Trust & Security
Trust
Last updated: July 14, 2026
CryPrice is a read-only DeFi risk intelligence platform. This page consolidates trust signals for security researchers, antivirus vendors, and enterprise reviewers — including architecture guarantees, disclosure policy, and official contacts.
Read-Only Architecture
CryPrice aggregates publicly available blockchain and DeFi protocol data for public addresses users choose to monitor. The platform displays analytics, optional notifications, and reports based on that data.
CryPrice does not execute blockchain transactions, connect wallets, or take custody of assets.
- Never requests seed phrases
- Never stores private keys
- Never signs transactions
- Never executes blockchain transactions
- Never takes custody of assets
No Custody · No Wallet Connection
Users add public addresses for monitoring only. CryPrice cannot move funds from monitored wallets because we do not possess signing authority or private keys.
Google OAuth is used for CryPrice account access only — not wallet access. Telegram is optional for user-configured notifications.
Data Sources
CryPrice reads public on-chain state and protocol data (for example Aave V3 positions) via blockchain RPC providers and protocol adapters. Market price data may come from CEX/DEX/off-chain feeds normalized by the backend.
Displayed data may be delayed or incomplete due to upstream provider limits, chain conditions, or maintenance. CryPrice is informational software — not financial advice.
Infrastructure Summary
Public CryPrice surfaces are served over HTTPS. DNS is protected with DNSSEC where enabled. The marketing site and related static assets are delivered through Cloudflare CDN.
CryPrice is built as a read-only operational stack: ingestion, normalization, storage, and delivery — coordinated through a backend-centric architecture.
- Flutter Web / Telegram
- REST API
- Monitoring Engine
- Blockchain & Market Data
- PostgreSQL / Redis
- Alerts & Reports
Open-Source & Technology Stack
CryPrice combines a Flutter Web frontend, Node.js backend, PostgreSQL persistence, Redis caching, scheduled blockchain data sync, protocol adapters, and optional Telegram notifications into a read-only DeFi monitoring stack.
Public engineering repositories: https://github.com/adrassad/cryprice
- Flutter Web — portfolio dashboard
- Node.js + Express — read-only API and workers
- PostgreSQL — durable application state
- Redis — caching and queue infrastructure
- BullMQ — background job processing
- Cloudflare — CDN and edge delivery for public websites
Privacy
CryPrice processes public blockchain addresses for read-only monitoring plus account-access data (Google OAuth) and optional Telegram identifiers for notifications you configure.
See the Privacy Policy at https://cryprice.dev/privacy and the Transparency page at https://cryprice.dev/transparency.
Responsible Disclosure
Report security vulnerabilities to [email protected] (mailto:[email protected]). Do not open public GitHub issues with exploit details before we have had a reasonable opportunity to investigate.
Full security model: https://cryprice.dev/security
GitHub security policy: https://github.com/adrassad/cryprice/blob/main/SECURITY.md
security.txt
Machine-readable security contact metadata: https://cryprice.dev/.well-known/security.txt
Canonical security.txt is also published on api.cryprice.dev and app.cryprice.dev.
Acknowledgments
CryPrice appreciates responsible security reports from researchers and vendors. We do not currently operate a public paid bug bounty program.
With reporter permission, we may acknowledge good-faith disclosures on this page or via public release notes.
Transparency
Project status, funding context, and development principles: https://cryprice.dev/transparency
General contact: https://cryprice.dev/contact
Contact Information
Security: [email protected]
Support: [email protected]
Privacy: [email protected]
Legal: [email protected]
Founder: [email protected]
GitHub: https://github.com/adrassad/cryprice
X: https://x.com/AdrasSad
Telegram: https://t.me/adrassad