Security by authorization

Core model

Deterministic authorization before execution

Every automated action passes policy evaluation before irreversible work. No receipt, no execution. Fail-closed by default, if authorization cannot be established, the action is blocked.

Prevent

Block unauthorized actions at the execution boundary, before payments, deployments, or data mutations reach production.

Pre-execution PERMIT / DENY / SILENCE / ESCALATE
Fail-closed when gate unreachable
Evaluation separated from execution

Verify

Every decision produces a cryptographically signed receipt, verifiable offline against published keys, independent of TrigGuard uptime.

Ed25519-signed receipts
Key discovery via well-known URI
Replayable policy evaluation

Prove

Evidence survives audit, tamper-evident records that do not require TrigGuard to vouch after the fact.

Immutable decision records
Minimal disclosure, metadata only
No hidden policy layers

Category thesis

Why authorization is a security control

Traditional systems monitor execution. TrigGuard governs execution. The difference is infrastructure, not tooling.

Traditional security

Detect
Investigate
Respond
Recover

Execution authorization

Evaluate
Decide
Block
Prove

Architecture

High-level components

Evaluation separated from execution, the TG-01 authorization boundary.

Control plane

Policy surfaces

Configuration and policy bundles you integrate with.

Gate

Execution gate

Deterministic PERMIT / DENY / SILENCE / ESCALATE before commit.

Arbiter

Policy evaluation

Rules evaluated against declared action metadata.

Verify

Receipt infrastructure

Ed25519-signed decision records over canonical payload.

Keys

Verification authority

Offline checks via /.well-known/trigguard-keys.json.

Transport

Site practices

HTTPS, HSTS, CSP on hosted pages. Metadata-only evaluation by design.

Evidence

Proof, not promises

What the system commits to under declared policy, verifiable, not interpretive.

Fail-closed

No authority established, execution blocked.

Cryptographic receipts

Ed25519-signed, tamper-evident decision records.

Offline verification

Validate receipts without TrigGuard uptime.

Deterministic decisions

Same input, same policy, same outcome every time.

Policy enforcement

Declared rules bound to actions, not narratives.

Evidence chain

Audit-ready proof from intent to outcome. Verify a receipt →

Responsible disclosure

Security disclosure program

We welcome good-faith reports affecting the website, protocol interfaces, verification flows, or hosted infrastructure.

48-hour acknowledgement

Initial response target for reports to security@trigguardai.com.

Coordinated disclosure

Good-faith researchers who avoid privacy violations and service disruption.

Security contact

security@trigguardai.com

Abuse contact

abuse@trigguardai.com

security.txt

RFC 9116 well-known location. View file →

POST /execute
/.well-known/trigguard-keys.json
Receipt verification
Site vulnerabilities
Hosted authorization runtime

No public bug bounty program at this time. Include reproduction steps, affected endpoints, and impact assessment when reporting.

Cryptography

Protocol cryptography

Ed25519 over canonicalized JSON, immutable once signed, verifiable offline.

Signature algorithm

Ed25519 - live conformance key

Key discovery

/.well-known/trigguard-keys.json (JWK Set, Ed25519 / EdDSA)

Canonicalization

Lexicographic key sort, recursive, undefined-omitted, no whitespace

Payload anchor

Optional payload_hash = hex SHA-256 of canonical signed payload

Versioning

Additive-only; new algorithms may be added without removing Ed25519

Compliance

Standards compliance

security.txt (RFC 9116)

Security contact information published at the standard well-known location:

Contact: mailto:security@trigguardai.com
Contact: mailto:abuse@trigguardai.com
Expires: 2027-01-01T00:00:00.000Z
Preferred-Languages: en
Canonical: https://www.trigguardai.com/.well-known/security.txt
Policy: https://www.trigguardai.com/security

/.well-known/security.txt