All products
The Gold Checkmark for Every BrandWeb · Cloudflare-hosted

Certify Your Brand for the Inbox.

Automated SVG Tiny P/S validation and auto-remediation for BIMI compliance. Turn complex graphics into secure, 32 KB vector payloads that earn the Verified Mark Certificate.

Validate Your LogoView Security Specs

BIMI Sidekick

Problem & Solution

Built for what actually goes wrong

Pain point

SVG files being rejected for BIMI because they contain scripts, bitmaps, or non-compliant XML structures.

Value pillar

Aggressive security sanitization via DOMPurify and strict XML node normalization to the SVG Tiny P/S profile.

Pain point

File sizes exceeding the 32 KB limit required by the Verified Mark Certificate (VMC) standards.

Value pillar

Iterative SVGO minification with preservation of mandatory BIMI metadata and geometric normalization.

Deep technical features

What ships in the box

SVG Tiny P/S Normalization

Forcefully mutates XML metadata to enforce baseProfile="tiny-ps" and version="1.2". Strips forbidden absolute positioning and active content (scripts/animate) at the edge.

Geometric Precision Engine

Automatically scales and centers logos to 1:1 aspect ratios (min 96×96 px) and injects mandatory solid-fill background primitives for inbox consistency.

Auto-Remediation Logic

When automated fixing is impossible, the system generates human-readable engineering steps for designers to fix non-vector artifacts or complex filters.

Security & Compliance

Built on enterprise-grade infrastructure

Every SVG is sanitized at the edge: DOMPurify strips scripts and animate nodes, XML metadata is forcibly rewritten to the SVG Tiny P/S profile, and the 32 KB cap is enforced before the payload ever reaches your inbox provider. Audit trails live in your D1 instance, not ours.

DOMPurify-sanitized SVG32 KB VMC ceiling enforcedCloudflare Workers + D1 audit logClerk SOC 2 Type II identity
Network

Cloudflare global edge — innate DDoS protection, zero cold-starts.

Identity

Clerk (SOC 2 Type II, GDPR) for multi-tenant fleets; PBKDF2 for single-tenant apps.

Subprocessors

Cloudflare & Resend (SOC 2 Type II) · Stripe (PCI-DSS Level 1).

Product roadmap

From foundation to fleet scale

  1. Phase 1Shipped

    Foundation — Validation Gate

    • Hono-based validation Worker with CPU-safe XML parsing.
    • Strict byte-size gating and line-ending normalization.
    • Lexical sanitization and root metadata enforcement.
  2. Phase 2Shipped

    Remediation & UI — Auto-Fixing

    • SVGO-backed iterative minification for the 32 KB constraint.
    • Geometric normalization (aspect ratio/absolute dimensions) and background injection.
    • Drag-and-drop React UI with real-time feedback and remediation reports.
  3. Phase 3In progress

    Scale & Monitoring — Audit & Logging

    • D1-backed validation logging with STRICT typing for audit trails.
    • VMC preparation dashboard with integrated checklist for IT admins.
    • Clerk-based user accounts for persistent logo library management.

Ready to bring BIMI Sidekick into your stack?

Talk to our team about deployment, custom SLAs, and integration with your existing identity and observability stack.

Request a consultationOpen BIMI Sidekick