Frederick & Sons · Trust

Is this safe to route value through?

The honest answer: we're built so you don't have to take our word for it. Nothing here asks you to hand us your keys or your funds, everything ships with its proof attached, and where we haven't proven something yet, we say so. Here's what's true — and how to check it.

Custody

Non-custodial. We hold no keys and move no one's money. BYOC by design.

Audit

Adversarially audited before it ships. Security posture →

Provenance

Checkable proof — mutation-kill scores + signed attestations. See how it's built →

Status

Live health, in the open. Live status →

1 · We never custody your funds

This is structural, not a promise. Our tools produce unsigned instructions; you sign, broadcast, and custody with your own wallet. There is no vault, no omnibus account, no on/off-ramp touching your money. If a product needed us to hold customer funds to work, we'd redesign it or drop it — see the "what we don't do" list.

2 · Audited before it ships — and the proof is attached

Every payment and security-relevant path goes through adversarial review and independent audit passes before it goes live. Where a module has a published provenance card, the claim links to the artifact: mutation-kill scores (does the test suite actually catch broken behavior) and a signed wallet attestation. Read the full gauntlet on how it's built. Modules without a published card are labeled "audited; provenance card in progress" — we don't imply proof we haven't posted. Our cryptographic attestations are machine-callable and independently checkable at /.well-known/attestations.json — signed ed25519, verifiable against the XRPL checkout account's on-ledger key.

3 · We do our own security research

We actively hunt and responsibly disclose vulnerabilities in third-party protocols, and hold our own code to the same bar. To report an issue in ours, see Report a vulnerability or the machine-readable security.txt.

4 · The third parties we rely on

We're honest about our dependencies. The AI assistant sends your messages to a third-party large-language-model provider to generate replies (don't put secrets in chat). The site runs behind a standard CDN/proxy (Cloudflare) that sees request metadata. We use no third-party ad tracking and no advertising analytics. Full detail in the privacy policy.

5 · Downloads you can verify

The Preacher wallet installer publishes its SHA-256 next to the download so you can verify it before running, and we state plainly that it isn't code-signed yet (Windows will warn "unknown publisher"). We'd rather tell you than let you guess. Wallet →

6 · Verify the equity math yourself

Fifty50's equity splits aren't "trust us" numbers. Every finalized split is ed25519-signed, and each contribution's history is a tamper-evident hash chain — so you or your auditor can prove a split is authentic and its history unaltered, offline, without our database.

Check it yourself with our standalone verifiers — stdlib + cryptography, no Fifty50 install, nothing phoning home: verify a signed split → · verify an audit trail →. The fuller case for building this way: Verify, don’t trust →

7 · Honest about our stage

Frederick & Sons is early access and pre-revenue. We publish no customer logos, metrics or testimonials we don't have, and we keep an honest "known limitations" list rather than hiding what isn't done. If that costs us a sale, so be it — it's the point.

Still unsure? Email the founder directly — a human answers: [email protected]. Or read who's behind this.