Dynamic is built on Dynamic, meaning we are the first to test our product around security, permissions, scalability and others. Any new feature we launch has been extensively internally tested on our own deployment.
When Dynamic’s SDK is used on your site, the only information produced by the wallet that Dynamic receives is a signed message to prove the wallet ownership. We (or you) don't have access to the private key. We are additionally working on open sourcing our SDK so that you have full visibility into our implementation.
Dynamic completed white box pen-test from Cure53 (October 2023). We periodically run these programs to ensure we maintain a best in class software security practices.
We are SOC 2 Type II compliant, affirming the effectiveness of our security processes and controls. Coupled with our bug bounty program through hackerOne, and partnerships with leading auditors and expert advisors from companies like Okta, Auth0, Zenefits, and others, we ensure the highest level of security for your data.
Submit a vulnerability report
All data is transmitted with encryption using HTTPS and similar protocols. Furthermore, all data is securely stored with encryption-at-rest using AES-256 or higher standards. We also leverage KMS to protect particularly sensitive data.
You control how much data you want Dynamic to persist. Our customer information capture fields are fully customizable, and if you don’t want to store any data except the public-address we can enable that for you.