Security

Blazing App is a secure trading suite for the on-chain trading community, addressing both on-chain and off-chain vulnerabilities to protect user funds.

On-Chain Security

Permit2

Blazing App utilizes Permit2 to address vulnerabilities in the ERC20 token approval process. Traditional ERC20 contracts can grant continuous access to user tokens, risking assets like USDT and USDC if a

How Permit2 Works

• Single-trade access. Each transaction requires specific authorization for only the exact amount being traded.

• Automatic revocation. Approval is revoked immediately after each trade, eliminating any continuous connection to tokens.

• Protection. Even if a router contract is compromised, Permit2 keeps funds secure from unauthorized actions.

Off-Chain Security

Blazing’s off-chain security focuses on private key protection. This includes both infrastructure and platform security.

Infrastructure Security

• Zero-knowledge framework. Each user’s private key is encrypted separately. We do not use a universal master key to prevent any single point of failure.

• Unique master password. Every user has their own master password, which isn’t stored in any database. Instead, we use a separate, secure mechanism.

• Secure enclave. An isolated environment manages encryption keys, with access restricted to authenticated code only. During transactions, the private key is loaded into memory for nanoseconds and is immediately erased, eliminating exposure risks.

Platform Security

• Two-Factor Authentication (2FA). Adds an extra layer of protection, requiring a second method to access accounts.

• Lock Account. Fully disconnects access to private keys until reactivated by the user. When Lock Account is enabled, even we can’t sign any transactions on behalf of the user, as we’ve physically removed access to their private keys.