Security
How we protect your data and builds
Security is foundational to ProphecAI. We implement industry-standard security practices across our infrastructure, application, and data handling. Our architecture is designed with defense-in-depth principles to protect your code, data, and account.
Encryption in Transit
All connections use TLS 1.3 encryption. HTTP requests are automatically redirected to HTTPS. API tokens are transmitted securely.
Authentication & Access
Passwords are hashed with bcrypt (cost factor 12). Authentication uses short-lived JWT tokens. Sessions are isolated per user.
Infrastructure Security
Services run in isolated Docker containers. Database access is restricted to the internal network. SSH access uses key-based authentication only.
Code Isolation
Each builder session runs in an isolated context. Generated code is sandboxed during validation. No cross-session data leakage.
Blockchain Integrity
Build hashes are recorded on Base L2 for immutable verification. Anyone can independently verify a build's authenticity on-chain.
Vulnerability Reporting
We take security issues seriously. If you discover a vulnerability, please report it responsibly to our security team.
Report a Vulnerability
If you've found a security vulnerability in ProphecAI, please let us know responsibly. We appreciate your help keeping our platform safe.
security@propechai.tech