Security · v0 · public posture
What KIFF Cloud signs, stores, and stands behind.
This page is a single source of truth for how KIFF Cloud handles tenant data, audit records, and the trust boundary between our infrastructure and yours. It is also honest about what we do not yet have. If a claim here cannot be verified by an external party, we name it as a roadmap item rather than a guarantee.
Posture
KIFF Cloud takes custody of audit records, usage counters, and tenant data on behalf of customers running governed AI agent workflows. Audit records are append-only inside the framework and tamper-evident at the cloud layer: hourly batches are signed under a per-tenant key the cloud holds in custody, and a public verifiable trail exists outside the cloud's own database.
Customers who need stronger guarantees can take custody of their per-tenant signing key on a defined migration path. Until they do, the cloud is the named third party behind every signed record.
User authentication is handled by Clerk (email, social, MFA). Optional wallet linking attaches a wallet address to a user's actor identity for attribution; it is not a sign-in method.
Current operational practices
- Key custody
- Per-tenant signing keys live in AWS KMS under a dedicated key admin role separate from the application engineers. Application code can sign through KMS; it cannot extract or rotate keys.
- Operator independence
- The hourly signing job runs under a dedicated service account with no other privileges. Compromise of the application plane does not compromise the signing stream.
- Internal audit
- Every change to the receipt format, the signing contract, and the priors batch job is itself logged in an internal audit trail accessible to compliance auditors.
- Tenant isolation
- Each tenant's data lives in a dedicated Postgres schema (
kiff_t_<id>) with the connection pool'ssearch_pathpinned per tenant. Cross-tenant queries are architecturally impossible from the runtime path. - Encryption
- TLS 1.2+ for traffic. Postgres at rest encrypted via the managed provider's default keys; per-row customer encryption is on the roadmap below.
- Data location
us-east-1at v0.1. Multi-region and EU residency are roadmap items.
Sub-processors
Vendors that process tenant data on our behalf. We update this list within 30 days of any change.
| Vendor | Purpose | Region |
|---|---|---|
| Amazon Web Services | Compute, Postgres (RDS), KMS, networking | us-east-1 |
| Clerk | User authentication and session management | United States |
| Amazon Bedrock | Hosted inference for tenant-run agents | us-east-1 |
| Base (L2) | Public verifiable trail of audit hashes | Public network |
Incident response
Report a suspected security issue to security@kiff.dev. We aim to acknowledge within one business day and follow up with an initial assessment within five.
Incidents that affect tenant data trigger a written notification to affected customers within 72 hours of confirmation, with a public post-incident report once the immediate response is closed. The full runbook is internal; the response policy above is the customer-facing contract.
Data minimization
We collect what we need to deliver the product and no more. The cloud does not train models on tenant data and does not share tenant-identifying information with sub-processors beyond what each line above makes explicit.
A separate data minimization commitment for derived datasets covers what the cloud may compute across tenants if such datasets ever ship. As of v0.1 no derived dataset exists; the principles still apply.
What we don't yet have
A real security page tells you what is missing as well as what is in place. These are the artifacts on the roadmap. Target dates are best estimates and will be updated here when they slip.
- SOC 2 Type I — initial audit in progress. Target: H2 2026.
- SOC 2 Type II — observation period begins after Type I. Target: H1 2027.
- ISO 42001 (AI management) or ISO 27001 — scoping in progress. Decision driven by which standard our first ten customers ask for. Target: 2027.
- Cyber-insurance partnership — one named insurer evaluating our attested action evidence format. Until a partner says yes formally, we make no claim about premium impact.
- Tenant-controlled key custody migration — a defined path to hand a tenant the keys to their per-tenant signing wallet. Target: cloud beta.
- Per-row encryption with customer keys (BYOK) — pending real customer ask.
- EU data residency — pending real customer ask. Adds a region, not a sub-processor swap.
The discipline this page commits to: every claim on the page links to an underlying artifact (a report, a contract, a runbook). No claim without an artifact. Items above are roadmap items precisely because the artifact does not yet exist.