-source with dedicated third-party audits.

Senpi-side guarantees

All agent actions are logged with full audit trail (see article 27). The OpenClaw framework is open-source.

For full details, reference: docs.privy.io/security/overview.

For support channels and scam awareness, see article 6.