Loading...
private.me Docs
Get xSurveillance
PRIVATE.ME PLATFORM

xSurveillance: CAT/MiFIR Trade Surveillance Data Protection

Protect consolidated audit trail and MiFIR surveillance data with XorIDA threshold sharing. Regulators verify without centralized data exposure.

Financial COMING SOON XorIDA Powered
COMPOSITION PRODUCT
xSurveillance is a regulatory specification product that combines existing PRIVATE.ME building blocks (XorIDA threshold sharing via @private.me/crypto, MPC analytics via @private.me/xcompute, and audit trails via @private.me/xprove). It contains no unique code — implementation is performed by combining the core ACIs according to CAT/MiFIR compliance requirements.
Section 01

The Problem

Consolidated Audit Trail (CAT) and MiFIR surveillance requirements force market participants to report detailed trade data to central repositories, creating massive honeypot targets.

CAT collects billions of trade events containing customer PII, order flow, and trading strategies. A breach exposes the entire market's activity. The 2024 CAT NMS data breach demonstrated this risk.

MiFIR transaction reporting requires similar centralization in EU markets. Both create single points of failure that are high-value targets for nation-state actors and financial criminals.

The Old Way

Transaction Data Sensitive records Unprotected SINGLE INSTITUTION Full data access Single point of failure BREACH Full records leaked
Section 02

The PRIVATE.ME Solution

xSurveillance splits surveillance data into XorIDA shares distributed across independent custodians. Regulatory verification requires threshold reconstruction, preventing single-point breaches.

Trade reports are HMAC-signed at submission, then XorIDA-split across independent storage nodes. Regulators query by reconstructing specific records via threshold quorum. Bulk data never exists in one place.

Real-time surveillance analytics run on shares via xCompute for pattern detection. Suspicious activity triggers targeted reconstruction only for flagged records.

The New Way

Data Input Financial data XorIDA Split K-of-N shares Bank A Share 1 Bank B Share 2 Bank N Share N Reconstruct Threshold K
Section 03

How It Works

xSurveillance provides split-storage for surveillance data with threshold-based regulatory access and xCompute-powered real-time analytics on shares.

Ingest Validate XorIDA Split K-of-N Distribute Multi-node HMAC Verify Per-share Reconstruct Threshold OK
Key Security Properties
Surveillance data is XorIDA-split at submission. No single custodian holds a complete audit trail. Regulators reconstruct only the specific records they need via threshold quorum.
Section 04

Use Cases

📈
Capital Markets
CAT Data Protection

Split consolidated audit trail data so no single breach exposes all trade records.

CAT
🌍
EU Markets
MiFIR Reporting

Protect MiFIR transaction reports with threshold-based regulatory access.

MiFIR
🔍
Surveillance
Pattern Detection

Run surveillance analytics on XorIDA shares without centralizing trade data.

Analytics
🔒
Security
Breach Resilience

A single custodian breach exposes zero reconstructable trade records.

Security
Section 05

Integration

Quick Start
import { SurveillanceVault } from '@private.me/xsurveillance';

const vault = await SurveillanceVault.create({
  custodians: [custA, custB, custC],
  threshold: { k: 2, n: 3 }
});
await vault.submit(tradeReport);
SurveillanceVault.create(opts): Promise<Result<SurveillanceVault, VaultError>>
Creates a split-storage vault for surveillance data with threshold-based regulatory reconstruction.
Section 06

Security Properties

PropertyMechanismGuarantee
Data at restXorIDA K-of-N split Information-theoretic
Regulatory accessThreshold reconstruction Targeted queries only
IntegrityHMAC-SHA256 per-report Tamper detection
AnalyticsxCompute on shares No centralized data
$4.7B
Surveillance TAM
K-of-N
Split storage
HMAC
Per-report
VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL
Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →
GET STARTED

Ready to deploy xSurveillance?

Talk to Sol, our AI sales engineer, or book a live demo with our team.

Book a Demo
PRIVATE.ME · xSURVEILLANCE WHITE PAPER

© 2026 StandardClouds Inc. dba PRIVATE.ME. All rights reserved.

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xSurveillance generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF
Download proofs:

Verify proofs online →

Use Cases

🏛️
REGULATORY
FDA / SEC Submissions
Prove algorithm correctness for distributed systems without exposing trade secrets or IP.
Zero IP Exposure
🏦
FINANCIAL
Audit Without Access
External auditors verify secure operations without accessing source code or production systems.
FINRA / SOX Compliant
🛡️
DEFENSE
Classified Verification
Security clearance holders verify distributed systems correctness without clearance for source code.
CMMC / NIST Ready
🏢
ENTERPRISE
Procurement Due Diligence
Prove security + correctness during RFP evaluation without NDA or code escrow.
No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

  • Zero infrastructure setup
  • Automatic updates
  • 99.9% uptime SLA
  • Enterprise SLA available
View Pricing →
📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

  • npm install @private.me/xsurveillance
  • TypeScript/JavaScript SDK
  • Full source access
  • Enterprise support available
Get Started →
🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

  • Complete data sovereignty
  • Air-gap capable deployment
  • Custom SLA + dedicated support
  • Professional services included
Request Quote →

Enterprise On-Premise Deployment

While xSurveillance is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

  • Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
  • Air-gapped environments — SCIF, classified networks, offline operations
  • Data residency requirements — EU GDPR, China data laws, government mandates
  • Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →

Other Requirements? Need white-label deployment or custom integration? Contact our enterprise team →