Security Architecture
Paratro is designed with security as a foundational principle. This document outlines the architectural decisions and controls that protect digital asset operations.Design Principles
- No single point of compromise — Private keys are never assembled in one location
- Defense in depth — Multiple layers of security controls
- Least privilege — Users and systems have minimum necessary access
- Auditability — Every action is logged and traceable
- Zero trust — All requests are authenticated and authorized regardless of network origin
Architecture Layers
Application Layer
- Role-based access control (RBAC) for all user actions
- MFA/TOTP enforcement for sensitive operations
- Session management with configurable timeouts
- API key scoping with granular permissions
Transport Layer
- TLS 1.3 for all communications
- Certificate pinning for internal service communication
- Encrypted WebSocket connections for real-time updates
Data Layer
- AES-256 encryption at rest for all sensitive data
- Key share encryption using HSM-backed keys
- Database-level encryption with customer-managed keys (private deployment)
- Secure key erasure from memory after use
Infrastructure Layer
- Network isolation with VPC and security groups
- No direct internet access for signing services
- Regular security patching and vulnerability scanning
- DDoS protection and rate limiting at the edge
Key Share Architecture
- Key shares are generated and distributed without ever forming the complete key
- Signing requires only the configured threshold of shares
- Backup shares are encrypted and stored offline for disaster recovery
Incident Response
Paratro maintains a 24/7 security operations team with defined procedures for:- Unauthorized access attempts
- Key share compromise scenarios
- Service availability incidents
- Vulnerability disclosure handling