StellarVanity.com will be your one stop shop for purchasing vanity public keys for your personal or business use. We've fully built out an automated checkout and payment verification system to handle the rapid delivery of your vanity keypairs.
Our team has put a lot of thought into the security surrounding this project. The core site holds no private information: only the public keys generated. Private keys are stored two way encrypted on a tertiary server which is closed to the internet. The only way to retrieve private keys is via an OAuth API call. This call first performs validation and payment verification of the keypair requested prior to returning it to the user. Purchased keys are wiped on user request via a button (with 100x 0 padded overwrites) or within 24 hours of purchase. All servers will be running anti-virus, IDS, fail2ban, and a firewall with restricted access to a single whitelisted IP address. Root SSH and password SSH will both be disabled. Precautions have been taken to optimize sysctl for enhanced security.
We'd be happy to hear any further thoughts you may have on security.
Site will launch prior to March 15th including a testnet version and instructions for you to play with.
