Security

Protecting your assets and data is our top priority

Our Security Commitment

FanCup is built on Solana, one of the most secure and battle-tested blockchains. We implement industry-leading security practices to protect user funds and data.

1. Smart Contract Security

  • Audited Contracts: All smart contracts undergo comprehensive security audits by leading firms
  • Bug Bounty Program: We offer rewards for responsibly disclosed vulnerabilities
  • Open Source: Core contracts are open source for community review
  • Formal Verification: Critical contract logic is formally verified

2. Wallet Security

  • Non-Custodial: We never hold your private keys or seed phrases
  • Hardware Wallet Support: Full support for Ledger, Trezor, and other hardware wallets
  • Seed Phrase Encryption: Optional encrypted seed phrase storage with client-side encryption
  • Multi-Signature Support: Advanced users can set up multi-sig wallets

3. Platform Security

  • HTTPS/TLS: All connections are encrypted with TLS 1.3
  • DDoS Protection: Enterprise-grade DDoS protection and rate limiting
  • 2FA Available: Optional two-factor authentication for account access
  • Session Management: Secure session tokens with automatic expiration

4. Data Protection

  • Encryption at Rest: All sensitive data encrypted in our databases
  • Encryption in Transit: All API communications encrypted
  • Minimal Data Collection: We only collect data necessary for platform operation
  • GDPR Compliant: Full compliance with data protection regulations

5. Operational Security

  • Regular Security Audits: Quarterly third-party security assessments
  • Incident Response: 24/7 security monitoring and rapid response team
  • Access Controls: Strict role-based access controls for team members
  • Security Training: Regular security training for all team members

6. Best Practices for Users

Protect Your Wallet:

  • Never share your seed phrase with anyone
  • Store seed phrases offline in a secure location
  • Use hardware wallets for large holdings
  • Enable all available security features

Stay Safe Online:

  • Always verify URLs before connecting your wallet
  • Be cautious of phishing attempts and fake websites
  • Double-check transaction details before confirming
  • Keep your wallet software updated

Report Issues:

  • Report suspicious activity immediately
  • Participate in our bug bounty program
  • Contact security@fancup.pro for security concerns

7. Security Audits & Reports

View our security audit reports and transparency documents:

8. Bug Bounty Program

We reward security researchers who responsibly disclose vulnerabilities:

  • Critical: Up to $50,000
  • High: Up to $10,000
  • Medium: Up to $2,500
  • Low: Up to $500

Report vulnerabilities to: security@fancup.pro

9. Incident Response

In the event of a security incident, we commit to:

  • Immediate investigation and mitigation
  • Transparent communication within 24 hours
  • Full post-mortem and prevention measures
  • User notification and support

10. Contact Security Team

For security-related inquiries:

Email: security@fancup.pro
PGP Key: Available on our security page
Phone: +1 845 925 3123 (for critical issues only)