Zero unsafe code across 2,756 files

Security Built Into
the Compiler

The vulnerabilities behind most data breaches are structurally impossible in BetterSuite. Not caught by tests. Not blocked by firewalls. Eliminated at compile time.

The Rust Advantage

Entire Vulnerability Classes, Eliminated.

Not mitigated. Not monitored. Structurally impossible at the language level.

Null Pointers

Rust's Option type makes null handling explicit and compiler-enforced

Eliminated

Buffer Overflows

Memory bounds checked at compile time — 70% of Microsoft CVEs erased

Eliminated

Data Races

Ownership system guarantees thread safety across concurrent requests

Eliminated

Use-After-Free

Borrow checker prevents dangling references — zero attack surface

Eliminated

SQL Injection

1,388+ queries verified against schema at compile time via SQLx

Eliminated

Request Security

Every Request, 8 Security Layers

Each HTTP request passes through a hardened pipeline. 6 internal headers stripped before processing.

request_pipeline.rs — ACTIVE

1

TLS

Rustls

2

Rate

Limit

3

Header

Sanitize

4

JWT

Extract

5

Session

Verify

6

Tenant

Context

7

RBAC

Check

8

Trace

ID

Authentication & Access

9 Roles, 41 Permissions, 22 Domains

L1

Super Admin

Platform-wide access

L2

Tenant Admin

Full tenant management

L3

Support Agent

Customer support ops

L4

Finance Manager

Financial operations

L5

Fleet Manager

Driver & vehicle mgmt

L6

Merchant

Shop & commerce

L7

Driver

Driver operations

L8

Customer

End-user access

L9

Anonymous

Public read-only

Multi-Tenant Isolation

Cross-tenant Access is Structurally Impossible.

Enforced at every layer - not just the database.

API Gateway

JWT validated -> tenant context extracted

Use Case Layer

TenantId required on every operation via type system

Repository Layer

WHERE tenant_id = $1 on every query

PostgreSQL

Foreign keys + constraints enforce referential integrity

Tenant Isolation Points

In database schema

603

Migration Files

Schema integrity maintained

201

Repository Implementations

Parameterized, compile-checked

120

Service Domains

Strict boundary isolation

21

Encryption & Cryptography

AES-256-GCM at Rest. Rustls in Transit.

DATA AT REST

Payment Credentials

AES-256-GCM

PSP Tokens

AES-256-GCM

API Keys

AES-256-GCM

Nonce

96-bit Random

DATA IN TRANSIT

TLS Library

AES-256-GCM

Protocol

AES-256-GCM

OpenSSL

AES-256-GCM

CREDENTIALS

Password

AES-256-GCM

API Keys

AES-256-GCM

Sessions

AES-256-GCM

Secrets

96-bit Random

Encryption & Cryptography

If it Compiles, It's Correct.

Security bugs that exist at runtime in other languages don't survive compilation here.

SQL Injection — Impossible

// Verified at compile time against live schema

sqlx::query!("

SELECT id, name, email

FROM accounts

WHERE tenant_id = $1

AND status = $2

", tenant_id, status)

1,388 queries · 148 files · Schema-verified

Type-Level ID Safety

fn get_order(

tenant: Id<Tenant>,

order: Id<Order>,

)

// This would fail to compile:

get_order(order_id, tenant_id) // ✗

error[E0308]: mismatched types

xpected `Id<Tenant>`, found `Id<Order>`

Compliance Readiness

SOC 2, PCI-DSS, GDPR — Architecture-aligned

SOC 2PCI DSSGDPR

Access Control

9-level RBAC with 41 granular permissions

Encryption

AES-256-GCM at rest, TLS 1.2+ in transit

Audit Logging

Structured tracing with OpenTelemetry

Change Mgmt

Compile-time verification of all SQL queries

Availability

Graceful shutdown, health monitoring

Request Security Documentation

For detailed security review, audit reports, or procurement evaluation.

Reach out at [email protected]

Contact Security Team