Certyo vs AWS QLDB
Amazon's managed ledger database was discontinued in July 2025. Understand what happened, what customers lost, and how Certyo provides a vendor-neutral alternative.
What was AWS QLDB?
Amazon Quantum Ledger Database (QLDB) was a fully managed ledger database launched in 2019. It provided a transparent, immutable, and cryptographically verifiable transaction log owned by a central trusted authority — AWS itself.
QLDB offered full ACID transactions via PartiQL (a SQL-compatible query language), serverless auto-scaling up to approximately 20,000 transactions per second, and a complete document revision history where every change was cryptographically chained to the previous block. It was positioned for banking, finance, e-commerce, logistics, and government applications.
Why Amazon discontinued it
AWS announced QLDB's end-of-life in mid-2024 and fully shut it down on July 31, 2025. No new customers were accepted in the months before closure.
AWS provided no formal explanation. Industry analysts suggest QLDB suffered from low market adoption — caught in a positioning gap between traditional database buyers who didn't need ledger features and blockchain believers who wanted decentralization. AWS simply emailed existing customers and updated documentation.
The migration gap
AWS recommends migrating to Aurora PostgreSQL with pgAudit for audit logging. However, this migration loses all three core QLDB differentiators:
- No cryptographic verification — pgAudit is logging, not proof. There is no hash chain or Merkle tree to mathematically prove data wasn't altered.
- No immutable journal — a privileged database administrator can modify or delete any historical record. Immutability must be enforced at the application layer.
- No document revision history — complete version history of every document must be manually implemented as slowly-changing-dimension tables.
In short, migrating from QLDB to Aurora PostgreSQL means losing the core reason customers chose QLDB in the first place.
How Certyo fills the gap
Certyo addresses every capability QLDB customers valued — and adds vendor independence that QLDB never had:
- Cryptographic proof: SHA-256 hashing, Merkle trees, and per-record inclusion proofs — anchored on Polygon blockchain, not inside a vendor's infrastructure.
- Immutable anchoring: On-chain roots cannot be altered by anyone — not Certyo, not a cloud provider, not a database administrator.
- Vendor survivability: Even if Certyo ceases operations, every anchor and IPFS manifest remains publicly verifiable. QLDB's shutdown proves this risk is real.
- Zero data custody: Certyo stores hashes, not documents. Your sensitive data stays in your systems. This simplifies HIPAA, GDPR, and CCPA compliance.
Feature comparison
| Capability | Certyo | AWS QLDB (was) |
|---|---|---|
| Status | Active | Discontinued July 2025 |
| Trust model | Decentralized (Polygon + IPFS) | Centralized (AWS-managed) |
| Cryptographic proof | Merkle tree + on-chain anchor | Hash chain journal |
| Public verifiability | PolygonScan + IPFS | No —Requires QLDB API access |
| Vendor lock-in | None (open protocols) | Full (AWS only) |
| Survivability | On-chain is permanent | No —Service was shut down |
| Data model | Hash-only (evidence layer) | Full document (Ion format) |
| Query language | REST API (search, filter, verify) | PartiQL (SQL-compatible) |
| ACID transactions | N/A (evidence layer) | Full ACID |
| Throughput | High (Kafka 12-partition parallelism) | ~20K TPS (serverless) |
| Immutability latency | Deferred (~minutes) | Immediate on commit |
| Multi-tenancy | Full (tenant + client + 8 RBAC roles) | Single-ledger per account |
| PHI/PII exposure | None (hash-only) | High (stores full documents) |
| Evidence export | Compliance-ready packages | No —Manual S3 export |
| Event streaming | Kafka-native | No —Export to S3/Kinesis |
| Document history | State transition lifecycle | Complete revision history |
Related reading
Read: AWS Killed QLDB — What It Means for Data Integrity →Migrating from QLDB?
Talk to our team about adding vendor-neutral integrity proof to your existing systems — no database replacement required.