Release 2025-08-31

August 31, 2025

This release focuses on compliance, security hardening, performance, and resilience improvements across custody services. The items below intentionally avoid exposing internal designs, vendor names, firmware requirements, or implementation specifics while communicating customer‑relevant outcomes.

Platform Resilience & Security

Routine security updates and control tuning across core services.

Dependency hygiene and audit‑driven remediation's across the platform.

Benefit: Reinforces our custody‑grade security baseline and operational stability.

Compliance & Governance

Foundational support for compliance workflows across custody components.

Enhancements to AML‑related review processes and reporting readiness.

Benefit: Streamlines compliance operations and reduces manual effort.

Mobile Experience

Performance and responsiveness improvements across key mobile flows.

Refined session and authentication handling for improved reliability.

Benefit: Provides a smoother mobile experience while maintaining security integrity.

Signing & Policy Services

Enforced encrypted channels for inter‑service communication.

Aligned policy validation across sensitive import and key‑related workflows.

Benefit: Strengthens cryptographic controls and standardises sensitive operations.

Blockchain Indexing & Throughput

Scaled indexing capacity to handle higher on‑chain activity during periods of network congestion.

Stability and throughput improvements during spikes in block size and transaction volume.

Benefit: Ensures reliable indexing and transaction visibility under heavy load conditions.

No customer action is required for this release. For questions, please contact Support.

Release 2025-07-31

July 31, 2025

This release focuses on security, reliability, and developer‑experience improvements across the custody platform. The items below are intentionally written to avoid exposing internal designs, vendor names, or implementation details while still describing customer‑relevant outcomes.

Platform Resilience & Security

Ongoing maintenance and remediation as part of our secure development lifecycle

Routine dependency updates and configuration tuning

Incremental improvements informed by internal and external reviews

Benefit: Reinforces our security baseline and keeps our controls aligned with industry expectations.

Error Handling & Transparency

Clearer, more consistent responses for transaction status and failure scenarios

Additional telemetry for issues that are not automatically retried

Aligned behaviour across APIs to standardise how errors are reported

Benefit: Improves troubleshooting clarity and reduces integration effort.

Vault & Key Management Enhancements

Improved transaction descriptions for supported assets

Expanded request feedback to surface actionable information where appropriate

Additional safeguards and audit controls in recovery workflows

Benefit: Increases end‑user clarity, improves operational resilience, and supports secure key lifecycle management.

Infrastructure Optimisation

Simplified network architecture and routing to improve efficiency

Hardened private integration paths used by background services

Broader monitoring and alerting coverage across core components

Benefit: Enhances reliability and reduces operational overhead.

API & SDK Improvements

More consistent API responses for transaction queries

SDK updates that reduce footprint and improve maintainability

Benefit: Simplifies the developer experience and speeds up integrations.

Governance & Access

Routine refresh of cryptographic controls

Role definitions reviewed to reinforce least‑privilege access

Enhanced visibility into the status of vulnerability remediation

Benefit: Strengthens overall security posture and operational governance.

No customer action is required for this release. For questions, please contact Support.

Release 2025-06-30

June 30, 2025

This release focuses on expanding compliance capabilities, strengthening audit readiness, and optimizing network infrastructure across our custody ecosystem.

Security & Performance Improvements

We applied several backend security patches in line with our CVE patching policies:

Updated Go stdlib dependencies across multiple services

Upgraded internal infrastructure libraries

Increased memory allocations for critical lambdas

Benefit: Improves runtime resilience and keeps services aligned with our internal security guidelines.

Compliance Engine Enhancements

Enhancements to the anti-money-laundering (AML) layer improve transaction monitoring fidelity:

Compliance checks now reference organisation.product for more granular enforcement via third-party compliance providers

Fixed case-sensitive asset matching in Travel Rule provider integration

Extended chain ID mapping to support additional networks

Benefit: Increases precision of compliance workflows across supported chains and products.

Custody Chain Service Hardening

Post-audit remediation's were applied across multiple chain services:

pbkdf2 CVE resolution

Dependency upgrades

Infrastructure interface corrections

Benefit: Aligns on-chain connectors with current audit requirements and ensures predictable node integration.

Network Infrastructure Optimization

Refinements to internal networking components:

Decommissioned unused NAT gateways and staging subnets

Added direct endpoints for ECR services

Removed legacy private endpoint

Benefit: Reduces internal network complexity and improves routing efficiency for key components.

API Documentation Redirect

We have consolidated custody developer documentation under the Bitpanda TechSolutions portal:

Redirected developer.bitpandacustody.com to techsolutions.bitpanda.com/custody

New routing is managed via CloudFront and backed by an S3 origin (as fallback)

Benefit: Streamlines access to up-to-date documentation under a unified platform portal.

Release 2025-05-31

May 31, 2025

This release brings continued improvements across chain services, custody governance, and security posture. Our updates focus on secure seed management, dynamic transaction handling, and refined access controls across the custody infrastructure.

Chain Service Security & Performance Updates

We have applied updates to multiple chain services in line with our patching guidelines to address critical security vulnerabilities in Go stdlib and supporting dependencies. These updates also include performance tuning improvements.

Memory configuration improvements for runtime components

Standardized dependency updates across chain services

Ongoing adherence to CVE patching policies

Dynamic Transaction Fee Handling

We improved our transaction tip calculation logic for EVM-based networks. Tip values are now dynamically fetched using eth_maxPriorityFeePerGas, ensuring compatibility across chains with different baseline fee requirements.

Resolves static tip issues on high-minimum-tip networks

Verified compatibility with EIP-1559 and non-EIP-1559 chains

Increases reliability and predictability of transaction inclusion

Seed Export Capability (Custody)

We have introduced secure export functionality for wallet seeds via TrustVault:

Export actions are gated by PCR (Policy Change Request) to enforce access controls.

Co-signing support is enabled via TCSS for multi-approver validation.

All exports are encrypted and auditable to support operational integrity.

This enables secure migration, recovery, or custodial transitions in line with governance protocols.

Webhook and Notification Enhancements

Webhook delivery systems were optimized to improve reliability and responsiveness:

Webhooks now execute in parallel with a 30-second max per call

Global timeout extended to 60 seconds

New subscription type added to support seed export notifications

Role and Access Management Updates

Internal access policies were refined to enhance operational governance:

Escalation flows updated for developer and admin access levels

Co-signing requirements expanded for sensitive operational actions

Infrastructure & Compliance Controls

We transitioned to AWS WAFv2 for improved edge protection and consistency:

Region-based rate-limiting updated in line with AWS standards

IP-level blocking aligned with compliance jurisdiction restrictions

Additional hardening applied for common web-layer vulnerabilities

Changelog

Release 2025-08-31#

Platform Resilience & Security#

Compliance & Governance#

Mobile Experience#

Signing & Policy Services#

Blockchain Indexing & Throughput#

Release 2025-07-31#

Platform Resilience & Security#

Error Handling & Transparency#

Vault & Key Management Enhancements#

Infrastructure Optimisation#

API & SDK Improvements#

Governance & Access#

Release 2025-06-30#

Security & Performance Improvements#

Compliance Engine Enhancements#

Custody Chain Service Hardening#

Network Infrastructure Optimization#

API Documentation Redirect#

Release 2025-05-31#

Chain Service Security & Performance Updates#

Dynamic Transaction Fee Handling#

Seed Export Capability (Custody)#

Webhook and Notification Enhancements#

Role and Access Management Updates#

Infrastructure & Compliance Controls#

Release 2025-08-31

Platform Resilience & Security

Compliance & Governance

Mobile Experience

Signing & Policy Services

Blockchain Indexing & Throughput

Release 2025-07-31

Platform Resilience & Security

Error Handling & Transparency

Vault & Key Management Enhancements

Infrastructure Optimisation

API & SDK Improvements

Governance & Access

Release 2025-06-30

Security & Performance Improvements

Compliance Engine Enhancements

Custody Chain Service Hardening

Network Infrastructure Optimization

API Documentation Redirect

Release 2025-05-31

Chain Service Security & Performance Updates

Dynamic Transaction Fee Handling

Seed Export Capability (Custody)

Webhook and Notification Enhancements

Role and Access Management Updates

Infrastructure & Compliance Controls