Non-custodial wallet tracking
Public addresses can support portfolio information without giving AssetFable a seed phrase or private key. Connecting or signing through a wallet does not make AssetFable the custodian of its assets.
Security and privacy
A portfolio tracker processes sensitive relationships even when much of the underlying blockchain data is public. AssetFable separates visibility from custody: the app does not hold customer funds, possess private keys, control wallets, or reverse a blockchain transaction that you approve elsewhere.
Exchange connections are intended for read-only API credentials only. The documented architecture stores them in encrypted form through Supabase Vault or server-side security mechanisms. Security remains a shared responsibility: you must review permissions, protect accounts, and revoke credentials at their source when they are no longer trusted or needed.
The model reduces required permissions and states which risks cannot be removed by a portfolio interface.
Public addresses can support portfolio information without giving AssetFable a seed phrase or private key. Connecting or signing through a wallet does not make AssetFable the custodian of its assets.
API keys must only be able to view data. AssetFable does not request trading, transfer, or withdrawal permissions and does not execute exchange transactions. An overprivileged key should never be entered.
Exchange credentials are encrypted and processed through documented server-side controls. Session, security, and audit events may support operation, abuse prevention, and troubleshooting.
AssetFable does not sell personal data to data brokers. At the documented date, the public website does not use third-party marketing analytics or cross-site advertising cookies; future changes must be reflected in privacy information and consent where required.
Treat each wallet, exchange, or third-party flow as an intentional authorization.
Make sure you are using the official AssetFable website or app. Never enter a seed phrase, private key, or recovery code. Review the network, message, and destination before approving a wallet signature.
Create a separate read-only exchange key and disable trading, transfers, and withdrawals. Enable the security controls available on your accounts and do not reuse credentials across services.
Monitor sync and security state, remove old wallet associations, and disconnect exchanges that are no longer needed. Revoke API keys with the provider as well and use the available account and deletion controls.
Minimum access can limit impact but cannot eliminate phishing, compromised devices, provider outages, or public-blockchain risks.
Deleting data from AssetFable removes internal records under the documented process. Public blockchain entries, app-store records, payment logs, and third-party data remain subject to their own systems.
No. AssetFable does not need seed phrases, private keys, or wallet recovery data. Anyone requesting them in AssetFable's name should be treated as a security threat.
No. AssetFable can delete account records and internal wallet associations under its process, but it cannot remove public transactions, addresses, or NFT ownership from a blockchain.
The documented privacy policy states that AssetFable does not sell personal data to data brokers and currently does not use third-party marketing analytics or cross-site advertising cookies on the public website. The current policy remains authoritative.
Read the privacy details and connect wallets or exchanges only with the minimum permissions required.