Security isn't a feature we bolted on. It's the architecture itself. Every layer of Aero OS is designed to make data breaches structurally impossible.
Zero direct database writes from the client. Every mutation goes through server-validated RPC. Every action is an immutable event.
Security Architecture
Click each layer to explore the technical implementation. Every layer operates independently — compromising one does not expose another.
Zero Direct DB Writes
All mutations flow through handle_job_event() RPC. The client never touches the database directly — not even through an ORM.
Event-Sourcing as Security
Because job_events is append-only, historical records cannot be tampered with. The audit trail is the data.
Monotonic State Transitions
State can only move forward (validated by validate_job_state_transition). No reverse transitions except explicit cancellation.
All operational data encrypted with AES-256-GCM. Financial amounts stored as NUMERIC(12,2) — never floating point. Key rotation is automatic.
RLS policies enforce tenant_id on every query. JWT claims carry tenant context. No cross-tenant joins. No shared data paths.
Every event carries user_id, timestamp, and metadata. Full lifecycle replay available. Designed for compliance audits, insurance claims, and dispute resolution.
“The most secure system is the one where breaches are architecturally impossible, not just unlikely.”