Infrastructure
Security
How earn-defi.com and SPA protect users, assets, and operations.
Security Philosophy
Security is layered: smart contracts, frontend, domain, dependencies, deployment, and monitoring. A weakness in any layer can compromise the whole. This page documents each layer — what is in place today, and what is planned before go-live.
Smart Contract Security
Paper trading phase: no live contracts deployed — no smart contract attack surface on live funds.
Pre-go-live: external audit planned before any live contract deployment.
Protocol selection: only audited, TVL-proven protocols (see /due-diligence for whitelist).
No experimental or unaudited protocol integration.
Frontend Security
CSP Headers
Content Security Policy configured on Cloudflare Pages
No Sensitive Data
No sensitive data processed in browser
No Private Keys
No private keys ever enter the frontend
Trusted CDNs
All external resources loaded from trusted CDNs only
Minimal JS
React islands hydrated only client:visible (minimal JS footprint)
No Analytics Scripts
No third-party analytics scripts that could be poisoned
Domain Security
| Measure | Status |
|---|---|
| DNSSEC | Enabled on earn-defi.com (Cloudflare) |
| Cloudflare Proxy | Active — DDoS mitigation, WAF |
| HTTPS | Enforced — HTTP redirects to HTTPS |
| HSTS | Enabled via Cloudflare |
| RegistryLock | TBD — check with registrar before go-live |
| CAA Records | TBD — planned before go-live |
Dependency Management
Dependencies pinned in package-lock.json / package.json.
No auto-update of dependencies without review.
Dependabot alerts monitored (GitHub).
No unreviewed dependency upgrades in production.
Deployment Process
All deployments via Cloudflare Pages from GitHub main branch.
No direct FTP or manual file upload.
Branch setup: no direct push to main without review (TBD for team setup).
Build logs visible on Cloudflare Pages dashboard.
Monitoring and Alerts
Uptime
Cloudflare Analytics
Error Alerts
Telegram bot (operator notified within minutes)
Drawdown
SPA kill switch (automated)
Protocol Status
Adapter health checks per cycle
User Wallet Safety
For allocators interacting with SPA:
SPA (in paper trading) never requests wallet connection.
Live phase: connect only to verify on-chain positions — never to sign arbitrary transactions.
Always verify contract addresses before interacting (see /emergency-withdrawal).
Use a hardware wallet for any significant allocation.
Never share seed phrases with anyone.
Transaction Simulation (Live Phase)
All transactions simulated before execution (Tenderly or equivalent).
Simulation failure → transaction cancelled.
Simulation results logged per cycle.
Token Approval Hygiene
Live phase: approve only the minimum necessary amount.
Revoke unused approvals via revoke.cash or Etherscan.
SPA adapters use minimal approval scope.
Incident Response
Detection
Incident detected via monitoring alert or user report
Kill Switch
Activated if drawdown gate fires
Assessment
Operator assesses situation and scope
Communication
Public communication within 4 hours on official channels
Root Cause Analysis
Published within 72 hours
Resumption
No resumption until fix verified
Official communication: [email protected] | GitHub repository