Security You Can Trust
InjSight AI is built on a foundation of read-only access, data minimization, and transparent security practices. Your funds and private keys are never at risk.
Read-Only
We only read public blockchain data. Never write.
No Custody
Funds stay in your wallet. We never hold assets.
No Private Keys
Your keys are never requested or stored.
AI Safety
Outputs are advisory only — you stay in control.
Architecture
Read-Only Architecture
Every data flow in InjSight AI is strictly one-directional — from the blockchain to you.
Your Wallet
Your Injective address
Injective Chain
Public on-chain data
InjSight AI
Aggregation engine
AI Analysis
GPT-4 powered intelligence
You See Results
Insights displayed to you only
At no point in this flow does InjSight AI have write access to your wallet or private keys.
Principles
Our Security Principles
Read-Only by Design
InjSight AI exclusively reads from public Injective blockchain data. We never submit transactions, request signatures, or interact with any wallet functions. Our platform has zero write access to any blockchain.
Data Minimization
We collect only the wallet addresses you explicitly provide. No email is required to analyze a wallet. No cookies track your behavior across sessions. Analytics are aggregated and anonymized.
Infrastructure Security
All data in transit is encrypted with TLS 1.3. Our APIs are rate-limited and protected against DDoS attacks. Databases are encrypted at rest with AES-256. Access logs are retained for 90 days.
No Authentication Required
Analyzing public wallet data requires no account. When you create an account to save wallets, your password is hashed with bcrypt — we never store plaintext credentials.
Compliance
Security Certifications & Practices
SOC 2 Type II
In progress
TLS 1.3
Enforced
DDoS Protection
Always On
Dependency Audits
Weekly
Secure Infrastructure
AWS / GCP
Data Minimization
GDPR Aligned
FAQ
Security Questions
Can InjSight AI access or move my funds?
No. InjSight AI is a read-only analytics platform. We only query public blockchain data using your wallet address. We have no mechanism to initiate transactions, request signatures, or interact with your wallet in any way.
Do you store my wallet address?
Only if you explicitly save it to your account. Guest analyses are ephemeral — we do not persist addresses from unregistered sessions. Saved wallets are stored encrypted and associated only with your account.
Is my AI chat conversation stored?
Chat sessions are retained temporarily to maintain context within a single session. We do not use your conversations to train AI models. Conversations are purged after 30 days of inactivity.
What data do you query from Injective?
We query publicly available on-chain data: token balances, transaction history (last 90 days), DeFi protocol positions, staking data, and governance participation. All of this is already publicly visible on Injective Explorer.
How do I request deletion of my data?
Log in to your account, go to Settings → Privacy, and click 'Delete Account'. All your data including saved wallets, report history, and chat logs will be permanently deleted within 72 hours.
Still have security questions?
Reach out to our security team directly at security@injsight.ai