Platform

The proof layer.
Hash-only. Public-anchored. Yours.

A vendor-neutral integrity service for regulated systems. Records stay in your perimeter; cryptographic proof is anchored on Polygon and exportable to anyone.

v1.0 · Polygon mainnetSOC 2 alignedHIPAA aligned

01 · Cryptographic core

Merkle batching, idempotent verification.

SHA-256 fingerprinting at ingest, balanced Merkle trees of up to 1,000 leaves, single on-chain anchor per batch. Verification is deterministic — same record returns the same proof, every time.

02 · Tenant isolation

Hard tenant boundaries

Every record, batch, and audit row carries a tenant_id. Queries are fail-closed: cross-tenant reads return 404, never partial data.

03 · No PHI / PII

Certyo never stores your record bodies. Only the hash crosses the boundary. Less surface, less liability.

04 · RBAC

8 roles, audit-logged

owneradmintenant_adminauditoroperatorviewerintegratorsupport

05 · Observability

Every privileged op
on the audit log

03:14 VERIFY rec_8f3…

03:14 ANCHOR batch_220

03:13 KEY_ROT kid:08

06 · SLA

99.9%

API uptime, p95 verify ≤ 500ms, anchor cadence ≤ 5min during peak.

What sits where, and
what crosses the line.

Your perimeter

Source-of-truth

EHR / ERP / OMS

Record body (full payload)

Internal IDs

PHI / PII

Certyo edge

Hash-only zone

SHA-256 fingerprint

Merkle aggregator

Tenant scope

API keys + RBAC

Public chain

Polygon mainnet

Anchor tx (root)

Block timestamp

IPFS CID (manifest)

Verifiable forever

data flow → only hashes leave the perimeterverify ← anyone, with the proof package alone

The proof layer.Hash-only. Public-anchored. Yours.