BitLendingClub development and security practices

I know that people are concerned about their funds right now and the last thing they want to hear is how great BLC is. However, we know that these questions will be asked any minute now, so I figured I’d let everybody know how we do things here ahead of time.

Due to the recent events at BTCJam, namely reports of user’s wallets showing balances of 0, we wanted to make sure that we reassure our customers here at BitLendingClub ( about the procedures we take to reduce the number of bugs and their severity:

1. We do not push any code to production directly.
2. Our developers unit test their code.
3. We have a QA environment on which all of our code gets tested by our QA staff.
4. We have a UAT (User Acceptance Testing) environment which is used for testing by a select group of users.
5. After the software passes all 3 steps of testing (Unit, QA and UAT), we then push it out to production.

This minimizes the number and the severity of bugs which can occur on our system. When it comes to your funds:

1. We have implemented a cold storage solution which holds 95% of the funds.
2. The hot wallet is encrypted, backed up daily and hosted on a server separate from our web server.
3. The server hosting the hot wallet is limited to accept connections only from our web server.
4. All of our servers are protected by Incapsula.
5. We are hosted the AWS Elastic Compute Cloud (EC2).
6. We process all of the withdrawal requests manually, so there is no chance unauthorized withdrawals.

Two factor authentication will be enabled within the next 24 hours. Your safety and security are our top priority!
Best Regards,
Kiril Gantchev
CEO of BitLendingClub

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s