ThinkingRoot Docs
Security & Billing

Security model

How tenants are isolated, secrets protected, egress controlled, and access authenticated.

ThinkingRoot Cloud's security rests on four pillars. Each has its own page.

Tenant isolation

One engine container, volume, and graph per project — isolation at the container boundary.

Secrets encryption

Sealed boxes: the gateway can encrypt, only the provisioner can decrypt.

Egress allowlist

Default-deny outbound; the engine can only reach domains you permit.

Billing & plans

Plans, quotas, metering, and invoices.

At a glance

  • Two credential types, routed by prefix at the gateway: tr_sk_… project keys (machines) and session JWTs (humans, scoped by org membership). See Authentication.
  • No engine is exposed to the internet — clients only ever reach the gateway, which authenticates and proxies to a loopback engine.
  • Plaintext secrets never persist in the control plane and are never returned by the API.
  • No fabrication — the engine returns empty state rather than invented data; this is an honesty guarantee, not just a UX choice.

Cloud vs Self-host

What's open source, what the cloud adds, and how to choose.

Tenant isolation

One engine per project — isolation enforced at the container boundary.

On this page

At a glance