Skip to main content

Technical and Security Guarantees

This page summarises the technical and security guarantees the platform offers to allow you to build an understanding of the product.

Contract Execution

The Luna engine has been built with reliable execution at its core. It is designed to guarantee a Contract will be life cycled safely for as long as needed without dropping Contracts or ending up in unknown states.

Tick model

The engine is built around a tick model. A tick represents a single execution of a Contract at some point in time.


Each tick is an atomic event. Within the engine it either fully succeeds and we commit the updated state or it fails and we retry.


We guarantee ticks happen successfully exactly once.


Contract execution occurs in an isolated execution environment preventing interference between executing Contracts.


Luna will retry a failed tick up to three times with time delay exponential backoff. This makes Contracts self-healing when encountering transient error cases.

Edge Cases

In the event that a Contract fails after three retries, it will enter a failed state, and a human will be notified. This safe default allows for investigation via Audit Logs of the failure mechanism.


All Contract execution is audited and audit logs retained for 90 days. This allows fine-grained explanation of why specific execution paths were followed when a Contract was executed.

Our data exporter primitives allow exporting this data in realtime to your systems if you require long term storage.


Contract Upgrades

We provide a well documented approach to upgrading Templates and contracts over time. This is a critical part of the Luna proposition. Unlike other smart Contract platforms we understand that Contracts need to be updated over time, either because of changing third party requirements, bugs or even just improvements.

Luna has a well established procedure for Contract upgrades allowing you to incrementally update running Contracts keeping your customers safe.


As a SaaS platform we handle all infrastructure maintenance according to our infrastructure and security policies.


Infinite Integrations

By design Luna Contracts are just python programs. This means you can import any third party code you can imagine or write your own. This gives you the ability to integrate your Contract with any third party system you'd like.

Cloud First

Luna has been designed based on modern cloud first software principles allowing us to scale horizontally meaning you never have to worry about Luna being a bottleneck in your business success.


AWS Security

We follow AWS security best practices and have built an internal alerting platform based around modern monitoring tools.

Tenant model with variable data segregation

Luna employs an Organization tenant model given you a private area for your data and users.

We offer three different segregation levels depending on the requirements of your Organization:

  • None: Data and compute come from a shared pool across all other customers with no segregation requirements. This is the default option.
  • Physical Data Segregation: Data within your Organization is stored in a physically isolated database increasing the security of it at rest. Compute may run on shared servers. This is a good trade-off between cost and segregation.
  • Physical Data + Compute Segregation: Full segregation of your Organizations data storage and compute can be provided for an increased cost. This dedicated tenant is totally isolated from all other users.


All data is encrypted at rest using bank grade encryption no matter what segregation tier you choose. Additionally, you have the ability to denote Parameters and Variables as secrets.

Communication to the platform is secured using TLS with modern cipher suites.

Internally we secure all inter-service traffic using mTLS.

Assurance program

Luna conducts external penetration tests on a six monthly cadence. The latest results are available on request. We additionally maintain a public bug bounty program.

Disaster Recovery

All data within the Luna platform is regularly backed up and we regularly practice restoring from backup.

We retain the ability to spin up new environments on demand in different regions allowing us to quickly respond to extended downtime in any given AWS region.