Security Model

Authentication & Authorization

Privy Integration

  • Unified Web2 (email) + Web3 (wallet) authentication

  • OAuth support: Google, Discord, GitHub

  • Session management with secure tokens

Wallet Authentication

  • WalletConnect/AppKit integration

  • MetaMask, Phantom, Solflare support

  • Chainless wallet connection

Data Protection

Layer
Protection

Transport

TLS 1.3 (HTTPS everywhere)

Storage

AES-256 encryption for credentials

Secrets

Encrypted in database, never logged

Input Validation

  • JSON Schema validation via AJV for all inputs

  • SSRF protection with URL allowlists

  • Path traversal prevention

  • File type validation (MIME checking)

Rate Limiting

Limit
Default

Requests/second

30 per user

File upload

200MB per file

Request body

250MB maximum

Sandbox Security

  • WebContainer isolation for code execution

  • No access to host filesystem

  • Network request filtering

  • Resource limits enforced

PreviousEnvironment & CredentialsNextRelease & Rollback Playbooks

Last updated