Encrypted at rest
AES-256-GCM with envelope encryption. Keys held in OpenBao with HSM root of trust.
Compliance & Security
Audit-ready by construction.
Garden was built under a development constitution that treats every line as if it were handling real money — because it is. The chains of evidence exist before the auditor arrives. We do not ship features that cannot be proven correct after a cold restore.
Garden Financial · v1.3.2 — DesktopLIVE
Search…⌘K
AACME Holdings
KYC Sessions
Updated Apr 29 at 14:02
SAGE · /compliance/kyc-sessions
KYC · session 3f81-0a2c · Reginald Maxwell
RM
SUBJECTReginald MaxwellDOB · 1982-03-14 · UK
CASE3f81-0a2copened 4 min ago
ROUTEUK individual · standardSLA · 24h
- Government IDOnfidopassport · United Kingdommatch
- Liveness selfieOnfido98.4% similaritymatch
- Address proofVeriffutility · 1 mo oldmatch
- OFAC / EU / UNSageno list hitsclear
- PEP screeningSageno political exposureclear
- Adverse mediaSage1 low-confidence articlereview
evidence pack · 11 docs · sealed blake3:7a91…posts to Bean on approval · vine event queued
FIG. 0.A — GARDEN DESKTOP / DASHBOARDThe actual UI. No marketing simulator.
Standards
Where Garden stands today.
| Standard | Scope | Owners | Status |
|---|---|---|---|
| SOC 2 Type II | Security · Availability · Confidentiality | Sage · Bean · Vine | audit-ready |
| ISO 27001:2022 | Information security management | All services | audit-ready |
| PCI DSS 4.0 | Card data scope minimization | Chard · Greenhouse | self-assessed |
| ASC 606 / IFRS 15 | Revenue recognition | Bean · Cabbage | built-in |
| GDPR · CCPA · PIPEDA · LGPD | Data subject rights | Turnip · Sage · Basil | live |
| NACHA · Reg E · Reg J | ACH origination | Branches · Chard | live |
| FATF Travel Rule (TRP · TRUST) | Counterparty info exchange | Sage · Greenhouse | live |
| MiCA | EU crypto-asset service provision | Greenhouse · Sage | audit-ready |
| NIST 800-63 / NIST 800-53 | Identity assurance · controls | Turnip | live |
| SOX 404 | Internal controls over financial reporting | Bean · Celery | audit-ready |
Vs. the compliance stack
Most companies bolt four vendors together. Garden ships compliance as a property of the ledger.
Vanta and Drata watch your SaaS perimeter. Persona and Alloy run KYC, but stop there. Garden treats compliance as inseparable from the book of record: every screening, every period close, every signed transfer lands on the same audit chain. One stack, one principal, one provable history.
| Capability | Vanta | Drata | Persona | Alloy | Garden |
|---|---|---|---|---|---|
| SOC 2 / ISO 27001 controls | ✓ | ✓ | — | — | ✓ Sage + Bean |
| GDPR / CCPA DSR automation | ✓ | ✓ | — | — | ✓ |
| KYC + liveness + document | — | — | ✓ | ✓ | ✓ Onfido + Veriff pluggable |
| OFAC + EU + UN + UK HMT screen | — | — | partial | ✓ | ✓ |
| PEP + adverse media (multi-lang) | — | — | — | ✓ | ✓ 15+ languages |
| FATF Travel Rule (TRP / TRUST) | — | — | — | — | ✓ Sage + Greenhouse |
| Tax forms (1099, K-1, 1042-S) | — | — | — | — | ✓ Basil-rendered |
| ASC 606 / IFRS 15 rev rec | — | — | — | — | ✓ Bean-derived |
| Period seal (cryptographic) | — | — | — | — | ✓ blake3 |
| Hash-chained audit trail | logs | logs | logs | logs | ✓ ed25519 |
| Posts evidence to ledger | — | — | — | — | ✓ Bean atomic |
| Agent-callable screening | — | — | — | — | ✓ MCP |
| One contract, full coverage | — | — | — | — | ✓ |
Security pillars
Eight, all of them load-bearing.
Encrypted in transit
TLS 1.3, rustls only. mTLS between Garden services. Pinned certificates for partner integrations.
Signed events
Every Vine event carries an Ed25519 signature and a per-tenant ordered cursor.
Idempotent writes
Every write accepts an idempotency key. Replays are safe. Double-charges are mathematically impossible.
Cryptographic period seal
Closing a period in Bean produces a blake3 root over every journal entry.
Hardware-backed signing
Greenhouse transactions, period closes, and admin changes can require YubiKey or Ledger touch.
Least-privilege access
Arsenal tokens are minted just-in-time, scoped to action class, time-bound, bound to a principal DID.
Audit chain
Every write records actor, principal, IP, device, and time, with hash linkage to the previous record.
Bug bounty
$250,000 top reward.
We pay for vulnerabilities in proportion to what they could move. The maximum payout is reserved for issues that allow theft of customer funds, bypass of FROST signing, forgery of period seals, or extraction of cryptographic material. Median payouts are $5,000–$25,000.
- · Scope: Bean, Chard, Cabbage, Greenhouse, Turnip, Sage, Basil
- · In-scope chains: BTC, ETH (+ L2s), SOL, USDC, USDP, PYUSD
- · Out: social engineering, denial of service, third-party services not owned by Garden
- · Disclosure: 90 days from triage acceptance
- · Contact: security@gardens.ml · PGP fingerprint published
Audits
External attestations.
Annual
Greenhouse — FROST implementation
Cryptography lab
Annual
Bean — period seal & audit chain
Application security firm
Annual
Chard — payment routing & idempotency
Independent reviewer
Annual
Turnip — identity & lineage
Identity-systems specialist
Annual
Garden — SOC 2 Type II
Big-four-affiliated CPA
Annual
Garden — ISO 27001:2022
Accredited certifier
