Skip to main content
Halliday provides a non-custodial blockchain payment network, which is immutable and completely verifiable onchain.

Non-Custodial by Design

Halliday is fully non-custodial. It does not custody, possess, or control user funds at any point in the flow. Moreover, Halliday never serves as a counterparty to the user - meaning, the user retains full legal ownership and technical control over their funds.
  • No private keys. Halliday never takes possession of, generates, or stores user private keys or seed phrases.
  • No custody, no commingling. User assets are never deposited into, pooled in, or held by Halliday-controlled accounts or wallets.
  • No unilateral control. Halliday cannot initiate, pause, reverse, freeze, seize, or recover user transactions or funds. It cannot move assets without a user’s own signed authorization.
  • User-directed execution. Transactions are initiated and authorized by the user from their own wallet or account. Halliday’s system cryptographically orchestrates the user’s stated intent.
Because users connect their own wallet and authorize every transaction, they remain in complete control of their assets.

Compliance Program

Sanctions and Illicit Finance Screening

Halliday partners with TRM Labs to support sanctions and illicit finance screening. This includes screening against applicable sanctions lists (including the U.S. Treasury Department’s OFAC Specially Designated Nationals list), illicit finance activity, wallet-level risk assessments, and the restriction of access from prohibited jurisdictions.

Identity Verification (KYC / AML)

Identity verification and anti-money-laundering checks tied to fiat onramp and centralized exchange activity are performed by third-party onramp and centralized exchange providers, subject to their own regulatory obligations. Halliday integrates only with providers that maintain their own compliance programs appropriate to the services they provide.

Data Privacy

Halliday handles personal data in accordance with applicable privacy laws and its published Privacy Policy, applying data-minimization principles and limiting the collection of personal information to what is necessary to provide its services. For details on what data is collected and how it is used, see the Privacy Policy.

Security

Halliday maintains security practices across its smart contracts, application infrastructure, internal operations, and third-party integrations.

Smart Contract Audits

Halliday’s smart contract infrastructure has been independently reviewed by leading security firms, including ChainSecurity, Zellic, and Halborn. Audit findings are reviewed, prioritized, and remediated before production deployment.

Access Controls and Operational Security

Halliday maintains internal controls designed to restrict access to production systems, administrative permissions, and sensitive operational workflows. Access is limited based on role, business need, and security requirements.

Monitoring and Incident Response

Halliday monitors its systems and integrations for reliability, security, and abnormal activity. Halliday’s internal Engineering team will investigate, escalate, and respond to potential security events.

Third-Party Provider Security

Halliday integrates with third-party providers for services such as onramping, exchange connectivity, bridging, blockchain analytics, and infrastructure. These providers remain responsible for the security and compliance of the services they operate. Halliday evaluates providers based on their role in the transaction flow and the sensitivity of the services they provide.

Responsible Disclosure

Security issues may be reported to Halliday through its designated security contact [email protected]. Halliday reviews reported vulnerabilities and takes appropriate steps to investigate and remediate confirmed issues.

Learn More

For more information, see the Privacy Policy and Terms of Use.