Platform Features
A sovereign personal data platform with 86 services, 84 REST route files, and 177 database tables powering your communications, AI, and privacy. Every capability is built on the Design Law: data first, actions second.
Data Sovereignty
All 177 tables enforce row-level security with owner_id. Credentials encrypted in Supabase Vault (pgsodium). Append-only audit log — no UPDATE, no DELETE, ever. PII auto-redacted before any cloud LLM call. Export all your data anytime in standard formats.
Unified Data Model
Persons, messages, email threads, call sessions, voicemails, calendar events, documents, locations, and 165+ more tables — all in one schema. Every integration lands as data first (the Design Law). Contacts sync from Exchange, calls from Twilio, emails from Graph API.
Event-Driven Spine
NATS JetStream with 8 streams: platform events, connector data, audit log, tools, audio, sensor, device, and scheduler. Immutable events with correlationId for full trace reconstruction. Three priority queues via pg-boss: realtime (<100ms), interactive (<5s), background.
Plugin System
V8 isolate sandboxing via isolated-vm with complete heap isolation. Three plugin types: connectors (MS Graph, data sync), channels (Twilio voice/SMS), and rule operators. Each declares permissions in plugin.json. Plugins cannot import Node modules, call fetch, or read process.env.
Sovereign AI
28 built-in agent tools: search contacts, messages, documents, wiki, timelines, and more. Multi-agent orchestration with plan-and-execute. RAG pipeline with pgvector embeddings. LightRAG knowledge graph for entity-relationship extraction. Route to OpenRouter or local Ollama.
Credential Wallet
Add Twilio credentials and voice/SMS/video capabilities appear. Add Microsoft 365 and email/calendar/contacts sync. Credentials are decrypted only inside isolated V8 sandboxes at runtime. Remove a credential and every feature it powered vanishes instantly from the UI.
Rules Engine
WHEN/IF/THEN automation with AST-based conditions. 7 sync operators (person groups, time ranges, channel types, location, presence). 4 async operators (call count, last contact, voicemail, missed calls). 11 action types including SMS, email, call routing, IVR, conference, and delayed execution.
Hybrid Search
Meilisearch full-text across 5 indexes (persons, messages, events, documents, listings) with 30-second result caching. pgvector semantic search with cosine similarity. Circuit breaker for graceful degradation. Entity-level indexing on every create and update event.
Federation
ActivityPub for cross-instance communication and marketplace discovery. DID creation and resolution for decentralized identity. Verifiable Credentials issuance and verification. DIDComm for encrypted peer-to-peer messaging between instances.
Marketplace
Privacy-preserving data products with per-field access controls. Listings with preview/full/API tiers. Federated discovery via ActivityPub. Reputation scoring based on transaction history. Time credit and monetary pricing models.
Governance
DAOs with five voting systems: simple majority, supermajority, quadratic, consensus, and liquid democracy. Proposal lifecycle with discussion periods. Dispute resolution and moderation. Time banking with credit transfers.
86 Backend Services
From caching and rate limiting to billing, audio intelligence, and device control. InboxService materializes cross-channel events. TranscriptionService runs post-call AI pipelines. EmailAIService auto-scores priority and detects follow-ups. All wired through the event bus.