Client Security

The Taurox client application (the wallet interface and protocol dashboard) implements multiple security layers to protect users from infrastructure attacks, content tampering, and unauthorized modifications.

DDoS Protection

The protocol's client infrastructure uses cloud-based DDoS mitigation services that continuously monitor incoming traffic and filter out malicious requests. This ensures that the wallet interface and protocol dashboards remain accessible during traffic spikes or targeted denial-of-service attacks.

Domain Integrity

The protocol implements DNSSEC (Domain Name System Security Extensions) to validate DNS responses and prevent domain spoofing. DNSSEC ensures that users connecting to the Taurox interface are directed to the authentic server rather than a malicious impersonation. DNS configurations are monitored continuously for unauthorized changes.

Decentralized Frontend Deployment

Each build of the client application is deployed to IPFS (InterPlanetary File System) for decentralized, tamper-evident hosting. Builds are tracked using DNSLink standards, which map domain names to specific IPFS content hashes. Each deployment produces a unique content identifier that can be independently verified.

This approach ensures that the client application served to users matches the published build. Any modification to the deployed code would produce a different content hash, making tampering immediately detectable.

Intrusion Detection

Real-time traffic analysis systems monitor the protocol's infrastructure for suspicious activity patterns. These systems identify and respond to anomalous behavior such as unusual request volumes, unexpected access patterns, or attempts to probe infrastructure endpoints, reducing the risk of unauthorized access.

Code Integrity

The client application enforces Content Security Policy (CSP) headers and Subresource Integrity (SRI) checks. CSP restricts which scripts, styles, and resources the application can load, preventing injection of unauthorized code. SRI validates the cryptographic hash of each static resource before execution, ensuring that only approved scripts run within the interface.

Together, these measures prevent attackers from modifying the client application's behavior through code injection, supply chain attacks, or compromised content delivery networks.