The wedge · attestable per-tenant isolation

Don't trust the filter.
Re-run the proof.

Every incumbent scopes tenants with a metadata WHERE-filter. We separate them physically and cryptographically — then hand you a signed receipt you can verify yourself.

Fig. 1 · the four controls, bottom-up

  1. 04
    Ed25519-signed attestation
    Buyer-runnable verify_isolation → signed receipt · public JWKS
  2. 03
    AES-256-GCM envelope encryption
    Per-tenant key · tenant_id as AAD · fail-closed key material
  3. 02
    FORCE ROW LEVEL SECURITY
    OWASP-recommended backstop · NOLOGIN role + GRANT per tenant
  4. 01
    Schema-per-tenant
    Physical separation at the DB layer — not a shared table
01
Physically separate

A breach of one compartment cannot reach another — there is no shared row surface to leak across.

02
Cryptographically bound

Each tenant's data is envelope-encrypted under its own key, with the tenant id as additional authenticated data.

03
Machine-checkable

verify_isolation runs live fault-injection probes and returns an Ed25519-signed attestation. Don't trust us — re-run it.

Honest ceiling

OWASP ranks separate databases above schema-per-tenant. Our answer is FORCE RLS + per-tenant crypto + the attestation — not a claim that we are unbeatable.