Skip to content

Frequently Asked Questions

This page provides answers to the most frequently asked questions (FAQ) about the Vendia Platform, organized by category.

General

  • What is Vendia?

    Vendia is a SaaS service that makes it easy for companies and organizations to share code and data across clouds, regions, accounts, AI agents and technology stacks.

  • What types of applications are customers using Vendia to build?

    Vendia’s customers use Vendia to build AI enabled workflows and AI agents that tackle complex supply chain integration challenges, create financial settlement applications, automate parts tracking, and deliver other IT solutions that span business, departmental, or technological boundaries.

  • What makes Vendia different?

    Before Vendia, companies needing consistent, complete, and up-to-date business data spanning organizations had to make a difficult choice: Spend an inordinate amount of time and money building bespoke, in-house solutions, adopt and integrate complex technologies such as Ethereum and Solidity, or restrict their aspirations to legacy ERP offerings. Now, with Vendia, companies can deploy cross-cloud, cross-account, cross-region, and cross-party solutions in minutes with no infrastructure to worry about. Vendia’s architecture is Serverless, SaaS, and fully decentralized, and includes a built-in distributed ledger. No other offerings provide this combination of convenience, cloud-native solutions, ease of integration, operational isolation, strong security, unlimited storage scalability, and enterprise readiness.

  • What kinds of data can I share with Vendia?

    Vendia flexible data platform makes it easy to store any kind of business data (operational or analytical), as well as files, including multimedia files, documents in PDF and other formats, spreadsheets, Parquet files, and much more. Vendia supports data expressed as JSON and files up to 1 GB in size, and offers transactional semantics for all data types, including files.

  • How do I read and write data with Vendia?

    Vendia compiles your data model into a cloud-based distributed data platform customized to your model, and then deploys a powerful, fully managed HTTPS-based GraphQL engine for reading and writing your data that provides full type checking.

  • Who can use Vendia?

    Vendia is used by a wide array of customers, from large enterprises to small businesses to non-profit organizations. Anyone who needs to curate or share data for AI outcomes - whether internally across departments or externally across business relationships - can benefit from Vendia’s ease of use and scalable security.

  • What does “decentralized” mean, and why is it important?

    Unlike some SaaS businesses, Vendia doesn’t keep a copy of your data in a single, shared (“centralized”) database. Instead, you and your business partners are given unique cloud-based resources, with every participant having its own complete, separate copy of the data. This provides operational isolation, offering each party full control over its copy of the data and complete flexibility with regards to how their copy of the data is integrated with other parts of their application and IT infrastructure. Any update made by any party is guaranteed to be updated in real time to all other parties, so that despite having their own copies, data seen by all parties is guaranteed to be correctly replicated and tamper-proof.

  • Our company’s architecture isn’t Serverless; can we still use Vendia?

    Yes! Vendia was architected from the ground up to provide customers with all the benefits of a cloud-native approach: Cost efficient pay-per-use pricing, no infrastructure to maintain, built-in fault tolerance, unlimited storage capabilities, and automatic scaling. Those benefits apply to all users of Vendia, whether the rest of their application runs on servers, containers, or even an on-prem mainframe.

  • Is Vendia difficult to learn?

    Vendia is designed to be powerful but also easy to learn and use. Vendia uses simple HTTPS-based APIs, offers modern GraphQL and JSON-based data formats to accelerate building web and mobile applications, and integrates seamlessly with existing cloud services. Even advanced features, such as event handlers, data triggers, and smart contracts, can be quickly learned and easily applied by any developer, without the need to learn new languages or complex APIs.

  • How do I get started building a multi-party or multi-workspace solution with Vendia?

    Just like you would with a conventional database table, you provide a data model, in the form of a JSON Schema, that defines the “shape” of your data (its columns, in SQL terms). In a few minutes, Vendia’s proprietary schema compiler converts your data model in a multi-participant cloud-native deployment, complete with a custom API that matches your data model and a custom data exploration UI that you can use to update and query your data. Calling the API to make updates is easy - the hard work of accurately replicating data across regions, accounts, and/or owners is all handled automatically for you. And every Vendia application includes advanced features like identity and authentication mechanisms, event notification, and GraphQL subscription support, eliminating the undifferentiated heavy lifting associated with building cloud-based applications.

  • Getting my business partners to simultaneously agree to adopt a single solution feels challenging…where do I start?

    Most customers who use Vendia for multi-party data sharing got started with just their own deployment. While a decision maker (or “leader”) sometimes has the right to force a decision on other parties, often they lead by example, using their implementation to illustrate the cost savings, monetization opportunities, and simplified IT outcomes to recruit business partners to participate. Vendia also excels at incremental adoption. For example, a financial settlement company might adopt Vendia to modernize legacy approaches, such as secure FTP (sFTP). Over time its business partners also adopt Vendia, eventually creating a single source of truth that lowers cost and complexity for all parties. At every stage of an application’s evolution, Vendia can reduce costs, improve transparency, and grow business applications towards scalable, cloud-based solutions.

  • In addition to sharing data with partners, I also need to create and access data in two or more regions. Can Vendia help with that?

    Yes! Vendia isn’t just for multi-party data sharing; you can also use it to share data across departments or within a multi-region application. Adding or removing a region or cloud service provider account from a Vendia-based application couldn’t be easier, and takes just a couple of lines of configuration to accomplish. Vendia’s implementation handles the rest.

  • How does Vendia handle data ingress and egress? My application needs to integrate with other AWS services that produce and consume data, such as Amazon SQS, AWS Lambda, Amazon S3, and others.

    Vendia provides a code-free integration solution for popular cloud services, such as supplying updates through Amazon SQS and responding to change events through AWS Lambda, SQS, web hooks, and more. Developers can simply issue a configuration update request - all the infrastructure updates are then fully automated by Vendia. Vendia refers to this approach as “Infrastructure as Data”. All configuration updates are all also audited and logged by default. The same technique can also be applied to supported third-party services, such as Datadog.

  • I have a mobile application that needs to update in real time as data on the backend changes - can Vendia handle this critical flow?

    Yes - Vendia supports GraphQL subscriptions, enabling every participant to build real-time web, mobile, and event-based (asynchronous) systems. Developers can also take advantage of Vendia’s powerful eventing mechanisms that also include sending data updates to webhooks, cloud (serverless) functions, and queues.

  • How long is a typical enterprise POC for Vendia?

    Unlike traditional technologies that can take months of time to demonstrate proof of value, Vendia can be used in a one-week POC that illustrates custom data models and APIs, scalable, production-grade deployments, enterprise and web/mobile client integration, and much more. Vendia’s schema-driven design and Infrastructure-as-Data solutions make it easy to get started and easy to evaluate…even for teams without the time to write code or perform complex deployments!

  • What’s the TCO for Vendia?

    Vendia’s Serverless architecture and schema-driven design dramatically lower the time and complexity of deployments, reducing the typical number of developers required for a multi-party data sharing application from dozens to as little as a fraction of a person. With no infrastructure to manage, scale, or maintain and fully automatic data transfer and storage expansion, much of the traditional deployment, development, and operational overhead disappears. Per-transaction pricing also ensures that costs track usage, unlike traditional server-based solutions that require each party to deploy capacity scaled to peak needs. Vendia’s intelligent data copying and distribution mechanisms also help customers save money…and the larger the data being distributed, the greater the savings.

  • Which public clouds and regions are supported by Vendia?

    Cloud PlatformRegion
    AWSus-east-1
    AWSus-east-2
    AWSus-west-2
    AWSeu-west-1
    AWSeu-central-1
    Azureeastus
    Azurewestus2
    Azurenortheurope
    Azuregermanywestcentral

    Enterprise Customers: Please contact sales@vendia.com to discuss your CSP and region availability needs in more detail with a Vendia representative.

Data Management Semantics

  • Can every workspace in a project read and write data?

    Yes - every workspace is able to read (query), write (mutate), and receive real-time updates (subscribe). Depending on the workspace’s intended use, its owner may elect to place additional restrictions on access, such as preventing updates.

  • Can I see historical data, including who made changes to values over time?

    Yes. Each workspace in a Vendia project contains a shared (replicated) ledger of all changes. The ledger is queryable, just like any other values, and provides a full account of how data was changed over time, including which workspace made each change.

  • Is the data written by any workspace visible to all workspaces?

    Yes. Subject to any access restrictions the data’s owner may have imposed, Vendia will replicate both the ledger and world state updates for each transaction to all workspaces.

  • How are transactions grouped into blocks? Does the grouping affect the semantics of the transactions?

    Transactions that arrive close together in time may be batched into a multi-transaction block for efficiency. Blocks are applied in the same total order by all workspaces to keep their ledgers consistent, and transactions are only grouped together in a block if they can be proven to be commutative and associative, ensuring that the order in which the updates in a block are applied is irrelevant to their semantics.

  • What are the consistency semantics of updates?

    Each workspace in a Vendia project provides read-after-write consistency. Across workspaces, immutable data, including the ledger and versioned file contents, is eventually available; that is, it will never be inconsistent, but it may not be available in all workspaces at exactly the same time.

  • How does Vendia ensure that data is tamper-proof?

    The shared ledger in each project workspace uses a blockchain data structure, in which each block (group of transactions) has a hash of its data, a pointer to the previous block, and a copy of the previous block’s hash. This allows the workspace, or any application to which it provides ledger access, to independently verify the integrity of its data without relying on any other workspace (or on Vendia). Then by reading in the ledger in the other direction (from oldest to newest entry), all other values in the workspace’s database can be verified, proving the consistency and correctness of all the data. Vendia also utilizes immutability at the cloud infrastructure level to ensure that the implementation responsible for processing and replicating data also cannot be tampered with.

  • I’d like to make a sequence of updates and ensure they are performed serially (i.e. in order) - is that possible?

    Yes - after each update wait for confirmation of its inclusion in a block before submitting the next update. This will guarantee an exact ordering of the sequence in all workspaces. While Vendia makes reasonable efforts to process transactions in the order in which they were received, transactions submitted close to one another in time without waiting for block confirmation may be processed in arbitrary order.

Files

  • Some of the data I’d like to share is in the form of files - images, PDFs, spreadsheets, data in parquet format, log files, and more. Does Vendia support sharing those?

    Yes - Vendia provides first-class support for file (blob) storage. You can share files with the same, simple approach that you share strings and numbers using Vendia.

  • How can I access files stored on Vendia?

    You can upload and download content using native blob transfer APIs on the cloud service provider you selected when you created the project’s workspace. For example, if you selected AWS for a project workspace, you can upload files to, and download files from that workspace using Amazon S3 GET and PUT calls, without needing to change your existing code or command-line scripts. To take advantage of advanced file features such as caching and symbolic links on Vendia, you will need to install a custom SDK or CLI extension but the APIs (or CLI command structure) will remain unchanged - there is no “learning curve” to access your file data and no need to rewrite existing applications or automation.

  • Are files shared on Vendia ledgered and tamper-proof like scalar data?

    Yes - files enjoy the same tamper-proofing and ledgering that scalar data enjoys.

  • Are files shared on Vendia subject to transactional semantics?

    Yes. File updates are versioned and totally ordered along with all other data types. File contents have eventually available semantics - large amounts of content may be temporarily inaccessible while being copied, but once available will always be consistent and correct.

Availability, Uptime, & Disaster Recovery

  • Does Vendia offer an SLA?

    Vendia provides an SLA of 99.99% uptime for users with an enterprise license.

  • I’d like to back up my data in another region for DR purposes. Can I do that with Vendia?

    Yes - creating a DR or backup plan with a Vendia application is easy. You simply add a workspace and configure it for the region where you’d like a copy of your data. Vendia will take care of the rest.

  • Is Vendia fault tolerant?

    Vendia is built using serverless techniques that incorporate data center-level fault tolerance. On AWS, for example, this is described as “multi-Availability Zone (AZ) fault tolerance”. However, if an entire region in a public cloud is experiencing an outage, a Vendia project with one or more workspaces in that region may need to be temporarily halted until that region recovers.

Security & Privacy

  • How are Vendia project workspaces tenanted?

    Enterprise user accounts are always single tenanted. Free tier users receive multi-tenanted accounts, with IAM policies, audit logs, and other defense-in-depth techniques applied to protect tenants from data exposure.

  • How does Vendia treat my Personally Identifiable Information, such as my email address and password?

    Vendia uses hardened public cloud services to store user identity (email address) and password information. This information is encrypted in flight and stored in a service that is SOC2, GDPR, ISO 270001 and PCI compliant and HIPAA eligible. Vendia’s role-based access control and APIs are designed to ensure that the owner of the PII can view, update, and delete it at any time. Vendia also allows users of its platform to opt out of marketing emails and will never sell any PII information to other companies or disclose other than to law enforcement agencies or when required by law.

  • Is data stored by Vendia encrypted at rest?

    Yes. All data users store with Vendia, regardless of its size or format, is automatically encrypted at rest. All information collected from users, including email addresses, passwords, names and participants of projects, etc. is also encrypted at rest.

  • Is data stored by Vendia encrypted in transit?

    Yes. All data transmitted to or from a Vendia project workspace or between workspaces is encrypted using TLS 1.2. All user and control information, such commands to create or update projects or change user settings, is also encrypted in transit.

  • Can I restrict the capabilities of employees in my organization to perform dangerous activities, such as deleting a project and its corresponding data?

    Yes - Vendia provides a full role-based access control (RBAC) system that allows account administrators to grant and remove privileges, such as the ability to delete or reset a running project or to invite non-employees to join a project.

  • As the owner of a file, can I limit which other participants can read or write its content?

    Yes - Vendia provides access controls (“ACLs”) at the level of individual files that allow the file’s owner to determine which workspaces can read or write the file’s content. ACLs can also be changed dynamically by the owner as business or application needs evolve, for example to revoke access that had formerly been granted.

  • Are ACLs available for scalar data?

    Yes

Identity & Authentication

  • How do Vendia projects authenticate and authorize data access?

    Each workspace in a Vendia project has built-in solutions for common identity and authentication patterns, including cloud-based application integration, mobile and web end users, and integration with third party identity providers (IDPs). Each workspace’s settings, including identity and authentication settings, are independent of all other workspaces and are under the exclusive control of the workspace’s owner.

  • How do I configure a workspace to use cloud service provider IAM identity?

    By setting the workspace’s authorizerType to “IAM”, the owner of a workspace can restrict access to a specific set of CSP accounts. The permitted accounts are provided as an additional array in the allowedAccounts field, and all communication with the workspace will be limited to that list of accounts. Since each workspace’s settings are independent, other workspaces can be configured for the same, or different accounts, or can use entirely different identity solutions. This type of authentication is ideal for workspaces that primarily interface with other backend systems.

  • I already have my existing web/mobile end users in an Amazon Cognito user pool; can I simply attach that to the workspace?

    Yes - set the authorizerType of an AWS-based workspace to “COGNITO” and the authorizerArn field to the ARN of your existing Amazon Cognito user pool to “bring your own” users to the workspace.

  • I want to support web or mobile users attaching to my workspace, but I don’t have an existing Cognito user pool for them. Is there an easy way to get started if I don’t want to manage that myself?

    Yes - set the authorizerType of an AWS-based workspace to “COGNITO” but leave the authorizerArn field unspecified. Vendia will supply and manage a Cognito User Pool on your behalf.

  • Can I use OIDC on an AWS-based workspace?

    Yes - set the authorizerType of an AWS-based workspace to “COGNITO” and the authorizerArn field to the ARN of an existing Amazon Cognito user pool configured for OIDC. For more information on configuring an Amazon Cognito User Pool for OIDC, see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-oidc-idp.html.

  • Can I use a social identity provider, such as “Login with Google” or “Login with Facebook” on an AWS-based workspace?

    Yes - set the authorizerType of an AWS-based workspace to “COGNITO” and the authorizerArn field to the ARN of an existing Amazon Cognito user pool configured for social IDP. For more information on configuring an Amazon Cognito User Pool for social IDP, see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social-idp.html.

  • Can I use a SAML identity provider on an AWS-based workspace?

    Yes - set the authorizerType of an AWS-based workspace to “COGNITO” and the authorizerArn field to the ARN of an existing Amazon Cognito user pool configured for SAML integration. For more information on configuring an Amazon Cognito User Pool with SAML providers, see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-saml-idp.html.

  • I have custom logic, such as Okta or Auth0 integration, that I’d like to use for authentication and authorization in a workspace. How can I use that?

    Set the authorizerType of an AWS-based workspace to “CUSTOM” and the authorizerArn field to the ARN of an AWS Lambda function acting as a custom authorizer. You can use arbitrary code in that function to implement your authentication and authorization strategy based on the incoming API request, including its headers.

Performance

  • How high can a Vendia project scale to support ingestion of transactions?

    Projects scale automatically to tens of thousands of transaction submissions, queries, or file operations per second.

  • What is the typical latency when writing data?

    A typical mutation to update data for workspaces in the same region requires a few hundred milliseconds to complete, depending on the number of workspaces and the size of the data being written. Geographically dispersed workspaces - for example, a project with workspaces in North America, Europe, and Asia - will experience higher latencies due to limits on the speed with which data can be transmitted over Internet networks across large distances and could take 1-2 seconds to complete replication.

  • How fast can I download file-based data from Vendia?

    Vendia makes file data available in “CSP-native” services, such as Amazon S3 for an AWS-based project workspace. There is no performance penalty for reading data from Vendia - your data will be accessible with “S3-native” throughput, latency, and scale.

Limits

  • How many transactions can the Vendia ledger store?

    There is no limit on the number of transactions that can be stored in the ledger. Vendia will automatically scale the underlying storage to meet current needs, without limits. Free tier users are limited to 1,000 blocks of transactions, however. (A block may contain more than one transaction when the transaction submission load is high.)

  • How much data can be stored in Vendia ?

    There is no limit on the amount of data (“world state”) that can be represented. Vendia will automatically scale the underlying storage to meet current needs, without limits.

  • How much file data can be stored in Vendia?

    There is no limit on the amount of file data that can be represented. Vendia will automatically scale the underlying storage to meet current needs, without limits. Free tier users are subject to a maximum file size limit of 50MB and a maximum of 500 files.

  • How large can a single transaction be?

    A single transaction (not including any file data it may represent) is limited to 255KB.

  • How many workspaces can a project have?

    By default, an Enterprise project may have up to 20 workspaces.