Audit & Compliance

Planbok is built with institutional rigor, providing comprehensive tools for auditing, access control, and regulatory compliance. Our architecture ensures that every action is traceable, authorized, and idempotent.

Enterprise Audit Logs

Every critical operation within the Planbok platform—from API key creation to transaction signing—is captured in an immutable audit trail.

Logged Data Points

• Event Type: The specific action performed (e.g., transaction.signed, member.invited).
• Actor Identity: The specific User or API Key that initiated the request.
• Metadata: Detailed data payloads associated with the event, excluding sensitive private material.
• Contextual Info: Source IP address and User Agent for forensic analysis.
• Timestamp: Precise server-side timing of the event.

Retention & Cleanup

To balance transparency with storage efficiency, audit logs include a 365-day Retention Policy. Events older than one year are automatically purged from the live system, though organizations can export their logs for long-term archival.

Role-Based Access Control (RBAC)

Planbok enforces a multi-tier authorization model to ensure that users and automated systems only have the permissions necessary for their roles.

1. User Roles

• Owner: The primary administrative account with full control over organization identity, billing, and ownership transfer.
• Admin: Can manage team members, invite new users, and configure organization-wide settings.
• Member: Standard access for viewing data and interacting with wallets within assigned permissions.

2. API Key Security

API keys provide a granular way to authorize automated systems:

• Restricted Keys: Can be configured as "Read-Only," limiting the key to GET requests to prevent unauthorized state changes.
• Owner-Only Keys: Certain high-stakes endpoints (like private key export) require an API key explicitly created by the Organization Owner.

Idempotency & Consistency

To prevent duplicate operations in unstable network conditions, Planbok implements strict idempotency controls:

• Idempotency Keys: For sensitive operations like transfers, clients can provide a unique UUID v4. If a request with the same key is received again, the system will return the cached result of the original operation instead of re-executing it.
• Deduplication Windows: Our webhook system uses a minute-based deduplication window to ensure that your backend isn't overwhelmed by duplicate event notifications.

Security Infrastructure

Compliance is further strengthened by our underlying infrastructure:

• Vault Integration: All sensitive secrets and key shares are stored in HSM Vault, utilizing hardware-backed encryption where available.
• Physical Isolation: Node 1 and Node 2 are logically and physically separated across namespaces to prevent single points of failure and internal collusion.

[!NOTE] Organizations requiring SOC2 Type II or similar certifications can leverage these built-in audit trails and isolation boundaries to streamline their compliance audits.