> For the complete documentation index, see [llms.txt](https://docs.marinade.finance/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.marinade.finance/marinade-protocol/security/principal-service-commitments-and-system-requirements.md). # Principal Service Commitments and System Requirements ## **Introduction** This document outlines Marinade Finance’s principal service commitments and system requirements in accordance with SOC 2 standards from the AICPA. It covers the **Security** and **Availability** trust service principles, including both high-level commitments and specific technical controls. *** ## **Security Principle** ### **Service Commitments** * **Data Protection:** User data is encrypted both in transit and at rest. * **Access Control:** Strict access controls ensure only authorized personnel access sensitive data and systems. * **Incident Response:** A robust plan is in place to respond promptly to security breaches or vulnerabilities. * **User Authentication:** Multi-factor authentication (MFA) is used to protect user accounts. * **Regular Audits:** Routine security audits and vulnerability assessments are conducted to identify and mitigate risks. * **Smart Contract Security:** All smart contracts undergo formal audits and are supported by a bug bounty program. ### **System Requirements** * **Encryption:** AES-256 for data at rest and TLS for data in transit. * **Access Management:** Role-based access control (RBAC), with periodic reviews of access rights. * **Monitoring & Logging:** Comprehensive systems to detect and respond to suspicious activity. * **Network Security:** Firewalls and IDS/IPS deployed to secure the network perimeter. * **Patch Management:** Security patches and updates are applied promptly across systems. * **Smart Contract Audits:** Regular audits by reputable firms and incentivized vulnerability discovery via bug bounties. *** ## **Availability Principle** ### **Service Commitments** * **Uptime Guarantee:** 99.9% uptime target (excluding the Solana network’s availability, which is outside Marinade’s control). * **Disaster Recovery:** A tested recovery plan ensures business continuity during system failures or disasters. * **Scalability:** The platform is built to scale with user demand without degrading performance. * **Maintenance Windows:** Planned and communicated maintenance windows minimize user disruption. * **Redundancy:** Redundant systems and data backups safeguard against data loss and ensure continuity. ### **System Requirements** * **Load Balancing:** Distributes traffic evenly to prevent server overload. * **Backup & Recovery:** Regular backups with tested recovery processes to ensure data integrity and availability. * **Failover Mechanisms:** Automatic switching to backup systems in case of failure. * **Performance Monitoring:** Continuous system monitoring for resource usage and performance bottlenecks. * **Cloud Infrastructure:** Deployed on redundant, high-availability cloud infrastructure. *** ## **Conclusion** Marinade Finance is dedicated to delivering a secure and reliable staking automation platform on the Solana network. Through rigorous controls, security-first engineering, and resilient infrastructure, Marinade ensures alignment with SOC 2 standards and reinforces user trust across all levels of the platform. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.marinade.finance/marinade-protocol/security/principal-service-commitments-and-system-requirements.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.