Trust Center
Last updated: April 7, 2026
System Status
Live component health, exchange feed status, verdict engine uptime, and regime detection — all monitored in real-time.
View Live System Status →
What "Sovereign" Means — Precisely
"Sovereign infrastructure" at TrueAsset means that all core computation — market data processing, regime classification, conviction scoring, verdict issuance, and decision logging — runs exclusively on privately-operated, dedicated hardware. No cloud computing providers (AWS, GCP, Azure) are involved in any decision-path computation.
What runs on dedicated hardware:
- Market data ingestion and normalization
- Regime detection and classification
- Multi-factor scoring engine (10 dimensions)
- Verdict issuance and confidence calculation
- Decision ledger and audit logging
- Squeeze detection and funding analysis
- Risk overlay and governance logic
What uses third-party services (peripheral only):
- Web delivery and DNS (Cloudflare)
- Domain registration
- Email delivery
- Source code hosting (GitHub — not part of decision path)
Third-party services never process market data, decision logic, or verdict output. They handle web delivery only.
Data Lineage
Every verdict carries source attribution across seven decision layers, including internal arbitration and governance controls.
- Market Fundamentals — Tokenomics, supply dynamics, developer activity, liquidity depth
- On-Chain Valuation — MVRV, NUPL, whale activity, exchange flows, entity tracking
- Smart Money Intelligence — Institutional wallet tracking, flow attribution, accumulation patterns
- Microstructure — Funding rates, open interest, order flow, liquidation cascades across 4 exchanges
- Macro Overlay — Central bank policy, money supply, yield curve, cross-asset correlation
- Sentiment & Narrative — NLP-driven sentiment analysis on proprietary GPU infrastructure
Raw data is consumed via institutional APIs, processed exclusively on sovereign hardware, and never redistributed. Source lineage is preserved per verdict.
Access Model
- Zero-trust architecture: Encrypted tunnels (Cloudflare Tunnel + Tailscale mesh). No ports exposed to public internet.
- Authentication: All API and terminal access requires authentication. No anonymous access to decision data.
- Operator authority: Human override gates on all critical decisions. The engine issues governed verdicts, operators retain execution authority.
Jurisdiction
TrueAsset is operated by TPWR Holdings, based in Santiago de Querétaro, Querétaro, Mexico. All computation runs on infrastructure located in Celaya, Guanajuato, Mexico. Legal disputes are governed by Mexican law under the exclusive jurisdiction of courts in Querétaro.
Incident Response
- 24/7 automated monitoring of hardware, connectivity, and service health
- Automatic alerts on GPU temperature, disk usage, memory pressure, and service failures
- Manual incident response within 4 hours during business hours (UTC-6)
- Post-incident review logged and documented
Append-Only Verdict Chain
Every verdict issued by APEX is permanently recorded in a hash-linked, append-only chain. Each entry includes the SHA-256 hash of the previous entry, forming a tamper-evident sequence. Any modification to a historical verdict breaks the chain integrity.
Verified — no breaks detected
JSONL append-only + chattr +a (kernel protection)
SHA-256 (covers all scoring fields)
The chain can be independently verified by any party via the public API endpoint above. The policy is: append-only, no-edit, no-delete, hash-linked.
Security Assessment
Automated security scan performed April 8, 2026.
TLS 1.3 + 1.2 only. 1.1/1.0 rejected.
Let's Encrypt ECDSA P-256. Auto-renewed.
6/6: HSTS, CSP, X-Frame, X-Content-Type, Referrer, Permissions
No version or tech stack disclosed.
Audit & Certification Roadmap
- Current: Internal audit logs, all-verdict policy, append-only hash chain, automated security scanning
- Planned: Third-party penetration test (target Q3 2026)
- Planned: SOC 2 Type 1 readiness evaluation (target Q4 2026)
Security Contact
Report security concerns to security@trueasset.ai