Security
How Aperture keeps your keys, your funds, and your privacy entirely under your control — and how you can verify every claim yourself.
Keys never leave your device
Aperture is non-custodial. Your recovery phrase and private keys are generated on your iPhone and stored in the device keychain, encrypted at rest and gated behind Face ID or your passcode. They are never transmitted to a server, never backed up to us, and never visible to anyone but you.
- On-device generation. Keys are created locally with the system secure random generator. No key material ever touches the network.
- Encrypted at rest. Secrets live in the Secure Enclave–backed keychain, unlocked only by your biometrics or passcode.
- No accounts, no servers. There is no Aperture login, no email, no custody. We cannot freeze, move, or recover your funds — and neither can anyone else.
- Self-custody recovery. Your BIP-39 recovery phrase restores your wallet in Aperture or any compatible wallet, anytime.
Secure by omission
The most common ways wallets get drained are the features that hand control to someone else. Aperture leaves them out on purpose.
- No in-app swap. No unknown-contract approvals for an attacker to exploit.
- No dApp browser. No malicious site can trigger a draining signature or silent approval.
- Revoke approvals. Inspect and cut off any token allowance or connected site in one tap. See features →
What Aperture can and can’t see
Aperture reads public on-chain data to show balances and history. It cannot see your keys, cannot move your funds, and keeps no account linking your addresses to an identity. For maximum privacy you can point network requests at your own node.
Verify it yourself
- Read the key-handling code on GitHub and confirm keys never leave the device.
- Reproduce the build and compare it against the App Store binary — see Audits & reproducible builds →
- Report anything concerning for a reward under our bug bounty →
Report a vulnerability
Found something? Email care@aperturex.io. Rewards apply under our bug bounty — please disclose responsibly and give us time to fix before going public.