CX
CoinExchange.Cash

Public security and deployment evidence

Trust & Security

Straightforward answers about how the platform protects trades — including what it does and does not protect against.

Escrow architecture

On escrow-capable chains, P2P trades use chain-specific 2-of-3 multisig escrow. The three participants are the buyer, seller and platform arbitrator, and any two must authorize a release or refund. Escrowed crypto is not pooled in a single company hot wallet.

Threat model — what escrow does and doesn't cover

Escrow reduces custody and counterparty risk: no single participant can move the crypto alone. It does not eliminate every risk. Funds can remain locked if the required co-signers are unavailable; escrow cannot reverse an off-platform payment, stop phishing or social engineering, recover a lost wallet key, or remove blockchain and smart-contract risk. Keep communication and payment evidence within the trade.

Dispute process

If a trade goes wrong, either party can open a dispute. An arbitrator reviews the in-trade evidence (messages, payment proof) and co-signs to release funds to the buyer or refund the seller. The arbitrator alone cannot take funds — two of three signatures are always required.

Identity-verification exceptions

Standard P2P browsing and lower-volume wallet-based activity may be available without identity documents. Verification can be required for higher trade volumes, fiat on/off-ramp access, risk-monitoring flags, or legal and regulatory obligations. Access may be restricted if required verification is not completed.

Arbitrator key custody

Current server-side arbitrator keys use software custody: AES-256-GCM encrypted in PostgreSQL and decrypted in process memory for signing. Hardware HSM integration such as CloudHSM or YubiHSM remains future work.

Contract verification

Escrow deposits, releases and refunds can be inspected on the relevant public block explorer. The EVM escrow contract source is published, but source publication alone is not proof that deployed bytecode matches it: check the displayed contract address and explorer verification where available. We do not claim a third-party audit or certification we have not received.

Bitcoin / LitecoinLive on-chain multisigP2WSH 2-of-3
Base / EVMSource published; production deployment not publishedpackages/contracts
Monero / Solana / TRON / CardanoIn development; do not treat as live multisigpackages/escrow
CXCash / AztecTestnet onlypackages/cxcash-contract

Published contract-address record

No EVM escrow production address or verified deployment manifest is currently published.

Reproducible deployment and source verification

  1. pnpm --filter @coinexchange/contracts compile
  2. pnpm --filter @coinexchange/contracts deploy:base-sepolia
  3. pnpm --filter @coinexchange/contracts verify:base-sepolia -- <address>
Review the published contract source

Data retention

Retention depends on the data: trade and transaction records are kept for at least 5 years; KYC records, when collected, are generally kept for 5 years after the relationship ends; audit logs for at least 2 years; trade chat for the trade plus 1 year; and session/security logs for up to 90 days. We do not sell personal data. See the Privacy Policy for the complete schedule.

Read the full Privacy Policy

Uptime & incident transparency

We do not currently publish an independently verified uptime percentage or promise an uptime SLA. Availability depends on the web app, API, wallet providers and the relevant blockchain. Material security or availability incidents will be described in dated public updates after containment when disclosure will not increase risk; users can report issues through the Help Center.

No entries have been added to this public incident register. This is not proof that no incident occurred and is not an uptime guarantee.

Live API readiness

Check current API status

This point-in-time check is not an uptime SLA or historical availability report.

Trust & Security | CoinExchange