Security

Plain English.
Not lawyer voice.

A good security page is boring. It's short. It doesn't promise the moon. If you want the full write-up with RFCs, it's linked at the bottom — but for most people, this page is enough.

Passkeys only.

No passwords. No SMS codes. You sign in with the thing that's already on your phone or laptop — the same WebAuthn primitive your bank uses.

FIDO2 · WebAuthn L3 · no password fallback

End-to-end encrypted.

Commands and state ride encrypted between your bridge and your clients. Our cloud sees ciphertext. We cannot read what's in your home.

X25519 · ChaCha20-Poly1305 · keys on-device

No stored state.

We don't keep a history of which lights you turned on when. Our relay is stateless; if we got subpoena'd tomorrow, there's nothing to hand over.

no device-state · 14-day encrypted message TTL · transit only

Open source, MIT.

The bridge that runs in your home, and the clients you use, are MIT-licensed. You can audit every line. You can run your own relay.

github.com/aethercasa · reproducible builds planned

Home-initiated only.

Your home opens the tunnel outbound. Our cloud cannot reach in. No port forwarding, no UPnP, no inbound firewall exceptions.

TLS 1.3 · SNI pinning · no server-initiated push into home

No trackers. As policy.

Not on the marketing site. Not in the app. Not in the clients. We self-host our analytics and we aggregate. We don't sell your intent.

no GA · no Hotjar · no Segment · no fingerprinting
The questions we actually get

What people ask.
Plainly.

Q / 01

"What if ÆtherCasa goes away?"

Your Home Assistant keeps running. The bridge keeps your home working on LAN. The clients are open-source and can point at any relay — including one you host yourself. The bus-factor commitment is spelled out in /about.

Q / 02

"Can you see when I'm home?"

No. Presence state lives on your Home Assistant. The only thing our relay sees is an encrypted blob moving between your bridge and your phone. It doesn't know what's in it.

Q / 03

"Has this been audited?"

Not yet. We're pre-GA; we're honest about that. Once we have ten paying customers, a third-party review is the first thing that money goes to. In the meantime, the code is public.

Q / 04

"Do you have SOC 2?"

No. SOC 2 is for enterprises buying software from other enterprises. We're selling to the people who run Home Assistant on a Pi. The right thing for our audience is an open codebase, not a PDF.

Q / 05

"What's your disclosure policy?"

Report via the contact section below, PGP-encrypted if possible. We respond within 72 hours. We ship fixes before disclosure. We credit you publicly unless you ask otherwise.

Contact

If you found
something — tell us.

We don't run a bug-bounty program yet, but we'll send you a hand-written thank-you, put you in the hall of fame, and — once we have revenue — pay you.

  • We respond to every report within 72 hours.
  • We don't threaten researchers. Ever.
  • We credit you publicly unless you ask us not to.
  • We ship a fix before we talk about it.
◚ PGP 4A3E 8C1B 9D22 5F7A
B1C6 ED40 3E08 92FA
7D4C 66A1 9F55 D28B

fingerprint above · full key at
aethercasa.com/security/pgp.asc

Download PGP key →