Public trust · Cryptographic evidence custody

Operational transparency for Heads of Risk, CISOs, audit-firm technologists, and security teams at firms operating under continuous-evidence obligations — SOC 2 Type II, ISO 27001, NYDFS Part 500, DORA, or SR 11-7. Uptime and incident history are themselves audit deliverables: this page is the public record. Reviewable by audit engagements at firms such as KPMG, Deloitte, EY, PwC, BDO, Grant Thornton, and independent firms.

All systems operational.
No active incidents · 23 components healthy · DSR/1.0 spec v0.9
Last updated
2026-06-03 18:06 UTC
Auto-refresh · 60s
Status
Operational
No incidents in window
Components monitored
23
10 platform · 13 integrations
Uptime SLO target
99.99%
Public API · 30-day rolling
Reporting mode
SLO targets
Live measurements pending

Note: Infrastructure prerequisites (database HA, zero-downtime deploys, PagerDuty alerting) are in progress. The 99.99% target applies once these are live.

§90-day history

Operational record. Honest about the window.

Each cell is one day. Days within the public-reporting window are filled by the operational state of the platform on that day. Days before public reporting began are shown in gray — the platform existed but operational telemetry was not yet customer-visible.
All Systems · 90-day record
Public reporting since 2026-03-01
90 days ago60 days ago30 days agoToday
Operational Today Before public reporting
§Service Targets / SLOs

Ten components. Target SLOs listed.

Per-component uptime targets. These are engineering SLO commitments — not live health-check readings. Live synthetic monitoring is coming Q3 2026. Once active, each row will reflect real-time health independently, and a degradation in one component will not implicitly degrade others.
10 components · target SLOs · live checks coming Q3 2026
ComponentTarget SLOLive checks
Webhook Ingest API
Inbound observability webhooks · HMAC verification
Target: 99.9% uptimeComing Q3 2026
SDE Orchestrator
4-phase pipeline entry · routes to AST parser
Target: 99.9% uptimeComing Q3 2026
AST Parser
Schema delta extraction · UPG node builder
Target: 99.9% uptimeComing Q3 2026
Fingerprint Engine
SHA-256 normalization · stable identity
Target: 99.9% uptimeComing Q3 2026
CCS Math Engine
W1–W8 weighted scoring · classification
Target: 99.9% uptimeComing Q3 2026
Receipt Issuer
DSR/1.0 signing · sealed at issuance
Target: 99.99% uptimeComing Q3 2026
Audit Ledger
Append-only event log · enforced at DB layer
Target: 99.99% uptimeComing Q3 2026
Console (Web UI)
Customer dashboard · vault administration
Target: 99.9% uptimeComing Q3 2026
Public API (Read)
Receipt and audit-log queries · scoped tokens
Target: 99.9% uptimeComing Q3 2026
Verifier CLI Distribution
Signed binary releases · npm + GitHub Releases
Target: 99.9% uptimeComing Q3 2026
§Integration providers

Integration availability. Thirteen providers.

Integration maturity status. Live end-to-end health checks are coming Q3 2026 — at that point each connector will be monitored independently, reflecting both upstream provider availability and Déjà-side connector health.
ProviderMaturityLive checks
Datadog
Live · Production-validated
OperationalComing Q3 2026
Sentry
Live · Production-validated
OperationalComing Q3 2026
GitHub
Live · Production-validated
OperationalComing Q3 2026
Slack
Live · Production-validated
OperationalComing Q3 2026
PagerDuty
Live · Production-validated · Aggregator hub
OperationalComing Q3 2026
New Relic
Beta · Customer-validating
Operational · BetaComing Q3 2026
GitLab
Beta · Customer-validating
Operational · BetaComing Q3 2026
Jira Service Management
Beta · Customer-validating
Operational · BetaComing Q3 2026
ServiceNow
Beta · Customer-validating
Operational · BetaComing Q3 2026
Splunk
Beta · Customer-validating
Operational · BetaComing Q3 2026
Dynatrace
Beta · Customer-validating
Operational · BetaComing Q3 2026
Honeycomb
Beta · Customer-validating
Operational · BetaComing Q3 2026
AppDynamics
Beta · Customer-validating
Operational · BetaComing Q3 2026
§Performance metrics

Service-level objectives. Targets, not measurements.

Performance commitments published as targets. These are SLOs the system is engineered to meet — they are not yet measured values. Live p50/p95/p99 measurements activate once 90 days of production telemetry accumulates against representative customer load.

Reporting mode: SLO targets. Numbers below are engineering targets the platform commits to, not measured values. Live measurements (p50, p95, p99) activate once production telemetry baseline is established.

SLO target
Webhook ingestion
54ms

Target p99. Receipt of inbound webhook to acknowledged signal record. HMAC verification included.

SLO target
Normalization
46ms

Target p99. Signal received to canonical fingerprint computed. Includes error type normalization and stack-frame canonicalization.

SLO target
Receipt durability
100%

Target. Once issued, every receipt is persisted to durable storage with cross-region replication. Zero loss target.

SLO target
Public API uptime
99.99%

Target. 30-day rolling availability target for the public read API. Measured against scheduled-maintenance-excluded baseline. Error budget: ~4 min/month.

§Recent incidents

Incident history. Last 90 days.

Public incident record. Every incident lasting more than five minutes is published to this page within 24 hours of resolution, with a postmortem within seven days. The audit ledger is the system of record; this page is the customer-facing summary.
0 incidents · 90-day window

No incidents reported.

No customer-impacting incidents in the public reporting window. An incident is published when its impact exceeds five minutes or affects more than one customer's receipt issuance.

REPORTING POLICY · Published within 24h of resolution · Postmortem within 7 days · No exceptions
§Scheduled maintenance

Planned windows. Customer-notified in advance.

Maintenance windows with customer impact are announced at least 72 hours in advance via email, webhook, and this page. Windows without customer impact (background migrations, observed-degradation-only changes) are logged in the changelog but not announced.
0 scheduled · next 30 days

No maintenance scheduled.

No upcoming maintenance in the next 30 days. Status notifications are coming Q3 2026 — announcements will be delivered 72 hours before any customer-impacting window.

§Security posture

Active commitments and certifications.

Brief operational summary. Full architecture and posture detail lives on the Security page; this section is the at-a-glance operational state.
Audit ledger
Append-only · enforced
Active
UPDATE and DELETE permissions revoked at the DB role level. Schema enforces append-only via triggers. Cannot be disabled.
Receipt signing
Ed25519 · DSR/1.0 v0.9
Active
All receipts sealed at issuance. Signing keys tenant-scoped per vault. Verification offline via dsr-verifier-cli.
Tenant isolation
Cryptographic · row-level
Active
Cross-vault queries forbidden at the storage layer. RLS policies enforced on every table. Compromise of one vault does not expose any other.
SOC 2 Type II
In progress · Q3 2026
Underway
Audit period began Q1 2026. Trust Services Criteria scoped: Security, Availability, Confidentiality. Report expected Q3 2026.
ISO 27001
Planned · 2027
Roadmap
Information security management system. Scope and timeline in roadmap. Pre-work begins post-SOC 2 issuance.
Penetration testing
Annual · third-party
Active
External pen-test engagement annual. Findings tracked to closure. Most recent engagement: Q1 2026.

Status notifications coming Q3 2026.

Email and webhook subscriptions for incident alerts, scheduled maintenance announcements, and postmortem releases are on the roadmap. The dispatch pipeline is not yet active — subscriptions collected before that date would go undelivered, so sign-up is disabled until the system is ready.

ROADMAP · Email + webhook dispatch · Q3 2026 · No marketing email, ever