Security Levels

Discover our comprehensive multi-layered security system designed to protect your digital assets

Why Security Matters

In the world of cryptocurrency, security isn't just a feature—it's an absolute necessity.

The fundamental principle of cryptocurrency is that whoever controls the private keys controls the assets. Unlike traditional banking where you can call customer service to resolve issues, with cryptocurrency, there's no central authority to help recover lost or stolen funds.

That's why Domexec has developed a comprehensive security architecture that addresses multiple threat vectors simultaneously, creating an impenetrable defense system for your digital wealth.

Security Risk Statistics

  • $3.8 billion in cryptocurrency was stolen in 2022
  • 97% of crypto scams target private keys stored on computers or online
  • 0% reported thefts from properly used hardware wallets
  • 5.5x increase in sophisticated phishing attacks targeting crypto users

Source: Independent Security Research, 2022-2023

Level 1: Physical Security

Tamper-evident design with military-grade materials.

Our devices incorporate multiple physical security measures to ensure that any tampering attempts would be immediately detectable:

  • Precision-sealed casing that shows evidence of tampering
  • Special anti-tamper stickers with unique holographic elements
  • Specialized screws that break upon unauthorized removal attempts
  • Hardware component verification on every startup
  • Optional titanium alloy casing (Elite models) for extreme durability

The Lumrix anti-tamper system provides visual indicators if your device has been physically compromised in any way.

At the heart of every Domexec device is a certified secure element chip that provides hardware-level protection:

  • CC EAL5+ certified secure element chip (same technology used in high-security government applications)
  • Hardware-enforced isolation between secure and non-secure components
  • True random number generator for cryptographic operations
  • Private keys never leave the secure element, even during transactions
  • Encrypted memory with automatic wiping in case of detected tampering
  • Independent security audits by multiple third-party security firms

The secure element functions as an isolated vault within the device, processing all cryptographic operations internally without exposing private keys to the main processor or any external connections.

Level 2: Secure Element

Hardware-isolated secure environment for cryptographic operations.

Level 3: Cryptographic Security

Industry-leading encryption protocols protect your keys.

We implement multiple layers of state-of-the-art cryptographic security:

  • AES-256 encryption for all stored data
  • ECDSA and EdDSA signature algorithms with perfect forward secrecy
  • BIP39 seed phrase generation with optional passphrase
  • Hierarchical deterministic wallet structure (BIP32/44/49/84)
  • Proprietary PIN verification system with increasing time delays between attempts
  • Multi-signature support for shared wallet access

Our cryptographic implementation undergoes regular security audits and updates to maintain compliance with evolving security standards and best practices.

Our firmware is designed with multiple security layers to prevent unauthorized code execution:

  • Signed firmware updates that can only be installed if verified by multiple signatures
  • Secure boot process that verifies firmware integrity before execution
  • Compartmentalized architecture that isolates critical security functions
  • Automatic firmware validation on every device startup
  • Open-source components to allow community security review
  • Regular security updates delivered through our secure update channel

The firmware update process requires cryptographic verification against multiple independent signatures, ensuring that only authentic updates from Domexec can be installed on your device.

Level 4: Firmware Security

Secure boot and signed updates prevent unauthorized modifications.

Level 5: User Authentication

Multi-factor authentication protects against unauthorized access.

Comprehensive user authentication ensures only authorized individuals can access the device:

  • PIN protection with automatic device wiping after multiple failed attempts
  • Optional biometric verification (fingerprint sensor on Elite models)
  • Physical confirmation button to prevent remote transaction hijacking
  • Transaction verification display showing complete details before signing
  • Passphrase support for creating hidden wallets
  • Multi-signature capability requiring approval from multiple devices

The combination of these authentication methods creates a robust system that requires multiple verification factors before allowing access to cryptocurrency assets.

Security FAQ

  • What happens if I lose my Domexec device?

    If you lose your device, your funds remain secure as long as no one has your PIN or recovery seed phrase. You can restore access to your cryptocurrencies by using your 24-word recovery seed phrase on a new Domexec device or any compatible wallet that supports the BIP39 standard. This is why it's critically important to securely back up your recovery seed phrase when you first set up your device.

  • Can someone hack my device remotely?

    Domexec devices are designed to be immune to remote hacking attempts. The private keys are stored in an isolated secure element that cannot be accessed through internet connections. Additionally, all transactions require physical confirmation on the device itself, which prevents remote attackers from initiating unauthorized transactions even if your computer is compromised.

  • What happens if Domexec goes out of business?

    Your funds would remain completely safe. Domexec devices use standardized cryptographic protocols (BIP39/44) that are supported by many other wallet solutions. You can use your recovery seed phrase to restore access to your funds on any compatible wallet. Additionally, our firmware is partially open-source, ensuring long-term usability regardless of our company's status.

  • How secure is the recovery seed phrase?

    The 24-word recovery seed phrase uses BIP39 standard and provides 256 bits of entropy, making it computationally infeasible to guess or brute-force. To put this in perspective, there are more possible combinations than atoms in the observable universe. However, this security depends entirely on keeping your seed phrase private and properly backed up. We recommend storing it on a non-digital medium (like our optional metal seed storage plates) in a secure location like a safe deposit box.

  • Are firmware updates secure?

    Yes, our firmware update process is highly secure. All updates are cryptographically signed using a multi-signature scheme requiring verification against multiple independent keys held in separate secure locations. Your device verifies these signatures before accepting any update. Additionally, the update process preserves your private keys and settings, so you never need to restore from your recovery seed after an update unless specifically instructed to do so.

Ready to Secure Your Digital Assets?

Take control of your cryptocurrency security with Domexec's multi-layered protection system.

Our hardware wallets combine physical security, encrypted storage, and user-friendly interfaces to provide uncompromising protection for your digital wealth.

Explore Our Devices