Security & Encryption

Data encryption

All sensitive data is encrypted at rest using AES-256-GCM:

• API keys — LLM provider keys (OpenAI, Claude, etc.)
• OAuth tokens — Slack workspace bot tokens
• Platform tokens — Telegram and Discord bot tokens

Encryption format: aes256gcm:iv_hex:ciphertext_hex:tag_hex

The encryption key is a 32-byte hex string stored as an environment variable (ENCRYPTION_KEY). It never touches the database.

Request authentication

Slack

• HMAC-SHA256 request signature verification on every webhook
• Timing check — rejects requests older than 5 minutes
• OAuth state parameter signed with HMAC to prevent CSRF

Discord

• Ed25519 signature verification on all interactions (using tweetnacl)
• Public key verified against DISCORD_PUBLIC_KEY environment variable

Platform connections

• One-time connect tokens with 5-minute expiry
• Tokens are single-use — consumed on first connection
• Bot tokens never included in SQS messages — Lambda looks them up from the database

Branch protection

Main and master branches are protected at the code level. The agent cannot write to them directly — all changes go to feature branches, and pull requests are created for review.

Processing locks

Each conversation has an is_processing lock to prevent concurrent execution. If a Lambda function crashes mid-execution, stale locks are automatically released after 5 minutes.

Web security

• Cookie-based session authentication (Supabase Auth)
• Row Level Security (RLS) on all database tables
• Server-side API key proxy — cloud LLM keys never reach the browser
• CORS restricted to the application origin
• Ollama calls go directly from browser to localhost — no server middleman