Planbok Logo

Security

Security is not a feature; it is the foundation of Planbok. Our architecture is designed to assume compromise and mitigate impact through defense-in-depth strategies.

Cryptographic Primitives

We utilize ECDSA (secp256k1) and EdDSA (Ed25519) threshold signature schemes. Our implementation undergoes regular audits and is based on the peer-reviewed CGGMP21 protocol.

Infrastructure Security

  • Zero Trust Networking: All inter-node communication is mutually authenticated via mTLS.
  • Air-Gapped Signing: Optional support for offline signing nodes.
  • Memlock Protection: Critical memory regions are locked to prevent swapping to disk.

Compliance

Planbok is designed to meet SOC 2 Type II and ISO 27001 requirements.