Security
CircleBook Pro is built on a hardened backend with row-level security, signed-URL file access, append-only audit logging, and explicit admin freeze/lock controls.
Row-level security
Every table enforces RLS — members see only their data, organizers their circles, super admins the platform.
Bearer-token auth
All server endpoints validate the user's JWT before any query runs, so role checks cannot be skipped from the client.
Signed-URL storage
Payment proofs and receipts live in private buckets. Files are streamed via short-lived signed URLs.
Append-only audit log
Every freeze, lock, delete, restore, and approval writes actor, reason, severity, and old/new value.
Risk center
Super admins can raise risk flags, freeze circles, and revoke invites without losing the underlying records.
Dispute trail
Threaded dispute messages with private admin notes — recipients cannot see internal triage notes.