Security and compliance posture.
Bonis Systems operates four production platforms — HealthAgent, TerraVault, TrustAI, and DealMatcher — on shared Knox infrastructure. Every state-changing event is cryptographically hashed, aggregated into Merkle trees, and anchored to the Bitcoin blockchain via OpenTimestamps. Every claim on this page is independently verifiable.
What's operational
Knox audit trail
SHA-256 per-record hash chain, hourly Merkle roots, Bitcoin anchoring via OpenTimestamps across all production platforms. Independently verifiable.
Verify → /bonis/knoxFRE 902(13) / 902(14) design posture
Records are architecturally designed to meet the self-authentication requirements of Federal Rules of Evidence 902(13) and 902(14). No specific Knox record has been litigated and adjudicated admissible to date; admissibility in any given matter is determined by the presiding court.
USPTO provisional filings
Five USPTO provisional applications filed with Jonis Aaron Fields (founder) as named inventor of record. Priority dates only — provisionals are not granted patents and are not enforceable. Assignments to Bonis Systems LLC scheduled post-revenue via IP counsel. Numbers public below.
SAM.gov + CAGE active
UEI R2BPJDC5CBA3. CAGE code 1TSP2 issued by DLA. Federally registered vendor, eligible for all federal award types.
Wyoming LLC
Bonis Systems LLC. Registered via Northwest Registered Agent. Clean corporate structure.
Encryption standards
AES-256 at rest (Google Cloud managed encryption). TLS 1.2+ in transit. Private-IP Cloud SQL (no public database exposure).
MFA enforced (operator)
All operator administrative access to Google Cloud / Cloud Run / database is protected by multi-factor authentication.
Audit log export
Customer-facing API to pull Knox-anchored audit trail. Designed to support the audit-log portability requirements of HIPAA §164.528, SOC 2 CC7, and GDPR Article 15. No third-party certification to those standards yet — see In Progress below.
Privacy + Terms
Published policies. Wyoming jurisdiction. Data retention + destruction procedures documented in the policies.
Q2 2026 targets
SOC 2 Type II audit
Engagement scheduled with a third-party CPA firm supported by a SOC 2 automation platform. Policies drafted.
Third-party penetration test
Scope finalized with a qualified offensive-security firm. Findings and remediation will be published.
Cyber liability and technology E&O insurance
Application packets prepared with regulated carriers.
HIPAA Business Associate Agreements
BAA template drafted for enterprise healthcare deployments. Counsel review in progress.
Enterprise SSO (SAML / OIDC)
Single sign-on via a federated identity provider. Integration stubs ready.
Staging environment
Isolated Cloud Run services and Cloud SQL instances per tenant profile. Infrastructure bootstrapping scripted.
Unified observability
Consolidated telemetry across all platforms. Per-tenant dashboards on enterprise tier.
Beyond 2026
FedRAMP Moderate
For federal agency customers (Treasury, VA, CMS).
ISO 27001
For international enterprise customers.
CMMC Level 2
For DoD subcontracting.
TX-RAMP
For Texas state agency contracts.
PCI DSS (TerraVault)
Direct payment processing. Currently tokenized via Stripe.
Priority Dates
Priority dates for the core technical inventions. Inventor of record on all five applications: Jonis Aaron Fields (founder, Bonis Systems LLC). Assignments to Bonis Systems LLC scheduled post-revenue via IP counsel. Provisional applications are not granted patents and are not enforceable — they lock the filing date for the specific implementation described.
| Application | Product | Title | Filed |
|---|---|---|---|
| USPTO Provisional #64/002,221 | HealthAgent | AI Caregiver System for Healthcare Navigation | March 11, 2026 |
| USPTO Provisional #64/012,440 | TerraVault | B2B Live-Streaming Commerce Platform for Regulated Industries | March 21, 2026 |
| USPTO Provisional #64/013,240 | DealMatcher | Commercial Deal Aggregation with Federal Data Integration | March 22, 2026 |
| USPTO Provisional #64/036,498 | TrustAI | AI-Powered Forensic Analysis for Trust, Estate, and Fiduciary Disputes | April 11, 2026 |
| USPTO Provisional #64/038,359 | Cross-platform | Knox Blockchain Cross-Product Audit + AI-Moderated Witness Chat | April 13, 2026 |
We design to these standards
Verify Any Claim Independently
Paste any Knox block hash into any of our four platforms’ verify-message endpoints and the response returns the full proof chain back to the Bitcoin blockchain. No Bonis Systems trust required. The endpoints below resolve on each product’s own domain, not bonissystems.com; click to exercise.
Security or compliance questions?
Enterprise procurement teams, federal contracting officers, security researchers, or counsel — reach out directly.