[{"data":1,"prerenderedAt":293},["ShallowReactive",2],{"navLinks":3,"sidebar_docs_navigation_\u002Flegal\u002Fsecurity":34,"navigation":35,"navLinks_footer":62,"legal":71},{"id":4,"extension":5,"links":6,"meta":31,"stem":32,"__hash__":33},"navigationMenu\u002Fnavigation.json","json",[7,12,16,27],{"label":8,"to":9,"icon":10,"nested":11},"Home","\u002F","lucide:home",false,{"label":13,"to":14,"icon":15,"nested":11},"Download","\u002Fdownload","lucide:download",{"label":17,"to":18,"icon":19,"nested":20,"children":21},"Docs","\u002Fdocs","lucide:book-open",true,[22],{"label":23,"to":24,"description":25,"icon":26},"Getting Started","\u002Fdocs\u002F1.getting-started\u002F1.installation","Learn how to install and setup Solana Bots","lucide:rocket",{"label":28,"to":29,"icon":30,"nested":11},"Blog","\u002Fblog","lucide:newspaper",{},"navigation","tGOfc_R5xOM23Qtc69n19qKGpA3iSm6KFFL6thT32bs",[],[36],{"title":17,"path":18,"stem":37,"children":38},"docs",[39,42,46,50,54,58],{"title":40,"path":18,"stem":41},"Introduction","docs\u002Findex",{"title":43,"path":44,"stem":45},"Installation","\u002Fdocs\u002Finstallation","docs\u002F01.installation",{"title":47,"path":48,"stem":49},"Configuration","\u002Fdocs\u002Fconfiguration","docs\u002F02.configuration",{"title":51,"path":52,"stem":53},"Desktop App","\u002Fdocs\u002Fapp","docs\u002F03.app",{"title":55,"path":56,"stem":57},"CLI","\u002Fdocs\u002Fcli","docs\u002F04.cli",{"title":59,"path":60,"stem":61},"FAQ's","\u002Fdocs\u002Ffaq","docs\u002F05.faq",{"id":4,"extension":5,"links":63,"meta":70,"stem":32,"__hash__":33},[64,65,66,69],{"label":8,"to":9,"icon":10,"nested":11},{"label":13,"to":14,"icon":15,"nested":11},{"label":17,"to":18,"icon":19,"nested":20,"children":67},[68],{"label":23,"to":24,"description":25,"icon":26},{"label":28,"to":29,"icon":30,"nested":11},{},{"id":72,"title":73,"body":74,"date":284,"description":285,"extension":286,"meta":287,"navigation":20,"path":288,"seo":289,"stem":290,"type":291,"__hash__":292},"legal\u002Flegal\u002Fsecurity.md","Security",{"type":75,"value":76,"toc":275},"minimark",[77,81,95,100,103,115,144,151,154,157,161,168,173,192,199,202,204,208,215,225,232,238,240,244,247,250,253,255,259,262,265,268,271],[78,79,80],"p",{},"This document details the local process isolation, storage, and cryptographic configurations used to secure wallets, private keys, and transactions.",[82,83,84],"note",{},[78,85,86,87,94],{},"If you discover a security vulnerability within Solana Bots, please contact me directly at this ",[88,89,93],"a",{"href":90,"rel":91},"https:\u002F\u002Friavzon.com\u002Fcontact",[92],"nofollow","link",".",[96,97,99],"h2",{"id":98},"process-isolation","Process Isolation",[78,101,102],{},"The app runs on Electron, and the user interface is completely isolated from the main system operations.",[78,104,105,106,110,111,114],{},"When you use the app, the UI runs in a sandbox (",[107,108,109],"code",{},"nodeIntegration: false"," and ",[107,112,113],{},"contextIsolation: true","). This means it can't directly access native system APIs. There is also a strict Content Security Policy (CSP) that blocks unauthorized scripts or connections:",[116,117,122],"pre",{"className":118,"code":119,"language":120,"meta":121,"style":121},"language-js shiki shiki-themes light-plus light-plus dracula","default-src 'self' 'unsafe-inline' data:;\nscript-src 'self' 'unsafe-eval' 'unsafe-inline' http:\u002F\u002Flocalhost:5173;\nconnect-src 'self' https:\u002F\u002Fapi.iconify.design https:\u002F\u002Fapi.simplesvg.com https:\u002F\u002Fapi.unisvg.com ws:\u002F\u002Flocalhost:5173 http:\u002F\u002Flocalhost:5173;\n","js","",[107,123,124,132,138],{"__ignoreMap":121},[125,126,129],"span",{"class":127,"line":128},"line",1,[125,130,131],{},"default-src 'self' 'unsafe-inline' data:;\n",[125,133,135],{"class":127,"line":134},2,[125,136,137],{},"script-src 'self' 'unsafe-eval' 'unsafe-inline' http:\u002F\u002Flocalhost:5173;\n",[125,139,141],{"class":127,"line":140},3,[125,142,143],{},"connect-src 'self' https:\u002F\u002Fapi.iconify.design https:\u002F\u002Fapi.simplesvg.com https:\u002F\u002Fapi.unisvg.com ws:\u002F\u002Flocalhost:5173 http:\u002F\u002Flocalhost:5173;\n",[78,145,146,147,150],{},"To talk to the backend, the UI uses specific, safe functions exposed in ",[107,148,149],{},"preload.ts",". It doesn't have raw access to the underlying IPC tools.",[78,152,153],{},"When the app does heavy lifting like generating wallets, encrypting data, or running database queries, it uses a separate background process. The main app talks to this background worker using random IDs to ensure every request is matched securely. This keeps all the sensitive work completely separate from the UI you interact with.",[155,156],"hr",{},[96,158,160],{"id":159},"password-cryptography","Password & Cryptography",[78,162,163,164,167],{},"The application secures credentials using OS-level storage and symmetric encryption, the master password you enter when first opening the app, used to encrypt and decrypt your wallets and api keys.\nWhen running the ui, you prompted to enter your password. In the time the app runs your password is stored encrypted via Electron's native ",[107,165,166],{},"safeStorage"," API using native credential managers of your os in a local variable as a base64 string, which is cleaned when the app\u002Fwindow is closed.",[169,170,172],"h3",{"id":171},"key-derivation","Key Derivation",[78,174,175,176,180,181,184,185,184,188,191],{},"This password is used with ",[177,178,179],"strong",{},"Scrypt"," with the following parameters: ",[107,182,183],{},"N = 16384",", ",[107,186,187],{},"r = 8",[107,189,190],{},"p = 1",", to get a 32-byte key, with a random salt of\n32-byte.",[78,193,194,195,198],{},"All wallets, private keys, and API keys, are encrypted using ",[177,196,197],{},"AES-256-GCM"," with the key generated with the mechanism described above.",[78,200,201],{},"When you make or request a sensitive data, your password (if using the ui) gets decrypted on demand, and sended upstream to get wallets or to perform a sensitive action buy\u002Fsell etc.",[155,203],{},[96,205,207],{"id":206},"database-storage","Database Storage",[78,209,210,211,214],{},"All your data is stored locally on your computer in a SQLite database (",[107,212,213],{},"wallets.db","), keeping it completely offline and out of the cloud.",[78,216,217,218,221,222,94],{},"If you are on Windows, you can find the file in ",[107,219,220],{},"%APPDATA%\u002FSolanaBot",". On macOS or Linux, it's located in ",[107,223,224],{},"~\u002F.solana-bot",[78,226,227,228,231],{},"The app uses standard configurations (",[107,229,230],{},"WAL"," journal mode) to make sure your data is saved quickly and doesn't get corrupted if your computer loses power. When you start the app, any necessary database updates run automatically in the isolated background process.",[233,234,235],"warning",{},[78,236,237],{},"Deleting or losing this file while you still have funds in your sub-wallets will result in losing them permanently.",[155,239],{},[96,241,243],{"id":242},"blockchain-operations","Blockchain Operations",[78,245,246],{},"When you make a trade, everything is built and signed locally on your machine.",[78,248,249],{},"Your private keys are only decrypted in memory at the exact second they are needed to sign a transaction. They are never written to any temporary files or logs. The app converts them into Solana keypairs in the background, signs the transaction, and only sends the signed result over the network.",[78,251,252],{},"The app uses a primary wallet to fund your trading activities, separating it from the sub-wallets used by the bot. You can use built-in tools to easily distribute SOL to your sub-wallets or drain funds back to your main wallet when you are done.",[155,254],{},[96,256,258],{"id":257},"limitations","Limitations",[78,260,261],{},"Since the app runs entirely on your own machine and there are no central servers, keeping your computer secure is up to you.",[78,263,264],{},"There is no \"forgot password\" button. If you lose your master password, you lose access to your local database and the funds in your sub-wallets permanently.",[78,266,267],{},"The app uses the RPC endpoints and API keys you provide. Make sure you use a trusted RPC provider, since a compromised node could log your transaction requests or return fake data.",[78,269,270],{},"Local encryption protects your files, but it can't stop malware or keyloggers on your computer from stealing your password while you type it. Keep your machine free of viruses, and don't share your database file or password with anyone.",[272,273,274],"style",{},"html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":121,"searchDepth":134,"depth":134,"links":276},[277,278,281,282,283],{"id":98,"depth":134,"text":99},{"id":159,"depth":134,"text":160,"children":279},[280],{"id":171,"depth":140,"text":172},{"id":206,"depth":134,"text":207},{"id":242,"depth":134,"text":243},{"id":257,"depth":134,"text":258},"2026-05-25","Learn about how the system secures your data.","md",{},"\u002Flegal\u002Fsecurity",{"title":73,"description":285},"legal\u002Fsecurity","security","BBNiolQ4HrgCNYReD9wbFWT_OZLcoOjB_2_YZHPXrMw",1779720137755]