How Quantum Zherx Keeps Client Funds Safe

At Quantum Zherx, client funds are protected through segregated accounts, cold-first custody, and multi-layer operational controls backed by independent reviews. In practice, that means customer assets are kept separate from company operating funds; the majority of assets live in offline, geo-distributed cold storage (with MPC/multi-sig); hot wallets are capped with real-time monitoring; withdrawals are guarded by allow-lists, velocity limits, and step-up authentication; and our proof-of-reserves + liabilities methodology and status reporting let you verify—not just trust.

1) Segregated Accounts: Clear Lines Between Client and Company Funds

• Strict separation: Client assets are custodied in accounts distinct from corporate OPEX.
• Independent ledgers: Reconciliations ensure on-chain balances match customer liabilities.
• No rehypothecation: Client balances aren’t used for company expenses or risk-taking.

Why it matters: Segregation prevents commingling and simplifies audits, incident response, and—if ever needed—orderly wind-downs.

2) Cold-First Custody: Offline by Default, Online Only as Needed

• Cold storage majority: The overwhelming share of assets is stored offline in tamper-resistant hardware within restricted facilities.
• MPC / multi-sig controls: No single person, device, or location can unilaterally move funds.
• Geographic distribution: Key shards are split across multiple regions to reduce correlated risks (natural disasters, local outages).

Hot wallet policy:

• Tight balance ceilings sized for day-to-day withdrawals.
• Automated, reviewed top-ups from cold storage.
• Continuous monitoring for anomalies (destination risk, outflow spikes, unusual timing).

3) Withdrawal Safety: Protecting the Last Mile

• Address allow-listing: Optional user-controlled lists of trusted addresses.
• Velocity limits: Adaptive per-account caps and throttling for unusual activity.
• Step-up authentication: Large or first-time withdrawals require FIDO2/OTP prompts.
• Cooling-off windows: Security-setting changes (new device, new address) trigger brief locks before big transfers.

4) Proof-of-Reserves—With Liabilities Context

“Assets exist” is only half the story. Quantum Zherx pairs asset attestations with a transparent liabilities methodology, so users understand coverage and assumptions. We document wallet ownership proofs, reconciliation frequency, exclusions (e.g., pending transactions), and how to independently verify inclusion without exposing personal data.

5) Compliance & Market Integrity

• KYC/AML with privacy guardrails: Tiered verification aligned to product use.
• Transaction screening: Deposits/withdrawals checked for sanctioned or compromised funds.
• Market surveillance: Controls against wash trading, spoofing, and manipulation help keep order books fair.

6) Operational Security: People, Process, Proof

• Least-privilege access: Role-based, time-bound production access using hardware keys; everything is logged.
• Change management: Four-eyes reviews, staged rollouts, and tested rollback plans for wallet and trading systems.
• Business continuity: Encrypted backups, disaster-recovery drills, and cross-site failover capabilities.
• Vendor diligence: Custody tech, cloud, and analytics partners are vetted; keys never leave approved HSM/MPC boundaries.

7) Transparency You Can Check

• Live status & incident notes: We publish uptime, maintenance notices, and any service degradation in plain language.
• Security documentation: Public overviews of custody architecture, withdrawal controls, and PoR methodology.
• Independent assessments: Summaries of third-party reviews, plus remediation notes where applicable.

8) What Traders Should Look For (Anywhere)

Use this quick checklist to evaluate any platform:

1. Segregation: Are client and company funds separated in practice and in policy?
2. Cold-to-hot split: What percentage is offline, and who enforces hot-wallet caps?
3. Key management: Is MPC/multi-sig in place with geographic distribution?
4. Withdrawal controls: Allow-lists, velocity limits, and strong authentication available?
5. PoR scope: Does it include liabilities context and independent verification?
6. Transparency: Is there a public status page and incident history?
7. Ops security: Are access and change controls documented and auditable?

Closing

Security isn’t a single feature—it’s a system that must hold up under pressure. Quantum Zherx combines segregated funds, cold-first custody, layered withdrawal controls, and verifiable transparency so you can trade with confidence—and verify the safeguards yourself.