Blockchain handles data security through transparency, where anyone with the right knowledge and tooling is able to access information written to the individual blocks and compose a linear understanding of the history.
While the blockchain data itself is secure, many users are not used to the rigors of securing their own data. Mainly, users have come to rely on centralized data storage. As a result, users frequently sign transactions that end up in losing their assets on their wallets, like NFTs and alt coins.
With the development of dApps, utilizing a primitive version of user management (log in with your wallet) is a risky endeavor. These dApps are almost exclusively built with the mindset of “your data, your problem,” as an approach to personal data control. At Foolproof Labs, we believe this is a fundamental flaw in the evolution of dApps. As a result, Foolproof Labs has developed a significant innovation designed to address a fundamental challenge in blockchain participation: Foolproof Labs removes interaction-based friction and risk, while maintaining immutable proof of ownership: in short, secure Distributed Privilege Management.
<aside> 💡 FoolProof Labs removes interaction-based friction and risk, while maintaining immutable proof of ownership: in short, secure Distributed Privilege Management.
</aside>
The Foolproof Token, also known as the FPT, is a public good aimed at redistributing control of brands and assets to their true owner, while empowering decentralized communities to work together.
Foolproof Labs' flagship service revolves around its one-click deploy smart contract system, which creates Foolproof Tokens (FPTs). These FPTs are unique in their design and function; they act as holographic representations of actual crypto assets on the blockchain. This innovative approach allows users to securely demonstrate asset ownership without exposing the tradable assets to potential online risks. These crypto assets can be thought of as “permissions” on a user profile. This FPT separation also enables expansion of functionality, while maintaining provenance of asset ownership.
The FPT is the central pillar to frictionless single sign-on (SSO), secured through the Ethereum blockchain (and other EVM-compatible chains). Organizations are now able to leverage communities and reward them for interacting with their product in a secure, legally compliant manner with the benefits of decentralized data without controlling a user’s privacy.
There are a few key considerations to adopting Decentralized User Management (DUM) on an EVM blockchain and how they will impact SOC2-compliant reporting for your company. This guide answers the blockchain-specific questions needed to provide a comprehensive SOC2 report for utilizing Foolproof Labs and DUM tooling, while enabling a “security first” initiative while building on-chain.
The guide evaluates the design and operational effectiveness of controls in place to meet the Trust Service Criteria set by the American Institute of Certified Public Accountants (AICPA).
Due to the nature of blockchain and its immutable data storage, some standard SOC2 responses are left to the blockchain, itself. We’ve done our best to explain these assumptions and architectural elements in the context of SOC2 and advise all potential partners to consult with a blockchain expert to gain a comprehensive understanding of the impact using blockchain will have on their overall application delivery and compliant reporting.
Choosing an Implementation Strategy