no black boxes · the honest version

Security & continuity

We can't show you a compliance badge or a decade of history. What we can show you is an architecture where one tenant's breach is never everyone's, the complete list of who touches your data, and an exit you can run with one curl.

how it's built

One isolated instance per project
Every project runs as its own instance: its own process, its own storage volume, its own keys. There is no shared events database. A breach of one tenant is a breach of one tenant, not of all of them.
TLS everywhere
Every hop is encrypted in transit: your browser to the dashboard, the SDK to your instance, the control plane to your instance.
Passwords hashed
Passwords are salted and hashed (scrypt), never stored or logged in plain text. Reset links expire after an hour.
API keys scoped per project
A write key belongs to one project and can only talk to that project's instance. A leaked key exposes one project, never your account or anyone else's data.

who touches your data

This is the complete list. Four companies, and exactly what each one sees.

subprocessorrunssees
Vercelthe control plane (this site + dashboard)account emails, project names, billing state. Never analytics events.
Neonthe control-plane Postgresthe same: accounts, orgs, plans. Never analytics events.
Fly.iotenant instances + their volumesyour analytics events live here, in one isolated app per project.
Dodo Paymentsbilling and invoicespayment details. Card numbers never touch our servers.

no analytics-event data ever touches the control plane. events live only in your project's instance.

Your exit is built in

# your entire dataset, one curl (CSV or JSONL)
curl -H "Authorization: Bearer $KEY" \
  "https://YOUR-INSTANCE/v1/export?format=jsonl" > events.jsonl

The JSONL round-trips straight into the MIT self-host binary. It is the same engine the cloud runs, so leaving is a 10-minute operation, not a data hostage negotiation.

continuity, in plain words

smolanalytics is built and run by one person today. You should price that in, so here is the commitment, in writing:

  • · If the cloud ever shuts down, you get 90 days notice.
  • · Exports stay up the whole 90 days.
  • · The open-source binary runs your exported data identically, forever. Same engine, MIT license, no cloud required.

The API and on-disk formats are frozen, additive-only surfaces, and that policy is public: read the stability policy and the storage design on GitHub.

report a vulnerability

Found something? Please report it privately, not in a public issue. The process is in SECURITY.md. For anything this page didn't answer, check the live status or email karjunvarma2001@gmail.com.