Security Practices
CAERON CORE is built with security at every layer. Here is how we protect your data and ensure integrity.
Ed25519 Digital Signatures
All license capsules and audit entries are signed with Ed25519 elliptic curve signatures. Tamper-evident by design — any modification invalidates the signature.
Blake3 Hashing
Device fingerprints, file integrity checks, and hash chains use Blake3 — a fast, secure cryptographic hash function. Every audit entry is hash-chained to its predecessor.
Append-Only Audit Trail
LOGBOX maintains an append-only, hash-chained log. Each entry references the hash of the previous entry, creating a verifiable chain of custody for all AI interactions.
Privacy-First Defaults
HashOnly mode is the default — no plaintext is stored. Only cryptographic hashes are recorded. You choose when and if to enable plaintext storage.
Device Binding
License capsules are cryptographically bound to your specific device using a Blake3 hash of machine identifiers. Licenses cannot be transferred without re-activation.
No Secrets in Frontend
All Stripe operations, license signing, and sensitive logic run server-side only. No API keys, private keys, or secrets are ever exposed to the browser.
Report a Vulnerability
If you discover a security vulnerability, please report it responsibly to security@caeroncore.com
We take all reports seriously and will respond within 48 hours.