TrenchFlow focuses on transaction transparency before signature. Primary security objective: reduce blind signing risk for Solana traders.
- No seed phrase collection anywhere
- No private key storage anywhere
- No hidden fee injection logic
- No hidden instruction insertion logic
- No auto-execution trading flow
- Decoder + safety findings surfaced before action buttons are enabled
- No all-sites scanning by default
- Site access is optional and revocable
- Scanner can be paused
- Local audit log does not store page content
- No remote script execution
- No
eval
- Zod request validation
- Structured error envelopes
- Rate limiting
- CORS policy from env (
CORS_ORIGINS) - Health/dependency status endpoint
The decoder supports partial protocol recognition and risk flags, but it is not a formal verification engine.
If status is partially_decoded, unknown_program, or needs_manual_verification, manual review is required.
Until a dedicated channel is published, open a private security report via GitHub Security Advisories for this repository.