Security

What runs locally

• Knowledge graph — all entities, facts, and relationships stored on your machine
• Pipeline orchestrator — durable execution runs locally
• Workspace files — documents, meeting transcripts, extracted evidence, decisions
• Content-addressable storage — SHA256-addressed fact artifacts on your filesystem
• Configuration and credentials — stored locally in ~/.basal/ with encrypted storage

BASAL does not upload your documents, graph data, or workspace content to any server.

What runs in the cloud

• Authentication — Google OAuth via Supabase Auth. We store your Google profile (name, email, avatar) for session management.
• API key management — keys are SHA256-hashed before storage. The raw key is shown once at creation and never stored.
• LLM proxy — proxies requests to the inference provider. Your API key authenticates each request. Rate-limited per key.

LLM proxy security

• All proxy traffic uses TLS encryption in transit
• Prompts and model responses are not logged by basal.is
• Only metadata is logged: timestamp, token count, model tier, and API key ID (not the key itself)
• Rate limiting: per-key request and token limits to prevent abuse
• Response caching uses SHA256 content hashes — no plaintext prompts in cache keys

Authentication

• Google OAuth 2.0 (PKCE flow) — no passwords stored by BASAL
• Session tokens managed by Supabase Auth with automatic refresh
• API keys: SHA256-hashed at rest, prefixed with bsk_ for identification

Data you control

Since your knowledge graph and workspace data are local, you have full control:

• Delete any workspace: basal workspace remove <id>
• Revoke API keys at any time via the BASAL desktop app or basal connect
• Disconnect Google Workspace integration locally
• All local data can be deleted by removing the project directory and ~/.basal/

Reporting security issues

If you discover a security vulnerability, please report it to security@basal.is. We appreciate responsible disclosure.