Hero Light

Secure by Design

Noncustodial wallets work by giving the user a private key that allows them to have full control over their funds when transferring, trading or making purchases.

Noncustodial Technology

Flooz product philosophy is to offer best-in-class infrastructure for token teams that are fully non-custodial, ensuring maximum trust, for their users and Flooz. Flooz does not, nor does it intend to have any access to user funds.

Wallet Authentication

Perfect for experienced DeFi users: Flooz lets holders connect to over 300 Web3 Wallets, from Metamask, Rainbow to WalletConnect v2, including hardware wallets such as Ledger.

Single Sign On (SSO) and email signup embedded wallets

The Flooz Checkout has built-in SSO (via Google, Facebook, Twitter/X) and email sign-up/sign flows. Ideal for capturing users in a simplified flow without requiring them to sign a transaction.

  • Flooz’s mobile-first embedded wallets enable your users to spin up and create a new wallet. We’ve effectively removed the need for your users to download, install, create and set up a wallet. It all now happens on your website, within the Flooz Checkout. Embedded wallets and our best-in-class user experience for Buying Any Token make onboarding new users to your token straightforward.

Security practices for mobile-first embedded wallets

We’ve partnered up with Dynamic to offer mobile-first and secure embedded wallets. Dynamic follows strong security practices.

  • Users private keys never leave the wallet

    • When the Flooz Checkout is used on your site, the only information produced by the wallet that Flooz receives is a signed message to prove the wallet ownership. We (or you) don’t have access to the private key.
  • All data transmitted with encryption

    • All data is transmitted with encryption using HTTPS and similar protocols. Furthermore, all data is securely stored with encryption-at-rest using AES-256 or higher standards. We also leverage KMS to protect particularly sensitive data.
  • SOC 2 Type II compliant, with an ongoing bug bounty program

    • Dynamic is SOC 2 Type II compliant, affirming the effectiveness of our security processes and controls. Coupled with our bug bounty program through hackerOne, and partnerships with leading auditors and expert advisors from companies like Okta, Auth0, Zenefits, and others, Dynamic ensures the highest level of security for your data.
  • Dynamic run pen tests with leading providers

    • Dynamic is in the process of completing a white box pen test from Cure53 (October 2023). We periodically run these programs to ensure we maintain best-in-class software security practices.