Technical and Security Guarantees
This page summarises the technical and security guarantees the platform offers to allow you to build an understanding of the product.
Contract Execution
The Luna engine has been built with reliable execution at its core. It is designed to guarantee a Contract will be life cycled safely for as long as needed without dropping Contracts or ending up in unknown states.
Tick model
The engine is built around a tick model. A tick represents a single execution of a Contract at some point in time.
Atomicity
Each tick is an atomic event. Within the engine it either fully succeeds and we commit the updated state or it fails and we retry.
Idempotency
We guarantee ticks happen successfully exactly once.
Isolation
Contract execution occurs in an isolated execution environment preventing interference between executing Contracts.
Retries
Luna will retry a failed tick up to three times with time delay exponential backoff. This makes Contracts self-healing when encountering transient error cases.
Edge Cases
In the event that a Contract fails after three retries, it will enter a failed state, and a human will be notified. This safe default allows for investigation via Audit Logs of the failure mechanism.
Auditing
All Contract execution is audited and audit logs retained for 90 days. This allows fine-grained explanation of why specific execution paths were followed when a Contract was executed.
Our data exporter primitives allow exporting this data in realtime to your systems if you require long term storage.
Maintainability
Contract Upgrades
We provide a well documented approach to upgrading Templates and contracts over time. This is a critical part of the Luna proposition. Unlike other smart Contract platforms we understand that Contracts need to be updated over time, either because of changing third party requirements, bugs or even just improvements.
Luna has a well established procedure for Contract upgrades allowing you to incrementally update running Contracts keeping your customers safe.
Infrastructure
As a SaaS platform we handle all infrastructure maintenance according to our infrastructure and security policies.
Scalability
Infinite Integrations
By design Luna Contracts are just python programs. This means you can import any third party code you can imagine or write your own. This gives you the ability to integrate your Contract with any third party system you'd like.
Cloud First
Luna has been designed based on modern cloud first software principles allowing us to scale horizontally meaning you never have to worry about Luna being a bottleneck in your business success.
Security
AWS Security
We follow AWS security best practices and have built an internal alerting platform based around modern monitoring tools.
Tenant model with variable data segregation
Luna employs an Organization tenant model given you a private area for your data and users.
We offer three different segregation levels depending on the requirements of your Organization:
None
: Data and compute come from a shared pool across all other customers with no segregation requirements. This is the default option.Physical Data Segregation
: Data within your Organization is stored in a physically isolated database increasing the security of it at rest. Compute may run on shared servers. This is a good trade-off between cost and segregation.Physical Data + Compute Segregation
: Full segregation of your Organizations data storage and compute can be provided for an increased cost. This dedicated tenant is totally isolated from all other users.
Encryption
All data is encrypted at rest using bank grade encryption no matter what segregation tier you choose. Additionally, you have the ability to denote Parameters and Variables as secrets.
Communication to the platform is secured using TLS with modern cipher suites.
Internally we secure all inter-service traffic using mTLS.
Assurance program
Luna conducts external penetration tests on a six monthly cadence. The latest results are available on request. We additionally maintain a public bug bounty program.
Disaster Recovery
All data within the Luna platform is regularly backed up and we regularly practice restoring from backup.
We retain the ability to spin up new environments on demand in different regions allowing us to quickly respond to extended downtime in any given AWS region.