Trust, But Verify
At RAMonly, we don't ask you to blindly trust us. We provide tools and methods for you to independently verify that our nodes operate as claimed.
Verification Methods
1. Hardware Attestation
Each RAMonly node runs on hardware that supports remote attestation:
- TPM-based attestation — The Trusted Platform Module cryptographically proves the server booted from our verified image
- Measured boot — Each component in the boot chain is measured and verified against known-good values
- You can request attestation reports for any node you connect to
2. Network Analysis
You can verify the "no disk" claim by monitoring the node's behavior:
- No disk I/O — Network traffic analysis shows zero block device operations
- Memory-only filesystem — The
/proc/mountsoutput shows all writable mounts are tmpfs - Boot image hash — The read-only boot image hash matches our published values
3. Independent Audits
We commission quarterly audits from independent security firms:
- Physical inspections — Auditors verify no storage devices are connected
- Software audits — Code review of our node operating system
- Network audits — Traffic analysis confirming no data exfiltration
How to Verify Yourself
Check Node Attestation
Through the RAMonly API:
curl https://api.ramonly.com/v1/nodes/us-east-1/attestation \
-H "Authorization: Bearer YOUR_TOKEN"
This returns the node's TPM attestation report, including:
- Boot measurements
- Software versions
- Hardware configuration hash
Compare Boot Image
Download our published boot image hash and compare:
curl https://api.ramonly.com/v1/nodes/us-east-1/boot-hash
Compare against the hash published on our GitHub repository and signed with our PGP key.
Transparency Commitment
We publish:
- Monthly node reports — Uptime, configuration changes, attestation summaries
- Quarterly audit reports — Full findings from independent auditors
- Warrant canary — Updated on the 1st of each month