Security Overview
Security is the foundation of Pybara. Here’s how we protect your payments.
Trustless Architecture
Section titled “Trustless Architecture”No Custody
Section titled “No Custody”Pybara never holds customer funds. Payments go directly from customer to merchant.
Blackhole Canister
Section titled “Blackhole Canister”The payment verification canister is a blackhole canister — immutable code that cannot be upgraded or modified.
Transparent & Auditable
Section titled “Transparent & Auditable”The payment canister code is publicly verifiable on-chain. All payment transactions are recorded on the Internet Computer’s public ledgers and can be independently verified.
Internet Computer Security
Section titled “Internet Computer Security”Blockchain Verification
Section titled “Blockchain Verification”Every payment is verified on the Internet Computer blockchain. No centralized server can fake or modify transactions.
Subnet Consensus
Section titled “Subnet Consensus”Transactions require consensus from multiple nodes in the subnet. No single point of failure.
Certified Responses
Section titled “Certified Responses”All data served from IC canisters is cryptographically certified by the subnet.
Wallet Security
Section titled “Wallet Security”Internet Identity
Section titled “Internet Identity”Authentication uses Internet Identity — a decentralized, passwordless system using:
- Biometric authentication (Face ID, Touch ID, Windows Hello)
- Hardware security keys
- No passwords to steal or leak
Non-Custodial
Section titled “Non-Custodial”Wallets are non-custodial. Users control their own keys. Pybara cannot access user funds.
Smart Contract Security
Section titled “Smart Contract Security”Audited Code
Section titled “Audited Code”All smart contracts are publicly auditable and follow IC best practices.
Immutable Logic
Section titled “Immutable Logic”Payment verification logic is immutable (blackhole canister). No upgrades, no changes.
Access Controls
Section titled “Access Controls”Proper access controls prevent unauthorized operations.
Responsible Disclosure
Section titled “Responsible Disclosure”Found a security issue? Please report it responsibly:
- Responsible Disclosure Policy
- Email: security@pybara.com
- Bug bounty program (coming soon)