Security

Security at XE

Security is foundational to the XE protocol. From hardware root of trust to end-to-end encrypted messaging, every layer is designed with security as a first principle.

Our Security Approach

  • HTTPS everywhere with strict transport security.
  • End-to-end encryption for all M2M communications.
  • Hardware secure enclaves for key storage and identity attestation.
  • Bcrypt password hashing with high cost factors.
  • Rate limiting on all authentication endpoints.
  • CSRF protection and secure session management.
  • Input validation and parameterised queries on all API endpoints.
  • Comprehensive audit logging for sensitive operations.
  • Regular security audits and penetration testing.
  • Open source code for community review and inspection.

Responsible Disclosure

We welcome security researchers to responsibly disclose vulnerabilities. If you discover a security issue, please report it to us privately so we can address it before public disclosure. Email security issues to security@xe.network with detailed steps to reproduce.

Email Security TeamContact Us