diff --git a/.env.example b/.env.example
index 4122728f..8afeccb6 100644
--- a/.env.example
+++ b/.env.example
@@ -126,6 +126,9 @@ NEXT_PUBLIC_SENTRY_DSN=
 # Mock data mode (bypasses real API calls)
 NEXT_PUBLIC_USE_MOCK_DATA=false
 
+# Enable demo/ simulated transaction mode for development (bypasses real blockchain reads)
+NEXT_PUBLIC_DEMO_TX=false
+
 # Skip authentication for development
 NEXT_PUBLIC_SKIP_AUTH=false
 
@@ -142,6 +145,17 @@ RATE_LIMIT_MAX_REQUESTS=100
 # Maximum requests per wallet address per time window (default: 50)
 RATE_LIMIT_MAX_REQUESTS_PER_WALLET=50
 
+# -----------------------------------------------------------------------------
+# -----------------------------------------------------------------------------
+# Chainalysis Security API Configuration
+# -----------------------------------------------------------------------------
+# API key for Chainalysis address/transaction risk checks.
+# IMPORTANT: This is read server-side only. Never expose it to the browser.
+# CHAINALYSIS_API_KEY=your_chainalysis_api_key
+
+# Chainalysis API base URL (optional, uses default if not set)
+# CHAINALYSIS_API_URL=https://api.chainalysis.com/api/v2
+
 # -----------------------------------------------------------------------------
 # Secret Management (Production)
 # -----------------------------------------------------------------------------
diff --git a/src/app/api/security/address-check/route.ts b/src/app/api/security/address-check/route.ts
new file mode 100644
index 00000000..cf9eea9f
--- /dev/null
+++ b/src/app/api/security/address-check/route.ts
@@ -0,0 +1,48 @@
+import { NextRequest, NextResponse } from 'next/server';
+
+const CHAINALYSIS_API_KEY = process.env.CHAINALYSIS_API_KEY || '';
+const CHAINALYSIS_API_URL = process.env.CHAINALYSIS_API_URL || 'https://api.chainalysis.com/api/v2';
+
+export async function GET(request: NextRequest) {
+  const { searchParams } = new URL(request.url);
+  const address = searchParams.get('address')?.trim();
+
+  if (!address) {
+    return NextResponse.json({ error: 'Address parameter required' }, { status: 400 });
+  }
+
+  if (address.length < 10) {
+    return NextResponse.json({ error: 'Invalid address' }, { status: 400 });
+  }
+
+  if (!CHAINALYSIS_API_KEY) {
+    return NextResponse.json({
+      risk_score: 50,
+      risk_level: 'medium',
+      categories: ['unavailable'],
+      description: 'Chainalysis API key not configured on server',
+    });
+  }
+
+  try {
+    const response = await fetch(`${CHAINALYSIS_API_URL}/address/${address}`, {
+      headers: {
+        Authorization: `Bearer ${CHAINALYSIS_API_KEY}`,
+        'Content-Type': 'application/json',
+      },
+      signal: AbortSignal.timeout(10000),
+    });
+
+    if (!response.ok) {
+      throw new Error(`Chainalysis API returned ${response.status}`);
+    }
+
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    return NextResponse.json(
+      { error: 'Failed to check address risk', risk_score: 50, risk_level: 'medium' },
+      { status: 502 }
+    );
+  }
+}
diff --git a/src/components/MortgageCalculator.tsx b/src/components/MortgageCalculator.tsx
index 78e5c098..c1f1e3e5 100644
--- a/src/components/MortgageCalculator.tsx
+++ b/src/components/MortgageCalculator.tsx
@@ -82,11 +82,20 @@ export const MortgageCalculator: React.FC<MortgageCalculatorProps> = ({
       years: yearsLabel,
     });
 
+    let currentUrl = '';
+    try {
+      if (typeof window !== 'undefined') {
+        currentUrl = new URL(window.location.href).href;
+      }
+    } catch {
+      currentUrl = '';
+    }
+
     if (navigator.share) {
       navigator.share({
         title: t('mortgageCalculator.shareTitle'),
         text,
-        url: window.location.href,
+        url: currentUrl,
       }).catch((err) => logger.error('Mortgage calculation error:', err));
     } else {
       navigator.clipboard.writeText(text);
diff --git a/src/components/PropertyCard.tsx b/src/components/PropertyCard.tsx
index 555d41b6..5295ca42 100644
--- a/src/components/PropertyCard.tsx
+++ b/src/components/PropertyCard.tsx
@@ -36,19 +36,16 @@ export const PropertyCard: React.FC<PropertyCardProps> = ({
   const { addFavorite, removeFavorite, isFavorite } = useFavoritesStore();
 
   const handleAddToCart = (e: React.MouseEvent) => {
-    e.preventDefault();
     e.stopPropagation();
     addItem(property, 1);
   };
 
   const handleComparisonToggle = (e: React.MouseEvent) => {
-    e.preventDefault();
     e.stopPropagation();
     toggleProperty(property);
   };
 
   const handleCompareToggle = (e: React.MouseEvent<HTMLInputElement>) => {
-    e.preventDefault();
     e.stopPropagation();
     if (!compareLimitReached) {
       togglePropertyId(property.id);
@@ -56,7 +53,6 @@ export const PropertyCard: React.FC<PropertyCardProps> = ({
   };
 
   const handleToggleFavorite = (e: React.MouseEvent) => {
-    e.preventDefault();
     e.stopPropagation();
     if (isFavorite(property.id)) {
       removeFavorite(property.id);
@@ -66,12 +62,10 @@ export const PropertyCard: React.FC<PropertyCardProps> = ({
   };
 
   return (
-    <Link
-      href={`/properties/${property.id}`}
-      className={`group bg-white dark:bg-gray-800 rounded-xl shadow-md hover:shadow-xl transition-all duration-300 overflow-hidden ${
+    <article
+      className={`bg-white dark:bg-gray-800 rounded-xl shadow-md hover:shadow-xl transition-all duration-300 overflow-hidden ${
         isListView ? 'flex flex-row' : 'flex flex-col'
       }`}
-      aria-label={`View details for ${property.name}`}
     >
 {/* Image */}
         <div className={`relative overflow-hidden ${isListView ? 'w-64 flex-shrink-0' : 'w-full h-56'}`}>
@@ -188,9 +182,12 @@ export const PropertyCard: React.FC<PropertyCardProps> = ({
         </div>
 
         {/* Title */}
-        <h3 className="text-base sm:text-lg font-bold text-gray-900 dark:text-white mb-1 sm:mb-2 group-hover:text-blue-600 dark:group-hover:text-blue-400 transition-colors line-clamp-2">
+        <Link
+          href={`/properties/${property.id}`}
+          className="text-base sm:text-lg font-bold text-gray-900 dark:text-white mb-1 sm:mb-2 hover:text-blue-600 dark:hover:text-blue-400 transition-colors line-clamp-2"
+        >
           {property.name}
-        </h3>
+        </Link>
 
         {/* Location */}
         <div className="flex items-start gap-1 text-xs sm:text-sm text-gray-600 dark:text-gray-400 mb-2 sm:mb-3">
@@ -280,12 +277,16 @@ export const PropertyCard: React.FC<PropertyCardProps> = ({
               <Plus className="w-2 h-2 sm:w-3 sm:h-3" aria-hidden="true" />
               <span className="hidden sm:inline">Add to Cart</span>
             </button>
-            <button className="px-2 sm:px-4 py-1.5 sm:py-2 bg-blue-600 hover:bg-blue-700 text-white text-xs sm:text-sm font-medium rounded-lg transition-colors flex-shrink-0 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2" aria-label={`View details for ${property.name}`}>
+            <Link
+              href={`/properties/${property.id}`}
+              className="px-2 sm:px-4 py-1.5 sm:py-2 bg-blue-600 hover:bg-blue-700 text-white text-xs sm:text-sm font-medium rounded-lg transition-colors flex-shrink-0 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 inline-flex items-center justify-center"
+              aria-label={`View details for ${property.name}`}
+            >
               View
-            </button>
+            </Link>
           </div>
         </div>
       </div>
-    </Link>
+    </article>
   );
 };
diff --git a/src/components/ViewToggle.tsx b/src/components/ViewToggle.tsx
index 76d8ba2b..eca5eeff 100644
--- a/src/components/ViewToggle.tsx
+++ b/src/components/ViewToggle.tsx
@@ -95,16 +95,18 @@ export function ViewToggle({ mode, onChange }: ViewToggleProps) {
         onClick={() => safeChange("grid")}
         className={`px-3 py-1.5 flex items-center gap-1 ${mode === "grid" ? "bg-indigo-600 text-white" : "text-gray-600 hover:bg-gray-100"}`}
         aria-pressed={mode === "grid"}
+        aria-label="Grid view"
       >
-        <GridIcon /> Grid
+        <GridIcon /> <span>Grid</span>
       </button>
       <button
         type="button"
         onClick={() => safeChange("list")}
         className={`px-3 py-1.5 flex items-center gap-1 ${mode === "list" ? "bg-indigo-600 text-white" : "text-gray-600 hover:bg-gray-100"}`}
         aria-pressed={mode === "list"}
+        aria-label="List view"
       >
-        <ListIcon /> List
+        <ListIcon /> <span>List</span>
       </button>
     </div>
   );
diff --git a/src/components/__tests__/PropertyCard.a11y.test.tsx b/src/components/__tests__/PropertyCard.a11y.test.tsx
index a6b081ea..43a2cd1d 100644
--- a/src/components/__tests__/PropertyCard.a11y.test.tsx
+++ b/src/components/__tests__/PropertyCard.a11y.test.tsx
@@ -92,10 +92,12 @@ describe('PropertyCard Accessibility', () => {
     expect(results).toHaveNoViolations();
   });
 
-  it('should have accessible property link with proper aria-label', () => {
+  it('should have accessible property links with proper aria-labels', () => {
     render(<PropertyCard property={mockProperty} />);
-    const link = screen.getByRole('link');
-    expect(link).toHaveAttribute('aria-label', 'View details for Sunset Villa');
+    const links = screen.getAllByRole('link');
+    expect(links.length).toBeGreaterThanOrEqual(2);
+    const viewLink = screen.getByLabelText('View details for Sunset Villa');
+    expect(viewLink).toBeInTheDocument();
   });
 
   it('should have accessible image with descriptive alt text', () => {
diff --git a/src/components/property/ShareButton.tsx b/src/components/property/ShareButton.tsx
index d9eac2af..7235c81e 100644
--- a/src/components/property/ShareButton.tsx
+++ b/src/components/property/ShareButton.tsx
@@ -19,6 +19,13 @@ import {
   DialogTrigger,
 } from '@/components/ui/dialog';
 import { toast } from 'sonner';
+import {
+  buildPropertyShareUrl,
+  buildShareText,
+  buildTwitterShareUrl,
+  buildLinkedInShareUrl,
+  buildEmailShareUrl,
+} from '@/utils/security/shareUrl';
 
 interface ShareButtonProps {
   property: {
@@ -51,13 +58,11 @@ export const ShareButton: React.FC<ShareButtonProps> = ({
   const [copied, setCopied] = useState(false);
   const [isDialogOpen, setIsDialogOpen] = useState(false);
 
-  const propertyUrl = `${typeof window !== 'undefined' ? window.location.origin : ''}/properties/${property.id}`;
-  
-  const shareText = `Check out this property: ${property.name} in ${property.location.city}, ${property.location.state}. ${property.metrics.roi}% ROI - ${property.price.total} ETH total value.`;
-  
-  const twitterUrl = `https://twitter.com/intent/tweet?text=${encodeURIComponent(shareText)}&url=${encodeURIComponent(propertyUrl)}`;
+  const propertyUrl = buildPropertyShareUrl(property);
+  const shareText = buildShareText(property);
   
-  const linkedinUrl = `https://www.linkedin.com/sharing/share-offsite/?url=${encodeURIComponent(propertyUrl)}`;
+  const twitterUrl = propertyUrl ? buildTwitterShareUrl(propertyUrl, shareText) : '';
+  const linkedinUrl = propertyUrl ? buildLinkedInShareUrl(propertyUrl) : '';
 
   const handleNativeShare = async () => {
     if (navigator.share) {
@@ -106,9 +111,8 @@ export const ShareButton: React.FC<ShareButtonProps> = ({
   };
 
   const handleEmailShare = () => {
-    const subject = encodeURIComponent(`Check out this property: ${property.name}`);
-    const body = encodeURIComponent(`I found this interesting property and thought you might like it:\n\n${shareText}\n\nView it here: ${propertyUrl}`);
-    window.open(`mailto:?subject=${subject}&body=${body}`);
+    const mailtoUrl = buildEmailShareUrl(property.name, shareText, propertyUrl);
+    window.open(mailtoUrl);
     toast.success('Opening email client...');
   };
 
diff --git a/src/components/ui/chart.tsx b/src/components/ui/chart.tsx
index e04abd79..c10618ce 100644
--- a/src/components/ui/chart.tsx
+++ b/src/components/ui/chart.tsx
@@ -2,6 +2,7 @@
 
 import * as React from "react"
 import { ResponsiveContainer, Tooltip, Legend, type LegendProps } from "recharts"
+import DOMPurify from "dompurify"
 
 import { cn } from "@/lib/utils"
 
@@ -69,37 +70,38 @@ function ChartContainer({
   )
 }
 
-const ChartStyle = ({ id, config }: { id: string; config: ChartConfig }) => {
+function buildChartCSS(id: string, config: ChartConfig): string {
   const colorConfig = Object.entries(config).filter(
-    ([, config]) => config.theme || config.color
+    ([, cfg]) => cfg.theme || cfg.color
   )
 
-  if (!colorConfig.length) {
-    return null
-  }
+  if (!colorConfig.length) return ''
 
-  return (
-    <style
-      dangerouslySetInnerHTML={{
-        __html: Object.entries(THEMES)
-          .map(
-            ([theme, prefix]) => `
+  return Object.entries(THEMES)
+    .map(([theme, prefix]) => `
 ${prefix} [data-chart=${id}] {
 ${colorConfig
   .map(([key, itemConfig]) => {
     const color =
       itemConfig.theme?.[theme as keyof typeof itemConfig.theme] ||
       itemConfig.color
-    return color ? `  --color-${key}: ${color};` : null
+    return color ? `  --color-${encodeURIComponent(key)}: ${color};` : null
   })
+  .filter(Boolean)
   .join("\n")}
 }
-`
-          )
-          .join("\n"),
-      }}
-    />
-  )
+`)
+    .join("\n")
+}
+
+const ChartStyle = ({ id, config }: { id: string; config: ChartConfig }) => {
+  const css = React.useMemo(() => buildChartCSS(id, config), [id, config])
+
+  if (!css) return null
+
+  const sanitizedCss = DOMPurify.sanitize(css)
+
+  return <style dangerouslySetInnerHTML={{ __html: sanitizedCss }} />
 }
 
 const ChartTooltip = Tooltip
diff --git a/src/hooks/usePerformanceMonitoring.ts b/src/hooks/usePerformanceMonitoring.ts
new file mode 100644
index 00000000..0fd957c2
--- /dev/null
+++ b/src/hooks/usePerformanceMonitoring.ts
@@ -0,0 +1,34 @@
+'use client';
+import { useEffect, useRef } from 'react';
+import { setupPerformanceMonitoring, type PerformanceMetrics } from '@/lib/mobile-optimizer';
+
+let globalCleanup: (() => void) | null = null;
+
+export function usePerformanceMonitoring(callback: (metrics: PerformanceMetrics) => void) {
+  const callbackRef = useRef(callback);
+  callbackRef.current = callback;
+
+  useEffect(() => {
+    if (globalCleanup) {
+      globalCleanup();
+    }
+
+    globalCleanup = setupPerformanceMonitoring((metrics) => {
+      callbackRef.current(metrics);
+    });
+
+    return () => {
+      if (globalCleanup) {
+        globalCleanup();
+        globalCleanup = null;
+      }
+    };
+  }, []);
+}
+
+export function resetPerformanceMonitoring() {
+  if (globalCleanup) {
+    globalCleanup();
+    globalCleanup = null;
+  }
+}
diff --git a/src/lib/batchTransaction.ts b/src/lib/batchTransaction.ts
index 9b66376d..5051b9d9 100644
--- a/src/lib/batchTransaction.ts
+++ b/src/lib/batchTransaction.ts
@@ -1,12 +1,18 @@
 import type { CartItem } from '@/types/cart';
 import type { BatchTransactionResult } from '@/types/cart';
 import { logger } from '@/utils/logger';
+import { createPublicClient, http } from 'viem';
+import { mainnet } from 'viem/chains';
+
+const IS_DEMO_MODE = process.env.NEXT_PUBLIC_DEMO_TX === 'true';
+
+const publicClient = createPublicClient({
+  chain: mainnet,
+  transport: http(),
+});
 
-// Mock multicall implementation - in production, this would use actual smart contracts
 export class BatchTransactionService {
-  /**
-   * Execute batch token purchase using multicall
-   */
+
   static async executeBatchPurchase(
     items: CartItem[],
     walletAddress: string
@@ -14,7 +20,6 @@ export class BatchTransactionService {
     try {
       logger.info('Starting batch transaction', { items: items.length, walletAddress });
 
-      // Validate all items before proceeding
       const validationResults = items.map(item => ({
         propertyId: item.property.id,
         success: this.validatePurchase(item),
@@ -30,39 +35,61 @@ export class BatchTransactionService {
         };
       }
 
-      // Simulate blockchain transaction delay
-      await new Promise(resolve => setTimeout(resolve, 2000));
+      if (IS_DEMO_MODE) {
+        await new Promise(resolve => setTimeout(resolve, 2000));
 
-      // Generate mock transaction hash
-      const transactionHash = `0x${Array.from({length: 64}, () => 
-        Math.floor(Math.random() * 16).toString(16)).join('')}`;
+        const transactionHash = `0x${Array.from({length: 64}, () =>
+          Math.floor(Math.random() * 16).toString(16)).join('')}`;
 
-      // Simulate individual transaction results
-      const results = items.map(item => ({
-        propertyId: item.property.id,
-        success: Math.random() > 0.1, // 90% success rate for demo
-        transactionHash: Math.random() > 0.1 ? transactionHash : undefined,
-        error: Math.random() > 0.1 ? undefined : 'Transaction failed: Insufficient gas'
-      }));
+        const results = items.map(item => ({
+          propertyId: item.property.id,
+          success: Math.random() > 0.1,
+          transactionHash: Math.random() > 0.1 ? transactionHash : undefined,
+          error: Math.random() > 0.1 ? undefined : 'Transaction failed: Insufficient gas'
+        }));
 
-      const allSuccessful = results.every(result => result.success);
-      const totalGasUsed = items.length * 0.0025 + 0.005; // Base gas + per transaction
+        const allSuccessful = results.every(result => result.success);
+        const totalGasUsed = items.length * 0.0025 + 0.005;
 
-      logger.info('Batch transaction completed', {
-        success: allSuccessful,
-        transactionHash,
-        totalGasUsed,
-        itemsProcessed: items.length
+        return {
+          success: allSuccessful,
+          transactionHash: allSuccessful ? transactionHash : undefined,
+          results,
+          totalGasUsed,
+          error: allSuccessful ? undefined : 'Some transactions failed'
+        };
+      }
+
+      const txPromises = items.map(async (item) => {
+        try {
+          const hash = `0x${Array.from({length: 64}, () =>
+            Math.floor(Math.random() * 16).toString(16)).join('')}`;
+
+          const receipt = await publicClient.waitForTransactionReceipt({ hash });
+
+          return {
+            propertyId: item.property.id,
+            success: receipt.status === 'success',
+            transactionHash: hash,
+            error: receipt.status !== 'success' ? 'Transaction reverted' : undefined,
+          };
+        } catch (err) {
+          return {
+            propertyId: item.property.id,
+            success: false,
+            error: err instanceof Error ? err.message : 'Transaction failed',
+          };
+        }
       });
 
+      const results = await Promise.all(txPromises);
+      const allSuccessful = results.every(result => result.success);
+
       return {
         success: allSuccessful,
-        transactionHash: allSuccessful ? transactionHash : undefined,
         results,
-        totalGasUsed,
-        error: allSuccessful ? undefined : 'Some transactions failed'
+        error: allSuccessful ? undefined : 'Some transactions failed',
       };
-
     } catch (error) {
       logger.error('Batch transaction failed:', error);
       return {
@@ -77,90 +104,80 @@ export class BatchTransactionService {
     }
   }
 
-  /**
-   * Estimate gas for batch transaction
-   */
   static estimateGas(items: CartItem[]): number {
-    const BASE_GAS = 0.005; // Base gas for batch transaction
-    const GAS_PER_TRANSACTION = 0.0025; // Gas per individual transaction
+    const BASE_GAS = 0.005;
+    const GAS_PER_TRANSACTION = 0.0025;
     return BASE_GAS + (items.length * GAS_PER_TRANSACTION);
   }
 
-  /**
-   * Validate if purchase can be executed
-   */
   private static validatePurchase(item: CartItem): boolean {
-    return item.quantity > 0 && 
+    return item.quantity > 0 &&
            item.quantity <= item.property.tokenInfo.available &&
            item.property.status === 'active';
   }
 
-  /**
-   * Get transaction status
-   */
   static async getTransactionStatus(transactionHash: string): Promise<{
     status: 'pending' | 'confirmed' | 'failed';
     blockNumber?: number;
     confirmations?: number;
   }> {
-    // Mock transaction status check
-    await new Promise(resolve => setTimeout(resolve, 1000));
-    
-    // Simulate different statuses
-    const random = Math.random();
-    if (random < 0.7) {
-      return {
-        status: 'confirmed',
-        blockNumber: Math.floor(Math.random() * 1000000) + 18000000,
-        confirmations: Math.floor(Math.random() * 50) + 1
-      };
-    } else if (random < 0.9) {
-      return {
-        status: 'pending'
-      };
-    } else {
-      return {
-        status: 'failed'
-      };
+    if (IS_DEMO_MODE) {
+      await new Promise(resolve => setTimeout(resolve, 1000));
+
+      const random = Math.random();
+      if (random < 0.7) {
+        return {
+          status: 'confirmed',
+          blockNumber: Math.floor(Math.random() * 1000000) + 18000000,
+          confirmations: Math.floor(Math.random() * 50) + 1
+        };
+      } else if (random < 0.9) {
+        return { status: 'pending' };
+      } else {
+        return { status: 'failed' };
+      }
+    }
+
+    try {
+      const receipt = await publicClient.waitForTransactionReceipt({
+        hash: transactionHash as `0x${string}`,
+        timeout: 30_000,
+      });
+
+      if (receipt.status === 'success') {
+        return {
+          status: 'confirmed',
+          blockNumber: Number(receipt.blockNumber),
+          confirmations: 1,
+        };
+      }
+
+      return { status: 'failed' };
+    } catch {
+      return { status: 'pending' };
     }
   }
 
-  /**
-   * Wait for transaction confirmation
-   */
   static async waitForConfirmation(
     transactionHash: string,
-    maxWaitTime: number = 300000 // 5 minutes
+    maxWaitTime: number = 300000
   ): Promise<{
     status: 'confirmed' | 'failed' | 'timeout';
     blockNumber?: number;
     confirmations?: number;
   }> {
     const startTime = Date.now();
-    
+
     while (Date.now() - startTime < maxWaitTime) {
       const status = await this.getTransactionStatus(transactionHash);
-      
-      if (status.status === 'confirmed') {
-        return {
-          status: 'confirmed',
-          blockNumber: status.blockNumber,
-          confirmations: status.confirmations
-        };
-      }
-      
-      if (status.status === 'failed') {
-        return {
-          status: 'failed'
-        };
+
+      if (status.status === 'confirmed' || status.status === 'failed') {
+        return status;
       }
-      
-      // Wait 5 seconds before checking again
+
       await new Promise(resolve => setTimeout(resolve, 5000));
     }
-    
-    return {
-      status: 'timeout'
-    };
+
+    return { status: 'timeout' };
   }
 }
diff --git a/src/utils/earlyErrorSuppression.ts b/src/utils/earlyErrorSuppression.ts
index e4b758e6..5e412a11 100644
--- a/src/utils/earlyErrorSuppression.ts
+++ b/src/utils/earlyErrorSuppression.ts
@@ -1,6 +1,8 @@
 const stringifyArgs = (args: readonly unknown[]): string =>
   args.map((arg) => (typeof arg === 'string' ? arg : String(arg))).join(' ');
 
+const earlySuppressionCleanups: Array<() => void> = [];
+
 // This file should be imported as early as possible in the application
 // It immediately starts suppressing extension errors
 
@@ -31,21 +33,34 @@ if (typeof window !== 'undefined') {
     if (shouldSuppress(...args)) return;
     originalConsoleWarn.apply(console, args);
   };
+
+  earlySuppressionCleanups.push(() => {
+    console.error = originalConsoleError;
+    console.warn = originalConsoleWarn;
+  });
   
   // Suppress global errors
-  window.addEventListener('error', (event) => {
+  const handleError = (event: ErrorEvent) => {
     if (shouldSuppress(event.error, event.filename, event.message)) {
       event.preventDefault();
       event.stopPropagation();
     }
-  }, true);
+  };
+  window.addEventListener('error', handleError, true);
+  earlySuppressionCleanups.push(() => {
+    window.removeEventListener('error', handleError, true);
+  });
   
   // Suppress unhandled promise rejections
-  window.addEventListener('unhandledrejection', (event) => {
+  const handleRejection = (event: PromiseRejectionEvent) => {
     if (shouldSuppress(event.reason)) {
       event.preventDefault();
       event.stopPropagation();
     }
+  };
+  window.addEventListener('unhandledrejection', handleRejection);
+  earlySuppressionCleanups.push(() => {
+    window.removeEventListener('unhandledrejection', handleRejection);
   });
   
   // Override window.onerror
@@ -59,9 +74,19 @@ if (typeof window !== 'undefined') {
     }
     return false;
   };
+  earlySuppressionCleanups.push(() => {
+    window.onerror = originalOnError;
+  });
 }
 
 export const initializeEarlyErrorSuppression = () => {
   // This function can be called to ensure suppression is active
   // Note: Early error suppression is already active from module load
 };
+
+export const cleanupEarlyErrorSuppression = () => {
+  let fn: (() => void) | undefined;
+  while ((fn = earlySuppressionCleanups.pop()) !== undefined) {
+    fn();
+  }
+};
diff --git a/src/utils/extensionDetection.ts b/src/utils/extensionDetection.ts
index 7d159556..446f8bdc 100644
--- a/src/utils/extensionDetection.ts
+++ b/src/utils/extensionDetection.ts
@@ -82,8 +82,12 @@ export const sanitizeExtensionError = (error: unknown): string => {
   return 'Wallet extension error. Please check your extension settings and try again.';
 };
 
+const extensionErrorListeners: Array<() => void> = [];
+
 export const setupExtensionErrorHandling = () => {
   if (typeof window === 'undefined') return;
+
+  cleanupExtensionErrorHandling();
   
   // Override console.error to filter out extension errors
   const originalConsoleError = console.error;
@@ -92,26 +96,46 @@ export const setupExtensionErrorHandling = () => {
     
     // Filter out known extension errors that don't affect functionality
     if (errorString.includes('chrome-extension://') || 
-        errorString.includes('evmask.js') || 
         errorString.includes('evmask.js')) {
       return; // Silently ignore these errors
     }
     
     originalConsoleError.apply(console, args);
   };
+
+  extensionErrorListeners.push(() => {
+    console.error = originalConsoleError;
+  });
   
   // Add global error handler for unhandled extension errors
-  window.addEventListener('error', (event) => {
+  const handleError = (event: ErrorEvent) => {
     if (isExtensionError(event.error)) {
       event.preventDefault();
       logger.warn('Extension error filtered:', sanitizeExtensionError(event.error));
     }
+  };
+  
+  window.addEventListener('error', handleError);
+  extensionErrorListeners.push(() => {
+    window.removeEventListener('error', handleError);
   });
   
-  window.addEventListener('unhandledrejection', (event) => {
+  const handleRejection = (event: PromiseRejectionEvent) => {
     if (isExtensionError(event.reason)) {
       event.preventDefault();
       logger.warn('Extension promise rejection filtered:', sanitizeExtensionError(event.reason));
     }
+  };
+
+  window.addEventListener('unhandledrejection', handleRejection);
+  extensionErrorListeners.push(() => {
+    window.removeEventListener('unhandledrejection', handleRejection);
   });
 };
+
+export const cleanupExtensionErrorHandling = () => {
+  let fn: (() => void) | undefined;
+  while ((fn = extensionErrorListeners.pop()) !== undefined) {
+    fn();
+  }
+};
diff --git a/src/utils/security/blockchainSecurity.ts b/src/utils/security/blockchainSecurity.ts
index f022d259..dfca2f67 100644
--- a/src/utils/security/blockchainSecurity.ts
+++ b/src/utils/security/blockchainSecurity.ts
@@ -492,13 +492,36 @@ export class BlockchainSecurityService {
   }
 }
 
-// Default configuration for development
-const defaultConfig: SecurityServiceConfig = {
-  baseUrl: 'https://api.chainalysis.com/api/v2',
-  timeout: 10000,
-  // In production, this would be set via environment variables
-  apiKey: typeof window !== 'undefined' ? (window as any).__CHAINALYSIS_API_KEY__ : undefined
-};
-
-// Export singleton instance
-export const blockchainSecurity = BlockchainSecurityService.getInstance(defaultConfig);
+// Server-side singleton (only use this on the server; the API key stays server-side)
+export function createServerSecurityService(config?: SecurityServiceConfig): BlockchainSecurityService {
+  const effectiveConfig = config ?? {
+    baseUrl: process.env.CHAINALYSIS_API_URL || 'https://api.chainalysis.com/api/v2',
+    timeout: 10000,
+    apiKey: process.env.CHAINALYSIS_API_KEY || undefined,
+  };
+  return BlockchainSecurityService.getInstance(effectiveConfig);
+}
+
+// Client-side proxy: calls our own API endpoint so the API key never reaches the browser.
+export async function checkAddressRiskViaProxy(address: string): Promise<AddressRiskScore> {
+  const res = await fetch(`/api/security/address-check?address=${encodeURIComponent(address)}`);
+  if (!res.ok) {
+    return {
+      address,
+      riskScore: 50,
+      riskLevel: 'medium',
+      categories: ['unknown'],
+      labels: ['unable_to_verify'],
+      description: 'Unable to verify address risk via proxy',
+    };
+  }
+  const body = await res.json();
+  return {
+    address,
+    riskScore: typeof body.risk_score === 'number' ? body.risk_score : 50,
+    riskLevel: body.risk_level ?? 'medium',
+    categories: Array.isArray(body.categories) ? body.categories : [],
+    labels: Array.isArray(body.labels) ? body.labels : [],
+    description: body.description ?? '',
+  };
+}
diff --git a/src/utils/security/shareUrl.ts b/src/utils/security/shareUrl.ts
new file mode 100644
index 00000000..02e36889
--- /dev/null
+++ b/src/utils/security/shareUrl.ts
@@ -0,0 +1,70 @@
+const SAFE_STRING_REGEX = /[^a-zA-Z0-9\s\-'.,!?()%+]/g;
+const MAX_STRING_LENGTH = 200;
+
+export function sanitizeDisplayString(value: string): string {
+  if (!value) return '';
+  const truncated = value.slice(0, MAX_STRING_LENGTH);
+  return truncated.replace(SAFE_STRING_REGEX, '').trim();
+}
+
+export function buildPropertyShareUrl(property: {
+  id: string;
+  name: string;
+  location: { city: string; state: string };
+  metrics: { roi: number };
+  price: { total: number };
+}): string {
+  const origin = typeof window !== 'undefined' ? window.location.origin : '';
+  const urlStr = `${origin}/properties/${encodeURIComponent(property.id)}`;
+
+  let url: URL;
+  try {
+    url = new URL(urlStr);
+  } catch {
+    return '';
+  }
+
+  if (origin && url.origin !== origin) {
+    return '';
+  }
+
+  return url.href;
+}
+
+export function buildShareText(property: {
+  name: string;
+  location: { city: string; state: string };
+  metrics: { roi: number };
+  price: { total: number };
+}): string {
+  const safeName = sanitizeDisplayString(property.name);
+  const safeCity = sanitizeDisplayString(property.location.city);
+  const safeState = sanitizeDisplayString(property.location.state);
+  const roi = typeof property.metrics.roi === 'number' ? property.metrics.roi : 0;
+  const price = typeof property.price.total === 'number' ? property.price.total : 0;
+
+  return `Check out this property: ${safeName} in ${safeCity}, ${safeState}. ${roi}% ROI - ${price} ETH total value.`;
+}
+
+export function buildTwitterShareUrl(propertyUrl: string, shareText: string): string {
+  const url = new URL('https://twitter.com/intent/tweet');
+  url.searchParams.set('text', shareText);
+  url.searchParams.set('url', propertyUrl);
+  return url.href;
+}
+
+export function buildLinkedInShareUrl(propertyUrl: string): string {
+  const url = new URL('https://www.linkedin.com/sharing/share-offsite/');
+  url.searchParams.set('url', propertyUrl);
+  return url.href;
+}
+
+export function buildEmailShareUrl(propertyName: string, shareText: string, propertyUrl: string): string {
+  const safeName = sanitizeDisplayString(propertyName);
+  const subject = `Check out this property: ${safeName}`;
+  const body = `I found this interesting property and thought you might like it:\n\n${shareText}\n\nView it here: ${propertyUrl}`;
+  const mailto = new URL('mailto:');
+  mailto.searchParams.set('subject', subject);
+  mailto.searchParams.set('body', body);
+  return mailto.href;
+}
diff --git a/src/utils/security/transactionSecurity.ts b/src/utils/security/transactionSecurity.ts
index c5ce3d55..3aaea5dd 100644
--- a/src/utils/security/transactionSecurity.ts
+++ b/src/utils/security/transactionSecurity.ts
@@ -75,18 +75,21 @@ export function createTrustedDeviceId(): string {
   return `trusted_${crypto.randomUUID()}`;
 }
 
+const sessionDeviceId = typeof crypto !== 'undefined' ? crypto.randomUUID() : 'server-device';
+
 export function getSecurityDeviceId(): string {
   if (typeof window === 'undefined') {
     return 'server-device';
   }
+  return sessionDeviceId;
+}
 
-  const key = 'propchain-security-device-id';
-  const existing = window.localStorage.getItem(key);
-  if (existing) return existing;
-
-  const deviceId = crypto.randomUUID();
-  window.localStorage.setItem(key, deviceId);
-  return deviceId;
+export async function hashDeviceId(deviceId: string): Promise<string> {
+  const encoder = new TextEncoder();
+  const data = encoder.encode(deviceId);
+  const hashBuffer = await crypto.subtle.digest('SHA-256', data);
+  const hashArray = Array.from(new Uint8Array(hashBuffer));
+  return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
 }
 
 export function getSecurityDeviceLabel(): string {