Status

All systems, operational.

Every service that powers LinkSilo is listed below with its current operational state. Pre-launch, the markers reflect deployment-environment health under the same operational discipline that will govern public-launch traffic; from public launch onward, this page becomes the primary surface for incidents, scheduled maintenance, and recovery updates.

Last reviewed 2026-05-18

Application services

Six user-visible capabilities, each green.

The capabilities below each map to one or two backing services in our open-source monorepo. The internal codename of each backing service is named in mono after the description; the service-to-capability mapping is documented in the repository's architecture docs and the open-source codebase.

Authentication & accounts

Operational

Signup, login, password reset, recovery-phrase flow, multi-factor authentication, and the OIDC discovery endpoints that power dashboard access.

silo-id

Billing & payments

Operational

Tier subscriptions, credit-ledger top-ups, auto-top-up flow, encrypted invoice ledger, tip-jar flow, and the webhook surfaces that bind Stripe events to ledger state.

silo-billing

Creator dashboard

Operational

The SvelteKit application a creator signs into: page editor, link manager, theme picker, analytics view, billing view, and the marketing surface you are currently reading.

linksilo-web

Creator API & tip ingest

Operational

Page CRUD, custom-domain verification, sealed-box contact-form ingest, and tip-payment ingest. The creator-side and visitor-side write paths both terminate here.

linksilo-api

Public page rendering

Operational

The visitor-facing renderer that serves a creator's public page from ciphertext stored in the database. Read-only PostgreSQL role; cannot write to user data even under compromise.

linksilo-render

Analytics

Operational

Beacon receipt and k-anonymized aggregation. The ingress process has no database access at all; it coarsens the beacon at the process boundary and forwards to the aggregator over an internal channel.

linksilo-analytics-ingress · linksilo-analytics-aggregator
Infrastructure

The platform below the services.

The application services above run on a small set of foundational components. The two LinkSilo-owned components are listed with status markers; external dependencies are listed in a separate claim-list further down, with pointers to their respective vendor-side status surfaces.

Database

Operational

PostgreSQL with role-separated access: each application service connects under a distinct role with minimum privileges. The renderer's role is read-only; the analytics ingress has no database access at all.

postgresql

Edge & reverse proxy

Operational

Caddy terminating TLS via rustls, no OpenSSL anywhere in the dependency graph. TLS 1.3 with hybrid post-quantum key exchange enabled on the production edge once the certificate-authority pipeline supports it.

caddy
Payments processor
Stripe is LinkSilo's payment processor; outages on the Stripe side affect tip jar and credit-ledger top-up flows. Operational state is tracked at status.stripe.com; a Stripe-side incident propagates here only when it visibly degrades a LinkSilo flow.
Transactional email
Account-verification email, password-reset email, and credit-ledger balance-low notifications are delivered through an external transactional email provider. Provider-side outages delay these messages without affecting the dashboard or page-rendering surfaces.
Incident channels

How updates flow.

During pre-launch, this page is the eventual primary surface for operational state but is not yet load-bearing — the marketing site has no public traffic to be affected. From public launch onward, /status becomes the live incident-tracking surface; pre-launch, operational notes flow through the channels below.

Changelog
The changelog tracks shipped features, architecture decisions, and removals. Pre-launch operational notes that warrant public visibility (e.g., a security advisory, a published external-review finding) land here under the standard release entries.
Source repository
Our open-source monorepo on GitHub is the granular change record. Commits to privacy-relevant code paths are tagged for security review at merge time; the merge log is public.
Security advisories
Vulnerability disclosures and remediation summaries land on the security page per its coordinated-disclosure timeline. Annual penetration-test summaries publish in the transparency report; first issue twelve months after public launch.
Post-launch incident dispatch
From public launch onward, incidents are tracked on this page in near-real time, with retrospective post-mortems published as blog entries when there is something general worth saying. The incident-dispatch surface lights up alongside the rest of the post-launch operational posture.