Security & Trust

Evidence built to survive an audit

Everyone claims AI power savings. Spark-XC proves them. Every governed power action becomes a tamper-evident Power Event Record on an append-only, hash-chained ledger — evidence an auditor, a CFO, or a regulator can verify independently of the system that produced it.

How the evidence is protected

Tamper-evident by construction, not by promise

Each governed action is written once to an append-only, SHA-256 hash-chained ledger (ARIV). Every entry binds the previous entry's hash, so the records form an ordered chain that cannot be silently rewritten.

Simulate a tampered entry …or verify a real one yourself →

Append-only, hash-chained

Every Power Event Record links to the prior record's SHA-256 hash. Any insertion, deletion, or modification breaks the chain — and a broken chain is detectable, not hidden.

Independently verifiable

Integrity is confirmed by recomputing the chain — independent of the system that produced it, with no privileged access required. You can verify it yourself in your browser.

Optional HMAC signing

SHA-256 is the chain mechanism. For stronger chain-of-custody, entries can additionally be HMAC-signed with an operator-held key, so authorship — not just order — is provable. HMAC is optional; the hash chain is always present.

Fixed in sequence

Each record's position is pinned by the chain. You cannot backdate, reorder, or quietly drop an event after the fact without producing a hash that no longer matches.

Control mapping

How a Power Event Record maps to control families

The Power Event Record and its hash chain produce evidence that supports specific controls across SOC 2 Type II, ISO 27001, and NIST SP 800-53. For each, here's the property that does the work.

SOC 2 Type II

CC6.1

Logical access controls

Each PER records the policy and authority that approved an action ("was it approved?"), giving auditors evidence that power changes flowed through authorized access controls rather than ad-hoc commands.

SOC 2 Type II

CC7.2

System monitoring

Every governed action is continuously captured as a record with measured before/after telemetry, supporting evidence that the system is monitored and that anomalies are detectable in the chain.

SOC 2 Type II

CC8.1

Change management

Each power-limit change is sealed with its requested, enforced, and hardware-readback values, providing an immutable change trail tied to the policy that authorized it.

ISO/IEC 27001

A.12.1

Operational procedures & responsibilities

PERs document that operational power changes followed defined, authorized procedures — each action carries the policy, authority, and outcome, evidencing controlled operations rather than undocumented intervention.

NIST SP 800-53

AU-10

Non-repudiation

The hash chain — and optional HMAC signing — binds each action to its place in an ordered, tamper-evident record, so an actor cannot later deny that an action occurred or was altered.

NIST SP 800-53

AU-9

Protection of audit information

Because the ledger is append-only and hash-chained, audit records are protected against silent modification or deletion — any tampering invalidates the chain and is independently detectable.

Methodology & status

The honest distinction: maps to vs certified

Spark-XC's Power Event Records map to these controls and produce evidence auditors can use. Spark-XC is not itself certified to these standards today; formal certification is in progress.

Full control-mapping methodology is available under NDA. A "maps to" claim means our records supply evidence relevant to a control — it does not mean Spark-XC holds a SOC 2 report, an ISO 27001 certificate, or a NIST authorization. We state this plainly so there's no confusion in your own audit.

Read the methodology overview →

Data handling

It governs in place — no required data egress

For sovereign and high-sensitivity environments, Spark-XC is designed to run where your infrastructure already lives.

Air-gap friendly

The validation and ledger run inside your boundary. There's no dependency on an outbound connection to produce or verify Power Event Records.

Governs in place

Records are created next to the hardware they describe. The evidence stays under your control, in your environment.

No required data egress

Spark-XC does not require sending your telemetry or records off-site to function. What leaves your boundary is your decision.

Don't take our word for the integrity — verify it

Recompute a real Power Event Record's hash chain in your browser, or talk to us about the control-mapping methodology under NDA.

Verify a Power Event Record → Request the methodology