TRUST CENTER
Security is a boundary, not a badge.
Ixrail is designed around minimal authority, isolated signing, deterministic policy checks, replay resistance, and evidence you can inspect.
SECURITY MODEL
Assume the request is hostile. Prove it is permitted.
deny
Deny by default. Unknown merchants, assets, and networks stop outside the signing boundary.
review
Approval boundaries prevent the agent from self-authorizing exceptional spend.
allow
Only normalized transactions with a valid policy decision reach isolated signing.
Operational controls
- Scoped signing authority
- Replay-resistant request identifiers
- Append-oriented receipts
- Budget and transaction limits
Responsible disclosure
Found a potential issue? Send reproduction details privately. Do not include secrets or personal data.