← Wabi

Security & Compliance

Effective Date: May 29, 2026

Wabi is architected around security-by-design principles. Because we assist families in balancing real-world wealth, our infrastructure is built to protect mathematical records with exceptional rigor, minimizing the attack surface and keeping systems clean.

1. Zero-Password Authentication

We do not store passwords. By utilizing secure Federated OAuth identity standards (Google Account single sign-on via Better-Auth), we offload primary account credentials to world-class identity providers.

This ensures that password leaks or database compromise at Wabi can never compromise your underlying credentials. We recommend securing your Google account with robust hardware keys or multi-factor authentication (MFA).

2. Zero-Custody of Real Assets

Wabi possesses zero integrations with your physical bank accounts, financial brokerages, or crypto-currency wallets. We can neither execute trades on your behalf nor transfer funds.

By decoupling calculations from physical execution, we create an absolute logical boundary. Your wealth remains physically secure inside your chosen institutional vaults. Even in the event of an adversary gaining layout access, they cannot move or access your funds.

3. Transmission and Storage Cryptography

Your information is fully encrypted in transit using Transport Layer Security (TLS 1.3) protocols.

Our production databases are fully encrypted at-rest using industry-standard AES-256 encryption. Database access is strictly confined to local application runtimes and operates inside isolated container networking barriers.

4. Infrastructure Hardening & Cloud Build

Our delivery pipelines utilize strict continuous integration models. All builds and deployment containers are verified automatically inside secure build spaces with static analysis checking.

Dependency management and security audits are executed routinely to avoid common package-level vulnerabilities.

5. Responsible Disclosure Policy

If you identify a security vulnerability in our codebase or server infrastructure, please act responsibly. Reach out quietly to coordinate disclosure. We will respond promptly to examine, patch, and deploy remediations.