Platform · Security

Your keys. Your trades. Your control.

A complete walkthrough of how Axiom protects funds, signatures, and data — from the non-custodial wallet architecture to the MEV-aware execution layer, hardware-wallet integration, and continuous external audits.

Non-custodial
By design
Client-side
Key encryption
Hardware
Ledger supported
Audited
Continuously
The model

What "non-custodial" actually means in practice

Axiom Trade is non-custodial. That phrase is overused in crypto, so it is worth defining precisely what it means here: at no point does Axiom take possession of, or control over, your private keys, your seed phrase, or the assets in your wallet. Every transaction you execute through Axiom is signed locally — by an in-browser keypair you have unlocked, by a hardware wallet you have approved on the device, or by a connected browser-extension wallet — and broadcast to the Solana network from your machine. Axiom's servers see signed transactions on their way out and indexed transaction history on the way back, but never the cryptographic material that would let them act on your behalf.

This is the single most important property of the platform. Every other security control described on this page is layered on top of it. If you want the short version: Axiom cannot move your money. You can. Only you can.

Key handling

How signing wallets actually work

Client-side encryption

Axiom-native hot wallets are encrypted in your browser with a password only you know. The encrypted blob is the only thing stored — never plaintext.

Hardware wallet support

Ledger and other hardware wallets sign on-device. The private key never touches the browser, the network, or Axiom's servers.

Extension wallet adapters

Phantom, Solflare, Backpack, and other standard Solana wallets connect via the wallet-adapter protocol. Axiom interacts with public methods only.

Session-scoped unlock

Hot wallets stay unlocked for the duration of an active session; idle timeout re-locks automatically and requires the password again.

Watch-only wallets

Add any wallet by address for portfolio tracking with zero signing capability. Watch-only wallets cannot be made to sign anything ever.

Per-wallet permissions

Different wallets carry different default slippage, routing, and TP/SL templates — surfaced on every ticket so no surprise parameter is ever applied.

Every action requires signature

Trades, transfers, and order cancellations all require a fresh signature — Axiom cannot 'auto-execute' anything without your explicit approval.

Transaction preview

Every signature prompt shows the exact instructions, programs touched, and tokens debited — no blank signature blobs, ever.

Self-broadcast option

Power users can opt to broadcast their own signed transactions via their preferred RPC provider, removing Axiom from the broadcast path entirely.

Execution layer security

MEV protection, simulation, and slippage hygiene

On Solana, transaction execution is exposed to MEV (maximal extractable value) — searchers running sandwich attacks, frontrunners, and other parasitic strategies that profit at the expense of unsuspecting swaps. Axiom's execution layer is designed to neutralise this class of attack across every market order.

Three-mode MEV protection

Every market order can be routed through one of three protection modes: standard(priority-fee tuning to outpace public mempool searchers), secure(private-mempool routing via Jito bundles to bypass public observation entirely), andturbo (a hybrid that uses Jito when latency is acceptable and falls back to standard otherwise). The active mode is visible on every ticket and configurable per wallet.

Pre-flight simulation

Before any market order is broadcast, Axiom simulates the transaction against the current chain state and reports the expected price impact, expected fee, and any error returns. If the simulation predicts a fill outside your slippage tolerance, the order is blocked client-side — it never hits the network. This catches both honest pool depth surprises and adversarial liquidity removal.

Explicit slippage controls

Default slippage is conservative; aggressive overrides require explicit confirmation. The UI does not silently accept "any slippage" — there is no infinite-slippage shortcut that lets a misclick drain a position into an empty pool.

Platform infrastructure

What runs on our side, and how it is hardened

Indexers and RPC

Axiom operates its own indexer cluster for Solana mainnet, fed by a redundant pool of RPC providers and our own self-hosted nodes. Multiple providers mitigates single-provider outage and single-provider censorship; self-hosted nodes give us a verifiable view that we control. The indexers are read-only with respect to user funds — they consume on-chain data only.

API surfaces

Every authenticated API endpoint requires a per-session token tied to your account. Rate limits prevent abuse; anomaly detection flags unusual access patterns and triggers re-authentication. Session tokens are short-lived and refresh-protected; a stolen session token cannot be used to extract or move funds because the system simply does not have that capability.

Operational practices

Production access is restricted to a small, vetted team with hardware-key 2FA and audit logging on every privileged action. Deploys go through code review, automated testing, and staging before production. Incident response is on-call 24/7 with public status updates for any disruption.

External audits

Axiom's smart-contract interactions and critical client code are audited by reputable external firms. Audit reports are published as they are completed; new modules go through independent review before they ship to the main interface.

What you can do

Personal security hygiene that materially helps

  • Use a hardware wallet for size. For balances you cannot afford to lose, a hardware wallet is the highest-leverage security investment you can make. Axiom supports Ledger natively; the experience is comparable to a hot wallet but the keys never leave the device.
  • Segregate wallets by purpose. A small hot wallet for tactical trading, a hardware wallet for size, watch-only views for cold storage. Multi-Wallet makes this easy and limits the blast radius of any compromise.
  • Verify every signature prompt. Axiom shows transaction details on every signature prompt; read them. If the instructions, programs, or tokens look wrong, reject the prompt and report it.
  • Back up your seed phrase offline. If you create an Axiom-native hot wallet, the seed phrase is shown once. Write it down on physical media, store it somewhere safe, and never type it into anything other than a hardware wallet recovery flow.
  • Be skeptical of links and DMs. No legitimate Axiom staff member will ever DM you asking for keys, seed phrases, or wallet imports. Bookmark the real domain and never click through unsolicited messages.
Disclosure

How we handle issues when they happen

Security is a process, not a state. We run a coordinated disclosure programme for independent researchers who find issues; reported vulnerabilities are triaged, fixed, and credited. When an incident affects users, we publish a postmortem with timeline, root cause, and remediation — without obfuscation. Trust comes from showing your work.

To report a vulnerability, contact security via the address listed on the Contact page with a reproducible description. Critical issues are acknowledged within 24 hours and triaged immediately.

FAQ

Common questions

Can Axiom freeze my account?

No. Axiom is a non-custodial interface; there is no balance to freeze. We can disable access to our UI for any account, but your funds remain in your wallet and are accessible via any other interface that supports the chain.

What happens if Axiom goes offline?

Your funds stay in your wallet because they were never anywhere else. Open orders that live on third-party order books (Hyperliquid perp orders, on-chain limit orders) continue to operate via the underlying protocol; orders that depend on Axiom's matching layer can be cancelled directly on-chain if needed.

Is my seed phrase ever sent to Axiom?

No. Axiom-native wallets encrypt the seed in your browser with a password you set; only the encrypted blob is persisted. Hardware wallets never expose the seed at all. External wallets manage their own seeds via their own apps.

Are smart contracts audited?

Yes. Audit reports for the protocols Axiom interacts with, and for Axiom's own on-chain components where applicable, are published as they are completed.

Ready to trade smarter?

Open Axiom Trade and put institutional-grade tooling to work in seconds.