Security

Every record in the Attestr ledger is protected by multiple layers of cryptographic verification, ensuring that tampering with any record is mathematically detectable.

• SHA-256 hash chaining — every record includes the hash of the previous record, creating an unbreakable sequence
• Ed25519 digital signatures — every record is signed with a private key; verification uses our publicly available key
• Merkle tree batching — records are grouped into Merkle trees for efficient batch verification and selective proof
• Append-only ledger — UPDATE and DELETE operations are revoked at the PostgreSQL level; records are permanent

Attestr infrastructure is designed for high availability, durability, and defense in depth.

• All data encrypted at rest using AES-256
• All data encrypted in transit using TLS 1.3
• Database hosted on isolated, dedicated infrastructure with automated backups
• Network-level isolation between tenant environments
• Automated vulnerability scanning and dependency auditing

Every API request to Attestr is authenticated and time-limited to prevent unauthorized access and replay attacks.

• HMAC-SHA256 request signing — every request is signed with your secret key, including the HTTP method, path, timestamp, and body
• 5-minute replay window — requests older than 5 minutes are rejected, preventing replay attacks
• Per-tenant API credentials — each organization receives unique keys that cannot access other tenants' data
• Credential rotation supported without downtime

Your data belongs to you. Every tenant operates in complete isolation.

• Complete data isolation between tenants — separate ledger chains, separate keys, separate verification
• No cross-tenant data access under any circumstances
• No data sold, shared, or used for training
• Data retention policies configurable per tenant
• Evidence packets are self-contained — no data leaks through shared infrastructure

Attestr is designed from the ground up to support compliance and audit requirements in regulated industries.

• Audit-friendly architecture — every record is independently verifiable with standard cryptographic tools
• Examiner independence — third parties verify evidence without needing an Attestr account
• Immutable record-keeping satisfies requirements for tamper-proof audit trails
• Open-source verification engine — MIT licensed, self-hostable for zero vendor dependency
• SOC 2 Type II readiness — controls mapped to trust service criteria

We take security vulnerabilities seriously. If you discover a security issue, we appreciate your help in disclosing it responsibly.