# Security considerations

{% hint style="info" %}
Another key challenge is the use of smart contract approvals and APIs to execute transactions (which is expected to occur in a future iteration of Unified).
{% endhint %}

In its initial iteration, Unified functions as purely **read-only**.  This minimizes security risks to users.  For avoidance of doubt, this means:

* **No smart contract approvals** are required to execute balance transfers on user wallets.
* Exchange APIs are **view-only**.

In its future iteration, the following security measures will be taken:

* The front-end of the platform will be safeguarded to prevent instances such as that of the [BadgerDao hack](https://rekt.news/badger-rekt/).
* 2FA implementation to access user accounts on the platform, so as to add an extra layer of security when exchange APIs that enable transactions are implemented.
* Limits on account activity, monitored by algorithms and bots, will flag and lock out suspicious account activity.
* Smart contract approvals will never be for infinite approvals, unless with the express choice of the user.