General Questions

Where is io.vault based? (io.finnet HQ)

io.vault is a product of io.finnet which is a global business with entities in the USA, Cayman Islands and the UK.

What is io.vault for and what can I do with it?​

io.vault is for any organization that would like to interact with Bitcoin, Ethereum, or Ethereum based digital assets (ERC-20). io.vault enables you to securely hold and transact with your digital assets. It is particularly advantageous to organizations who are transacting with digital assets and would like an audited, scalable and secure way to authorize transactions. Additional assets and networks will be supported in the future.

How is it different from other self-custody and wallet products?​

io.vault is one of the only products on the market that offers a MPC-TSS based custody solution where the end user has direct control and physical possession of the underlying cryptographic material which controls the assets in custody. io.finnet has no access or method to move or prevent access to the digital assets held by users of the product.

Is io.vault audited?​

Yes, both the underlying cryptographic implementation as well as the traditional web and mobile app security have been audited by multiple 3rd party auditors including Kudelski Security.

How do you protect data?​

All sensitive cryptographic material is encrypted, secured locally on user devices by Apple's Secure Enclave hardware. The FIPS-140 level 2 compliant HSMis specifically designed to keep sensitive user data secure and is physically isolated from the main processor to provide an additional layer of security.

How secure is io.vault?​

io.vault was built with security as the first priority in order to provide the highest level of safety and comfort to its users. In addition to being built around proven, open-source MPC-TSS cryptography, both the cryptographic implementation as well as the traditional mobile and web application security have been audited by independent 3rd party security auditing firms including Kudelski Security. The cryptographic material required for signing transactions is generated and secured locally across multiple users devices and is never accessible by io.finnet to ensure there is never a single point of failure.