🛡️ Security & Trust

Security, in the open.

We're a trust bureau — so we hold ourselves to the standard we score others against. Most platforms keep their security private; we publish ours, because for a trust product, being transparently secure is the proof.

✍️Signed & re-verifiableEvery passport, credit report and firewall receipt is Ed25519-signed. Anyone can re-verify it offline against our published key — tampering is cryptographically rejected.
On-chain & immutablePassports anchor on Base (EAS) and mint a soulbound ERC-5192 token — issuer-only, non-transferable, kill-switch-revocable. Reputation can't be sold or laundered.
🔑Key managementSigning keys live server-side only, are never sent to the client, and are rotated before every deploy. The published DID exposes only the public half.
🗄️Data isolationServer-only database access with row-level security and no public policies. Scores are always server-computed — a caller can never inject their own.
🧱Hardened APIsRate-limited on every public endpoint (incl. AI-backed ones), SSRF-blocked against private/metadata networks, and strict input validation throughout.
🔍Verify-or-reject dataCredit furnishers can't lie: on-chain payment claims are checked against the chain and rejected if false — the chain, not the furnisher, is authoritative.

Verify us yourself

Trust is earned, not asserted. You can independently check our claims:

  • Our issuer public key is published at /.well-known/did.json — re-verify any Trustifer signature against it.
  • Our machine-readable security policy is at /.well-known/security.txt (RFC 9116).
  • Our scoring is public and auditable: methodology · every score can be challenged via disputes.
  • On-chain proofs (EAS attestations, soulbound tokens) are independently checkable on Base.

🐶 We run Trustifer on Trustifer

We dogfood our own product: our issuer and signer wallets are monitored by our own Trust Firewall and incident system. If we wouldn't trust it, we don't ship it.

Responsible disclosure

Found a vulnerability? We want to hear from you, and we'll credit you publicly.

  • How: report it through this page (a dedicated security@trustifer.com address is being set up). Include steps to reproduce and impact.
  • Safe harbor: good-faith research that avoids privacy violations, data destruction, and service disruption will not be pursued legally.
  • Scope: please don't run automated scanners against production, exfiltrate data, or test denial-of-service. Use the open Explorer for read-only testing.
  • Recognition: valid reports earn a place in our Security Hall of Fame (and a bounty once the program launches).

Audit status

An internal security review (key management, on-chain write authorization, API rate-limiting, SSRF) was completed June 2026, with findings remediated. A third-party external audit is planned before public launch — its report will be linked here when complete.

Last updated June 2026 · This page is intentionally public. Developers · Methodology