Upgrade to the crypto wallet with no seed phrase vulnerability, powered and secured by MPC (Multi-Party Computation): Technology used by institutions to custody billions of dollars of crypto. ZenGo maintains the world’s largest open-source MPC library and holds multiple patents in consumer wallet security innovation.
Our security model speaks for itself: 0 ZenGo wallets have been hacked or stolen since founding in 2018. Learn more below.
MPC (Multi-Party Computation) cryptography has been used at the institutional level for years to custody billions of dollars by companies like Fireblocks and Coinbase.
ZenGo is the first crypto wallet to leverage MPC’s advanced security features for a consumer wallet, offering a self-custodial wallet with no seed phrase vulnerability. This is an order of magnitude more secure than seed phrase wallets: Even hardware wallets.
Traditional wallets rely on a seed phrase to interface with the blockchain. This singular vulnerability has led to seed phrase phishing, theft, and wallet misplacement. Over $100 billion dollars of Bitcoin has been lost or stolen in the last decade due to seed phrase mismanagement.
MPC wallets offer an order of magnitude more security than seed phrase based wallets: Leveraging MPC architecture allows ZenGo users to self-custody without seed phrases.
Instead of the traditional seed phrase, ZenGo is powered by two independently-created “secret shares.” One share (your Personal Share) is created and stored on your mobile device. The second share (your Remote Share) is created and secured on ZenGo’s servers.
Every time you initialize a transaction from your wallet, the two secret shares securely compute to create a signed transaction which interfaces with the blockchain.
ZenGo’s security model removes the single point of failure found in traditional wallets (a vulnerable seed phrase). When you create your ZenGo wallet for the first time, two secret shares are initialized: The Personal Share, which is stored on your mobile device, and the Remote Share, which is stored on ZenGo’s servers. An encrypted copy of your personal share is also stored on the ZenGo server, and the decryption code is stored in your personal cloud account.
ZenGo’s 3FA recovery system allows you to recover your shares and access your wallet if you’re moving your account to a new device. The 3FA process is comprised of: 1) Something you control; 2) Something you are; and 3) Something you store.
It only takes a few moments to recover your wallet. Simply confirm your email address, authenticate using 3D FaceLock, and the encrypted Personal Share is then decrypted on your device – restoring full access to your account.
Your email address, which is used to restore your account.
Add a secondary email address should the first one become unavailable.
3D FaceLock is a biometric liveness scan that ties your ZenGo account to you. This mathematical representation of your face is encrypted, scrambled and accessible to no one but you.
Add a secondary 3D FaceLock should something happen to the first one.
The Recovery File, securely stored in at least one of your cloud backup locations (iCloud/Google Drive and Dropbox). This file can only be unlocked by you and is useless to a hacker.
Backup your Recovery File in more than one location.
In 2022, over $3 Billion worth of NFTs and DeFi assets were hacked in Web3. It’s almost too easy for malicious actors to gain abusive permissions from users by impersonating legitimate services and scamming users to blindly sign transactions.
ZenGo’s built-in Web3 firewall – ClearSign – alerts, informs, and protects you against approving the most sensitive and vulnerable Web3 attacks. Sensitive on-chain transactions are classified into 3 risk levels, based on transaction sensitivity, levels of permission granted to the external systems, and known scams.
Just like a stoplight, with 3 levels of safety.
You are interacting with a verified Dapp and/or known smart contract. Look for the green checkmark during the signing process.
Depending on the context, you are interacting with an app that reflects uncommon behavior: Stay alert and confirm that intent is aligned with expected results.
ClearSign has detected highly unusual behavior and immediate attention is required. Most of the most sensitive red transactions require a double-confirmation.
No. ZenGo’s 3FA recovery process requires 3 security factors you control, including your email, the Recovery File stored in the cloud of your choice, and your 3D FaceLock.
Should an attacker get access to your email or your cloud recovery file, they would not be able to recover and access your ZenGo account because your 3D FaceLock would still be required. Since ZenGo was established in 2018, not one account has been hacked or stolen.
As long as your wallet is backed-up you should have no issues accessing your assets.
However, ZenGo is a self-custodial wallet, which means you are ultimately responsible for your assets. We try to make this as easy and foolproof as possible, and there are extra steps you can take to ensure redundancy if you ever need to recover your wallet.
You can lose your funds on ZenGo if both of these things were to happen: 1) You lose your device and need to recover it and 2) You lose access to one or more of the 3 factors necessary to authenticate your wallet recovery.
To mitigate that, you are encouraged to add a secondary email address, a secondary recovery kit using Google drive or Dropbox, and a secondary 3D FaceLock connected to your account. Learn more here.
No. As long as you have your email, Recovery File and 3D FaceLock, you will always be able to recover your account; You can also recover your account by moving from iPhone to Android by using Google Drive with your ZenGo Recovery Kit.
However if someone gets physical access to your phone with ZenGo on it and that same person has access to your device passcode, your ZenGo account is at risk as well as all other apps on your phone. It is therefore important you choose a strong device security PIN that is very hard to find to protect the access to your device. For added security, ZenGo won’t even let you receive assets until your phone’s device lock is activated.
ZenGo gives you additional security by allowing you to add a second trusted 3D FaceLock to recover your account. Should your face change meaningfully, you would be able to recover your account with the assistance of that person.
Note that minor changes like natural aging, a scar, or a light beard do not have any impact.
No. We have a guaranteed access solution so this never happens. Learn more here.
ZenGo is self-custodial and account recovery relies on 3 security factors. ZenGo does not have access to your personal share (stored on your personal cloud) or email address, both of which are necessary to access your account.
No. The technology used is resistant to the most sophisticated spoofing attacks.
No. ZenGo has been in operation since 2018. Not one account has been hacked or taken over since the company was founded.
Yes. We regularly perform formal and external security audits on our apps made by reputable firms. Our MPC cryptography is open-source, audited and peer-reviewed.
All transactions in your ZenGo wallet can only be initialized by you, and ZenGo can never spend your funds or access the assets in your wallet.
ZenGo’s MPC security system requires that any transaction you make be validated by ZenGo’s servers before being broadcasted to the blockchain. This adds an additional layer of security for all ZenGo users, and helps guarantee the integrity of your transactions, including hacks, fraud detection, and other types of risks. For example: Your built-in Web3 firewall – ClearSign – does not block transactions with blockchain apps that are marked as risky but only informs you clearly about the risks associated. You can always bypass this safety notification: Ultimately you are responsible for your assets and how you want to use them.
While in theory this secure architecture could be used to prevent certain transactions from being broadcasted, ZenGo has never done so – ever since the company was founded.
ZenGo has no access to any private information about you besides your email, and this email can be non-nominative should you choose.
ZenGo does not provide investment or trading services. Instead, we partner with vetted partners that offer these services. Each partner is clearly disclosed and you are invited to agree to their terms and conditions before using them. Although we spend a considerable amount of time selecting these partners for you, it is important you take the time to read and understand how they operate and their respective security models.
Scan this QR code
Enter your phone number to receive a download link.