Security

Security Architecture

SHADE implements military-grade encryption with defense in depth. All cryptographic operations run locally in your browserβ€”nothing is ever sent to any server.

Core Principles

Zero Trust

No server ever sees your keys. All encryption/decryption happens in your browser.

Defense in Depth

Multiple layers of protection: encryption, isolation, detection, self-destruct.

Key Isolation

Each feature uses purpose-specific encryption keys derived from your password.

Minimal Exposure

Private keys are decrypted only when needed and for the shortest time possible.

Encryption Standards

ComponentStandardDetails
EncryptionAES-256-GCMAuthenticated encryption with 256-bit keys
Key DerivationPBKDF2310,000 iterations (OWASP 2025)
HashingSHA-512Integrity verification checksums
MACHMAC-SHA-256Message authentication codes
RandomCSPRNGCryptographically secure random via Web Crypto

Encryption Pipeline

plaintext
    β”‚
    β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ PBKDF2        β”‚ password + salt β†’ derived_key
β”‚ 310k iterationsβ”‚
β””β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”˜
        β”‚
        β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ AES-256-GCM   β”‚ plaintext + key + iv β†’ ciphertext
β”‚ random IV     β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”˜
        β”‚
        β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ SHA-512       β”‚ ciphertext β†’ checksum
β””β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”˜
        β”‚
        β–Ό
{ iv, salt, ciphertext, checksum }

Secure Storage

All sensitive data is stored in IndexedDB with purpose-based key isolation:

SecureKeyManager (IndexedDB)
β”œβ”€β”€ burner:{id}      β†’ encrypted burner private key
β”œβ”€β”€ stealth:master   β†’ encrypted stealth master seed
β”œβ”€β”€ stealth:{idx}    β†’ encrypted stealth spend key
β”œβ”€β”€ gasless:{id}     β†’ encrypted fee payer key
└── passkey:{id}     β†’ encrypted passkey credential

Each key type uses a different encryption purpose, so compromising one doesn't expose others.

Threat Detection

SHADE actively monitors for tampering and attacks:

Debugger Detection

Detects if browser debugger is attached

DevTools Monitoring

Monitors for DevTools opening

Code Integrity

Verifies critical functions aren't modified

Breakpoint Detection

Detects breakpoints in security code

Print Screen

Monitors for screenshot attempts

Timing Attacks

Freshness verification on encrypted data

Self-Destruct Protocol

If tampering is detected, SHADE automatically:

  1. 1.Wipes all encrypted storage (IndexedDB)
  2. 2.Clears session data and memory
  3. 3.Logs the threat type (locally only)
  4. 4.Displays security alert to user

Threat Model

Threats Addressed

Key theft via malware
Blockchain surveillance
Phishing attacks
Brute force attacks
Memory dumps
Code tampering
Session hijacking
Timing attacks

Out of Scope

Compromised device OS
Physical coercion
Nation-state attacks
Quantum computing (future)

Session Security

5 min
Inactivity timeout
10/min
Transaction rate limit
Auto
Session lock on blur

Web Crypto API

All cryptographic operations use the browser's native Web Crypto APIβ€”a battle-tested, audited implementation maintained by browser vendors. No third-party crypto libraries with potential vulnerabilities.