Blockchain Security
How Bervice secures payments, referrals, and on-chain interactions using a defense-in-depth approach that blends minimal on-chain surface area, audited smart contracts, and strong key management.
All user transactions are signed locally by the client. We recommend hardware-backed key storage where available, and support wallet connectors that never expose raw private keys to the app. Contract interactions are designed to be idempotent and include chainId and nonce safeguards to prevent replay across networks.
Our contracts follow strict upgrade and ownership policies: time-locked admin actions, multi-signature control for sensitive operations, and a no-emergency-drain rule (no hidden withdraw functions). Any upgrade paths are disclosed and use proxy patterns with explicit versioning. If upgradability is not required, we ship immutable deployments.
On-chain events are the single source of truth for subscription status and referrals. The application listens to confirmed events and reconciles state against a finality threshold (configurable per network) to avoid reorg edge cases. Monitoring covers unusual patterns (sudden referral spikes, failing payments, or anomalous gas patterns) and routes alerts to our on-call pipeline.
While Bervice employs post-quantum cryptography (PQC) for data encryption off-chain, chain interaction currently relies on widely adopted ECDSA/EdDSA primitives used by the supported networks. If PQC-ready chains or wallet standards mature, we will provide a hybrid-signing migration path. Your on-chain funds remain in your control; Bervice never takes custody.