Security

Blazing App is a secure trading suite for the on-chain trading community, addressing both on-chain and off-chain vulnerabilities to protect user funds.

On-Chain Security

Permit2

Blazing App utilizes Permit2 to address vulnerabilities in the ERC20 token approval process. Traditional ERC20 contracts can grant continuous access to user tokens, risking assets like USDT and USDC if a

How Permit2 Works

Single-trade access. Each transaction requires specific authorization for only the exact amount being traded.
Automatic revocation. Approval is revoked immediately after each trade, eliminating any continuous connection to tokens.
Protection. Even if a router contract is compromised, Permit2 keeps funds secure from unauthorized actions.

Off-Chain Security

Blazing’s off-chain security focuses on private key protection, encompassing both infrastructure and platform security.

Infrastructure Security

Zero-knowledge framework. Each user’s private key is encrypted separately, ensuring that we do not use a universal master key to prevent any single point of failure.
Unique master password. Every user has their master password, which isn’t stored in any database. Instead, we use a separate, secure mechanism.
Secure enclave. An isolated environment manages encryption keys, with access restricted to authenticated code only. During transactions, the private key is loaded into memory for a brief period and is immediately erased, thereby eliminating exposure risks.

Platform Security

Two-Factor Authentication (2FA). Adds an extra layer of protection, requiring a second method to access accounts.
Lock Account. This feature entirely disconnects access to private keys until reactivated by the user. When Lock Account is enabled, we can’t even sign any transactions on behalf of the user, as we’ve physically removed access to their private keys.

PreviousFeatures NextSpeed

Last updated 20 days ago

On-Chain Security

Permit2

How Permit2 Works

Single-trade access. Each transaction requires specific authorization for only the exact amount being traded.

Automatic revocation. Approval is revoked immediately after each trade, eliminating any continuous connection to tokens.

Protection. Even if a router contract is compromised, Permit2 keeps funds secure from unauthorized actions.

Off-Chain Security

Blazing’s off-chain security focuses on private key protection, encompassing both infrastructure and platform security.

Infrastructure Security

Zero-knowledge framework. Each user’s private key is encrypted separately, ensuring that we do not use a universal master key to prevent any single point of failure.

Unique master password. Every user has their master password, which isn’t stored in any database. Instead, we use a separate, secure mechanism.

Secure enclave. An isolated environment manages encryption keys, with access restricted to authenticated code only. During transactions, the private key is loaded into memory for a brief period and is immediately erased, thereby eliminating exposure risks.

Platform Security

Two-Factor Authentication (2FA). Adds an extra layer of protection, requiring a second method to access accounts.

Lock Account. This feature entirely disconnects access to private keys until reactivated by the user. When Lock Account is enabled, we can’t even sign any transactions on behalf of the user, as we’ve physically removed access to their private keys.