Transparency document

Compliance attestation
of our end-to-end encryption

This document attests to leggit's security posture as of its issue date. It describes the audit performed, the fixes applied, and what this protection does — or does not — cover. Our goal: no over-promising, no hidden corners.

Reference : ATT-E2EE-2026-05-18-v2.0
Issue date : 2026-05-18
Scope : Personal vaults, family vaults, crypto-wallets (Standard / Cautious / Paranoia modes) and security infrastructure (CSP, SRI, HSTS, logging)
Validity : Until 2026-08-15 (quarterly review) or until any structural change to the cryptographic pipeline
Historique : v1.0 archivée (2026-05-16)

Results at a glance

A full audit of the end-to-end encryption pipeline was carried out across the entire source code. Here are the verifiable results:

14
Improvement findings identified and fixed
0
Critical vulnerabilities open
774+
Automated tests executed
100%
Tests passing
📋 Version 2.0 (2026-05-18) — Cette attestation cumule :
  • 9 findings de l'audit v1.0 (16/05) — tous corrigés et vérifiés non-régression
  • 5 findings de l'audit v2.0 (18/05) — 1 HIGH bug fonctionnel + 2 MED (SQL placeholders) + 2 LOW (rate-limit + constant-time) — tous corrigés
  • Aucune faille cryptographique. Aucun changement de modèle de menace.
  • Pile crypto inchangée : XChaCha20-Poly1305 (RFC 8439), X25519 (RFC 7748), Argon2id (RFC 9106), Shamir GF(2⁸).

What was verified

The audit covered every technical component that handles your encrypted data:

  • The 13 server entry points (API) that receive and store your encrypted content
  • The 7 JavaScript modules running in your browser, especially the isolated "Web Worker" that alone holds your encryption keys
  • The security infrastructure (content security policies, script integrity signatures, HTTPS headers)
  • The post-mortem recovery mechanism (keys split into Shamir shares, master key reconstituted by your custodians)
  • Abuse protections: rate limiting, audit logging, suspicious activity detection

Who performed the audit

The audit was conducted by an automated agent specialized in application security analysis, following the OWASP ASVS Level 2 check-lists and complemented by a manual review of cryptographic invariants (threat model, key isolation, wrap consistency).

⚠️ In full transparency
This audit was performed by an artificial intelligence agent (Claude AI, Anthropic), and not by a human consultant certified CISSP, OSCP or similar. This attestation is a technical transparency document — it does not carry the weight of a formal pentest certification. Before any major public communication of this feature, leggit commits to running an external human audit by a professional pentest firm.

The full process is documented and reproducible: any developer with code access can re-run the 753 automated tests and obtain the same result. No grey area, no "trust us on our word".

Applied standards

The audit relies on open and recognized international standards:

  • OWASP ASVS 4.0 Level 2 — OWASP application security verification standard — authentication, session, cryptography, logging, data protection sections
  • NIST SP 800-175B — US NIST recommendations on the use of cryptographic standards
  • RFC 8439 — Specification of the ChaCha20-Poly1305 algorithm used to encrypt your content
  • RFC 7748 — Specification of the Curve25519 curve used for key exchange between you and your recipients
  • RFC 9106 — Specification of Argon2 used to derive your master key from your password

What we protect you against — and our limits

✅ Your data remains protected against

  • Seizure or theft of our servers: stored data is encrypted and unreadable without your personal key
  • A curious or malicious leggit administrator: we technically have no means of reading your contents
  • A temporary intrusion into our systems: without modifying the source code, the attacker cannot decrypt anything
  • Browser session theft: sensitive operations (adding a recipient, for instance) require re-authentication
  • Forgery of phantom recipients: each recipient is verified against a server-side whitelist

⚠️ We cannot protect you against

  • An active intrusion modifying the JavaScript code served by leggit. We mitigate this risk via integrity signatures (SRI), but do not eliminate it.
  • A compromised browser or device (malware, malicious extension, keylogger) — it is your responsibility to use a clean device.
  • A judicial order forcing us to modify our code (lawfare). leggit is a French company and applies French law.
  • Future advances in cryptanalysis (10-20 years). We follow NIST/IETF recommendations and will migrate when required.

These limits are inherent to any end-to-end encryption system executed in a web browser. No honest actor in this market can commit beyond this.

Our operational commitments

leggit commits to:

  1. Re-running the full automated test suite every quarter and publishing the results on this page
  2. Having the system audited by an external human pentest firm before any major public communication of the E2EE feature
  3. Publishing the fingerprints (SRI hashes) of the critical JavaScript scripts to allow an expert user to verify the integrity of the code running in their browser
  4. Publicly and honestly documenting the limits of the protection model — without misleading marketing wording
  5. Notifying our users in case of major changes to the cryptographic policy or upon discovery of a vulnerability

Legal scope of this document

This attestation is a technical transparency document. It may be communicated to prospects, customers, legal partners (notaries) or regulatory authorities (CNIL) who wish to understand how leggit protects the data entrusted to it.

It does not constitute an ISO 27001, PASSI, RGS or SecNumCloud certification. These certifications require an audit by an accredited body (Bureau Veritas, AFNOR, etc.) and are part of leggit's medium-term roadmap.

Version technique détaillée Security page Technical documentation

Document issued on 2026-05-16 — Reference ATT-E2EE-2026-05-16-v1.0. For any question, contact support@leggit.org.