Security
Defense in depth — from login to ledger
Security isn't a feature we tacked on. It's a property that shows up at every layer — authentication, data, accruals, and operational review.
Account access
- Bcrypt-hashed passwords with 10-round cost
- Optional TOTP two-factor using RFC 6238 with one-time backup codes
- Session ledger with explicit revoke — sign out other devices anytime
- Password reset invalidates every live session for the account
Data & integrity
- Idempotent accrual writes — a duplicate cron run cannot double-pay
- Three-bucket wallet state (available / deferred / principal) with full ledger history
- Every money-moving action emits an audit event with correlation ID
Operational
- Finance-core code paths locked behind CODEOWNERS review
- Staging shadow-mode accrual day before each prod deploy
- Admin actions logged and role-gated with explicit decorators
Report a vulnerability
Found something? Write to security@investbridge.example — we triage within one business day and recognise responsible disclosure.