Security & Compliance

Velocity's primary adversary is the trusted insider — a developer, contractor, or compromised account with legitimate session access. External attackers matter, but every enterprise already spends on perimeter defense; almost none spend on the person already inside. We assume the attacker has valid credentials, a working laptop, and time. Our job is to make code exfiltration require physical screen capture: no clone, no scp, no copy-paste to a personal repo, no screenshare leak. Network egress is constrained, source bytes never touch local disk, and every keystroke is observable. If they want the code, they have to point a phone at the monitor.

The in-RAM storage container is the load-bearing primitive. Every source byte the client touches lives in an AES-256-GCM encrypted buffer in process memory. The session key is wrapped in a libsodium

SecureBuffer

mlock

• AES-256-GCM with a fresh 96-bit nonce per chunk; tag verified on every read.
• Per-session key derived from the org KEK via HKDF, never written to disk.
• LRU eviction caps RAM use; evicted chunks are re-fetched from encrypted cloud storage.
• No

  /tmp

  writes, no swap exposure, no file content in logs or crash dumps.

Code only reaches production via Developer → Reviewer → Admin. The chain is enforced at the backend, not the UI — bypassing the client cannot bypass the rule. Developers write inside sessions and submit builds. Reviewers approve or send back with comments. Admins perform the final merge to the protected branch. The Manager role owns billing and org state but cannot edit code or approve builds. There is no "emergency override" switch.

The audit table is append-only and enforced by Postgres triggers — the application role has no

UPDATE

DELETE

• Every session join, keystroke window, build, approval, role change, and policy edit.
• Cryptographic hash chain across rows for tamper-evidence at export time.
• SIEM-ready streaming via webhook or syslog drain — Splunk, Datadog, Elastic supported.

Velocity ships pre-built scan packs for SOC 2, HIPAA, PCI-DSS, GDPR, and ISO 27001. Each pack is a YAML manifest wrapping the open-source scanners we trust — Semgrep for static analysis, Trivy for dependency and container CVEs, Gitleaks for secrets, License Finder for license posture — plus Velocity-authored custom rules for things like "no PHI fields touched outside the

phi

Packs run on every build submission. Reviewers see a single pass/fail summary with drill-downs and can't approve a failing build unless an Admin explicitly waives a finding — and the waiver is itself audited with a required justification string.

Bring-your-own-cloud uses the Velocity Stamp pattern. We create exactly one bucket, one KMS key, and one workspace prefix inside your account, all tagged

velocity:managed=true

s3:ListAllMyBuckets

Uninstall is a single script that deletes only what carries our tag. The rest of your account is untouched. Operators can audit the exact policy before pasting; the JSON lives in each provider's BYOC setup page.

Self-hosted licenses are Ed25519-signed blobs containing org ID, seat count, expiry, and feature flags. The backend verifies the signature on boot and on every hourly heartbeat. A tampered or expired key refuses to start the service and surfaces a clear operator error.

On the desktop client, the bundled Code OSS distribution and every bundled extension is SHA-256-pinned in a signed manifest checked at launch. If a hash doesn't match, the client refuses to open the workspace and reports a tamper event to the audit log. There is no Marketplace fetch path that could swap a verified extension at runtime.

Sentry is wired into all three projects but configured to redact by construction, not by best effort. The PII scrubber runs before the event leaves the process: file contents, prompt and response text from CLI tabs, file paths normalized to project-relative, real user names replaced with stable opaque IDs, and any string matching common secret patterns dropped entirely.