
Garden Achieves SOC 2 Type II Attestation
Announcements
Garden becomes the first Bitcoin interoperability protocols to meet this standard.
Today, we're excited to announce that Garden Technologies Inc has completed a SOC 2 Type II examination covering the Trust Services Criteria of Security, Availability, and Confidentiality for the Garden system, for the period November 1, 2025 to April 30, 2026, making Garden the first Bitcoin interoperability protocol to reach this standard. This attestation confirms that Garden's operational and security controls are properly designed and have operated effectively over six months of real-world use.
What is SOC 2 Type II?
SOC 2 is an audit framework developed by the AICPA that evaluates an organization's controls for security, system availability, and the handling of sensitive information. A Type I report checks whether controls are designed correctly at a single point in time. A Type II report goes further: it verifies those controls actually held up in production, in this case across a six-month examination period.
For Garden, the examination covered the infrastructure, access controls, monitoring, and operational processes behind the Garden system.
Why This Matters
Garden is a trustless and non-custodial payment rails solution for Bitcoin. Every swap settles through HTLCs atomically, with no custody of user funds at any point. That's the security model of the protocol itself, which has been reviewed by leading security firms and researchers.
SOC 2 Type II is a different kind of validation that asks more than whether the contracts can be trusted; it's about whether the company operating the infrastructure around them can be. As exchanges, wallets, and market makers build on Garden to offer native Bitcoin swaps, due diligence increasingly asks for proof of operational maturity, not just code audits, independently verified rather than self reported.
Garden has $2B+ in volume processed, powers Bitcoin swaps for Phantom's 20M+ users, and is live across hundreds of other integrators. At that scale, the bar we hold ourselves to is ever increasing.
Looking Ahead
Maintaining this attestation requires ongoing testing and refinement of our controls. We'll continue applying the same standard across every part of the stack as we expand to new chains and develop new software.
Achieving SOC 2 Type II is a meaningful validation of our approach to building software. It reinforces our commitment to high standards internally and shows those that trust us that the company behind the Garden architecture operates with the same discipline it asks of the protocol itself.
Last updated