Trust & Safety

Trust & Safety

How Tasmil keeps your money safe — non-custodial, capability-bound, auditable

TL;DR

Tasmil is non-custodial. You keep your wallet keys. The AI bot uses session keys with hard-coded limits — it can only interact with registered protocol strategies and cannot withdraw to any address except yours. Every transaction is visible on the Stellar ledger.

Tasmil earns trust through three principles:

  1. Non-custodial. Your funds live in a keeper-wallet that only you can revoke. The bot signs with a session key you authorized — it cannot take ownership.
  2. Capability-bound. The session key is whitelisted to specific contracts and functions. It can deposit and withdraw within registered strategies — nothing else. No arbitrary transfers. No draining.
  3. Auditable. Every transaction is on the public Stellar ledger. Contract addresses are published and verifiable. The rebalance engine's rules are documented in full.

Read the details: What the Bot Can Do - Risks - Audits & Addresses - Privacy.