┌──────────────────────────────────────────────────────────────────────────────────┐ │ K L A U Z · S E C U R I T Y ─────────────── klauz floor · counsel-grade │ │ obsidian void · bone serif · holographic chrome ────── truss-node-01 │ └──────────────────────────────────────────────────────────────────────────────────┘
▸ security posture · klauz floor R1-R11 · 2026-Q2
The controls that keep counsel-grade software counsel-grade.
Klauz runs as a fleet of legal and compliance agents — drafting, redlining, citing, signing, paying — with strict data protection and data sovereignty as the floor, not the feature. Below is the live posture — every item is asserted by automated checks in CI, by /api/health at runtime, and by the audit feed at /audit/mythos-feed.json.
▸ klauz floor · 11 controls
| id | surface | control |
|---|---|---|
| R1 | CSP + COOP/COEP | per-request nonce, strict-dynamic, frame-ancestors none |
| R2 | Auth | Supabase httpOnly cookies, PKCE, no localStorage tokens |
| R3 | RLS | row-level security on every table, deny-by-default |
| R4 | Rate limit | in-memory token bucket; 429 short-circuits before IO |
| R5 | Webhook ingress | HMAC verification on every inbound webhook (signing, email, chain) |
| R6 | Secrets | ~/loom-secrets/*.env (chmod 600); never in repo, never in logs |
| R7 | PII surface | hash-of-email at rest, no raw signer name in logs |
| R8 | Healthcheck | /api/health probes each provider; no bare ok:true |
| R9 | Audit ledger | Mythos feed is append-only JSON Lines; chain-anchored daily |
| R10 | Chain anchor | configured EVM chainId verified per call against the deployed contract |
| R11 | Anti-hallucination tripwires | citation present-check, redline determinism, PILOT_STUB names |
▸ fleet posture · data protection & sovereignty
- ▸Fleet of legal & compliance agents. Drafting, redlining, citing, signing, and paying each run as a separately-isolated agent — failures are scoped, audited, and recoverable; the dossier is the only shared surface.
- ▸Strict data protection. PII hashed at rest (R7), httpOnly cookies (R2), row-level security deny-by-default (R3), secrets out of repo and out of logs (R6). Vendor traffic is opt-in per matter.
- ▸Data sovereignty. Tenant data stays inside the jurisdiction the matter is filed in. Audit ledger is append-only JSONL (R9) and chain-anchored daily (R10) — provenance is portable, not vendor-locked.
▸ anti-hallucination tripwires
- ▸No real law firm partner is named anywhere — counter-parties render as `PILOT_STUB_LAW_<id>`.
- ▸Redline diffs are deterministic — snapshot tests fail the build if the same input produces different output.
- ▸Every /api/health probe must reach the live provider — a bare `{ok:true}` fails the build.
▸ disclosure
Vulnerability reports: security@klauz.ai. GPG fingerprint published on the klauz.ai security page. We acknowledge within one business day and ship a fix or mitigation within ten.