Security

Security at Plaitr

Non-custodial by design. Your funds never touch our infrastructure.

Non-custodial architecture

Plaitr never holds, stores, or has access to your funds. Payments flow directly from payer to payee on-chain. There are no intermediary wallets, no escrow accounts, and no pooled funds. This eliminates the single largest attack vector in payment processing: the honeypot of custodied assets.

On-chain settlement

Every transaction settles directly on the blockchain. This means:

  • Full transparency · every payment is publicly verifiable
  • Immutable records · no one can alter transaction history
  • Same-day settlement in USDC, USDT, or fiat
  • No counterparty risk · funds go directly to your wallet

API security

Our API infrastructure is built with security-first principles:

  • HMAC-signed webhooks · verify that every callback originates from Plaitr
  • Idempotency keys · prevent duplicate transactions and ensure safe retries
  • TLS encryption on all endpoints
  • Rate limiting and abuse detection

Privacy by design

Plaitr requires zero KYC. We do not collect identity documents, wallet addresses, or transaction data. The only information we store is what you voluntarily provide during onboarding (email and company name). Less data stored means less data at risk.

Infrastructure security

  • Infrastructure hosted on isolated, hardened cloud environments
  • Regular security audits and dependency scanning
  • Encrypted secrets management · no plaintext credentials
  • Minimal attack surface · stateless, serverless architecture
  • Continuous monitoring and alerting

Responsible disclosure

We take security vulnerabilities seriously. If you discover a potential security issue, please report it responsibly:

  • Email: security@plaitr.com
  • Please include a detailed description and reproduction steps
  • Do not publicly disclose until we have addressed the issue
  • We acknowledge reports within 48 hours

We are working toward a formal bug bounty program. In the meantime, valid reports will be acknowledged and credited.

Contact

For security concerns, reach us at security@plaitr.com. For general inquiries, contact hello@plaitr.com.