Security

Last updated: April 2026

See also: Threat Model — what Sgraal preflight catches, what it does not replace, and what it complements. Includes the explicit "not certified by SOC 2 / ISO / etc." disclosure.

Reporting a Vulnerability

If you discover a security vulnerability in Sgraal, please report it responsibly. Do not disclose vulnerabilities publicly until we have had a chance to address them.

hello@sgraal.com

We aim to respond within 24 hours. Critical vulnerabilities within 4 hours.

Infrastructure Security

API Layer

  • ✓ TLS 1.3 on all endpoints
  • ✓ API key authentication
  • ✓ Rate limiting per key
  • ✓ Request signing (enterprise)

Data Storage

  • ✓ AES-256 encryption at rest
  • ✓ EU-region Supabase
  • ✓ Row-level security (RLS)
  • ✓ Automated backups

Access Control

  • ✓ Principle of least privilege
  • ✓ MFA on all admin accounts
  • ✓ Audit log for all access
  • ✓ API key rotation support

Network

  • ✓ Cloudflare DDoS protection
  • ✓ Railway isolated containers
  • ✓ No inbound SSH in production
  • ✓ Upstash Redis with TLS

Zero-Knowledge Preflight

Memory content never leaves your infrastructure. SHA-256 proof hash returned instead of content.

POST /v1/preflight/zk

Use when: GDPR, HIPAA, data residency requirements.

Proof of Decision

Every preflight response includes cryptographic proof fields.

  • input_hash — SHA-256 of the input
  • proof_version — v1
  • deterministic: true — same input always produces same decision
  • reproducible: true — audit trail for every agent action

Compliance Profiles

EU AI Act

Article 9 (Risk Management), 12 (Record-keeping), 13 (Transparency), 14 (Human Oversight), 17 (Quality Management)

HIPAA

§164.312 safeguards — access controls, audit controls, integrity verification

FDA 510(k)

Medical-device software validation, substantial equivalence framing

GDPR

Data minimization, right to explanation, EU data processing

NIST AI RMF

Govern, Map, Measure, Manage — dedicated reference endpoint

Bit-identical replay for legal admissibility

Every Sgraal decision can be replayed bit-identically months or years later, given the same input and the same scoring configuration. This is not a marketing claim — it is a measured property of the production scoring engine, validated by audit and exposed via the public API.

What it provides

A regulator, auditor, or counter-party can request the original decision be re-run. With the same memory state, action context, and scoring configuration fingerprint, Sgraal returns the same decision, the same risk score, and the same explanation — within the floating-point precision of the runtime.

Why it matters for regulated industries

Fintech, medical, legal, and defense customers face regulators who can subpoena the basis for any automated decision. Without bit-identical replay, "the model said no" is unfalsifiable. With it, every decision is a reproducible experiment.

How it works (high level)

Sgraal's primary scoring engine is per-call deterministic with calibrated constants. Same input plus same configuration produces the same output, every time, in any process. The configuration itself is fingerprinted via a public checksum so customers can verify which scoring regime was active when their decision was made.

An explicit qualification: the guarantee holds in the absence of feedback events that update internal learning state. Customers needing strict per-call replay can opt in to a flag that disables the cross-call learning surface entirely. See our public determinism doc for the full contract.

Sample legal use case

Scenario: a regulator audits an automated underwriting decision from 18 months ago. The customer is asked to demonstrate that the decision was deterministic, explainable, and based on documented inputs.

Sgraal-enabled response: the customer pulls the original memory state and action context from their audit log, calls Sgraal's preflight endpoint with the historical scoring configuration fingerprint, and produces the same decision, score, and decision-trail attribution as the original. The audit closes in hours rather than weeks of forensic reconstruction.

Pairs with the Comply surface (NIST AI RMF MEASURE-4.1, EU AI Act Article 13 transparency, GDPR Article 22 right-to-explanation) and the Insights diagnostics that explain every decision.

Responsible Disclosure

hello@sgraal.com

We respond within 48 hours. Critical vulnerabilities within 4 hours.