Critical Moments is built as what we call "Trustless SaaS": software designed to be remotely controlled from services, without needing to trust a 3rd party service provider for correctness, security, or uptime SLAs.

Read our blog for a complete overview of Trustless SaaS.

Trustless SaaS Model

These three policies together form our Trustless SaaS framework:

Source-Available

Our SDK's source code is available on Github. You can read and compile any of the code you integrate into your app.

Self Hosting

Self hosting the SDK configuration means we can't change your app's behaviour, even if we wanted to.

It also means you can use the access control systems already embedded into your company. Since you don't rely on our servers, you can't be impacted by outages in our services.

No User Tracking

In a default install, Critical Moments install does not call out to any servers owned by us. It only calls to the config-service you self host. We can't track your users.

Some optional features require an external service to function. Currently, service requests are necessary for Geo-IP location, and weather data. Our docs clearly indicate when a service call is necessary, and explain how we protect end user data.

How it works

We are a business, and still need to check that you've registered your app, and only use the features in your subscription level. Instead of having every client call out to a centralized service like many other SaaS companies do, our systems use public key cryptography to verify these goals.

The client can verify these signatures locally, quickly, offline, and without calling any service.

Read more details on our blog.