Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
mbm 2 days ago

In case anyone is interested, just wanted to share a few high level details about our infra/security setup.

- Backend & CLI are both strictly linted Rust. The webapp runs on Axum (Rust web framework), and connects to Postgres via sqlx.

- Financial read-only. There's no transfer, pay, or send tool in the product. Nothing in the AI surface can move money.

- We request transactions, investments, and liabilities from Plaid. We don't request auth, transfer, or payment_initiation, so we never receive full account numbers or routing numbers — just the last-4 mask Plaid returns by default.

- Bank usernames and passwords go to Plaid Link, not us. We only hold a per-institution access token.

- Plaid access tokens live in a separate database behind a single custody Cloud Run service, encrypted at rest by Cloud KMS. The broker calls KMS's encrypt/decrypt endpoints — the root key material never leaves Google's HSM boundary and the broker's service account is the only one with encrypt/decrypt permissions. The web app doesn't have permission to read that database.

- Every encryption and decryption call passes the Plaid item ID as AAD (additional authenticated data). A ciphertext from one item cannot be swapped in and decrypted as another item's token.

- Each Cloud Run service (including our web app) runs under its own cloud identity and with its own DB role.

- Internal calls between services are authenticated: the caller presents a short-lived identity token from the cloud provider, and the receiver verifies it.

- The prod databases have no public IP. Secrets live in managed secret storage, not in source or container images.

- The AI connector is OAuth 2.1 + PKCE, scoped per user, revocable from the UI. Every tool call records the tool name, sanitized args, calling client, and the reason the agent supplied, so you can see what your LLM asked on your behalf.

- There are no fetch-URL, shell, or general I/O tools in the AI surface. Tools return structured financial data and nothing else.

- Networking, IAM, and DB grants are all in Terraform. All infra changes go through that path.

- Infra access is gated by 2fa and security keys.

atonse 2 days ago | parent | next [-]

Thank you so much for actually sharing these technical details. Shows you know THIS website’s audience.

And the thought put into security at every level gives me more confidence in the overall tool.

I’ve tried to build this myself (mvp for myself was just downloading statement PDFs manually and having Claude setting up ledger for plain text accounting, thinking I’ll eventually hookup plaid)

I’m mostly curious about how people work with plaid. Do you need a certain threshold of users to get started? Because I’d love to get a plaid account just for my finances. I’m not interested in building a product like this, just want to connect my personal and business accounts to a clean API.

mbm 2 days ago | parent [-]

Hey! Thanks for stopping by. Actually planning to do a full blog post on this topic soon (how to get started with Plaid).

It was a bit of a process involving sales calls, contracts, security attestations, etc., but they're planning to make it easier to try out the platform. There is a pay-as-you-go, developer-friendly option, but the support it includes is pretty flaky. The support issue is less "my code broke" and more things like "this institution isn't returning what it should," or, "I haven't been approved yet by this institution that does manual review."

Overall, it's been a pretty good experience! I'd suggest spinning up an app if you're considering them. Here are their LLM-friendly docs: https://plaid.com/docs/llms-full.txt

DANmode 2 days ago | parent | prev [-]

If you’re going to downvote someone sharing technical details of their product,

or worse, a Show HN?,

at least indicate why.

It feels like all I’ve done today is Vouch comments that have no indicated reason for being Dead.