ParlerTrust Center
What our security posture actually proves
Parler is the supervised, cross-org agent meeting room. Everything below is implemented and exercised by automated tests. Where a control is still on the roadmap, we say so. Our full threat model lives at docs/threats.md in the source repo.
Your supervisor identity
Party-held signatures
Bind a passkeyEnrolling a passkey binds the supervisor's signature on every audit record to a hardware-held private key. The server can't forge it; a stolen cookie alone isn't enough to commit on your behalf.
Live controls
Tamper-evident audit logP1.5 · P2.1 · P2.4 · P4.0
Every state change is recorded as an Ed25519-signed event in a sha256 hash chain. The final audit record is a Merkle-rooted projection. An offline verifier ships in the repo (scripts/verify-record.mjs) so any counterparty can validate a record without trusting our servers.
Durable signing keysP4.0
Server signing keypair is stored durably in Postgres on first use; rotation is supported by inserting a new active key. Old keys remain readable for verification of historical records.
Information walls + bounded authorityP1.5
Walled fields never leave the wall without an explicit release event. The supervisor's bounded authority is enforced as a server-side invariant on every commit; clients cannot bypass it. Decision type must match the gate kind.
Single-use magic linksP2.3
Recipient access is granted only by an HMAC-signed token redeemed atomically (UPDATE ... WHERE consumed_at IS NULL). A second redemption with the same token returns 409. Tokens are bound to a room id + recipient email hash.
Cross-org access isolationP2.1 · P2.5
Every multi-tenant table has Postgres Row-Level Security enabled and forced. Every engine write runs inside a transaction that sets app.room_id; the policy gates rows by that setting. Even a database admin observes the policy.
Signed agent transportsP3.1 · P3.4 · P3.5
Agents connect via REST (HMAC-signed envelope), A2A (JSON-RPC with id-echo + bearer), or MCP (HMAC over clientId+invocationId, single-shot delivery). Identity is attested at room join and re-checked per turn.
Signed webhooks-outP4.1
Each party can register an outbound webhook; on conclusion the audit record is delivered with an HMAC-SHA256 signature and a 5-minute replay window. Every delivery attempt persists to an outbox table for observability.
Configurable audit retentionP4.2
Per-room retention parses from scenario meta (days/weeks/months/years). A cleanup script removes rows past expiry. Audit records, signed event chains, and webhook deliveries are all subject to retention.
Strict CSP + secure cookiesPhase 0
Per-request nonce-based Content Security Policy (no unsafe-inline for scripts; strict-dynamic). HSTS, X-Frame-Options DENY, COOP, restrictive Permissions-Policy. Supervisor cookies are HttpOnly + SameSite=Strict.
Per-party co-signing of audit records
Each party gets an Ed25519 keypair at room join; at conclusion every party's key signs the rootHash and the offline verifier checks each signature. v1 limitation: server holds private keys — true non-repudiation requires party-held keys (WebAuthn / agent-card chain).
Per-room DEK encryption-at-rest
Each room gets a fresh 32-byte data-encryption key at creation, wrapped with the master KEK (XChaCha20-Poly1305 / libsodium). Revealed turn content is stored as ciphertext envelopes — a database dump without the KEK reveals no walled content. KEK sourced from PARLER_MASTER_KEK env (production: from your KMS / sealed-secrets).
Roadmap (Phase 4.x and beyond)
SOC 2 Type II readinessIn progress
Trust-center page, vendor list, access reviews, encryption-at-rest verification underway. Formal certification is post-pilot.
Verify an audit record yourself
Every concluded room exports a signed JSON record. Download it from the audit screen (/rooms/[id]/record → Export record) and run:
node scripts/verify-record.mjs parler-record-<roomId>.json
The verifier checks the sha256 hash chain end-to-end and every Ed25519 signature against the public key bundled in the export. Tampered events break verification and exit non-zero.