agwitness
Sign up

Security Protocol

How we protect integrity, confidentiality, and availability—from the edge to your vault.

Trust model

Security is foundational: we handle negotiation context and legally significant records. Confidentiality, integrity, then availability—in that order.

Below is how we think about defense in depth, what we ship in production today, and where to go for disclosures or compliance questions.

Controls you can point to

A short list of concrete mechanisms—not a substitute for a full audit, but a clear picture of what the web app and APIs lean on.

Transport

TLS

HTTPS for app & API traffic

Web hardening

CSP

Content Security Policy on responses

Production

HSTS

Strict transport when deployed with TLS

Sessions

Firebase

Server-verified session cookies

Cryptography & evidence

Integrity you can verify

Deeds are bound to SHA-256 hashes and can be checked on our public verify flow. The goal is simple: if a record changed after the fact, the story and the hash no longer match—without asking you to trust a dashboard screenshot.

  • Verification by hash — share a link, not a file dump.
  • Internal APIs protected with configurable keys in production.
  • Rate limits on sensitive routes to blunt abuse.

Defense in depth

No single control wins alone. These layers stack from the first HTTP byte to long-term storage.

Edge & browser

Security headers (CSP, frame controls, MIME sniffing), referrer policy, and permissions policy reduce attack surface before code runs.

Application

Firebase Authentication with server-side session verification for vault and APIs. Stripe webhooks verified with signing secrets. Webhook destinations validated to reduce SSRF risk.

Data & custody

Records live in infrastructure designed for encryption at rest (cloud providers). You control export and account deletion paths; shared links use one-time style tokens with expiry.

Architecture

Security measures

Deeper detail on how we treat data, access, and compliance—aligned to how teams actually run procurement and audit.

  • Encryption & transport

    Connections use modern TLS. Data at rest inherits your cloud provider’s encryption defaults; keys are not handled casually in application logs.

    Never send secrets in support tickets or chat—use secure channels we provide.

  • Scoped sharing

    Share links are built for least privilege: time-bounded tokens, single-use consumption where configured, and no vault-wide access from one link.

    Treat shared URLs like capability tokens—rotate or expire when workflows change.

  • Tamper-evident records

    Deeds carry cryptographic hashes so independent verification can detect drift. The system is designed so silent edits to a notarized narrative don’t “stick” without detection.

    Enterprise customers with compliance needs can ask about additional audit exports.

  • Access control & keys

    Authentication follows industry practice (OAuth providers, email/password where enabled). API access for agents uses scoped keys; raw secrets are not stored in plaintext in client bundles.

    Rotate Griffin keys from the vault if you suspect exposure.

  • Compliance posture

    We architect for GDPR-style rights (access, export, erasure flows) and work with customers who need DPA or custom terms.

    Email compliance@agwitness.com for questionnaires, subprocessors, and audit artifacts.

Found a vulnerability?

We run a responsible disclosure process—see scope, SLAs, and safe-harbor expectations on our bug bounty page.

Bug bounty & disclosure

Compliance & questionnaires: compliance@agwitness.com