How Are My Funds Protected?

Your money is held in your own account — not by Peanut. Only you can move your funds, using your device's biometric authentication (fingerprint or face). Peanut never has access to your keys or your money. Even if Peanut's servers go down, your funds remain accessible.

How It Works

Your Peanut account is backed by a personal smart account on the Arbitrum network. Your private key is generated from your device's biometric (fingerprint or face), sealed in your device's Secure Enclave, and never sent to Peanut's servers. Every transaction requires your biometric authentication — no one can move your funds without your physical device and your fingerprint or face.

What Peanut Cannot Do

  • Cannot access your funds — your money is in your own account, not Peanut's
  • Cannot freeze your account — there is no mechanism for Peanut to block your access
  • Cannot reverse transactions — completed transactions are final
  • Cannot see your identity documents — verification is handled by a certified third-party provider; Peanut only receives a yes-or-no result

What Happens If Peanut Goes Down

Your funds are safe. Your account exists independently on the Arbitrum network. If Peanut's app becomes unavailable, you can access your funds directly using any compatible wallet application — you are not locked in.

Authentication

Peanut uses passkey authentication — no passwords, no traditional two-factor authentication. Your passkey is:

  • Generated from your device's biometric (fingerprint or face)
  • Sealed in your device's Secure Enclave — never exported, never touches Peanut's servers
  • Synced across devices via iCloud Keychain (Apple) or Google Password Manager (Android)

Every transaction requires a fresh biometric verification. Someone would need physical access to your device and your fingerprint or face to authorize any action.

Identity Verification

Verification is handled by Persona — a SOC 2 Type 2, GDPR-compliant, ISO 27001-certified provider used by companies like Square and Robinhood. Your documents are stored by Persona, not by Peanut. Peanut only receives a yes-or-no verification result. Your identity documents are never visible to the Peanut team.

Data Protection

  • GDPR compliant — you can request data deletion at any time
  • No data sharing — your data is not shared with third parties beyond what is required for transactions and verification
  • Encryption — passkey uses NIST P-256 Elliptic Curve cryptography

FAQ

Chat with Support