Security

Rhei's security model is architectural: the safe path is the default path, exceptions require explicit configuration, and every exception leaves a receipt.

This page summarizes the operating model. The full data contract, including retention and provider boundaries, is documented in the Data Use overview.

Rhei's core runs on your machine. In local mode, source code, the code graph and symbol index, derived reports, the evidence ledger, and memory stay on the device. No account is required and there is no background upload path.

Cloud features are additive and opt-in. Local correctness does not depend on a server response.

When cloud features are enabled, what they can see is controlled by one explicit setting:

• never: no source text is sent. Features that require source slices remain local-only or unavailable.
• metadata_only: Rhei may send repo identity, file names, hashes, feature identifiers, and planning metadata. Source text is not sent.
• selected_slices: explicitly selected code slices may be sent for context planning, reranking, drift signals, or review intelligence.

• Rhei does not train models on customer code by default.
• Any provider path with non-zero retention should be labeled before it can be enabled for a workspace.
• Plaintext source slices used for Pro requests should be treated as request-scoped or short-lived operational data.

Cloud assist, context decisions, gated edits, and memory promotions are receipt-backed. Receipts show what was selected, what was sent, what was used, and why.

Edits run preview-first behind explicit apply gates with durable verification after every write. Agents do not get silent write authority.

Signing in stores account, authentication, entitlement, trial, billing, rate-limit, and project-binding data needed to operate the service. Signing in does not by itself permit source upload.

Payments are processed by Stripe. Rhei does not store card numbers. Details are in the Privacy Policy.

• Free / local: fully on your machine, no account required.
• Pro / Team: hosted services with the upload-mode contract above and receipt-backed cloud assist.
• Enterprise: private Docker / VPC deployment inside your infrastructure, with SSO, access and policy controls, org-level memory governance, and audit support.

If you believe you have found a security issue in Rhei, email team@rhei.team with steps to reproduce. We confirm receipt, keep you informed while we investigate, and credit reporters who wish to be credited. Please give us reasonable time to remediate before public disclosure.

Evaluating Rhei for an organization? We answer security questionnaires and walk through the architecture with your team. Email team@rhei.team. See also the trust overview and plans.