VESSOUL
Technology
VESSOUL // DATA ARCHITECTURE

Six domains. One coherent schema.

Every entity in the VESSOUL platform lives in one of six well-scoped domains. Foreign keys cross domains only through explicit, audited interfaces.

Identity Domain

usersrolespermissionssessionsmfa_tokensapi_keys

The cryptographic root of every request. Permissions resolve here before any business logic runs.

Product Development Domain

projectsepicssprintstasksrequirementsspecificationsreleases

Drives the sprint board, roadmap, and release planning surfaces of the Team Hub.

Knowledge Domain

documentsresearchwikisattachmentstags

Backed by Postgres FTS + pgvector for semantic search across the entire corpus.

Legal Domain

patentsdisclosuresfilingslegal_documentsinventors

Encrypted column-level. Access requires step-up auth and produces an immutable audit event.

Investor Domain

investorsfunding_roundspitch_materialscap_tabledata_room_assets

Read-only sessions, expiring share links, watermarked downloads, NDA acknowledgment workflow.

Partner Domain

partnerspilot_programssandbox_environmentspartner_assets

Sandboxed environments per partner with scoped API keys and isolated object-storage prefixes.

Immutable audit schema

Every security-sensitive action — auth, permission checks, sensitive reads, downloads, exports, admin operations — generates one append-only event. Events are signed, hash-chained, and replicated out-of-band.

{
  "event_id":   "evt_01J9Z...",
  "user_id":    "usr_01J9Z...",
  "timestamp":  "2026-06-22T14:31:08Z",
  "ip_address": "203.0.113.42",
  "resource":   "patent:disclosure/8821",
  "action":     "document.download",
  "result":     "allow",
  "session_id": "sess_01J9Z...",
  "device_id":  "dev_01J9Z..."
}
← PREVIOUS
System Architecture
NEXT →
Security Controls