Security & Compliance
Proof, Not Promises
Enterprise-grade security with cryptographic evidence.
Every action is signed, least-privilege authorized, and added to a verifiable audit trail—without exposing raw data.
TRUST ARCHITECTURE
How access, execution, and privacy are enforced
The platform enforces identity, scope, consent, and auditability at every step.
Signed requests
Every action tied to an enterprise wallet/DID. Cryptographically signed. No anonymous calls.
Zero-trust ingress
Per-role, per-action authorization. Least privilege by default—not just network allowlists.
ZK-privacy & compliance
Outcomes are provable without exposing inputs. Sensitive data never leaves your boundary.
DATA BOUNDARY
Data Visibility & Verification
What each party can see—and what anchors to L1 for independent verification.
Interweave Sees
Raw payloads for thread execution
Signer DIDs and roles
Commitments, hashes, and proofs
Partners See
Outcome values (per MSA/policy)
Proof reference to verify
Never raw payloads
Public L1 Shows
Bath proof root + tx id
No raw data
No partner payloads
DATA RESIDENCY
Residency, Portability & Exit
Your region, your keys, your exit path. No lock-in.
Data Residency
Deploy in US, EU, or APAC (tenant-pinned). Encryption in transit and at rest. Configurable retention with export-and-purge.
Portability & No Lock-in
Open interfaces. Export outcomes, proofs, and event logs anytime. Self-host the open-source runtime (Linea) if you leave.
Ready to see the full security picture?
Request a detailed security brief or talk to our team about your requirements.
Security Operations
Centralized logging, SIEM, defined incident response. Annual internal audits with independent Type II examination. Pen tested annually.
SOC 2 Type II
Data Protection
AES-256 at rest with HSM key management. TLS 1.2/1.3 in transit. End-to-end API encryption.
Encrypted
Resilience & Continuity
Encrypted backups with defined RPO/RTO. Regular DR simulations with documented results.
DR Tested
Access Controls
MFA required for all users. Role-based permissions with least-privilege enforcement. Quarterly access reviews. Automated de-provisioning.
MFA + RBAC
Incident Response
Documented IR plan with defined SIRT roles. Containment within hours, not days. Root cause analysis and customer notification per SLA.
SIRT Active
Processing Integrity
Deterministic EVM execution. Immutable transaction logs. Input validation at every boundary. Outcomes are provably correct—not just encrypted.
Provably Correct
FREQUENTLY ASKED
Common Security Questions
What security certifications does Interweave hold?
Interweave maintains SOC 2 Type II certification with independent annual audits. Smart contracts are audited by third-party security firms. All actions are cryptographically signed, logged, and independently verifiable.
Where is my data stored?
Tenant-pinned deployment in US, EU, or APAC—your data stays in your region. Encryption in transit and at rest. Configurable retention policies with export-and-purge on request.
How is data encrypted?
AES-256 encryption at rest with HSM-managed keys. TLS 1.2/1.3 for all data in transit. End-to-end API encryption ensures data is protected at every boundary.
What's your incident response process?
+ Documented IR plan with defined SIRT roles and escalation paths. Containment within hours, not days. Root cause analysis for every incident. Customer notification per SLA commitments.
Can I export my data and leave?
+ Yes. Open REST interfaces allow full data export. Download outcomes, proofs, and event logs anytime. Self-host the open-source runtime (Linea) if you choose to leave. No vendor lock-in.
How are smart contracts and the zkEVM secured?
All smart contracts undergo third-party security audits before deployment. The zkEVM runs deterministic, formally verified execution—no arbitrary code paths. Updates follow a staged rollout with mandatory review periods. Bug bounty program active for ongoing vulnerability discovery.
THE INTERWEAVE FABRIC
Security at Every Layer
Trust isn't bolted on—it's built into the execution environment. Every product inherits the same cryptographic guarantees.
Build on a Foundation You Can Trust
Enterprise-grade security. Cryptographic proof. No compromises.