Security

The protections behind your wallet, your trades, and the underlying assets.
Custody of underlying shares

Every tokenized asset on GM Markets is backed 1:1 by a corresponding share held in a segregated customer account at Interactive Brokers or Alpaca Markets. Both are regulated broker-dealers under the protections of their respective jurisdictions, with customer assets held separately from the broker’s own funds.

Reserves are independently attested in real time by Accountable, a third-party proof-of-reserves provider that reads broker balances directly and publishes them on-chain. Verify any asset on the Proof of Reserves page.

Wallet and key management

Your embedded wallet is operated by Privy using multi-party computation (MPC). No single party, including GM Markets and including Privy itself, ever holds your complete private key — the key is reconstructed from independent shares only at the moment of signing, on your device.

Every transaction is authorized by your biometric, passkey, or other authentication enrolled on your account. Recovery paths are designed so you always have a way back into your account: passkey on a backup device, email magic-link, and optional TOTP authenticator app.

Trades and withdrawals above $10,000 trigger a second-factor confirmation. There is no SMS-based authentication at any point.

Smart contracts

The on-chain contracts that mint, redeem, and account for every tokenized asset are independently audited by leading smart-contract security firms before deployment, and re-audited on every material upgrade. Audit reports are published in the security archive alongside the contract addresses.

The contracts enforce the 1:1 backing relationship and the wind-down redemption path, so the protections remain effective independent of GM Markets’ continued operation.

Continuity protection

A designated security agent has standing authority to act on token holders’ behalf. If GM Markets discontinues operations, the security agent works directly with the custodian to redeem outstanding tokens against the underlying shares and return their value to wallet holders.

This redemption path is enforced by the on-chain contract, and the underlying shares remain available to token holders through the segregated broker accounts at all times.

Bug bounty

We pay for responsible disclosure of security issues. Eligible categories include smart contract vulnerabilities, authentication bypasses, key-management weaknesses, and reserve-attestation manipulation. Rewards scale with severity, up to substantial payouts for critical findings.

Submit reports privately to security@gm.markets. We respond to triage within 24 hours and confirm scope, severity, and reward within 7 days.

Operational security

Internal access to production systems is gated by hardware-key authentication, scoped to least-privilege roles, and fully audited. Code shipping to production requires multi-reviewer approval, and infrastructure changes are deployed through automation that captures every action in an immutable audit log.

For account-specific protections — passkeys, TOTP, session management, withdrawal whitelisting — see Account → Security.