§ Security & Trust

Receipts, not badges.

Here is how your vault is actually protected — in plain language, with the engineering behind it. Four decisions, written down so we can be held to them.

§ 01 · The four pillars

Decided early. Written down. Revisited by the board.

I · Key management

Keys are yours. We can't read your vault.

Documents and letters are encrypted client-side before they reach us. We hold the ciphertext. Your passphrase, device keys, and recovery codes are never transmitted in the clear.

AlgorithmAES-256-GCM, XChaCha20-Poly1305 at rest

Key materialPer-document DEKs, wrapped by account KEK

Rotation90 days, automatic, transparent

II · Device & session trust

Every device earns its way in.

Passkeys by default, with a passphrase fallback. Two-factor on every new device. Sessions expire in 30 minutes of inactivity. Recovery requires two of three: trusted device, printed recovery kit, named steward.

Sign-inPasskey + email, TOTP fallback

Recovery2-of-3 Shamir secret split

Session30 min idle, 12 h absolute

III · Data residency

Your records live where your law lives.

U.S. vaults are stored in U.S. regions by default, with state-level partitioning triggered where residency requires it (CA, NY, TX, WA). EU coming next. Partner custodians chosen for subpoena transparency records.

Default regionUS-East-1, US-West-2

PartitioningTriggered per-state on sign-up

CustodianAWS · Vanta-audited

IV · SOC 2-ready posture

Building to the controls now, not after.

MVP controls are in place today — access reviews, incident runbooks, encrypted backups, vendor due diligence. SOC 2 Type I target Q3 MMXXVI, Type II the following year. We'll publish the report.

TargetSOC 2 Type I · Q3 2026

FrameworkAICPA TSC · Security, Availability, Confidentiality

MonitoringVanta · continuous

§ 02 · Lifecycle

What happens to a document, from the moment you upload it.

A document's journey through Vestry

Encrypted on your device

Before the first byte leaves your browser, the file is encrypted with a per-document key. We never see plaintext.

Client-side

ii.

Key wrapped, then transmitted

The document key is wrapped by your account key. The ciphertext travels over TLS 1.3 to a U.S. region.

TLS 1.3 · HSTS

iii.

Stored, versioned, signed

Every write is content-addressed, versioned, and signed. Tampering is detectable, not just unlikely.

Sha-256 · Sigstore

iv.

Shared only on your request

A steward request re-wraps the document key to their public key. Never to ours.

Per-steward keypair

Logged & surfaced

Every view, every share, every rotation appears in your audit log within 60 seconds. You'll be emailed for anything unusual.

Audit log · SIEM

vi.

Revoked & shredded

Delete a document, and its keys are destroyed across backups within 30 days. Destruction is verifiable.

30-day crypto-shred

§ 03 · Control posture

What we do now. What we do next.

Encryption at rest & in transit

AES-256-GCM at rest, TLS 1.3 in transit, key rotation every 90 days.

Live

Access reviews

Quarterly review of every employee with production access.

Live

Incident response runbook

Severity definitions, named oncalls, customer-facing disclosure template.

Live

Pen test · external

Annual, report summary published.

Q2 2026

SOC 2 Type I

AICPA TSC: Security, Availability, Confidentiality.

Q3 2026

SOC 2 Type II

Report covering 12-month window.

Q3 2027

State-level residency partitioning

Honors state privacy laws that require in-state storage.

Q4 2026

Customer-signed transparency report

Subpoenas, takedowns, government requests, published quarterly.

Q1 2027

Questions?

Write to us directly. Real engineers answer.

security@vestry.io