Trust Dashboard
Real-time status of the Clavestra guardian network, cryptographic proof of reserves, and federation health metrics.
Proof of Reserves
The federation generates cryptographic proof that total holdings are greater than or equal to total client liabilities. This proof is verifiable by any third party without accessing internal systems.
Guardian Network
| Guardian | Jurisdiction | Operator | Status |
|---|---|---|---|
| G1 | Switzerland | Clavestra Orbital GmbH | online |
| G2 | Switzerland | Clavestra Orbital GmbH | online |
| G3 | Switzerland | Independent | online |
| G4 | Europe | Independent | online |
| G5 | Europe | Independent | pending |
| G6 | Europe | Independent | pending |
| G7 | Europe | Independent | pending |
| G8 | Europe | Independent | pending |
| G9 | TBD | Future Partner | pending |
| G10 | TBD | Future Partner | pending |
Federation Design
The Clavestra federation requires 7 of 10 guardians to approve any transaction. This means the system can tolerate up to 3 simultaneous guardian failures while continuing to operate normally.
Each guardian is an independent legal entity operating in a distinct jurisdiction. No single government, company, or individual can unilaterally access client funds.
Guardian backups are stored in encrypted form, in different jurisdictions from the guardian they belong to. No single location holds more than 2 guardian backups.
Defense-in-Depth Architecture
Our security operates across three independent layers. Each layer assumes the layer above it has failed.
Prevention
- Supermajority required for all operations (7/10 guardians)
- Configuration changes require guardian approval plus mandatory 24-hour delay
- No single person or entity can access or move client funds
- Guardian staking with accountability through collateral
Detection
- Immutable, append-only audit trail for every operation
- Automated anomaly detection and real-time monitoring
- Continuous cryptographic proof of reserves
- Per-operator activity tracking and rate limiting
Response
- Emergency pause: guardians can freeze all operations instantly
- Full consensus required to resume after emergency pause
- Malicious guardians lose staked collateral
- System fails safe — operations stop, funds never leak
How We Compare
| Risk | Clavestra | Traditional Custody |
|---|---|---|
| Hack / breach | Attacker needs 7 of 10 guardians across 5 countries | One system compromised = all assets at risk |
| Bankruptcy | Other guardians continue operating | Client assets frozen in legal proceedings |
| Operational failure | Business continuity across multiple jurisdictions | Single location = single point of failure |
| Reserve verification | Cryptographic, continuous, verifiable by anyone | Quarterly audit by accounting firm |