Security model

How Accredifi proves wallet ownership, controls data access, and produces audit-ready evidence - without taking custody or moving assets.

No custody, no key exposure

Accredifi verifies wallet ownership without ever holding assets or accessing private keys. Users sign a message; Accredifi verifies the signature and records the proof. Assets never move.

  • Private keys never leave the wallet. Accredifi receives only the signature output—not the key that produced it.
  • No transfers required. Proof of ownership does not require moving funds to a custodian, escrow, or intermediary address.
  • User remains in control. Wallet access can be granted, scoped, and revoked—but the underlying assets remain entirely under user custody.

How verification works

Users prove wallet ownership by signing a unique, one-time message. The message is bound to the user's identity and timestamped to prevent replay. Accredifi verifies the cryptographic signature against the wallet's public address and records the result.

1

Message generated

Accredifi creates a signing request containing a unique ID, user identifier, and timestamp.

2

User signs

The user signs the message with their wallet. The private key never leaves the wallet.

3

Signature verified

Accredifi verifies the signature cryptographically and records the verification with its timestamp.

Important: what verification proves

  • Control at a point in time. A verification proves the user controlled the wallet when they signed - not that they still control it now. For ongoing assurance, use verification schedules to require periodic re-signing.
  • Ownership, not balance. Verification proves the user controls the wallet. Balance data is fetched separately and represents a snapshot at that moment - it is not part of the cryptographic proof.

Scoped data access

Users grant institutions access to specific categories of wallet data - not blanket visibility. Each access request specifies which scopes are needed, and the user must accept before any data is shared.

Available scopes

  • wallet:read

    Basic wallet info

    Wallet identifiers, chains, and labels

  • wallet:address

    Addresses

    Public addresses associated with the wallet

  • wallet:balance

    Balances

    Current balance snapshots

  • wallet:transactions

    Transactions

    Transaction history for the wallet

  • wallet:verification:view

    Verification proofs

    Timestamped verification records

Institutions only receive data for the scopes the user accepted. If an institution requests transaction history but the user declines that scope, transaction data is not accessible - even if other scopes were granted.

Access lifecycle

Wallet access is stateful: it is granted, can be scoped and scheduled for reverification, and can be revoked or expired. Institutions configure when reverification is required; users must sign again by the due date to maintain access.

Access request

Institution specifies scopes

User accepts

Signs to prove ownership

Access granted

Scoped access begins

Ongoing access

API + webhook events

Revoke or expire

User or schedule ends access

Verification states

When a verification schedule is attached, access moves through defined states based on time and user action.

  • VALID

    Access is active and verification is current

  • DUE_SOON

    Reverification required within the configured window

  • OVERDUE

    User missed the reverification deadline

  • SUSPENDED

    Access paused due to overdue verification (can be restored)

  • REVOKED

    Access terminated (by user, institution, or policy)

Overdue behaviour is configurable per schedule: warn only, suspend access, or revoke entirely. Webhooks fire on state transitions so your systems stay in sync.

Audit trail

Every verification, access decision, and state change is recorded. The system produces the evidence trail institutions need for compliance review, internal controls, and regulatory defensibility.

Verification records

Each signature verification is stored with the signed message, signature, wallet address, user identifier, and timestamp.

Access grants and revocations

When access is granted, modified, or revoked—who initiated it, what scopes were involved, and when it occurred.

Reverification events

Each scheduled reverification is logged with trigger, result, and timestamp.

State transitions

Changes between verification states (valid, due soon, overdue, suspended, revoked) are recorded with timestamps.

Institutional evidence

Accredifi provides timestamped, tamper-evident proof that a specific user controlled a specific wallet at a specific time. Combined with balance snapshots and access logs, this forms the evidentiary basis for underwriting, accreditation, and compliance decisions - without requiring you to build the logging infrastructure yourself.

What Accredifi does - and does not - do

Accredifi provides verifiable evidence of wallet control and scoped access to wallet data. How you use that evidence - for underwriting, accreditation, AML, or other purposes - is your organisation's decision and responsibility.

Accredifi provides

  • Cryptographic proof of wallet control at a point in time
  • Scoped, user-granted access to wallet data
  • Balance snapshots and transaction history (when scoped)
  • Timestamped audit trail of access and verification events

Accredifi does not

  • Take custody of assets or require asset transfers
  • Access or store private keys
  • Provide legal advice or compliance determinations
  • Replace your compliance programme or regulatory obligations

For contractual terms and data practices, see our Privacy Policy and Terms & Conditions.