Docs
Privacy model
A factual data-flow: what the client handles, what the server handles, and what is never stored.
Design principle
Vaelun is intentionally client-heavy for sensitive workflows. Transaction data, balances, and intent contents are handled in your browser and are not stored server-side by the application.
What the client handles
- Wallet connection and signing — keys never leave your wallet.
- Building and signing intents; the signed payload is forwarded to be filled, not warehoused.
- Displaying balances and positions fetched live.
What the server handles
- Verifying a login signature and issuing a signed session cookie — no password, no PII to authenticate.
- Proxying quote, publish, and status calls and attaching server-only credentials; request bodies are validated, not stored.
- Single-use nonces and rate-limit counters, kept briefly with short lifetimes.
Third-party processors
Depending on configuration, the routing and solver services, a Redis provider, RPC providers, and optionally a database and error-monitoring service may process data. Each sees only what its function requires.