Security Architecture

Security on BASIS is a system property. It includes identity controls, asset segregation, deterministic execution, operational access control, third-party dependency management, and internationally certified management controls.

BASIS operates with institutional-grade security and service governance aligned to internationally accredited standards. BASIS DIGITAL INFRASTRUCTURE LTD maintains active certification to ISO/IEC 27001:2022 and ISO/IEC 20000-1:2018, with public verification available through IAF CertSearch.

The platform security model is designed around execution precision, structural alpha capture, and bounded state transitions. This means the system limits what can happen by design, rather than relying only on operator judgment after the fact.

Certification and governance

The BASIS control environment is supported by an active ISO/IEC 27001:2022 certification covering software design, quantitative research systems, associated IT infrastructure, and information security management.

BASIS DIGITAL INFRASTRUCTURE LTD also maintains an active ISO/IEC 20000-1:2018 certification.

Certified entity record: Entity Record on IAF CertSearch

These certifications reinforce the BASIS operating model by placing security and service management under documented controls, formal review, and externally verifiable governance.

1) User authentication: passwordless OTP

BASIS uses passwordless email OTP authentication. BASIS does not store user passwords.

1.5) Execution security: BHLE and deterministic state control

The Base58 Hyper-Latency Engine, or BHLE, is the execution infrastructure behind BASIS. It is engineered for deterministic routing, execution precision, and structural alpha capture under tightly bounded risk controls.

Core execution characteristics:

• Sub-50μs decision latency

• 100K+ OPS processing capacity

• Proprietary routing infrastructure

• Deterministic execution paths

• Math-constrained state transitions

• Explicit stop conditions and circuit logic

• State machine risk controls that restrict invalid or out-of-policy actions

This architecture reduces discretionary behavior at the infrastructure layer. The objective is not only speed, but correctness under stress.

Key security properties:

• execution logic is separated from user-facing asset states

• allowable actions are constrained by product rules

• invalid transitions are rejected at the state-machine level

• risk controls can halt routing or settlement progression when constraints are breached

• structural alpha capture is pursued through deterministic routing logic, not through unrestricted operator intervention

2) Asset security: wallets and permissions

BASIS separates wallet functions at the product level:

This separation is intentional. It reduces ambiguity in asset state, improves auditability, and limits the impact of invalid transitions.

Deposit model by asset type

Product state constraints

These rules are part of the security model. By narrowing valid state transitions, BASIS reduces operational ambiguity and unauthorized path expansion.

3) Operational security

Operational security includes:

• role-based access control

• environment segregation across development, staging, and production

• controlled deployment pipelines

• peer review and change management

• monitored infrastructure and alerting

• key and credential rotation policies

• incident response playbooks

• reconciliation and exception handling procedures

These controls are supported by BASIS's certified management systems for information security and IT service management. In practice, this means security and service operations are governed through documented controls, repeatable processes, and auditable oversight aligned with ISO/IEC 27001:2022 and ISO/IEC 20000-1:2018. The ISO/IEC 27001:2022 certification for BASIS DIGITAL INFRASTRUCTURE LTD is publicly verifiable under certificate number SC62455E.

BASIS also uses deterministic operational parameters so user-facing asset behavior is predictable and not manually repriced on a case-by-case basis.

Fixed pools add another safety boundary. Positions cannot be exited before maturity, which prevents unsupported state changes during the lock period.

4) Third-party security

BASIS depends on external infrastructure for parts of settlement and execution, including:

• liquidity venues and exchanges

• public blockchain networks

• wallet providers for supported chains

• token issuers and settlement rails, including PAXG infrastructure

• market data and routing dependencies

Third-party risk controls include:

• venue risk scoring

• exposure limits

• fragmented liquidity sourcing

• monitored routing quality

• network health checks

• explicit stop conditions when settlement or market quality falls below policy thresholds

Security on BASIS does not assume that third parties are always healthy. It assumes that dependencies can degrade and that system behavior must remain bounded when they do.

5) What security cannot guarantee

Security architecture lowers the probability of certain failures. It does not eliminate:

• exchange insolvency or counterparty failure

• blockchain congestion, halts, or reorgs

• market dislocations and liquidity gaps

• external issuer or settlement risk, including PAXG-related dependencies

• reference pricing deviations in external markets, including USDT as a display benchmark

The practical objective is resilience, not invulnerability.

BASIS combines deterministic execution, math constraints, explicit stop logic, state machine risk controls, and internationally certified security and service management practices to keep failure modes bounded and observable.

Next: read Audits & Responsible Disclosure.