Security & Privacy

Privacy is not a feature — it is the architecture. Cerid AI is designed from the ground up to keep your data under your control.

Data Stays Local
All your knowledge, embeddings, and metadata live on your machine. Nothing is sent to external servers except LLM API calls.
Encrypted at Rest
API keys are Fernet-encrypted. Secrets managed with age encryption. Environment variables never committed to git.
Authentication & Authorization
Optional multi-user JWT auth with bcrypt password hashing (cost 12). Short-lived access tokens (15 min) with refresh token revocation.
Rate Limiting
Sliding-window rate limiting with per-user keys when authenticated. Path-specific limits protect ingestion and agent endpoints.
Infrastructure Hardening
Redis authentication enabled. Ports bound to 127.0.0.1. Container resource limits. Security headers via nginx and Caddy.
Database Security
Neo4j credential validation on every health check. ChromaDB reset disabled in production. Query parameterization throughout.
No Vendor Lock-in
Self-hosted with full data portability. Export and import your entire knowledge base. Switch LLM providers freely.
LAN Access Controls
Optional Caddy HTTPS gateway. Multi-interface IP detection with stale-IP auto-fix. CORS origin restrictions.
CI/CD Security
Secret detection in CI pipeline. CodeQL SAST analysis. Dependabot for dependency updates. mypy type checking.

What leaves your machine?

Only LLM API calls go external. Everything else stays local.

Stays on your machine

  • Your documents and files
  • Knowledge base embeddings
  • Knowledge graph relationships
  • Search indices and caches
  • Conversation history
  • User accounts and API keys
  • Audit logs and usage data

Sent externally (encrypted)

  • LLM prompts via HTTPS to OpenRouter
  • Your chosen LLM provider processes the query
  • Responses streamed back over HTTPS

You choose the LLM provider. Use your own API key. No data is stored by the gateway.

Open source. Auditable. Yours.

Every line of code is open source under the Apache 2.0 license. Audit the security model yourself. Run it on your own infrastructure. No trust required.