Surpl
Get started
Production-grade

Technology and security

Surpl is engineered as a real production platform, built with strong data modelling, least-privilege access, encryption at rest, and full auditability. Our aim is to give members and partners a platform that feels modern, secure, and dependable from day one.

Security built in

Security is designed into the platform rather than added later. That means sensitive credentials, access controls, and logs are handled in a way that supports trust, accountability, and long-term reliability.

Security highlights

  • Inverter credentials are encrypted with AES-256-GCM and protected with rotatable keys.
  • Access is controlled using role-based permissions with strict scoping.
  • Sensitive actions are recorded in immutable audit and security logs.
  • Rate limiting, replay protection, and idempotency are used on sensitive APIs.
  • No personal data is written on-chain, only non-identifying proof hashes.

Privacy first

Surpl is built to minimise unnecessary data exposure. Where identity or verification is needed, the platform is designed to work with controlled, consent-based flows rather than broad data sharing.

That approach helps protect member privacy while still allowing the platform to verify energy data, support community participation, and prepare for future regulated energy features.

Reliable data foundations

A strong energy platform needs more than a nice interface. It needs data that can be trusted. Surpl is built around verified inputs, normalised data models, and a clear separation between live data, estimates, and future features.

This is why the platform prefers secure inverter APIs and other validated sources over manual uploads. It is a more reliable, more auditable, and more fraud-resistant way to operate.

What this means for members

For members, this means a platform that is designed to be secure, transparent, and practical to use. Your information is handled carefully, your data is protected, and the platform is structured so you can understand what is happening rather than being asked to trust a black box.

It also means Surpl can grow over time without losing the security and auditability that serious energy participation requires.

Built for the long term

Surpl is being built to support today’s solar monitoring and tomorrow’s community energy features without needing a redesign at every stage. That future-ready approach is part of the platform’s security story as well, because it keeps the architecture clean and easier to govern as the product grows.

The result is a platform that combines modern engineering with the kind of trust, traceability, and discipline that energy products need.

Cookies on Surpl

We use strictly necessary cookies to keep you signed in and remember your choices. Optional cookies help with preferences and, if enabled in future, analytics. You can accept, reject, or manage categories. See our Cookie Policy.