2. Hardware-Level Encryption and Key Management

All cryptographic material is generated and stored within the device’s secure hardware (Secure Enclave for iOS, StrongBox or Trusted Execution Environment for Android).

Private keys are non-exportable and exist only inside the secure hardware module.
Transaction signing occurs locally, preventing exposure of key data to the main OS or network.
Sensitive files use AES-256 encryption with per-device keys derived from hardware entropy and user PINs.
On devices without hardware support, Xym falls back to a software key vault secured with Argon2-derived keys and enforced biometric authentication.

This design prevents extraction even under forensic examination or full system compromise.

Previous1. Secure Sandbox Environment Next3. Integrated Private Network (VPN + DNS Shield)

Last updated 1 month ago

Good evening