Cookies and proxies are encrypted with Fernet. The key is not stored in the repository. Logs contain no secrets.

What Is Encrypted in the Database

• Cookies for all X accounts: bearer_token, ct0, full cookie string
• Proxies with usernames and passwords

Encryption Details

Where the Key Is Stored

• The .encryption_key file in the service root, created automatically on the first launch
• Listed in .gitignore, so it never enters the repository
• You can provide your own key through the ENCRYPTION_KEY environment variable

What Appears in Logs

All secrets are automatically masked before being written to log files:

Isolation

• One X account = one separate process. Sessions do not physically overlap.