Overview
Purpose of this Page
This page provides a technical overview of how LogicBasis protects data, API keys, access, and system integrity. The system is designed to be minimal, deterministic and secure by default.
Architecture
Minimal & Deterministic
- No public write operations
- No client-side secrets
- All sensitive operations run server-side
- No external OAuth providers
- No unnecessary dependencies
API Keys
Protection & Storage
- API keys stored as SHA‑256 hashes
- No plaintext storage
- No GitHub uploads
- No client-side usage
- Immediate regeneration if compromised
Data Access
RLS & Policies
- Row Level Security active on all tables
- No table readable without explicit policy
- No automatic exposure of new tables
- Manual approval for every exposed table
Data API
Controlled Exposure
- Only selected tables/functions exposed
- All access requires authentication
- No anonymous write access
- Minimal and predictable API surface
Isolation
Server-Side Only
- Secret keys never leave the server
- All API requests validated server-side
- No direct access to internal endpoints
Tokens
JWT & Key Rotation
- Modern JWT signing standards
- Legacy keys supported but isolated
- Rotation possible without downtime
Operations
No External Sharing
- No background data sharing
- No third-party analytics in the core
- No tracking scripts
- No external processors beyond Supabase & Stripe