Trust

Trust & Transparency

Commitments you can inspect,
not just read.

What Katafract does with data, what it can’t do because the architecture prevents it, and how we handle what does happen — including the things that go wrong.

No-log architecturePublic post-mortemsWarrant canaryBug bounty

• Infrastructure

  Where the boxes live

  The node map, who operates each box, what jurisdiction it sits in.

• Logs policy

  What we log — and don’t

  Layer-by-layer breakdown. What we keep for operations, what we deliberately throw away.

• Retention

  How long data lives

  Per-data-type retention windows before deletion. The clock starts when the request lands.

• Incidents

  Public post-mortems

  Every outage and every security event, written up. What broke, why, what we changed.

• Bug bounty

  How to report a vuln

  Scope, channel, payout schedule, and what we ask of researchers.

• Canary

  Warrant canary

  Updated monthly on the consumer domain so transparency scrapers can archive it. If it stops, read that as a signal.

The architectural trust story

The summary of why these pages exist the way they do:

Infrastructure built so there’s nothing to betray. Tokens handle identity instead of accounts. Encryption keys live on your device so the server holds ciphertext. Pricing is allotments of storage and bandwidth, not behavior or attention. There’s no advertising business to sell you into, because the data to run one doesn’t exist on our side of the wire.

More detail: katafract.com/about/.