New BoltRPC, our weighted-unit developer RPC with unlimited RPS, live on 20+ chains
Trust
/ Security · Compliance · Transparency

Built for the institutions that trust us.

Financial institutions, asset managers, custody providers, and Web3 protocols depend on our infrastructure. Here is how we operate it: certified, monitored, documented. Full audit materials available under NDA on request.

Request audit documentation Verify on data.chain.link
Compliance posture

Certifications & controls.

Every control described below is implemented in production. Detailed scoping documents, statements of applicability, and sub-processor lists are available to qualified enterprise clients under NDA.

01
Certified
Active

ISO/IEC 27001:2022

Our infrastructure is operated under an ISO/IEC 27001:2022 Information Security Management System. Certificate effective February 3, 2026. Scope and documentation available under NDA.

02
In progress
In observation window

SOC 2 Type II

SOC 2 Type II audit underway. We design controls around availability, confidentiality, and integrity that match the expectations of financial institutions and institutional custody partners.

03
Operational
Continuous

Business continuity

Geographically distributed validator and oracle fleets. Redundant power and connectivity. Automated failover, 24/7 on-call engineers, and documented incident response.

04
Verifiable
On-chain

Public attestations

Matrixed.Link is an official Chainlink node operator. Our price feeds are publicly verifiable on data.chain.link. Our validators carry an AAA rating on StakingRewards.

How we operate

Operating principles.

Defense in depth

Hardware security modules protect key material. Networks are segregated, access is least-privilege, and we monitor continuously across every layer of the stack.

Vendor discipline

We vet every sub-processor and infrastructure vendor against the same ISO 27001 controls we apply internally. Vendor register available under NDA.

Incident response

Documented runbooks for node outages, validator incidents, oracle anomalies, and security events. Post-mortems shared with enterprise clients.

Data protection

Minimal data collection by design. Client data is scoped, encrypted at rest and in transit, and handled under mutual NDAs with defined retention windows.

Report a vulnerability

Security researchers can contact our team at security@matrixed.link. We review every report and respond within one business day.

Contact security
Get in touch

Ready to review our controls?

Request ISO 27001 scoping documents, SOC 2 progress updates, sub-processor lists, and incident response procedures. Available under NDA to qualified enterprise clients.

Get started Contact sales Explore our services
Trusted by
ChainlinkEnjinPolygondRPC