GRAYPASSDOC/SEC-01

A spilled database is
worth nothing here.

We don't store raw biometrics. We don't let the same secret protect two users. Every accept or deny carries a reason a human can audit. Security is the product, not a checkbox.

I. ATTACK LOG

Pick an attack and watch it run against your own live session. What an attacker sees, step by step, when they try the obvious routes.

Run an attack against your own session.

Pick one. The sandbox executes it against the live behavioral session this site has been keeping on you, and shows exactly where it dies.

simulation · runs locally · mirrors production reason codes

gp-sim · replay · sandbox

II. WHAT SURVIVES

The payload shrinks at every stage. Only the last artifact ever reaches disk, and it is worthless without its salt.

RAWsession only

The full behavioral stream. Lives in the browser, dies with the tab.

SALTper-user

Random per-user salt folds in. Same behavior, different print per site.

PROJECT44 floats

The stream collapses to a small deterministic vector.

STOREhash + helper

Only the salted projection is kept. This row is worthless without its salt.

III. PRINCIPLES

01

Salted, not stored.

Behavior collapses into a salted print. The print is what we keep. The behavior does not persist.

02

Encrypted at rest.

Templates and helper data sit behind envelope encryption. A database spill gives an attacker nothing usable.

03

Cancelable.

If anything ever leaks, we rotate the seed. Identity stays. The template behind it is replaced in minutes.

04

Replay-hard.

A recording is not a performance. Playback never matches a live read, and tooling cannot fake one.

05

Auditable.

Every decision carries calibrated confidence and a human-readable reason. Nothing is accepted or denied in silence.

06

Consent-led.

Raw signals are not collected by default. Opt-in research data is double-encrypted and revocable on request.

IV. POSTURE

TRANSPORT

  • TLS 1.3
  • HSTS
  • Per-request nonces

STORAGE

  • Encryption at rest
  • Salted templates
  • Helper data only

OPERATIONS

  • Rate limits
  • Anomaly alerting
  • Reason-coded decisions

DATA RIGHTS

  • Erase on request
  • Per-user salts
  • Consent-led research data
LIVE POSTUREp95 < 320 ms at the edge

The deep walkthrough is a meeting away.

Compliance status, data handling, and disclosure live in the Trust Center. For the threat model and controls, we make time for security teams.