Security

Data handling

• Since Engine is self-hosted, you (the developer) maintain control over the server, database, logging, and observability.
• Engine handles configuration data encrypted in transit and at rest.
• Backend wallet signers are reconstructed only in memory on your Engine instance, and this data is never sent to thirdweb or other external platforms.
• thirdweb may collect the following information:
  • Metrics on which accounts are using Engine
  • Anonymized metrics on usage
  • Transactions history
  • (TBD future data to power advanced analytics)

Third-party security audit

As of October 2023, Engine is in the process of acquiring a security audit from an independent third-party.

Responsible disclosure

To report a security vulnerability, please contact security@thirdweb.com.

Legal

• Terms of Service
• Privacy Policy