Non Custodial

Custody model

“Who actually controls my money?” is the most important question in any financial app. Zepay is designed so that:

• Funds are never pooled in a Zepay‑owned wallet.

• Core contracts do not have admin backdoors to drain user funds.

• You can recover funds even if Zepay and Privy go offline.

Privy as non‑custodial key manager

When you sign up with email, Privy creates an embedded EOA wallet for you. This EOA:

• Is the owner of your SmartAccount.

• Signs meta‑transactions used by Zepay.

• Can be exported as a standard private key.

Zepay never sees your private key. Privy does not “own” your funds either – it only helps you manage the key. You are encouraged to:

1. Open Zepay settings and use the Export / recovery key option.

2. Copy your Privy EOA private key from the Privy box.

3. Store it securely (password manager, hardware wallet, secure notes, etc.).

Once you have this key, you are independent of both Zepay and Privy.

Where funds actually live

At any point, your funds are in one of three places:

• Your SmartAccount Holds your spendable USDC balance and owns your vault. Controlled by your Privy EOA.

• Your PersonalVault Holds your earning USDC balance. Owned by your SmartAccount.

• Aave v3 on Sonic When you earn, USDC is supplied to Aave via AaveYieldProvider, and you accrue yield through Aave’s aUSDC.

Zepay’s contracts and backend never take your USDC into a centralised, off‑chain account. The relayer pays gas and forwards signed meta‑transactions, but cannot move funds without a valid signature from your EOA.