Network security abandoned the trusted perimeter a decade ago. Every request is authenticated, every action is verified, nothing is trusted by virtue of its location. Commercial payments never made that shift. CAST is zero-trust architecture applied to the movement of value.Documentation Index
Fetch the complete documentation index at: https://docs.cast.digitalfinancehq.com/llms.txt
Use this file to discover all available pages before exploring further.
The implicit-trust perimeter still exists in finance
Most payment controls assume that an instruction originating inside the organization — from a known email, an approved user, a familiar vendor record — is trustworthy. That is the perimeter model. Business Email Compromise is simply an attacker crossing the perimeter once and inheriting all the trust inside it.Never trust, always verify — extended from packets to payments. No covered payment is trusted because of who submitted it. It is trusted only after the counterparty independently co-authors the terms through a cryptographically bound channel.
Three zero-trust properties CAST inherits
Identity-bound action
WebAuthn ties each confirmation to a hardware-backed key — not a password, not an inbox an attacker can capture.
Least-privilege verification
The vendor sees only their own confirmation record. Buyer GL codes, budgets, and other vendors are never exposed across the counterparty surface.
Continuous validation
A bank-account change re-triggers the gate. Trust is not granted once and inherited forever — it is re-established at every covered event.
Separation of decision and execution
The actor that proposes a payment is never the sole authority that releases it.