Skip to main content

Koala Wallet's security features

  • Updated

Your assets are secure in your Koala Wallet while you safely navigate the Kadena ecosystem. Here are some of the main security features and processes that help you sleep at night knowing your wallet is as safe as it can be.

 

Non custodial

Koala Wallet is an anonymous non custodial wallet. This means there are no "accounts". It's impossible for us to lend, steal or misuse your funds in any way. You and only you always have full access to your assets. Your Recovery Phrase and wallet is generated offline and locally by your device. Recovery Phrases, passwords and other sensitive data are never transmitted out of your device. Support staff will NEVER DM you or ask for your Recovery Phrase, never share it with anyone!

 

Latest native OS features and encryption

Koala Wallet was developed from the ground up to use all of the latest security features on modern smartphones. Only Android and iOS versions that still receive security updates are supported (Android 10, iOS 15.7 and newer). Private keys, passwords and other sensitive data are kept secure at all times in your device's secure enclave chip. It is designed specifically so that an attacker cannot get that information.

 

Screen capture protection

Koala Wallet implements screenshot and screenrecord protection where sensitive information is visible. Thus, your security isn't compromised in case there is malicious software on the phone snooping on your screen, or even by accident for example while streaming.

 

Root and Jailbreak detection

A rooted or jailbroken device may bypass some hardware or software system protections that keep your assets safe. Because of this, Koala Wallet will not run on such devices.

 

Secure keyboard input

Your Recovery Phrase is meant to be seen by your eyes only. We designed a secure keyboard that doesn't interact with the rest of the system, and doesn't try to remember words or save them in the cloud like "smart" keyboards do.

 

Randomized keyboard and PIN keypad

Besides the Recovery Phrase and PIN screens being protected from recordings, digit location on the Recovery Phrase keyboard and PIN keypad can be randomized so that finger or touch position analysis cannot be used to leak information.

 

Audited code

Koala Wallet had its code audited in 2023 by Red4Sec, a leading auditing company in Europe. The audit identified zero critical, high, or even medium security issues. Only a few no-real-risk and/or informative vulnerabilities were found, and already dealt with in the following app update. Read more here.

 

Bug Bounty program

The worldwide community of security researchers are also helping to keep you safe. Anyone who finds a bug or security hole that could put users' funds at risk is incentivized to responsibly disclose it and possibly get a bounty in return, making everyone safer in the process. Go to our dedicated Bug Bounty program page here.

 

Related articles

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.