# Security Considerations

## 🚨 KNOWN SECURITY ISSUES

### Voice Transcription API Key Exposure

**Status:** Known issue - needs fix before production

**Issue:** The Deepgram API key is currently exposed to the frontend when users click the microphone button for voice transcription.

**Location:** `app/api/voice-token/route.ts`

**Risk:** Users with browser dev tools can extract the API key and use it for their own purposes, potentially incurring charges or exhausting API quotas.

**Why this exists:**
- Temporary tokens from `deepgram.auth.grantToken()` fail with WebSocket connections
- Direct API key usage is currently the only working approach for client-side WebSocket transcription

**Temporary mitigations:**
- API key only exposed when user actively requests voice transcription
- Usage can be monitored through Deepgram dashboard
- Can implement rate limiting on the `/api/voice-token` endpoint

**Proper fix options:**
1. **Server-side proxy (recommended):**
   - Implement a WebSocket proxy server that handles Deepgram communication
   - Client connects to our proxy, proxy forwards to Deepgram with API key
   - Requires stateful server infrastructure (not serverless)

2. **Usage-limited keys:**
   - Use Deepgram API keys with strict usage limits
   - Rotate keys frequently
   - Implement server-side rate limiting per user

3. **Alternative transcription approach:**
   - Record audio client-side
   - Send audio files to server endpoint
   - Server transcribes using Deepgram API
   - Less real-time but more secure

**Action Required:** Choose and implement one of the above solutions before production deployment.

---

## Other Security Best Practices

### Environment Variables
All sensitive credentials must be stored in `.env` and never committed to git:
- `DEEPGRAM_API_KEY`
- `GOOGLE_GENERATIVE_AI_API_KEY`
- `SURREAL_JWT_SECRET`
- Database credentials

### Authentication
- JWT tokens stored in httpOnly cookies
- SurrealDB permission system enforces data access controls
- OAuth flow validates user identity through ATproto

### Input Validation
- All API endpoints validate inputs server-side
- AI-generated content is sanitized before display
- GraphQL queries use parameterized inputs