Suku Wiki
WebsiteXDiscord
  • INTRO
    • 👋Welcome to the SukuWiki
  • Products
    • 🟢SukuPay
      • Main Features
      • Use Guide
      • Partners
      • Security
      • Countries
      • FAQs
    • 🟢SukuWallet
      • Main Features
      • Token Utility
      • Getting started
      • Security
      • @sukuthis
      • FAQs
        • SukuThis
  • LEARN
    • 🔮Sukupedia
  • 🧩Treasure Hunt
    • FAQs
    • Terms and Conditions
  • 🏆SukuPoints - Terms and Conditions
  • Connect
    • 🔗Official Links
    • 🤝Work With Suku
      • Careers
      • Ambassador Program
Powered by GitBook
On this page
  1. Products
  2. SukuPay

Security

PreviousPartnersNextCountries

Last updated 5 months ago

has audited all SukuPay operations.

During our testing of Suku Labs’ web payment application, the testing team discovered that the reviewed source code version adhered to the current best practices in cloud security and the Open Web Application Security Project (OWASP).

After addressing the findings and observations captured in this report and providing no further significant post-code changes, we believe that the security posture of the SukuPay product is satisfactory for mitigating potential risks from threat actors.

Furthermore, through our review, we found that the architecture of the SukuPay wallet is sufficiently segmented, so Suku Labs personnel cannot access any client wallet's private keys or any recovery material. All key sharding operations and wallet recovery are handled by a third party, Privy.io, and are outside the scope of Suku Labs’ control.

The Suku Labs team was able to provide documentation on the expected operation of the product and was responsive to the team's feedback. No critical-rated findings were identified during the testing.

Highland Security
🟢
Page cover image