Live
Account protection
Secure your account with passkeys, authenticator-app 2FA, recovery codes, anti-phishing codes, and device and session management. Alerts fire for sensitive activity such as new sign-ins and security changes.
Security at Mavunta
How Mavunta protects you
Mavunta protects accounts and crypto balances with strong sign-in controls, withdrawal safeguards, isolated signing infrastructure, ledger reconciliation, and ongoing risk monitoring. We show you exactly what is live and what is still being hardened.
Passkeys + 2FAWithdrawal controlsLedger reconciliation
How Mavunta protects you
Live
Withdrawal protection
A transaction PIN is required before funds leave Mavunta. Higher-risk transfers may require additional 2FA, review, or temporary holds.
Hot and cold wallet separation
Deposits land in operational wallets so they can be credited and processed. Where automated coverage is enabled, excess funds are swept toward cold storage. We are expanding uniform hot and cold coverage across supported chains.
Live
Isolated signing infrastructure
On-chain withdrawals are signed through a dedicated signer service, separate from the main application. This reduces the attack surface around private-key operations.
Live
Ledger reconciliation
A single wallet ledger tracks balances, holds, and movements. Reconciliation checks compare wallet balances, held balances, and ledger entries so inconsistencies can be detected and investigated.
Live
Risk monitoring
Sensitive activity is monitored for risk signals including unusual withdrawal behavior, new device activity, repeated failed authentication, payment mismatch patterns, and account changes.
Live
Anti-phishing protection
Set a personal anti-phishing code. Mavunta includes it in legitimate security emails so you can identify fake messages more easily.
Live + roadmap
Proof of reserves
A live reserve and ledger-integrity view shows user crypto liabilities and reconciliation status for supported assets. Signed on-chain reserve attestations are on the roadmap.
View Proof of ReservesSecurity practices
Passkeys and authenticator-app 2FA
Transaction PIN for withdrawals
Anti-phishing code on account emails
Recovery codes for account access
Device and session monitoring
Login and security-change alerts
KYC verification and AML screening
Withdrawal review and risk controls
Role-based access control for admin actions
Audit logs for sensitive operations
Bot protection and edge WAF
TLS encryption in transit
Sensitive-data encryption at rest
Security resources
Scam Awareness Center
Learn common crypto scams, check warning signs, and report suspicious activity.
Security Program
Understand Mavunta account, custody, monitoring, and transparency controls.
Responsible Disclosure
Found a vulnerability? Report it safely so we can investigate and fix it.
Compliance Disclosures
Read Mavunta custody model, risk disclosures, and transparency notes.
Found a vulnerability? We welcome coordinated, responsible disclosure. Please report it responsibly and avoid accessing, modifying, or exposing user data.
Responsible disclosure