| Version | Supported |
|---|---|
| 0.1.x | ✅ |
Email security@loopgrid.dev or open a private security advisory on GitHub.
All decisions are cryptographically hashed (SHA-256) and chained. Tampering with any record breaks the chain and is detectable via GET /v1/integrity/verify.
LoopGrid V1 is designed for local development and small-scale deployments. It does not include:
- Authentication / Authorization
- API key management
- Rate limiting
- Encrypted storage
- Run behind a reverse proxy (nginx, Traefik) with TLS
- Add authentication at the proxy level
- Restrict network access to trusted services
- Use PostgreSQL instead of SQLite
- Enable audit logging at the infrastructure level
- Set API keys via environment variables (never in code)
Note: V2 will include built-in authentication and security features.