Skip to content
Velocity

Security

We assume the worst about every machine your code touches.

Velocity's security model starts from one assumption: any laptop, any container, any cloud account could be compromised tomorrow. We engineered around that. Source never persists where an attacker can read it.

RAM-only storage container

On the client, source lives only inside the Velocity Storage Container — a Rust cache that holds AES-GCM-encrypted ciphertext in process memory. Plaintext materializes for milliseconds when you read a buffer, and is zeroized on close.

AES-256-GCM with per-session keys

A fresh AES-256-GCM key is generated server-side per session and sent to the client over TLS at session join. We wrap it in libsodium's SecureBuffer (mlock + sodium_memzero). Session end means key wipe.

Zeroize on close

Closing a session or the app triggers a sodium_memzero pass across every ciphertext buffer and the session key itself. We don't trust the OS allocator to do it for us.

The Velocity Stamp (BYOC)

In your cloud account, Velocity acts like a tenant installing in your building. We create one bucket, one KMS key, one workspace — never read, list, or touch anything outside what we made. A single uninstall script removes only our footprint.

Workspace network policy

Cloud workspace containers have allowlisted outbound only: npm, crates.io, PyPI, Go proxy, Maven Central, Docker Hub, GitHub for git clone, the AI CLI endpoints, and org-configured MCPs. No arbitrary outbound — malicious build scripts can't exfiltrate.

Compliance scan packs

One-click scans for SOC 2, HIPAA, PCI-DSS, GDPR, and ISO 27001. We wrap Semgrep, Trivy, Gitleaks, and License Finder; you can author custom rule packs in YAML. Pass/fail rows point to exact file and line.

Found something?

We run a coordinated disclosure program. Report vulnerabilities to security@aethernaut.ai. Encrypt with our PGP key if the finding is sensitive — fingerprint on request.

First response within one business day. Triage within three. We do not pursue good-faith researchers under CFAA, DMCA, or our terms. A public bug-bounty program will launch alongside SOC 2 Type II.

In scope

  • · The Velocity desktop client (macOS, Windows) and embedded Code OSS
  • · The Velocity backend API at api.aethernaut.ai
  • · The marketing and portal site at aethernaut.ai
  • · Self-hosted binaries published under our release tags
  • · The Velocity Stamp templates for AWS, Azure, and GCP

Out of scope

  • · Customer-controlled BYOC accounts (report to the customer)
  • · Third-party services we use (Stripe, Cloudflare, Neon — go to them)
  • · Volumetric DoS, social engineering, or physical attacks
  • · Findings against unsupported, end-of-life releases

Threat model, plainly

What we defeat

  • · Disk forensics — nothing on disk to recover
  • · Ransomware grabbing project files — same reason
  • · Casual screen scraping by adjacent processes
  • · Malicious npm packages reading the filesystem
  • · Marketplace extensions phoning home — we ship Open VSX allowlist-only, never the VS Code marketplace
  • · Source landing in /tmp, logs, crash dumps, swap

What we don't pretend to defeat

  • · Kernel-level rootkits on the developer's machine
  • · Memory snapshot tools the user runs themselves
  • · A malicious extension the org has explicitly allowlisted (mitigated by the curated Velocity Library)
  • · Authorized users acting in bad faith — that's what audit and replay are for