Security & trust

Security

Cosignet is a control for high-risk AI-agent actions, so we state plainly what we guarantee, what we store, and how to reach us. We describe cryptographic binding — not unbreakable security.

Contact & responsible disclosure

Report a vulnerability to security@cosignet.com. Please include steps to reproduce and impact. We aim to acknowledge within a few business days. Test only against your own account and data; do not access other tenants' data, run denial-of-service, or spam real approvers. We will not pursue good-faith research that follows these rules.

Machine-readable policy: /.well-known/security.txt.

Approval integrity

• Every approval requires biometric user verification (WebAuthn UV).
• The signing challenge is nonce ‖ SHA-256(payload), so the signature is bound to the exact action. Change any field after approval and the signed decision no longer matches.
• The approval page re-hashes the displayed data in the browser and shows a Display verified badge when it equals the signed fingerprint — protection against UI spoofing.
• The passkey private key is generated and stored in the approver's device hardware (Secure Enclave / TPM). Cosignet never receives or stores it.
• One-time challenges; assertions are bound to the challenge and cannot be replayed against a different payload.

Fail-closed by default

No signature, no approval. If the human does not approve, the request expires and your integration receives a non-approved decision (pending, rejected, or expired) — never approved. Your code should proceed only on an explicit approved status, so a timeout or outage fails safe.

Data handling

• We do store the action payload. It is required to show the approver exactly what they are signing and to compute the binding hash. Cosignet is not a hash-only relay. Keep secrets out of payloads — pass references (IDs) instead of raw sensitive data.
• We store the raw WebAuthn assertion as the audit trail (proof a specific credential approved a specific payload), plus metadata: timestamps, status, credential ID, and the payload's SHA-256.
• Transport is HTTPS only; HSTS is enforced. Data is held in Cloudflare D1.
• API keys are stored only as a SHA-256 hash and a short prefix; the full key is shown once at creation and never again.

Audit trail & retention

Each confirmation keeps its action, payload, hash, status, and (once approved) the raw assertion, viewable in the dashboard. We do not yet run automatic deletion; data is retained until you request removal. For deletion, export, or data-residency questions, contact security@cosignet.com. Configurable retention and regional storage are on the roadmap for Enterprise.