Trust that never depends on trusting us.
Every artifact is signed, every tenant is isolated, every action is recorded in a tamper-evident log — and your registry stays under your control. The proof stands on its own.
Four pillars under every artifact.
METS is engineered so a foreign auditor, a border agent or a competing vendor can all reach the same verdict independently.
Cryptographic signatures
Artifacts are signed with Ed25519 (HSM-ready for production). Anyone can verify an artifact against the published key — no trust in us required.
Per-tenant isolation
Every tenant runs in its own database silo with row-level security enforced at runtime by a non-superuser role. No cross-tenant leakage.
No registry backdoor
METS is an accredited integrator using the same public APIs as any vendor. Your national registry stays neutral and under your control.
Tamper-evident audit
A hash-chained audit log records every endorsement, revocation and binding — defensible evidence for compliance and forensics.
The controls behind the claims.
A snapshot of how METS protects data, signatures and tenant boundaries.
Ed25519 signing
Artifacts signed with Ed25519 (EdDSA); HSM custody is integration-ready for production.
Row-level security
Tenant isolation enforced at runtime by a non-superuser database role.
No backdoor
Public-API integration only — your national registry stays neutral.
Gate enforcement
Market checks must pass before any artifact can be endorsed.
First-class revocation
Revoke an artifact and the public verify page reflects it immediately.
Data residency
Per-tenant silos with residency options for sovereign deployments.
Questions, answered plainly.
No overclaiming. If you don't see your question, ask us directly.
Bring your security team. We'll go deep.
See METS run your corridor — from the abattoir split to a buyer scanning a QR. Book a briefing and we'll map your first market dialect.
METS builds the evidence and files operator statements.