1. Governance & Access Control
AngeloAI operates under a “Steward-Sovereign” governance model. Access to sensitive data is restricted by the Principle of Least Privilege (PoLP) and the following mandates:
- Zero-Trust Access: Access to internal services is gated by Cloudflare Zero Trust with per-user identity verification. No AngeloAI service is publicly addressable without passing a Zero Trust policy.
- Authentication: User authentication is delegated to Google OAuth via the Google Identity platform. AngeloAI does not store user passwords. Multi-factor authentication and hardware-key protections configured on the user’s Google account apply automatically.
- The “Hand” Protocol: Elevated risk actions (e.g., initial production funding or structural schema changes) require a detached PGP signature from the Steward.
2. Data Handling & Encryption
We treat financial data as a sovereign asset.
- Encryption at Rest: Credentials, access tokens, and sensitive account identifiers stored by AngeloAI are GPG-encrypted at rest to the Steward’s public key. Keys are rotated on suspected compromise.
- Encryption in Transit: All public traffic is served over TLS 1.3 via Cloudflare.
- Data Minimization: We only request the specific Plaid scopes (e.g.,
transactions, auth) necessary for the user’s requested analytics. Excess data is not retrieved.
3. Storage & Persistence
AngeloAI follows a “Temporary State” philosophy:
- Token Lifecycle: Plaid
public_tokens are treated as short-lived and are discarded immediately after exchange for a persistent access_token. - Infrastructure: AngeloAI runs on a single-tenant server reached only through a Cloudflare Tunnel; the host has no public inbound ports. Backups are GPG-encrypted to the Steward’s public key and retained on separate storage.
4. Incident Response
In the event of a suspected security anomaly or token exposure:
- Revocation: AngeloAI will revoke active sessions and rotate affected credentials upon confirmed exposure.
- Disclosure: We will notify affected users and relevant authorities in accordance with applicable law.
- Manual Review: Elevated-risk operations are gated by Steward signature; incidents trigger a manual forensic review before any affected workflow is resumed.
For security-related inquiries or to report a concern, contact: security@angeloai.com