Open Bee
Get started

Last updated Β· April 29, 2026

Security

Open Bee AI is built by engineers who've shipped at scale and read too many post-mortems. Here's the honest state of our security posture and where we're going.

1. Architecture

  • Workspace isolation. Every database query carries a workspaceId filter. Membership is checked server-side via a single requireWorkspace() helper β€” no route bypasses it.
  • Server-only boundaries. Files importing server-only can never be bundled into client JS. Provider API keys live exclusively in server contexts.
  • Local-first agent runtime. The Apache-2.0 open-bee daemon runs on your hardware. Linked workspaces dispatch tasks to your daemon β€” code, files, and tool outputs never traverse our cloud.

2. Encryption

  • In transit. TLS 1.2+ with HSTS for all surfaces. Database connections require sslmode=require with channel binding.
  • At rest (storage layer). Neon Postgres encrypts all data with AES-256.
  • At rest (application layer). Sensitive fields β€” Telegram bot tokens, webhook secrets, BYOK provider keys β€” are additionally encrypted with AES-256-GCM using a key held only in our environment configuration. A database snapshot alone cannot decrypt them.
  • API keys. Daemon keys (obee_…) are stored as SHA-256 hashes. The plaintext value is shown exactly once at creation and cannot be recovered if lost.

3. Authentication & access

  • Authentication via Clerk with optional 2FA per user.
  • Workspace roles: owner, admin, member. Settings, billing, and bridges require admin or owner.
  • Daemon authentication via Bearer tokens, scoped to a single workspace and revocable from the UI.
  • Stripe webhooks are signature-verified; replay protection via the ProcessedStripeEvent idempotency table.
  • Telegram webhooks are verified via the X-Telegram-Bot-Api-Secret-Token header before any work is done.

4. Operational security

  • Hosted on Vercel (web) and Neon (database). Both providers maintain SOC 2 Type II reports we share under NDA on request.
  • Server logs retained 30 days. Logs scrub authorization headers and API keys.
  • Production deploys gated on green CI: typecheck, build, and lint must pass before merge.
  • Dependencies updated monthly via Renovate. Critical CVEs patched within 72 hours of disclosure.

5. What we're working on

Honest list of gaps we know about and are closing:

  • SOC 2 Type I β€” targeted Q3 2026 with Vanta.
  • Audit log of data access β€” who viewed which conversation when. In design.
  • Customer-managed encryption keys (CMEK) β€” for enterprise customers who want to hold the key themselves.
  • EU data residency option β€” Neon Frankfurt region when we have enough EU customers to justify the cluster.

6. Vulnerability disclosure

Found something? Email security@openbee.ai. Please:

  • Give us 90 days before public disclosure.
  • Don't access data that isn't yours. Test against accounts you control.
  • Don't run denial-of-service or social-engineering tests against our staff.

We acknowledge reports within 2 business days. Valid critical/high findings receive a bounty (USD $250–$5,000 scaled by severity) and a public credit (with your consent) on this page.

7. Incident response

If a breach occurs that affects your data, we will notify you within 72 hours of confirmation, in line with GDPR Article 33. Notice includes: what happened, what data was involved, and what we did about it.