walwarden
Explanation

Explanation

The independence wedge in one page, plus pointers to the concepts behind the product.

These pages explain why walwarden works the way it does. They are for the careful engineer and the compliance reviewer who want to understand the trust model before relying on it. For step-by-step tasks, see the guides; for lookups, see the reference.

The independence wedge

Walwarden exists to give you backups that do not depend on the database provider you do not fully trust. The product is built around four invariants:

  1. Independent destination ownership. Backup bytes land in an S3 bucket under your IAM role. Walwarden holds the schedule and the evidence, not your data.
  2. Verifiable artifacts. Every backup is an Ed25519-signed manifest you can verify offline.
  3. Auditable evidence. Every state transition is recorded in an append-only audit chain you can export.
  4. Honest recoverability claims. A completed backup is not the same as a proven restore. We say so plainly.