AEVIONTrust · IP · Globus
DemoAuthQRightQSignBureauPlanetAwardsBankChessPricingAPI
Back to AEVION Bank
Security model

Defence in depth, not paperwork.

AEVION Bank is built on five layers of guarantees — cryptographic, behavioural, and procedural. Each layer fails independently, so a compromise of one doesn't unlock the rest. No security committee, no vague 'we take it seriously' statements; just the actual mechanics.
Five layers

How a transfer is actually protected

Layer 1
On-device storage
Wallet, audit log, signatures, goals, gifts, and recipient lists live in your browser's localStorage — never on a shared server. The bank renders from your device. Lose the device, lose the wallet (so back it up — see Layer 5).
Layer 2
QSign Ed25519 signatures
Every transfer is signed via /api/qsign/sign immediately after success. Payload + signature are stored locally; you can re-verify any historical operation against /api/qsign/verify. Tampering shows up as a red 'mismatch' badge on the receipt.
Layer 3
Biometric guards
WebAuthn-backed biometric prompts gate transfers above a configurable threshold. The biometric never leaves the device — it's an unlock for the local QSign keypair. No fingerprint or face data is sent anywhere.
Layer 4
Behavioural anomaly detection
The wallet flags four anomaly classes locally: unusually large transfer (vs. your rolling average), first-time recipient, burst of outgoing transfers, late-night transfer. Each gets a notification before the operation hits your statement.
Layer 5
Portable export
Help → Export wallet downloads a JSON snapshot of 17 localStorage keys. Re-import on any device to restore. No vendor lock-in: your data is yours to take.
Things we deliberately don't do

What's NOT in the trust model

  • ×Store a server-side database of your transactions accessible by employees.
  • ×Send your biometric data, fingerprints, or face vectors anywhere.
  • ×Sell your spending data to advertisers or 'partner' merchants.
  • ×Outsource credit decisions to a third-party bureau with opaque scoring.
Comparison

Old bank vs. AEVION

Traditional bank
AEVION Bank
Account state lives on the bank's servers; you query it through their UI.
Account state lives on your device; the bank UI is a viewer.
Credit limit decided by an external bureau using opaque scoring.
Credit limit gated by Trust Score — formula and inputs visible to you.
Audit log accessible only by support staff after a written request.
Audit log on the device, signed line-by-line, exportable as JSON in one click.
FAQ

Honest answers to security-paranoid questions

What happens if I lose my device?

Your wallet state goes with the device, but you can always log back in from another device — the server holds your account anchor (Account-id + balance). The lost local data is the audit log + goals + signatures. That's why Layer 5 (export) exists: take a JSON snapshot every now and then.

Can AEVION freeze my account?

The team can disable a specific account at the backend layer for fraud-response reasons (it's a regulated obligation). What we can't do is read your local audit log, see your goals, or alter past signatures — those are on your device only.

How is this different from a 'real' bank?

We're not under banking law in any jurisdiction yet — AEVION Bank is a creator-economy wallet, not a deposit-taking institution. AEC is an internal credit unit. Read the Terms before topping up at scale.

Is the QSign keypair recoverable?

Not from our side — the keypair lives in your browser. Loss = loss. Backups are your responsibility (the export JSON includes the keypair material).

Where do I report a security issue?

Email security@aevion.app with reproducible steps and impact. We respond inside 72 hours and credit anyone who reports a verified issue in the changelog.

Read more
Security is part of the product, not a checkbox.
If you're going to put money in a wallet, you should know how it's protected. Open the bank, look at /bank/trust to see your reputation math, and read /bank/about for the broader story.