Trust & Security

Security without compromise.

The integrity of the ledger is the product. Our security posture, compliance certifications, and transparency commitments are documented here — verifiable by any third party.

Key Management

Key Rotation & Revocation Policies

Every signing key is born inside an HSM and stays there for its entire lifecycle. Rotation and revocation are controlled, audited, and irreversible operations.

Key Rotation

Scheduled rotation

Organization keys can be configured to rotate on a 90-day, 180-day, or annual schedule. Rotation generates a new key pair inside the HSM without service interruption.

On-demand rotation

Administrators can trigger an immediate key rotation from the dashboard at any time — for example, following a personnel change or security event.

Historical verifiability

Records signed under a prior key remain verifiable after rotation. The ledger stores the key version alongside each record, so verification always uses the correct key.

Rotation audit log

Every rotation event is written to the transparency log with a hardware-attested timestamp. The log entry is publicly verifiable.

Key Revocation

Immediate revocation

A compromised key can be revoked instantly via the dashboard or API. Revocation takes effect within 60 seconds globally across all verification nodes.

Revocation record

Revocation is written to the public transparency log with a reason code and timestamp. Verifiers can check revocation status before trusting any record signed by that key.

Downstream impact

Records signed before the revocation timestamp remain valid. Records signed after the revocation event are flagged as potentially compromised in verification responses.

Emergency contacts

Enterprise customers receive a 24/7 security hotline for assisted key revocation in the event of a confirmed compromise. SLA: acknowledgement within 15 minutes.

< 60s

Revocation propagation

15 min

Emergency SLA

FIPS 140-2 L3

HSM certification

Immutable

Audit log

Certifications

SOC 2 & EU AI Act Alignment

Ledgible maintains SOC 2 Type II certification and is designed from the ground up to satisfy the provenance requirements of the EU AI Act and equivalent frameworks worldwide.

SOC 2 Type II

Ledgible undergoes annual SOC 2 Type II audits covering all five Trust Services Criteria — Security, Availability, Processing Integrity, Confidentiality, and Privacy.

✓Security — access controls, network security, encryption at rest and in transit

✓Availability — 99.99% uptime SLA, incident response procedures

✓Processing Integrity — complete and accurate signing operations

✓Confidentiality — data classification and handling controls

✓Privacy — customer data handling aligned with GDPR and CCPA

SOC 2 report available to enterprise customers under NDA.

EU AI Act Alignment

Article 50 of the EU AI Act requires machine-readable AI content disclosure — active from August 2025. Ledgible is purpose-built to satisfy this requirement and the equivalent provisions across major jurisdictions.

EU AI Act Art. 50Machine-readable disclosure at generation time

EU AI Act Art. 10Training data governance & provenance

FTC AI GuidanceTransparency in AI-generated content

California AB 3211Digital content provenance standards

C2PA StandardFull specification implementation

NIST AI RMFData lineage documentation support

Data residency & encryption

Data at rest

AES-256 encryption. Customer ledger data is logically isolated per organization. No cross-tenant data access.

Data in transit

TLS 1.3 enforced on all endpoints. HSTS with preloading. Certificate pinning available for enterprise SDK.

Data residency

US (us-east-1), EU (eu-west-1), and APAC (ap-southeast-1) regions available. Enterprise customers can pin to a single region.

Public Audit

Transparency Log

The Ledgible Transparency Log is a public, append-only record of all security events — key rotations, revocations, infrastructure incidents, and policy changes. Any third party can verify that the log has not been altered.

We believe trust cannot be asserted — it must be earned through verifiable transparency. Publishing our security event history publicly holds us to a standard higher than any private audit.

Logged eventKey rotation, key revocation, key generation

Infrastructure eventsAvailability incidents, data center changes

Policy changesRate limit updates, API deprecations, TOS changes

Security noticesVulnerability disclosures, patch deployments

Recent log entries

2026-04-01KEY_ROTATION

Scheduled 90-day key rotation completed for 3 enterprise organizations.

2026-03-28POLICY_UPDATE

Rate limit for Starter plan updated from 500 to 1,000 requests/day.

2026-03-15INFRASTRUCTURE

Brief degraded availability (4 min) on us-east-1 verification endpoint. Root cause: BGP routing event. Resolved.

2026-03-01KEY_GENERATION

New root CA certificate generated and published for Q2 2026.

2026-02-14SECURITY_PATCH

Dependency update: addressed CVE-2026-0123 in JWT verification library. No customer impact.

Log entries are signed and verifiable via the Ledgible API.

Research

Provenance Research Papers

The academic and technical foundations for the Ledgible platform. Our design decisions are grounded in peer-reviewed research and open standards — not proprietary claims.

ArchitectureAvailable

Cryptographic Provenance at Scale: The Ledgible Platform Design

Ledgible Engineering · 2026

Describes the three-layer provenance stack, the HSM signing architecture, and the append-only ledger data model. Includes performance benchmarks and formal security analysis.

Request PDF →

StandardsAvailable

C2PA Implementation Guide for Enterprise Workflows

Ledgible Engineering · 2026

A practical guide to implementing the C2PA specification across heterogeneous enterprise content pipelines — covering hard binding, soft binding, claim generators, and interoperability edge cases.

Request PDF →

ComplianceAvailable

EU AI Act Article 50 Technical Compliance: A Framework for Content Platforms

Ledgible Legal & Engineering · 2025

Maps Article 50 requirements to technical controls. Distinguishes between UI-level disclosure (insufficient) and machine-readable provenance embedding (compliant). Covers implementation patterns for GPAI and limited-purpose AI systems.

Request PDF →

ResearchAvailable

The Data Provenance Gap: An Audit of Enterprise AI Training Datasets

Ledgible Research (MIT DPI methodology) · 2025

Quantifies the provenance gap in enterprise AI training workflows. Based on audits of 12 organizations across financial services, media, and e-commerce. Proposes a tiered certification framework for legacy datasets.

Request PDF →

SecurityAvailable

Key Lifecycle Management for Provenance Infrastructure

Ledgible Security Team · 2026

Formal treatment of key rotation, revocation, and recovery for provenance systems. Analyzes threat models specific to tamper-evident ledgers and proposes the Ledgible key policy framework.

Request PDF →

InteroperabilityComing Q3 2026

Cross-Platform Content Verification: Bridging Ledgible, Adobe CAI, and Browser Extensions

Ledgible Engineering · 2026

Demonstrates interoperability between Ledgible-signed assets and the broader C2PA ecosystem. Covers verification in Chrome extensions, Adobe Bridge, and third-party news verification tools.

Questions about our security posture?

We welcome security reviews from enterprise prospects. SOC 2 reports and architecture documentation available under NDA.

Contact Security Team View Transparency Log