Security is the foundation of trust in any financial system. At NexusZen, we employ multiple layers of protection to ensure that your account, your mining rewards, and your personal data remain safe at all times.

Account Security

Authentication

NexusZen supports multiple authentication methods:

Rate Limiting

All sensitive endpoints are protected by Redis-based rate limiting:

This prevents brute-force attacks and abuse while maintaining a smooth experience for legitimate users.

Data Protection

Encryption

All data transmitted between your browser and our servers is encrypted using TLS 1.3. Your password is never stored in plaintext. Sensitive configuration data is managed through environment variables and never exposed in the codebase.

Database Security

We use parameterized queries exclusively, preventing SQL injection attacks. The database is isolated from the public internet and accessible only through the application layer.

Mining Security

Session Integrity

Each mining session is cryptographically signed and tracked in our database. Sessions cannot be forged or extended beyond their 12-hour duration. Reward calculations are performed server-side and verified before any tokens are distributed.

Claim Protection

Our claim system uses idempotency keys to prevent double-claiming. Each claim request is logged with a unique key, timestamp, and IP address. If a claim is interrupted and retried, the system detects the duplicate and safely returns the existing result.

Smart Contract Security

While NexusZen currently operates with a centralized backend for reliability and speed, future smart contract deployments will undergo:

Your Role in Security

Security is a shared responsibility. We recommend:

Our Commitment

NexusZen is committed to transparency in security. You can read more about our security practices in the [Whitepaper](/whitepaper). [Create your secure account](/signup) and start mining with confidence.