Provncloud
Home
Log inGet Started
GitHubX
Security

Security Architecture

Last Updated: May 11, 2026

Hash-Only Infrastructure

Our core security promise is simple: We cannot leak what we do not have.

Provncloud only accepts cryptographic hashes (SHA-256) of your documents. The original files never leave your device or server. This eliminates the risk of data breaches on our end exposing your sensitive proprietary information.

Infrastructure Security

  • API Authentication: All requests are authenticated via high-entropy API keys with granular scope controls.
  • DDoS Protection: Rate limiting via in-memory cache and Railway edge network.
  • Database Encryption: All metadata at rest is encrypted via AES-256 (Supabase/PostgreSQL).

On-Chain Program Integrity

Provncloud anchors proofs using Solana's standard SPL-Memo program — a battle-tested system program maintained by the Solana Foundation. We do not deploy custom on-chain programs, eliminating entire classes of smart contract risk. Our API and batching logic are regularly reviewed for:

  • • Race conditions in batch assembly
  • • Replay protection in authentication flows
  • • Correctness of Merkle root computation

Responsible Disclosure

We offer a bug bounty program for critical vulnerabilities found in our API or infrastructure. If you believe you have found a security issue, please report it immediately.

Report Vulnerability
Provncloud

Timestamp Anything. Verify Forever.

Platform

  • Home
  • Features
  • Use Cases
  • Pricing
  • Verify
  • Status
  • Blog
  • Changelog

Developers

  • Documentation
  • API Reference
  • Quick Start
  • GitHub

Connect

  • About
  • Contact
  • Login
  • Privacy
  • Terms
  • Cookies
  • Sub-processors
  • X@provncloud
Settlement Network
SolanaSolana
Payment Layer
StripeStripe
|
Solana

provncloud by provnai Open Research Initiative verifying the thoughts and actions of autonomous agents.