We publish incident timelines, rotate signing keys monthly, and keep all admin endpoints private.

• Signed release manifests
• Encrypted transport at every hop
• Audit‑grade logging