Security, compliance, traceability. Par design.
Execution by smart contracts. Verified private access. Zero custody of funds.
Our principles
We minimize trust required and maximize proof. Rules chosen by the parties execute automatically. Transfers are direct between the company and investors, orchestrated by smart contracts. The platform holds no funds.
Security architecture(vue d'ensemble)
The modular single contract defines the flows. Smart contracts orchestrate disbursements, deadlines, conversions, and private resales. Each event is timestamped and recorded in an immutable register. You have readable exports for audit (PDF/JSON).
Private access and verification (KYC/AML)
Access to offerings is private. Investors and companies are verified (identity, eligibility, sanctions screening). Supporting documents are collected, electronically signed, and kept with timestamping.
Data & encryption
All communications are encrypted in transit (TLS). Sensitive data is encrypted at rest. Secrets are isolated and rotated periodically. Environments are separated, with clear retention policies and on-demand exports.
Identity & access control
Accounts protected by MFA. Roles and permissions follow least privilege. Short sessions, remote revocation, queryable access logs. Enterprise SSO integration on request.
Smart contracts & reliability
Contracts are tested, versioned, documented. Staged deployments, isolated testing. Pause mechanisms for incidents, governed by multiple approvals. Detailed logging of changes and executed transactions.
Business continuity & monitoring
Application and flow monitoring. Regular backups of metadata and documents. Incident procedures: triage, communication, remediation, post-mortems shared with affected customers. Goal: high availability and fast recovery.
Compliance through best practices
Private framework (no public market). KYC, event logs, signatures and timestamping. Access policies, encryption, environment separation, and regular reviews. We apply industry best practices and document our controls.
Export & audit
At any time, you can export: signed documents, timestamp proofs, event history, positions, schedules, payment proof. These are readable and usable by your auditors.
Responsible disclosure
Found a vulnerability? Report it via the contact form.
We practice responsible disclosure and provide safe harbor as long as testing respects reasonable conditions (no service disruption, no access to others' data).
Short FAQ
Does the platform hold the funds?
No. Transfers are direct between parties, orchestrated by smart contracts.
How do you prove an event occurred?
Through timestamping, event logs, and signed supporting documents—all exportable.
What happens in case of an incident?
Secure, notify parties, remediate, then share documented post-mortem.
Demander le pack sécurité ou un échange technique.
Deux minutes. Réponse sous 24 h ouvrées.