Trust Center

Buyer diligence should map directly to shipped controls.

This trust center is limited to implemented behavior. It describes the controls already present in the product across room cryptography, identity, recovery governance, storage verification, and auditability.

Operational assurance summary

Strict rooms keep content opaque to the platform and disable risky inline preview behavior.

Recovery-enabled rooms require an explicit workspace recovery profile and expose their operational mode clearly in the product.

Room assets are not activated from client claims alone. Storage object facts are verified before activation.

Workspace admins can inspect device posture, sessions, recovery operations, audit proofs, domain verification, network boundaries, and identity providers from one control plane.

Buyer resources

Operational documents and support paths

These are the public surfaces a buyer, admin, or security reviewer should use before and during rollout. They are intentionally scoped to implemented product behavior and active launch gates.

Interactive user manualRole and tier-specific instructions for Quick Drop, rooms, identity, recovery, audit, billing, and troubleshooting.Public statusLive API liveness/readiness view plus commercial production-readiness checklist.Support centerSupport channels, severity definitions, safe intake guidance, and escalation model.Security architectureImplemented cryptography, identity, storage verification, trust mode, and audit controls.TermsService terms, acceptable use, availability scope, and regulated-use boundaries.PrivacyData categories, service providers, retention, privacy rights, and recovery-mode scope.

Cryptographic custody

Browser-side asset encryption before upload

Participant-device key wrapping with ML-KEM-derived shared secrets

Workspace recovery wraps for recovery-enabled rooms

Manifest hashing for room and asset integrity surfaces

Identity and access

HttpOnly session cookies with refresh rotation and CSRF protection

Passkeys, MFA, managed-domain discovery, and OIDC federation

Workspace role separation across owner, workspace admin, security admin, billing admin, and member

Domain-governed login policy and Enterprise directory provisioning

Operational boundaries

Workspace IP allowlists and region preference controls

Checksum-bound upload activation and verified object metadata

Recovery review queues, governed processing, and recovery package generation

Signed SIEM webhook delivery and proof-batch audit export

Claims intentionally not made

QrystalDrop does not claim a completed SOC 2 audit until a formal report exists.

HIPAA, regulated-data processing, custom retention, or customer-specific SLA commitments require a written agreement.

Status, Trust Center, and Help content do not replace customer-side endpoint security, access governance, or legal review.

Launch evidence buyers should request

Production smoke test date, readiness health result, and uptime monitor state.

Stripe, Resend, object storage, Redis, Sentry, backups, and incident runbook confirmation.

Secure Rooms and Quick Drop verified upload, decrypt, download, delete, audit, and billing paths.

Launch posture

Commercially usable, transparently scoped.

QrystalDrop is now a workspace-governed secure-room platform with role-based administration, recovery operations, network controls, managed identity, passkeys, OIDC federation, directory provisioning, SIEM delivery, and tamper-evident audit export.