Our Security Strategy

Liquibrium Security

The State of the Art Security Process and Technology

The digital asset exchange combines multiple layers of security protocols to mitigate hacking and prevent lost of funds.

Liquibrium DAX system security was designed based on a layered security approach maintaining the appropriate security measures and procedures at five different levels within the system architecture:

1. Perimeter defense with firewalls to separate public internet from private demilitarized zones (DMZ).

2. Networks isolation is done using private network subnets, IPS and access authentication control to separate application communications.

3. Host level protection includes host based IDS, Virtual Appliances and Anti-malware protections.

4. Application-level security including application-based authentication, SQL injection and XSS vulnerability prevention.

5. Data protections including IP Whitelisting, Kerberos authentication and AES data encryption.

Liquibrium has a deep commitment to protecting users from potential security risks. Industry best practices and strategies in cybersecurity are adopted, to ensure our users and assets are kept safe. This is also done in collaboration with security professionals and tap on the community to constanty improve our platform for users.

Security Audit

Internal and external audits are conducted together with credible security audit firms to ensure the best possible security and infrastructure is provided to traders on the platform.

Traders will feel safe when they trade with Liquibrium as it is part of the exchange’s ongoing commitment to security.

Bounty Program

Despite best efforts, engagement with the security community to protect everyone on the Exchange is necessary. A Bounty Program will be launched which will reward contributors who report bugs and security issues for making the Exchange safer for all traders.

User Wallet Security

Upon creating a wallet, users will need to create a backup offline wallet which acts as a vault in case of a breach. We will incorporate various security measures including fingerprint ID and OTP to ensure users' tokens are safe. Users will be able to transfer their coins from their wallet to any exchange directly from the application. Users will be required to have the deposit and withdrawal option enabled on the exchange before funds can be moved.

Communication

Ongoing efforts to keep users' tokens secure is Liquibrium the number one priority. We aim to restrict any communication to and from our application other than trade orders and fetching data from the exchange and blockchains.

Quarantine

Security threats are quarantined, and attack info shared with other users to prevent any other attacks. The exchange will contain and modularize every single aspect with persistent encryption and limited lifetime to mitigate security threats.

Multi-factor Authentication

Liquibrium will have multiple layers of security. Password protected, fingerprint ID, OTP code and email authentication. Users will need to have a password protected phone to install and use the mobile exchange.

Account Freeze

Users will be alerted when someone tries to log into their online trading accounts and if it was not them, they can choose to freeze transactions and account.

Private Keys

A private key is a secret number that allows bitcoins to be spent. Every wallet contains one or more private keys, which are saved in the wallet file. The private keys are mathematically related to all addresses generated for the wallet.

Privacy

User privacy and data is key to the platform's success and adoption. Global best practices will be adopted and blockchain features will be used to build a compliant and transparent framework. Individuals have custody of their keys to access their records and only those whom they share it with can locate the data on our blockchain. Security is a big concern when information is stored in a centralized location. If the system is breached, the data is at risk. Given its decentralized nature, the platform significantly reduces the risk of vulnerabilities and hacking attacks.

Multi-encrypted Secured Solution

Enterprise-level hardware cold wallet

A proprietary self-developed cold wallet adopts the military defense technology and is completely isolated from the Internet. The hardware CPU applies the Secure Boot and Efuse mechanisms and is built with data encryption chips. The security level of the Hardware Security Module (HSM) has been recognized by the national-level licensed exchanges. At the same time, the cold wallet also possesses technologies such as NFC and face/iris recognition, which can be verified simultaneously with the smart authorized device for signature. In the signing process, the exchange also supports the financial process of mobile Apps to complete the Multi-level approval, which is safe, convenient and fast.

Enterprise-level secure storage solution

The exchange separates hot wallet encryption and hot & cold storage, and stores multiple cold wallets in multiple places to form a multi-site and multi-center encryption signature scheme. At the same time, it makes use of technologies like multiple signers P2SH and financial privacy BIP32 for the encrypted transmitting of all data. In addition, proprietary algorithms that implement rate limiting, address whitelisting, and webhooks, are combined with financial process system with approval and authorization systems, that not only ensures the security of digital assets in all aspects, but also makes the entire deposit and withdrawal process more efficient and convenient.

Security Procedures

Many crypto exchanges have failed due to poor security procedures. Most security breaches could have been prevented by taking simple precautions to protect critical resources. Our team has developed with security as the foremost concern in their minds. We strive to ensure that we have followed all the industry best practices when it comes to securing infrastructure and data including ISO/IEC 27001 and the CryptoCurrency Security Standard (CCSS).

Liquibrium aims to be fully ISO 27001 (and 27002) Information Security Standards compliant on launch. ISO 27001 is the standard for Information Security Management; it is part of the ISO 27000 family of standards which helps organizations keep information assets secure. Adopted by thousands of organizations across the world, its implementation puts in place a systematic approach to managing sensitive organizational information, ensuring it remains both secure and available. It is a broad standard which covers process, personnel, and physical and technical security. ISO 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). There are many clear business benefits in adopting ISO 27001, either as best practice or by formally certifying against it. Key benefits of this compliance are the improvement of IT security that provides an independent view on the state of the security of the infrastructure, and finally increases confidence in customers that their information is stored and handled in a secure environment.

Multi-tiered Hot-Cold Wallet System

Liquibrium employs a multi-tiered hot-cold wallet system for added security. Multiple admins off-site and on-site are required to mitigate risk of fraud and hacking. Refer to the diagrams for detailed explanations.

Management of high valued coins will need additional security measures. As such Liquibrium incorporates a 4 tier security system of Tier 1 - Hot Wallet, Tier 2 – Secure Storage, Tier 3 – Cold Storage & Tier 4 – Frozen Storage. The details are explained in the diagram below.

Frontend Security

Man-in-the-middle attacks can also happen between the user and the exchange. To mitigate such risk Liquibrium adheres to a very strict security work flow on the web frontend. Multiple service layers, load balancing, firewalls and proxies are used to prevent common attacks that plague web-based systems.