Skip to main content

Account Security

Authentication Methods

Sprout uses Privy for secure authentication, offering multiple login options:

Email Login

  • Email-based authentication with secure verification
  • Privy creates an embedded wallet for you
  • No seed phrase management required
  • Protected by your email security + optional 2FA

Social Login

  • Apple: Sign in with Apple ID
  • Google: Sign in with Google account
  • Privy creates an embedded wallet
  • Leverages existing account security

Wallet Connection

  • Connect any Base-compatible wallet
  • Full self-custody maintained
  • You control your private keys
  • All Base wallets supported via Privy adapter

Two-Factor Authentication (2FA)

Enable 2FA for additional account protection.
How to Enable 2FA:
  1. Navigate to SettingsSecurity
  2. Select Enable 2FA
  3. Choose your method:
    • Authenticator app (Google Authenticator, Authy)
    • SMS (if available)
  4. Follow setup instructions
  5. Save backup codes in a secure location
Why 2FA Matters:
  • Prevents unauthorized access even if password is compromised
  • Required for high-value withdrawals (optional setting)
  • Industry-standard security practice

Fund Security

Smart Contract Security

Multi-Layer Protection:
  1. Protocol Audits: Only integrate protocols with multiple audits from reputable firms
  2. Code Review: Internal security review before integration
  3. Gradual Rollout: Start with small allocations, increase as confidence grows
  4. Bug Bounties: Many protocols have active bug bounty programs

Risk Management

Diversification:
  • Never allocate >30% to any single protocol
  • Spread across multiple chains
  • Mix of protocol types (lending, LP, delta-neutral)
Continuous Monitoring:
  • Real-time on-chain surveillance
  • Automated risk alerts
  • Daily liquidity checks
  • Smart contract health monitoring
Emergency Response:
  • Immediate rebalancing if risks detected
  • Emergency withdrawal capabilities
  • Communication plan for incidents
  • Post-mortem analysis and improvements

Insurance Options

Current Status: We’re exploring insurance options. In Progress:
  • Discussions with DeFi insurance providers
  • Researching best practices from traditional finance
Updates: Will be announced as plans are finalized.

Best Practices for Users

Protect Your Account

Do

  • Enable 2FA immediately
  • Use a strong, unique password
  • Keep your email account secure
  • Verify you’re on the official Sprout domain
  • Log out on shared devices
  • Review account activity regularly

Don't

  • Share your login credentials
  • Use the same password as other services
  • Click suspicious links claiming to be Sprout
  • Disable security features for convenience
  • Ignore security notifications

Protect Your Funds

Do

  • Start with small deposits to test the platform
  • Review all transaction details before approving
  • Monitor your balance regularly via transparency dashboard
  • Report suspicious activity immediately

Don't

  • Deposit funds you can’t afford to lose
  • Ignore risk warnings
  • Approve transactions you don’t understand
  • Share your screen during transactions