Trust
Security Overview
Kern is designed to support controlled verification workflows with tenant-scoped access, deterministic request handling, and auditable operational events.
Tenant isolation
Requests are scoped by account credentials and policy context. Access boundaries are maintained across task creation, status retrieval, and evidence handling paths.
Deterministic request controls
Idempotency and validation rules reduce duplicate execution risk and improve recovery behavior under retries, timeouts, and transient failures.
Webhook integrity
Webhook flows should be protected with signature verification and replay-safe handling. Integration guidance is provided in technical documentation.
Evidence handling posture
Evidence is processed for verification workflows and operational outcomes. Retention and lifecycle controls vary by product capability and contractual terms.
Security contact
For security-related questions or disclosures, contactsecurity@kernprotocol.com.