Project · Saas Lifebot

SAAS-Lifebot — Security Review

type referencestatus draftlifebot · security · review

Scope

Post-implementation audit of multi-user E2EE fitness SaaS on ThinkCentre. Fill after code and isolation tests land. Pre-build controls: SAAS-Lifebot/security-design.

Status

Draft — pending implementation evidence.

Checklist (to complete)

  • [ ] Two-user isolation tests green (A cannot read B)
  • [ ] psql on daily_metrics.sealed_payload shows non-readable ciphertext
  • [ ] /api/stats Network tab: no plaintext values before client decrypt
  • [ ] Ingest with wrong key → 401; right key only owner’s rows grow
  • [ ] Vault wrong password cannot unlock
  • [ ] Delete user A leaves B intact
  • [ ] Export only contains A for user A
  • [ ] Logs during ingest: no body/metric samples
  • [ ] Postgres not listening on 0.0.0.0
  • [ ] Friend URL is HTTPS or Tailscale only
  • [ ] LUKS active on data volume
  • [ ] Backups encrypted
  • [ ] Consent blocks chat/seed when missing
  • [ ] APP_SECRET cannot decrypt sealed health in unit test

Findings

None yet — complete after Phase 8.

Compiled from wiki/projects/SAAS-Lifebot/security-review.md · git is the source of truth