Wallet Security Architecture
AES-256-GCM key encryption, Argon2id PIN hashing, Secure Enclave on native, signed HTTP wrapper for Flutter.
Wallet security
Monipay's security is built on three pillars: local key encryption, server-side validation, and Walkaway-Test resilience.
Key Encryption
- Algorithm: AES-256-GCM
- KDF: Argon2id PIN hashing
- Storage:
localStorage(web), Keychain (iOS), KeyStore (Android)
Server-Side Security
- RLS: Deny-all by default; explicit policies for each table in Supabase.
- Rate Limits:
relay-paymentenforces 5/wallet/min and 10/IP/min. - Signed Requests: Via
signedFetchwrapper for native Flutter.