Some users have sent us excellent security recommendations during OPEN BETA, and we will definitely take them into account either in upcoming updates or in future releases after the project goes live. To be clear: we can't implement every suggestion right now, otherwise the project would remain stuck in Beta and could be improved endlessly. However, we will address the most critical issues before launch.

Yesterday, my teammate and I discussed what would happen if bad actors somehow gained access to a user's account: The worst-case scenario is that they could cancel the user's active Exchange Offers but the funds from those canceled trades would still be returned to the account owner's wallet. That's because the return address cannot be changed once an Exchange Offer is created.

They could also attempt to withdraw accumulated BRGX internal tokens but withdrawals require 2FA. Without 2FA enabled, withdrawal is impossible. Even if attackers change the email address, the 2FA remains linked to the account and cannot be removed. So please remember to back up your 2FA codes.

As you can see, even though we aren't security specialists, we have still implemented a protective mechanism.