Your data, your control

By default, all sensitive data is stored exclusively in your device's encrypted secure storage — Android Keystore / iOS Secure Enclave. Nothing is transmitted to our servers unless you explicitly enable SMS mode.

• Private keys & seed phrase — encrypted on-device, never transmitted in normal mode.
• PIN hash — a one-way hash stored locally. We cannot recover your PIN.
• Transaction history & cached balances — stored locally so the app works offline.

To send transactions via SMS when you have no internet, you may optionally register your phone number. If you do, the following is stored on our servers solely to execute your transaction commands:

• Phone number — used to identify your inbound SMS commands.
• Wallet addresses (public keys) — needed to construct transactions.
• Encrypted private keys — stored server-side solely to sign and broadcast transactions received via SMS. This is the custodial trade-off required for SMS mode.
• Hashed PIN — used to authorise SMS-initiated transactions.
• Transaction history — amounts, destination addresses, and on-chain transaction hashes.

You can delete your SMS registration and all associated server-side data at any time from Settings → Delete Wallet.

• Name, email address, or government ID
• Location data (precise or approximate)
• Device identifiers (IMEI, advertising ID)
• Your contacts list — names are shown on-device and never uploaded
• Incoming SMS messages — READ_SMS and RECEIVE_SMS permissions are explicitly blocked

• All app-to-server communication uses HTTPS/TLS.
• On-device keys use Android Keystore / iOS Secure Enclave.
• Server-side keys are stored in an encrypted PostgreSQL database.
• Android backups are disabled (allowBackup: false) — key material never appears in Google Drive.