Chainlink Becomes First Data and Interoperability Oracle Platform To Achieve ISO 27001 and SOC 2 Compliance

We’re excited to announce that Chainlink has achieved two major security milestones: ISO 27001 certification and a SOC 2 Type 1 attestation. The scope of the assessments covers (i) Chainlink Data Feeds—specifically Price Feeds and SmartData (Proof of Reserve and Net Asset Value (NAV)), which are underpinned by the Chainlink Data standard, and (ii) Cross-Chain Interoperability Protocol (CCIP)—the interoperability standard of Chainlink. The examinations were performed in accordance with attestation standards established by the American Institute of Certified Public Accountants (“AICPA”) by an independent accounting firm, Deloitte & Touche LLP.

Chainlink is the first data and interoperability oracle platform to achieve these certifications within the blockchain industry. As the most widely used data oracle standard across DeFi, with ~68% market share by total value secured (TVS), the Chainlink data standard secures $90+ billion in total value and has enabled tens of trillions in onchain transaction value. Chainlink supports top DeFi protocols, such as Aave, GMX, Ether.fi, Pendle, Compound, and hundreds more. The Chainlink interoperability standard, powered by CCIP, is also being increasingly adopted by leading financial institutions, top tokenized asset issuers, and leading DeFi protocols to seamlessly interact across blockchains, such as Swift, UBS, ANZ Bank, and SBI Digital Markets.

These are just two in a broader collection of oracle standards underpinned by Chainlink, along with a developer platform for building and powering advanced onchain applications that can satisfy all their data, interoperability, compliance, privacy, compute, and legacy system integration requirements through a single platform offering. Learn more about Chainlink’s all-in-one oracle platform by reading:  The Chainlink Endgame: Integrating the World Into the Tokenized Asset Economy.

The Chainlink tech stack
The Chainlink stack includes core oracle standards, services, and end-to-end solutions, as well as a decentralized computation runtime that underpins it all.

The industry-wide adoption of Chainlink standards is now further affirmed through their certification by a leading standards body. The ISO 27001 certification affirms that Chainlink has established a robust Information Security Management System (ISMS) encompassing the infrastructure, development, operations, administration, and security of CCIP, Price Feeds, and SmartData Feeds, as provided by Chainlink Labs, one of the primary contributing developers of Chainlink. It’s also evidence that Chainlink met rigorous international standards in ensuring the security, availability, and confidentiality of the full-stack platform.

Achieving SOC 2 Type 1 attestation confirms that Chainlink has a robust set of security and operational controls to support compliant and reliable oracle services, which are designed to protect the interests of the organization and the security of its clients. 

The ISO 27001 certification and completion of the SOC 2 attestation are critical steps towards validating Chainlink’s position as enterprise-grade infrastructure suitable for real-world in-production use cases with the largest financial institutions. For security-conscious businesses, SOC 2 compliance is a core requirement when doing due diligence on third-party vendors or protocols. With these certifications in place, financial institutions can now feel even more confident in utilizing Chainlink standards and oracle services to unlock advanced use cases onchain that are secure and compliant, such as Delivery vs. Payment (DvP) settlement, stablecoin servicing, onchain data distribution, and much more. 

The scope of the assessments includes:

  • CCIP: A cross-chain oracle protocol that enables data and value to be securely transferred across public and private blockchains, unifying liquidity across blockchains and enabling the creation of advanced, cross-chain applications.
  • Chainlink Price Feeds: A data oracle solution that provides a reliable source of financial market data onchain so blockchain applications can price assets in real-time, such as onchain lending protocols, stablecoins, and other financial use cases.
  • Chainlink Proof of Reserve: A data oracle solution that verifies the offchain and cross-chain reserves backing wrapped and tokenized assets, protecting consumers against infinite mint attacks and providing assurance that tokenized assets are fully collateralized before their use in high-value transactions.
  • Chainlink NAVLink: A data oracle solution for supplying Net Asset Value (NAV) data onchain, enabling the issuance of tokenized funds and automating the process of onchain subscriptions and redemptions via fiat and stablecoins. 

The establishment of secure standards for data oracles, cross-chain oracles, and beyond is critical to unlocking the next wave of onchain finance, where tens of trillions in real-world assets are tokenized onchain and seamlessly transacted by the world’s leading financial institutions. To read more about Chainlink’s work with traditional finance, click here.

To learn more about Chainlink, visit chain.link, subscribe to the Chainlink newsletter, follow Chainlink on Twitter and YouTube, and follow Chainlink Labs on LinkedIn.

Need Integration Support?
Talk to an expert
Faucets
Get testnet tokens
Read the Docs
Technical documentation