Sigmamarkt · Security
How your data is protected
Every account, every payment, every sale receipt — guaranteed at the cryptography and database level. Not marketing language; system guarantee.
- 01
Envelope encryption + KMS
Every account credential (email, password, recovery, 2FA seed) is written to the application database only encrypted. The encryption key itself is also encrypted by a master key (envelope). The master key never lives on the application server; it sits in an external Key Management Service (KMS). Decrypt is called only at transaction time, through an audited channel.
- 02
Row Level Security on every table
RLS policies active at the Postgres level. A user cannot reach a single row that isn't theirs — even if an application bug exists, the database refuses directly. This is a stronger guarantee than defensive programming: the failure chain is broken.
- 03
Money movement in ACID transactions
Escrow, ledger and audit_log entries — the three legs of money movement — are written in the same database transaction. Two cannot succeed while the third fails; either all commit or all roll back. There is no possible 'paid but no log' or 'log exists but escrow empty' inconsistency.
- 04
Complete and signed audit logs
Vault credential access, payout calls, dispute decisions, Hand-off ceremony transitions — each produces a signed audit log entry. Reversible, hashed, ordered. Even moderators have read-only access to this log.
- 05
HMAC-chained provenance
Every sale receipt is linked to the previous sale's signature — Bitcoin's blockchain intuition, at low throughput. No sale history can be silently rewritten: if the chain breaks, it shows immediately.
- 06
Transparent enforcement
If an account is suspended, the reason lands in the audit log and is made visible to the user. No silent bans. Appeals are open — the audit mechanism runs on a semi-independent line, not just internal.
Transparency note
We're not open source — but our audit data will be.
After launch (Phase 7), independent third-party security audit reports will be published. Including: penetration testing, dependency CVE scans, secret-rotation report. The codebase stays closed; the results stay open.
Legal framework
Data processing is KVKK + GDPR compliant. Data collected/stored is minimal — what we keep and why is listed line-by-line in the Privacy Policy.
Privacy Policy →