Skip to main content

Moonlet Security

At Moonlet, security is a top priority. We have implemented multiple layers of security measures to safeguard our users and infrastructure, ensuring a trusted and secure experience for all stakeholders.

Self-Custodial Dashboard Security

Our self-custodial dashboard has undergone a comprehensive security audit in partnership with Bit Sentinel. This audit involved:

  • Vulnerability Assessment: Identifying potential security flaws and mitigating risks in the dashboard interface and backend systems.

  • Penetration Testing: Simulating real-world attack scenarios to assess the robustness of our self-custodial platform.

  • Code Review: Analyzing the dashboard’s codebase to eliminate vulnerabilities and reinforce secure coding practices.

Following the audit, all identified vulnerabilities were addressed to ensure the highest level of security for our users, minimizing risks associated with staking operations and wallet interactions.

Infrastructure Security

At the infrastructure level, Moonlet has partnered with Quantstamp, a leading blockchain security firm specializing in institutional-grade audits. Quantstamp conducted a thorough security review of our infrastructure, focusing on:

  • Validator and RPC Node Security: Ensuring that our nodes are resilient against DDoS attacks, unauthorized access, and data breaches.

  • API and Data Handling: Validating the secure management and transmission of data across all network layers.

  • Compliance Alignment: Preparing our infrastructure to align with emerging security certification standards, such as ISO 27001 and SOC 2, ensuring institutional-grade protection for our partners and users.

Path to Compliance

As we expand our services to institutional partners and custodians, Moonlet is actively working to become compliant with recognized security certifications, including:

  • ISO 27001: Information Security Management

  • SOC 2: Security, Availability, Confidentiality, and Privacy Controls

These initiatives reflect our commitment to delivering a secure, transparent, and reliable platform, capable of meeting the rigorous standards expected by institutional stakeholders.