Attestation tampering, unauthorized revocation, status forgery, replay attacks, issuer impersonation.

Physical facility attacks, client-side device compromise, social engineering of issuer organizations.

Attestation hashes, issuer DIDs, revocation status, timestamps, verification metadata.

Audit evidence, raw control data, PII, issuer private keys, organizational security posture details.

Attestation validity (valid/expired/revoked) is externally checkable. No claim content or control details are exposed.

Specific claim attributes are disclosed only to authorized relying parties via selective disclosure protocols.

Persora never holds issuer private keys. Issuers maintain full custody of signing keys in their own HSMs or key management systems.

Persora's operational keys are used only for log integrity and API authentication — never for signing attestations on behalf of issuers.

Issuers can revoke any attestation at any time. Revocation is immediate and globally visible.

Attestations carry time-bound validity. Verifiers always see the most current status, not cached snapshots.

All API access is authenticated and scoped. Private claim queries require verifier authorization.

All endpoints are rate-limited and monitored. Abuse triggers automatic throttling.

All platform operations are logged with integrity protection. Logs are append-only and tamper-evident.

Verification endpoints are designed for high availability with redundancy across regions.