# Security & Privacy Security and privacy are core design principles of Aurex.\ The platform is built so that: * External **data sources are standardized and validated** * **User bots remain private** by default * **Sensitive data is protected** via privacy modes and minimization * **Abuse detection** prevents harmful usage of the system * **Clear permission controls** exist for custom APIs and integrations This section describes how Aurex protects users, their data, and the integrity of the ecosystem. ### **1. Standardized & Validated Data Sources** #### **1.1 Unified Data Standards** All data entering Aurex passes through the **Data Intelligence Layer** and is normalized into a unified schema before being used by agents or bots. **Goals:** * Ensure consistent structure (e.g. timestamps, value types, units) * Make multi-provider data comparable and interoperable * Reduce errors caused by inconsistent raw feeds Examples of normalization: * Converting timestamps to ISO 8601 UTC * Standardizing asset tickers (e.g. `BTC`, `ETH`, not mixed variants) * Normalizing numerical precision and units (e.g. USD vs native token) ```json { "asset": "ETH", "timestamp": "2025-11-30T12:00:00Z", "market": { "price": 2315.42, "currency": "USD", "volume_1h": 102934.71 } } ``` #### **1.2 Source Validation & Integrity Checks** Before a provider is trusted, Aurex applies: * **Source whitelisting** – only approved exchanges, chain indexers, and data APIs * **TLS-encrypted connections** – all data-in-transit from providers is encrypted * **Schema validation** – incoming payloads are validated against pre-defined schemas * **Health & consistency checks** – detection of stale, incomplete, or obviously corrupted data If validation fails, the system can: * Mark the provider as **degraded** * Exclude its data from signals * Alert the internal monitoring systems This prevents bots and agents from acting on clearly broken or unreliable data. ### **2. Bot Privacy & Isolation** #### **2.1 Private by Default** Every bot created on Aurex is **private by default**: * Configuration, logic, and parameter settings belong to the creator * Execution logs are visible only to the owner (and authorized collaborators, if enabled) * No other user or third party can see or copy a bot unless the owner explicitly shares it Even if a **Bot Marketplace** or **sharing feature** exists, publishing requires **explicit opt-in** by the bot owner. #### **2.2 Execution Isolation** Bot execution is logically isolated: * Each bot runs within its own logical context or “sandbox” * Internal state and outputs are not accessible to other bots unless explicitly configured via shared channels or webhooks * One user’s bot cannot read the internal state of another user’s bot This reduces cross-bot data leakage and prevents unintentional side-channel data sharing. #### **2.3 Example: Bot Visibility Settings** A simple JSON-style model of bot visibility: ```json { "bot_id": "whale-radar-01", "owner_id": "user_123", "visibility": "private", // "private" | "shared" | "public" "shared_with": [ "user_456", "team_abc" ] } ``` * **private** – visible only to owner * **shared** – visible to allowed users/teams * **public** – optionally listed in marketplace, if enabled ### **3. Sensitive Data & Privacy Mode** #### **3.1 Data Minimization** Aurex is designed to work with **as little personal data as possible**.\ Whenever possible: * Only pseudonymous identifiers are used (user IDs instead of real names) * Sensitive fields (emails, identifiers, wallet private data) are not exposed to bots unless absolutely necessary * Logs omit or anonymize sensitive fields when feasible #### **3.2 Privacy Mode** Aurex can support a **“Privacy Mode”** for more sensitive use cases: * Sensitive user inputs are **not stored** or stored in a minimized way * Certain data fields can be marked as “non-trainable” or “non-logged” * Agent prompts and outputs can be truncated or redacted in internal logging systems Example configuration: ```json { "user_id": "user_123", "privacy_mode": true, "redact_fields": ["api_keys", "secrets", "wallet_addresses"], "log_level": "minimal" // "full" | "summary" | "minimal" } ``` #### **3.3 Handling Custom / Private Data** When users integrate their own private APIs or datasets, Aurex adheres to: * **Explicit scope** – bots only access what is explicitly linked to them * **Token-based authentication** – no plaintext credentials stored in workflows * **Revocability** – users can revoke access at any time ### **4. Abuse Detection & Misuse Prevention** Aurex includes mechanisms to prevent: * Harmful automation * Platform abuse * Violations of terms of service #### **4.1 Behavioral Monitoring** Without reading private content unnecessarily, Aurex can monitor **behavioral patterns**, such as: * Extremely high-frequency requests from a single account * Suspicious mass-scraping behavior * Repeated triggering of bots that call external APIs in abusive ways When suspicious behavior is detected: * Throttling or rate limiting may be applied * Certain actions may be temporarily blocked * The account may be flagged for review #### **4.2 Policy-Aware Agents** Agents can be configured to **refuse certain classes of behavior** by design.\ Examples: * Refusing to generate content that violates platform rules * Refusing to act on clearly malicious tasks (e.g. targeted harassment, illegal activity) * Rejecting attempts to exfiltrate secrets through prompts This provides a **soft safety layer** on top of pure logic execution. #### **4.3 Example: Rate Limit Policy** ```json { "user_id": "user_123", "limits": { "bot_executions_per_minute": 30, "data_requests_per_minute": 200 }, "flags": { "abuse_suspected": false, "temporary_block": false } } ``` ### **5. Permission Controls for Custom APIs** Aurex allows users to plug in external services and custom data sources. This is powerful—but also a potential risk if not handled correctly. #### **5.1 Scoped Credentials** When users connect a custom API: * Access tokens/keys are stored in a **secure vault** (never plain-text in workflow definitions) * Each key is scoped to specific permissions (read-only, specific endpoints, etc.) * Bots only receive **tokens by reference**, not raw credentials #### **5.2 Explicit Permission Mapping** For each custom API integration, Aurex can maintain a **permission manifest**: ```json { "integration_id": "crm-api-01", "owner_id": "user_123", "scopes": [ "contacts.read", "leads.read" ], "allowed_bots": [ "lead-insight-bot", "sales-summary-bot" ] } ``` This ensures: * Only specific bots can use a given integration * No other bots can steal or reuse the integration without owner approval #### **5.3 Fine-Grained Action Controls** Permissions can also be controlled by action level: * Allowed: read data, aggregate data, summary generation * Restricted or blocked: write/delete operations, sensitive updates, mass changes For example: ```json { "permissions": { "read": true, "write": false, "delete": false, "webhook_post": true } } ``` ### **6. Transparency & User Control** Security & privacy are not only about internal mechanisms; they are also about **user control and transparency**. Aurex should provide: * Clear dashboards showing: * Connected integrations * Active bots * Last run time and last actions taken * Easy ways to: * Disable bots * Revoke API keys * Switch privacy mode * Delete logs or stored data (where applicable) This ensures users always know: * **What is running** * **What it has access to** * **How to turn it off or disconnect it**