The Masumi Payment Service handles financial transactions and requires secure wallet management. This guide outlines critical security considerations and best practices.
-
Transaction Wallet
- Purpose: Handles incoming payments
- Requirements:
- Maintain sufficient funds for smart contract interactions
- Automatically receives small fee from payouts for liquidity
- Note: Can be split into multiple wallets for parallel processing
-
Collection Wallet
- Purpose: Stores accumulated funds
- Requirements:
- Should be a cold storage wallet
- Credentials should NOT be available to this service
- Preferably managed through hardware wallet
-
Purchase Wallet
- Purpose: Handles outgoing payments
- Requirements:
- Maintain sufficient funds for purchases
- Additional ADA for transaction fees
- Regular monitoring of balance
- Only fund it as much as you expect to spend
- Credentials are encrypted and stored in the database
-
Network Security
- Never expose service to public networks
- Use secure VPN or private network access
- Implement strict firewall rules
-
Access Control
- Implement minimal role-based access control
- Use strong API key authentication
- Regular audit of access patterns
- Ensure API key confidentiality
-
Data Protection
- Encrypt sensitive data at rest
- Secure key management
- Regular backup procedures
-
Updates
- Deploy regular security patches
- Version control monitoring
- Dependency updates
-
Monitoring
- Transaction monitoring
- Wallet balance alerts
- Error rate tracking
- Smart contracts are (currently) audited by TxPipe
- The payment service is not yet audited by a third Party. Do check the codebase before exposing it publicly
We follow security best practices, however this is in a MVP state. Any use is at your own risk.