Security & Trust
Built to be private. Audited to stay that way.
Ndani's security posture is a combination of platform-inherited certifications, architectural guarantees, and open-source runtime choices you can verify yourself.
The core guarantee: Your files, your prompts, and your model work never leave your Mac. Apple handles the Mac App Store purchase and install path. Ndani does not see your files, your AI conversations, or your model output.
Inherited infrastructure certifications
Ndani runs on certified platforms. These certs are held by the platform — Ndani inherits the control framework.
GC
Google Cloud Run — SOC 2 Type II
Ndani's license backend runs on Cloud Run. Google's SOC 2 Type II audit covers availability, confidentiality, and security controls for the compute layer.
Platform: Google Cloud · Inherited
GC
Google Cloud — ISO 27001 / 27017 / 27018
Information security management (27001), cloud-specific security controls (27017), and cloud privacy protection (27018). All three apply to the GCP infrastructure Ndani runs on.
Platform: Google Cloud · Inherited
AS
Mac App Store purchase processing
App purchase and installation are handled by Apple. Ndani does not receive, store, or process card numbers, CVVs, or billing addresses.
Platform: Apple · Ndani is payment-data scope-reduced
NF
Netlify — SOC 2 Type II & ISO 27001
The nibiashara.biz website, including all Ndani pages and the download, is served from Netlify's certified CDN infrastructure.
Platform: Netlify · Inherited
Architectural security — verifiable from the code
- No passive telemetry. Zero analytics, crash reporting, or usage logging. The backend logs only HTTP request metadata (standard Cloud Run access log).
- Local-first inference. Model prompts, file content, and AI responses never touch the backend or any external API. Inference runs entirely on your Mac.
- Parameterized SQL throughout. All database queries use bound parameters. Injection-resistant by construction, not by filtering.
- App Store distribution. App purchase and install flow now routes through Apple’s Mac App Store listing instead of a custom checkout.
- Rate limiting on all endpoints. Verify (20/min), admin (5/min), recover (5/min), vault (10/min), webhook (30/min). Brute-force protection by IP.
- Security headers on all responses.
X-Content-Type-Options,X-Frame-Options: DENY,Strict-Transport-Security,Referrer-Policy: strict-origin. - CORS restricted to known origins. Only nibiashara.biz is allowed. Wildcard removed.
- API schema not publicly exposed.
/docs,/openapi.json, and/redocare disabled in production. - Admin token in Authorization header, never in URL. Removed from query string to prevent token exposure in server logs.
- Constant-time signature comparison.
hmac.compare_digestused throughout. Timing attacks cannot reveal valid prefixes. - Data Vault is 100% user-initiated. Nothing is read from your Mac automatically. Only text you write in the summary field is ever sent. The backend validates this by design — it has no read path.
- Explicit folder approval on desktop. The Mac app uses macOS security-scoped bookmarks. Each folder requires an explicit Allow prompt. Access is revocable at any time.
- Local read ledger. Every file the app reads locally is logged with a
not-sentflag. You can inspect and clear the ledger at any time. - Symlink escape prevention. File reads are checked against the approved folder root after resolving symlinks. Escape attempts are blocked and logged.
Open-source runtimes & standards compliance
- OWASP Top 10 addressed. SQL injection, XSS, broken authentication, security misconfiguration, and sensitive data exposure were each tested and hardened before the pilot launch.
- HTTPS everywhere. TLS 1.2+ enforced on all surfaces. Netlify enforces HTTPS on the website; Cloud Run enforces HTTPS on the backend. No plaintext endpoints.
- Gemma 4 — Apache 2.0 / Gemma Terms of Service. Google's open-weights model. No proprietary black-box API. Runs fully offline on your hardware.
- Qwen3 — Apache 2.0. Alibaba's open-weights model. MIT-licensed llama.cpp runtime. Both are source-auditable.
- Zero third-party tracking. No Google Analytics, no Meta Pixel, no Hotjar, no CDN-loaded scripts from external domains on any Ndani page.
- Model integrity checking. SHA-256 verification is in the model downloader. Hashes will be pinned once model releases stabilize.
Privacy framework alignment (self-attested)
- GDPR Article 25 — Privacy by Design. Local-first processing, data minimization by architecture, no purpose creep, no profiling.
- CCPA — no sale of personal data. The Data Vault is explicit, compensated, user-initiated consent. It is not a passive data sale. Users can opt out by never using the vault.
- Kenya Data Protection Act 2019. Local processing model aligned with the Act's principles of data minimization and purpose limitation. No cross-border transfer of user content.
Planned security improvements (not yet complete)
- Continue Mac App Store release hardening as the pilot matures
- SHA-256 hash pinning for all model packages — pending stable upstream releases
- App Sandbox entitlements — scoped file access via macOS sandbox (hardened runtime)
- SOC 2 Type II — own attestation (requires external auditor engagement)
- Persistent database only if a future paid data feature needs server-side records
Found a security issue?
Email twe@nibiashara.biz with subject "Ndani security report". We read every report and respond within 48 hours. No bug bounty program yet — but we'll credit you by name on this page if you prefer.
Email twe@nibiashara.biz with subject "Ndani security report". We read every report and respond within 48 hours. No bug bounty program yet — but we'll credit you by name on this page if you prefer.