Security and trust
Local-first trust, hosted convenience.
Delx Wellness keeps the open-source connector layer useful on your machine. The paid cloud layer adds OAuth hosting, remote MCP, encrypted persistence, audit and operational support.
Encrypted token vault
Hosted provider token sets are encrypted before storage. The public open-source connectors still keep local tokens on your own machine or server.
Hashed API keys
Wellness Cloud API keys are shown once. The hub verifies keys from salted hashes and tracks usage without storing plaintext secrets.
Export and delete
Export/delete controls are intentionally outside the paid-tool gate so a user can retrieve or remove stored hub data even if billing lapses.
Hardened staging
The hosted hub runs behind Caddy on loopback, with systemd sandboxing, unprivileged service user, scoped env file permissions and Postgres migrations.
Product boundary
Useful wellness context without medical overreach.
The product is designed for personal planning, agent context, habit reflection and recovery-aware workflows. It should not be positioned as clinical software.
Production state
The beta has real infrastructure, with a few known gates before public self-serve.
Hosted hub
Private beta staging is live at api.delx.ai/wellness-hub with API key authentication and plan gates.
Database
The hub uses Postgres migrations for users, API keys, OAuth connections, usage, audit and billing entitlement state.
Billing gates
Premium MCP tools require an active Wellness Cloud plan; export/delete and privacy audit remain accessible.
Stripe
Founding access is captured now; live checkout depends on completing the Stripe account/legal setup.