Security & Compliance

Midcore is built around the assumption that AI actions must be auditable, gated, and reversible. This page is the cohesive trust story — pulling together what every app enforces, what we store, and how we align with the major compliance frameworks.

Note

If you’re evaluating Midcore for enterprise use,start here. Then drop into the per-area links below for the engineering depth your security team will want.

The five pillars

1. Tamper-evident audit

Every action — local or cloud — emits an entry on a hash-chained ledger linked to the prior entry. Tampering with any node breaks the chain; verification is offline-deterministic. The same chain underpins Conscience policy receipts, Close finance receipts, Levy filings, and Vault Banking transfers.

2. Fail-closed policy gates

Conscience defines what your agents are allowed to do. If no policy explicitly permits an action, it’s denied. Policy packs are tenant-scoped; system rules always load first; denials always emit audit rows with the rule id that fired.

3. Encryption everywhere

Project Vault uses AES-256-GCM at rest with per-tenant key-encryption-keys (HKDF-derived) and per-purpose data keys. Tokens use DPAPI on Windows and Keychain on macOS; Linux uses libsecret. TLS 1.2+ everywhere on the wire. Capsule exports are signed with RSA-PSS and verifiable offline by anyone holding the public key.

4. App-level integrity

Midcore Shell verifies a signed ASAR manifest of every shipped file at boot — tamper detection refuses to start the app.
WASM blobs in the local-compute plane each ship with an RSA-PSS sidecar signature verified against the same key.
Local runners execute in Node Worker threads with eval: false, bundle-only spawn paths, 1 GB resource caps, and zero access to the renderer-side auth-token store.
Installers are signed with Azure Trusted Signing (Windows + macOS) so SmartScreen / Gatekeeper accept them after the third install.

5. Data residency + privacy

Local-first by default — embeddings, vector search, code parsing, document OCR all run on your machine when possible. Cloud egress is gated by Conscience policies and visible on every receipt. Enterprise customers can run the whole stack on-prem or in their own cloud account.

Compliance alignment

Framework	Posture	Reference
SOC 2 Type II	In progress — readiness assessment complete; first report scheduled. Audit ledger and policy receipts satisfy core CC requirements.	/security
GDPR	Data residency controls, right-to-erasure tooling in Account → Privacy, DPA available for paid tiers.	/dpa
HIPAA	Available on Enterprise via signed BAA. PHI handling gated by Conscience compliance pack.	Contact sales
PIPEDA (Canada)	Standard tenants comply by default. Levy supports CRA NETFILE filings end-to-end.	/privacy
ISO 27001	Readiness aligned with internal control mapping. Formal certification on the Enterprise roadmap.	In progress

What every install enforces

Sign-in required — no anonymous use; 401 on any call without a valid bearer.
Active subscription — 403 on inactive subscriptions before any provider is contacted.
Positive balance — 402 on insufficient balance; local fallback engages when supported.
Pre-authorise caps — configurable session cap; prompts on every threshold crossing.
Signed receipts — every cloud charge produces a hash-chained, signed receipt.
CSRF + replay defence — double-submit cookies, nonce tracking, snapshot anti-rollback.

Compute model — security details
Admin security guide
Authentication architecture
Conscience — the policy engine
Gates & evidence concept
/security — legal-facing summary & vulnerability disclosure.