Security

Every relay request is validated on two independent layers: your project's publishable key (HMAC-verified server-side; it is not a secret) and a JWT from a trusted issuer you configure (Apple, Firebase, or your own keys), verified fresh on every request. Optional iOS App Attest binds requests to genuine devices.

Clients cannot define system prompts, tool schemas, or token limits — those live in agent profiles on the server. A compromised client can only invoke what you configured, within the quotas and budgets you set.

Provider API keys are encrypted at rest with authenticated encryption keyed per project. Database access is tenant-isolated with row-level security. Kill switches at global, project, and provider scope can halt traffic immediately.

Report suspected vulnerabilities to shayegh.amir@gmail.com. Please include steps to reproduce; we will acknowledge within two business days.