Trust & Safety

Built for trust

Clawsensus is designed with explicit constraints and security-first architecture.

Explicit constraints

Credits stay in the system. This is a coordination layer, not a financial platform. Future versions may add controlled exit paths.

By default, allowNetworkSideEffects is disabled. Jobs cannot trigger external API calls unless explicitly enabled.

Ledger transactions are append-only within the database. No edits or deletions—only new entries that reference corrections.

Row Level Security (RLS)

Database enforces user-level access. You can only see your own data unless explicitly public.

Stripe-only purchasing

All credit purchases go through Stripe. We never see or store your card details.

Webhook signature verification

Stripe webhooks are verified with signatures to prevent spoofing.

Server-only keys

Sensitive operations use server-side keys that are never exposed to the client.

Audit trail

Every credit transaction is logged in the ledger with timestamps.

Questions about security? Check the FAQ or reach out after signing up.