Security

Trust by design. Evidence travels.
Raw data stays.

Every architectural decision in Provena by AffectLog reflects one principle: diagnostics run where your data lives, and only the signed evidence receipt crosses the boundary.

Evidence travels

Raw data never leaves your environment

Ed25519 signing

Every receipt is cryptographically verifiable

Zero-trust RBAC

Server-side role checks on every route

Immutable audit log

Every action recorded with actor + timestamp

Signal Receipt — Signing ChainEd25519 active
Diagnostic runsScore onlyEd25519 signReceipt →
check:fairness_demographic_parity
score:0.94
result:PASS
raw_data_included:false
signature_alg:Ed25519
verifiable_offline:true
Org isolation
DB + API layer
RBAC — 9 roles
Server-side enforced
Audit log
Immutable · actor + ts
Raw export
Disabled by default

Security headers

X-Frame-Options:DENY
X-Content-Type-Options:nosniff
Permissions-Policy:camera=()

Security principles

Eight security controls — by default.

No raw data exported by default

AffectLog never exports raw prompts, raw model weights, raw personal data, or raw documents. Every diagnostic produces a signed Signal Receipt — not a data export. Raw export flags are disabled by default and require explicit opt-in.

Organisation isolation

Every organisation's data is fully isolated at the database and API layer. No supplier data, evidence, or decision is accessible across organisations without explicit sharing consent.

Role-based access control

Access to passports, evidence, decisions, and exports is governed by roles: Owner, Admin, CISO, DPO, Procurement, AI Lead, Reviewer, Member, Vendor Admin. Every API route enforces server-side role checks.

Signed Signal Receipts

Every Signal Receipt is cryptographically signed with an Ed25519 key. Recipients can verify authenticity and integrity without re-running diagnostics. The signing key is never exported.

Audit logs

Every access decision, evidence update, passport change, export, and user action is written to an immutable audit log with actor, timestamp, IP address, and resource ID.

Secrets management

API keys, signing keys, and webhook secrets are stored in environment variables — never in the database or version control. All secrets are rotatable without downtime.

Encryption at rest and in transit

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Webhook payloads are verified with HMAC signatures before processing.

Local and federated execution

The Edge Capsule allows diagnostic runs inside your own perimeter. Only signed Signal Receipts leave the local environment. Raw data never transits the network.

Signal Receipt signing

Every diagnostic result is signed, not transmitted.

When a diagnostic runs — whether in the AffectLog cloud or the Edge Capsule — it produces a signed Signal Receipt. The receipt contains only the metric name, score, and pass/fail result. No raw inputs are included.

1Diagnostic runs locally (cloud or Edge Capsule)
2Result scored — metric name + numeric score only
3Receipt signed with Ed25519 key
4Receipt forwarded to Provena — raw data stays local
5Reviewer verifies receipt authenticity offline at any time

Signal Receipt — anatomy

receipt_id:SR-2026-FAIR-082
check:fairness_demographic_parity
runner:[email protected]
score:0.94
result:PASS
raw_data_included:false
timestamp:2026-05-06T09:14:22Z
signature_alg:Ed25519
signature:a3f8b29c1e4d…
verifiable_offline:true

Security HTTP headers

X-Frame-Options:DENY
X-Content-Type-Options:nosniff
Referrer-Policy:strict-origin-when-cross-origin
Permissions-Policy:camera=(), microphone=(), geolocation=()

Software Bill of Materials

A machine-readable SBOM in CycloneDX or SPDX format is available to enterprise customers on request. Third-party package notices are maintained in THIRD_PARTY_NOTICES.md.

Security disclosures

Coordinated disclosure. We respond within 48 hours.