Custodial vs Non-Custodial - Our Model

This is a question that deserves a direct answer rather than a marketing-softened version of it.

The architecture goal is non-custodial. The practical reality of building this incrementally means the path there has stages. Here is exactly where we are and where we are going.

What non-custodial means: Private keys never leave the user's device. Every transaction the user signs locally. Papillae never has the ability to move funds without an active user signature. The user is always in control.

What custodial means: The service holds private keys on behalf of the user. The service can move funds without a user being present. The user trusts the service.

Where Papillae is today: We generate wallets server-side for users who do not bring their own. The private key is encrypted with AES-256 using a key derived from user authentication credentials and stored with separation between the key store and application layer. We never store unencrypted keys. We never hold keys in memory longer than a single transaction signing operation - decrypt, sign, broadcast, wipe. By technical definition this is custodial.

We are transparent about this because we think users deserve to know.

Where Papillae is going: The target architecture is session keys with account abstraction - ERC-4337 on EVM chains. The user holds the keys to their smart contract wallet. They delegate limited signing authority to Papillae within user-defined boundaries. Within those boundaries execution is autonomous. Outside them it requires explicit user signature. Papillae has delegated authority, not ownership. This is the architecture that gives AI agents autonomous payment capability without requiring custody.

For users who bring their own wallet: Connect via WalletConnect. You sign every transaction yourself. Papillae never touches your keys. This is fully non-custodial today, with the trade-off that the AI agent cannot execute autonomously - it requires your signature for each payment.