Security

We never have access to your private keys or seed phrases. Our service operates on a read-only basis using public blockchain data. You maintain complete control over your assets at all times.

• All data transmission uses TLS 1.3 encryption
• Sensitive data encrypted at rest using AES-256
• Encrypted backups with customer-managed keys available

Pragma operates exclusively with read-only access to public blockchain data. We cannot:

• Execute transactions on your behalf
• Move or access your funds
• Modify your approvals without your signature
• Access your wallet's private keys

• SOC 2 Type II compliant infrastructure
• Regular third-party security audits
• 24/7 monitoring and incident response
• DDoS protection and rate limiting
• Geographically distributed servers for redundancy

• Two-factor authentication (2FA) available
• Session management with automatic timeout
• IP-based access restrictions available
• Audit logs for all account activities

In the unlikely event of a security incident:

• Immediate notification to affected users
• Transparent communication about the incident
• Rapid mitigation and resolution
• Post-incident analysis and improvements

Responsible Disclosure

We welcome security researchers to help us maintain the highest security standards. If you discover a vulnerability, please report it to:

security@pragma.rip

We offer bug bounties for qualifying vulnerabilities. Please allow us reasonable time to address issues before public disclosure.

Compliance & Certifications

• GDPR compliant for EU users
• CCPA compliant for California residents
• Regular penetration testing by independent firms
• Continuous security monitoring and improvement