Security

Defense in depth. Not as a feature — as a foundation.

Encryption at rest

• Envelope encryption: data encrypted with a per-record AES-256-GCM data key.
• Data keys wrapped by Google Cloud KMS root keys.
• Tokens are decrypted only in memory, just-in-time, on the proxy hot path.
• Plaintext OAuth tokens never touch our database.

Audit log

• Append-only. No update/delete operations.
• Default retention: 30 days. Enterprise plans: 180+ days.
• Schema includes: actor (uid OR aiClientId + userId), action, resource, intent, timestamp, request hash.
• Query via portal or programmatically via getExecutionLogs callable.

MFA on destructive operations

TOTP-based. Required for:

• Deleting an App.
• Deleting an AI Client (the credential being used to delete is invalidated).
• Rotating a Provider's stored credentials.
• Deleting an Organization.

Backup codes available. Recovery requires identity verification.

Tenant isolation

• Every resource carries organizationId.
• Cross-org reads are impossible at the data layer (Firestore security rules + server-side org-context guards).
• Wallets are scoped to organizations, not users.

What we don't have yet

• SAML / SSO — Enterprise tier roadmap, Q3 2026.
• BYOK (customer-managed KMS keys) — Enterprise roadmap.
• SOC 2 Type II — pursuing in 2026.
• ISO 27001 — pursuing in 2026.
• LGPD compliance — operationally aligned, formal certification in progress.

Reporting issues

[email protected] — PGP key available on request.