Security
At rest: all data is encrypted with AES-256-GCM, including the ledger, attribution metadata, budgets, alerts, and all sub-systems. Encryption keys are managed via our cloud provider's KMS with automatic rotation.
In transit: TLS 1.3 only. Older protocols are disabled at the load balancer. HSTS is enabled site-wide with a one-year max-age.
Postgres Row-Level Security policies are enforced on every table that holds tenant data.
Every query (including via the dashboard, API, CLI, and the proxy itself) executes
inside a session with SET app.tenant_id = $1, and RLS rejects
cross-tenant access at the database layer. No application-level check, no opportunity
for a forgotten WHERE tenant_id = ? to leak data.
Your OpenAI, Anthropic, and Google keys are encrypted at rest with AES-256-GCM under a tenant-specific subkey. Keys are never logged, never returned in API responses (only redacted prefixes for UI display), and only ever decrypted in-memory during proxy request processing.
Every ledger record is hash-chained (SHA-256) and signed with HMAC-SHA256 using a
per-tenant key. Sequence numbers are allocated under a Postgres advisory lock per tenant —
no gaps, no duplicates, even under concurrent writes. Verify any record range with
tolvyn ledger verify.
We capture metadata only: model, token counts, cost, latency, status, and your attribution tags. That's the minimum needed for financial governance, and it's the maximum we record.
Daily encrypted snapshots of all tenant data, retained for 30 days. Point-in-time recovery available for the most recent 7 days. Backups are stored in a separate availability zone from the primary database.
TOLVYN is not SOC 2 certified yet. We're targeting SOC 2 Type I in late 2026. We're happy to walk Enterprise customers through our controls in detail ahead of certification.
That's the full list. We will email you 30 days before adding any new sub-processor that handles tenant data.
Found a security issue? Email security@tolvyn.io. PGP key on request. We commit to acknowledging within 24 hours and providing a substantive response (fix timeline or non-issue explanation) within 5 business days. We do not currently run a paid bug bounty but we publicly credit reporters and send swag.