Security
Tengata is built with a security-first mindset. This page describes what we do today and what’s planned.
Account security
- Email verification required before access
- Session management via Supabase Auth
- Protected routes in the app dashboard
Data protection
- SSL/TLS certificate and HTTPS enforcement for production (in progress)
- Least-privilege access patterns for server-side operations
- Security headers and CSP support in the platform config
Reporting issues
If you believe you’ve found a security issue, email security@tengata.com.
Note: Tengata is in active development. Do not send funds you cannot afford to lose. Production controls depend on deployment configuration. Compliance certifications and licensing are being secured and are expected soon.