Your keys.
Your security.

When you create a wallet, a cryptographically random 256-bit entropy value is generated entirely inside your browser or app using the platform CSPRNG (window.crypto.getRandomValues / SecureRandom). It is converted to a BIP-39 24-word mnemonic and shown to you exactly once. It is never sent over the network, never written to a server, never logged.

The mnemonic is encrypted with AES-256-GCM before it touches storage. The encryption key is derived from your PIN using PBKDF2-SHA-256 with 210,000 iterations — the OWASP-recommended minimum for 2024. On supported devices, the derived key is additionally wrapped by the platform Secure Enclave / StrongBox, so the ciphertext is useless without the hardware attestation.

After initial PIN setup, subsequent unlocks use FIDO2 WebAuthn (Face ID, Touch ID, Windows Hello, or a hardware security key). The platform authenticator signs a challenge derived from the session nonce; American Reserve never handles a biometric template. The PIN-derived key is retrieved from the Secure Enclave only after a successful biometric assertion.

Every address is derived from your seed phrase using the BIP-32 hierarchical-deterministic algorithm with coin-type paths standardised by BIP-44 (legacy) and BIP-84 (Native SegWit). Because derivation is deterministic and follows published standards, any compatible BIP-39 wallet can reproduce your addresses from the same 24 words.

American Reserve operates no key management service, no HSM cluster, and no recovery endpoint. There is no "forgot password" flow that involves our servers because we hold nothing. If you lose your seed phrase and cannot unlock your device, no entity — including American Reserve — can recover your funds.

The wallet-core cryptography package is published open-source. The key-derivation, encryption, and address-generation paths can be audited, forked, and reproduced independently. Deterministic builds allow you to verify that the binary distributed through app stores matches the published source.