Foundation is built upon institutional grade encryption and is secure through multiple layers of protection:
Your seed phrases are encrypted and decrypted only on your mobile device using the device's secure enclave. Foundation never sees, stores, or transmits your unencrypted seed phrase at any time.
The encryption process uses your device's secure enclave to generate a private key locked with Face ID. This key encrypts your secrets using elliptic curve cryptography and AES-GCM, and the private key never leaves your device.
Even if Foundation were compromised, no secrets would be exposed as only encrypted data is stored. Decryption requires your device, biometric authentication, and MFA.
On a compromised device, your data remains protected as decryption requires both biometric-gated hardware keys and MFA-authenticated access to your Foundation account.
Foundation cannot access your wallets even under legal pressure, as only your registered device holds the decryption key protected by your biometrics.