Socializer
Security is the moat

Built security-first, not security-later

Connected-account credentials are envelope-encrypted, tenants are isolated by the database itself, every write is recorded in an immutable audit log, and nothing ships without human approval. This is the difference, not a feature flag.

Get started free How we compare

Envelope-encrypted credentials (AES-256-GCM)

Every connected-account credential is encrypted at rest with AES-256-GCM under a per-tenant data key, which is itself wrapped by a root key. We never store provider tokens in plaintext columns.

  • Per-tenant data keys, wrapped by a root key (envelope encryption)
  • AES-256-GCM — authenticated encryption, tamper-evident ciphertext
  • Tokens decrypted only in memory at the moment of a publish

Postgres row-level security

Tenant isolation is enforced by the database, not by remembering a WHERE clause. RLS policies scope every row to its tenant, so a query can only ever see one tenant's data.

  • RLS policies on tenant-scoped tables — DB-enforced, not app-enforced
  • A leaked or forgotten filter cannot cross tenants
  • Connection sets the tenant context; the database does the rest

Immutable audit log

Every write — compose, approve, schedule, publish — is recorded append-only with the actor, the content, the target account, and the provider result. The log is never edited or deleted.

  • Append-only: records are written, never mutated
  • Captures actor, content, target, and the provider's response
  • Queryable over the API and MCP for compliance and forensics

Mandatory approval gates

Nothing reaches a connected account without a human approving the draft first. AI is assistive and proposes drafts; it can never autonomously publish to a real account.

  • Every outbound write passes through an approval gate
  • AI proposes; a human approves before anything ships
  • Approvals are themselves recorded in the audit log

Scoped API tokens

API keys are Bearer tokens scoped to what they need. Mint a key per integration, rotate it independently, and limit blast radius if one is ever exposed.

  • Per-integration keys you can rotate independently
  • Scoped so a token only performs the actions it should
  • The same auth model across API, CLI, and MCP

Safe by default for agents

Because the MCP server exposes the same approval-gated, audited verbs as the API, autonomous agents inherit the same guardrails — they cannot bypass approval or escape the audit trail.

  • Agents use the same gated, audited verbs as humans
  • No privileged backdoor path around the approval gate
  • Every agent action is attributed in the immutable log

What happens when a credential is used

A single publish walks through every layer of the model.

  1. 1A draft is composed — by a human or by assistive AI — but it is just a draft. Nothing is sent.
  2. 2A human approves the draft. The approval is written to the immutable audit log.
  3. 3At publish time, the per-tenant data key is unwrapped and the credential is decrypted in memory only.
  4. 4The post is delivered to the network. The provider's result is recorded against the actor and target.
  5. 5Row-level security guarantees the whole flow only ever touched this one tenant's data.

Trust you can audit

Start free and inspect every write yourself — the audit log is queryable over the API and MCP from day one.

Get started free Read the docs