Security & Trust
Vraimony is designed to be server‑light and privacy‑first: verify stays free, no tracking by default, and hash‑only sealing (no uploads unless explicitly opted in later).
Threat model (top)
- Traffic abuse / cost explosion (flooding)
- Payment fraud (chargebacks) and quota abuse
- Tampering attempts (modified receipts / spoofed links)
- Misconfiguration risk (proxy/IP headers, key storage)
Hard locks
- Verify is free forever (no signup)
- No tracking: no analytics cookies, no fingerprinting
- Hash‑only by default (no file upload required)
- Domain separation: verify is read‑only
- CSP blocks remote scripts/styles (no remote embeds)
Reality Audit
Integrity only (tamper‑evident). This does not prove identity or legal admissibility.
Abuse defense
- Rate limits + circuit breaker + PoW gate under pressure
- No‑store responses for token surfaces (anti-cache leakage)
- Read‑only verify domain: issuance blocked (410)
- Ops templates: Nginx anti‑slowloris + connection caps + systemd hardening
This does not prove identity or legal admissibility.
Responsible disclosure
To reduce scraping, we reveal the address only after a click. No forms.
Please include: reproduction steps, impacted endpoint/page, and expected vs actual behavior. Do not include sensitive personal data.
Conformance
We publish an open receipt format (ERF) and deterministic conformance vectors so others can validate implementations.
This does not prove identity or legal admissibility.
Reality Audit
—