# PrivChain Security and Operations (Public)

## Publicly disclosed controls

- Replay and idempotency controls in payment lifecycle handling.
- Structured error behavior for integration reliability.
- Remote signer integration paths for production key isolation.
- Settlement-state lookup and reconciliation paths.

## Release boundary

The following areas are intentionally withheld pre-release:

- Proof-system internals and tuning strategy.
- Anti-abuse thresholds and production defense controls.
- Detailed production runbooks and incident procedures.

## Security references

- Security summary: https://privchain.io/security.html
- Privacy policy: https://privchain.io/privacy.html
- Organization security policy: https://github.com/PrivChain/.github/blob/main/SECURITY.md