# Security ### Structural Supports in Place Security is of paramount importance to BIMA. We are committed to safeguarding the assets and personal information of our users. This Security Policy explains the steps we take to ensure the highest level of protection for our platform and the USBD stablecoin ecosystem. **1. Data Encryption and Blockchain Integrity** * **Immutable Transactions**: Transactions on the blockchain are immutable, meaning they cannot be altered or tampered with once they are confirmed. * **Public Key Cryptography**: All transactions and interactions on the platform are secured using advanced cryptography to ensure that only the intended parties can access and control their assets. **2. Smart Contract Security** * **Audits**: Our smart contracts are rigorously audited by third-party security firms to ensure they are free from vulnerabilities and operate as intended. * **Ongoing Monitoring**: We continuously monitor our smart contract environment for any unusual activity or potential threats. **3. User-Controlled Security** * **Self-Custody**: Users are responsible for the security of their private keys and wallets. BIMA has no access to user funds or private keys. * **MFA and Hardware Wallets**: We recommend users implement multi-factor authentication (MFA) where applicable and utilize hardware wallets for added security. **4. Cold Storage for Reserves** * **Bitcoin LST Backing**: The assets backing the USBD stablecoin are held securely in cold storage, reducing the risk of online threats. However, the underlying LSTs and UTXO assets deposited into BIMA's vaults to mint USBD will sit in the smart contract. * **Auditable Reserves**: Our reserves are fully auditable and transparent, aligning with our commitment to decentralized and secure operations. **5. Incident Response** * In the event of a security breach, we will notify users through decentralized communication channels. Our incident response team will act quickly to assess and mitigate any issues. **6. Bug Bounty Program** * We encourage community participation in our security efforts through our bug bounty program. Ethical hackers are invited to report vulnerabilities in exchange for rewards, helping us strengthen the platform. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bima.money/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.