Your funds are always yours
Security & Trust
We handle real money, so we built Polyfollow so that we never have to touch yours. Here's exactly how your funds are protected.
0
Funds we hold
100%
User-controlled
On-chain
Verifiable
Non-Custodial Architecture
- Polyfollow never holds, controls, or has access to your funds.
- All trades execute through your own smart account wallet.
- You retain full ownership and control of your assets at all times.
- We cannot withdraw, transfer, or freeze your funds — by design.
Smart Account Security (ZeroDev)
- Your wallet is a smart contract account powered by ZeroDev (ERC-4337).
- Session keys allow Polyfollow to execute copy trades with limited, scoped permissions.
- Session keys cannot transfer funds out of your wallet — only place trades on Polymarket.
- You can revoke permissions at any time from your Settings page.
Encryption & Data Protection
- All communication is encrypted via TLS 1.3 (HTTPS).
- Authentication is handled by Privy — we never store passwords or raw credentials.
- Sensitive data at rest is encrypted in our Supabase database with row-level security (RLS).
- API keys and secrets are managed through secure environment variables, never hardcoded.
What Happens If Polyfollow Shuts Down?
- Your smart account wallet exists on-chain — it doesn't depend on Polyfollow.
- All your funds and open positions remain fully accessible.
- You can interact with your wallet directly through any Ethereum-compatible interface.
- No copy trades will execute, but your existing positions and funds are unaffected.
Transparency
- Every trade we execute on your behalf is visible in your dashboard with full details.
- You can verify all transactions on-chain at any time.
- Our fee structure is clearly displayed on the Pricing page — no hidden costs.
- Trade execution logs show exactly when and why each trade was placed.
Questions about security? Reach out at security@polyfollow.com