Desktop install, QR handoff, and first health checks.
Security
Security architecture for remote code operations
FlyDex is designed for a high-risk workflow: remote influence over a local coding runtime. The design goal is to keep the runtime local, keep the connector localhost-only, and make the control plane narrow enough that the trust boundary stays understandable.
Reference map
Public docs sections
Account auth, QR claims, local-connect tokens, and machine continuity.
Thread access, send/resume turns, and remote approvals.
Bridge lifecycle, documented endpoints, and status model.
Threat model, data boundaries, and transport safeguards.
Control plane, connector, and local Codex runtime topology.
Threat model
What FlyDex treats as top-priority risk
- Session hijacking between account, browser, and machine.
- Command replay or stale approval reuse.
- Cross-account machine access through routing confusion.
- Secret leakage in logs or long-term telemetry.
Controls
Current safeguards
- Short-lived, single-use QR claims.
- Local connector bound to
127.0.0.1only. - Explicit approvals for higher-risk actions.
- Minimal at-rest storage and privacy-scrubbed audit export.
Transport security
TLS today, end-to-end later only if it stays operable
The current public FlyDex documentation supports a precise claim: relay traffic is protected by authenticated transport and short-lived tokens, and the local connector is not exposed directly to the public internet. The public docs do not currently claim user-managed end-to-end payload encryption, so this page does not overstate that control. If FlyDex adds end-to-end payload encryption later, it should preserve auditability, approval UX, and machine recovery without pushing more manual key work onto operators.
Data handling
What FlyDex stores and what it avoids storing
| Stored at rest | Avoided at rest |
|---|---|
| Account metadata, machine metadata, billing state, and privacy-scrubbed audit records | Prompt bodies, Codex output, thread previews, token summaries, and completed approval payload details |