Sign in
Start Free
Sign in
Start Free

Architecture

DagFlux is a desktop application that runs entirely on your machine. The visual canvas, the AI chat panels, and the workflow editor live in the foreground. A background engine handles secret storage, plugin loading, external connections, AI calls, scheduled triggers, and the actual execution of workflows.

Key ideas

  • Everything is local. Workflows, connections, execution history, and chat sessions live in files inside your user data directory. There is no cloud account.
  • Secrets are encrypted at the OS level. Database passwords, API keys, and AI provider keys are stored using the operating system's secure storage (Keychain on macOS, Credential Store on Windows, Secret Service on Linux). They are decrypted only at the moment a connection or AI call is made.
  • The visual canvas never sees secrets. Generated SQL, JavaScript, and REST API call code uses placeholder tokens for credentials. The background engine substitutes real values just before executing.
  • One local SQL workspace. All "local" transformations and imports share a single SQLite database, so intermediate results are easy to reuse across workflows.
  • One execution log. Every run — manual, scheduled, file-watch, or webhook — appends to the same execution history with per-node timing, record counts, and error details.

How it works

Desktop Application

DagFlux runs as a native desktop application on macOS, Windows, and Linux. The application consists of two main components:

  • Frontend UI: Built with modern web technologies, the visual workflow canvas, configuration panels, and AI chat interface run in an embedded browser window.
  • Background Engine: A native process that handles all secure operations, data processing, external connections, and workflow execution.

Local Storage

All data stays on your machine. DagFlux stores files in your user data directory:

  • Workflows: Saved as JSON files containing node configurations and connections
  • Connections: Metadata about data sources (hostnames, database names, usernames) without passwords
  • Execution History: Logs of every workflow run with timestamps, node results, and error details
  • Local Database: A SQLite file for intermediate transformations and local data imports

Security Model

DagFlux uses your operating system's secure credential storage to protect sensitive information:

  • macOS: Credentials stored in Keychain with 256-bit AES encryption
  • Windows: Uses Windows Credential Manager with DPAPI encryption
  • Linux: Integrates with Secret Service API (GNOME Keyring, KWallet)

Credentials are only decrypted in memory at the moment they're needed for a connection, and are never written to workflow files or logs.

Plugin Architecture

DagFlux extends its capabilities through a plugin system. Connectors (database drivers, cloud storage clients, API integrations) and Skills (custom code executors) are loaded at startup from the plugin directory. The plugin manager can download and install additional plugins from the official catalog.

Copyright © 2026 Dagflux All rights reserved.