PostgreSQL Native Zero Lock-in < 5ms Overhead Wire Protocol

The enterprise layer PostgreSQL is missing.

Define your schema once — field-level security, validation, privacy, and a full app runtime emerge automatically. No lock-in. Eject anytime.

Get Started Free Read the Docs →
$ npx create-toasterdb
POST /objects
{
"name": "contact",
"type": "object",
"properties": {
"id": { "type": "id", "prefix": "con_" },
"name": { "type": "string" },
"email": { "type": "string",
"privacy": { "pii_type": "email" } },
"phone": { "type": "string",
"fls": { "support": "read" } },
"budget": { "type": "integer",
"fls": { "viewer": "none" } }
}
}
Generated
REST + GraphQL API
Field Security
PII Encryption
Auto Forms
Validation Rules
Event Streams
See it in action — 2 min quickstart
PostgreSQL 14+ Native Foundation
< 5ms Query Overhead
AES-256 Field Encryption
100% Eject Anytime

“We were 3 sprints into building our own FLS middleware when we found ToasterDB. Ripped it out and had parity in a day. The schema-driven approach means our security model is actually auditable now.”

JL
James Liu
CTO, Series A Fintech

“GDPR compliance was a 6-month project on our roadmap. ToasterDB's privacy architecture turned it into a schema annotation. Our DPO couldn't believe the Article 30 report came out of the box.”

SR
Sarah Reeves
VP Engineering, B2B SaaS Platform
HOW IT WORKS

Three steps. Ten minutes.

1

Define your schema

{
"name": "contact",
"properties": {
"email": { "type": "string",
"privacy": {...} }
}
}

Declare fields, types, security rules, and privacy annotations in a single JSON Schema.

2

Push to ToasterDB

$ toaster push
Analysing objects...
✓ 1 object deployed.
API, forms, and security live.

The engine provisions PostgreSQL tables and generates your API, forms, FLS, validation, and privacy pipeline.

3

Ship your product

GET /resources/contacts
→ FLS applied per role
→ PII masked per purpose
→ Tenant isolation enforced

Use the API, the hosted app, or eject to your own React codebase. Your PostgreSQL data is always yours.

THE PROBLEM

You've built this before.

Every B2B SaaS team walks the same path.

M1–3 OPTIMISM

Ship CRUD. Raw SQL. It works.

db.Query("SELECT * FROM campaigns")
// Simple. Clean. Life is good.
M6–12 REALITY

Enterprise customers arrive. They want field-level permissions.

// Check role... strip fields... add tenant filter...
// Wait, the export endpoint doesn't do this
// TODO: fix before demo on Thursday
Y2+ REGRET

Multi-tenancy is bolted on. Someone forgot a WHERE clause. Again.

// 47 files touching tenant_id
// 3 different permission systems
// "form metadata" is a Notion doc
// 20-40% of eng time is plumbing
Y3+ PANIC

Legal walks in. "We need GDPR compliance. And CCPA. By next quarter."

// Which fields are PII? Nobody knows.
// "Right to erasure" across 23 services?
// Who accessed what, when, why?
// The auditor is here on Tuesday.
THE SOLUTION

Define once. Get everything.

One schema. The engine handles the rest.

objects/campaign.json
{
"name": "campaign",
"type": "object",
"title": "Campaign",
"properties": {
"id": { "type": "id", "format": "base58", "prefix": "cmp_" },
"name": { "type": "string", "title": "Name" },
"budget": {
"type": "integer", "title": "Budget",
"fls": { "admin": "read_write", "viewer": "none" }
},
"owner_email": {
"type": "string", "title": "Owner Email",
"privacy": { "pii_type": "email", "erasable": true }
}
},
"required": ["name"]
}

Field Security

Role-based access on every field, enforced by the engine.

Validation

CEL expressions, evaluated at the engine layer. No bypasses.

PII Protected

Privacy classification, masking, and erasure. Schema-declared.

Form Field

Labels, types, and validation rules generate forms automatically.

TOASTQL

Same query. Different reality.

One query, different results per role and purpose — fields hide, mask, and filter automatically.

ROLE
PURPOSE
SELECT name, email, phone, budget, status FROM contact WHERE status = 'Active'
name email phone budget status
Swipe to see all columns
WHY
PostgreSQL wire protocol

Connect with psql, DBeaver, pgAdmin, or any PostgreSQL driver in any language. ToastQL runs over the standard Postgres wire protocol — no new client needed.

PRIVACY

Privacy isn't a feature. It's the architecture.

GDPR, CCPA, HIPAA compliance declared in your schema. Enforced by the engine.

PII Classification

Tag fields as PII in your schema. email, phone, national_id — the engine knows what's sensitive.

Auto Masking

Viewers see domains, not addresses. Analysts see aggregates, not records. Automatic per role and purpose.

Encryption

AES-256-GCM at the field level. Key rotation built in. Data at rest is always protected.

Erasure

One API call. Every PII field across every object. Nullified. Audit trail preserved.

erasure request
POST /privacy/erase
{
"subject": "user:12345",
"reason": "GDPR Article 17 request"
}
// Every PII field across every object.
// Nullified. Audit trail preserved.
// Try doing that with 47 microservices.
NO LOCK-IN

Build here. Take it with you.

Every layer ejects to real code you own. No lock-in. No proprietary formats.

my-saas-app — ToasterDB Eject
Run toaster eject to get started
Your ejected project will appear here
TERMINAL bash
~/my-saas-app $ toaster eject --web
  Analysing objects...
  Generating React Router project...
  Writing 14 components, 6 hooks, 8 routes...
  Generating TypeScript types from schema...
  ✓ Done. Your app is now a standard React project.
 
  ⓘ Your PostgreSQL tables? They were always yours.

Your PostgreSQL tables were always yours. Your code is now yours too.

ARCHITECTURE

Three layers. One service. Standard PostgreSQL at the core.

PostgreSQL 14+
Real tables · Real columns · Real indexes · Wire protocol · Your backups
FOUNDATION

Standard PostgreSQL you already know. Connect with any Postgres client via the wire protocol. Your existing tools, backups, and monitoring work unchanged. ToasterDB is a layer above — your data is always accessible directly.

Data Engine
Schema · FLS · RLS · ToastQL · Validation · Privacy · CDC · Events
ENGINE

The semantic layer that understands your data model. Field-level security, row-level security, validation, privacy classification, and change data capture — all enforced at the engine level, not in application code.

Application Runtime
Console · App Builder · Forms · Themes · Navigation
RUNTIME

Build full applications from your schema. Console for data management, app builder for custom UIs, auto-generated forms, theming, and navigation — all schema-driven.

Delivery
Hosted Web · Native Mobile · Eject CLI
DELIVERY

Deploy as hosted web app, native mobile (iOS/Android), or eject to your own codebase with the CLI. Every delivery channel respects the same schema, security, and privacy rules.

FROM THE BLOG

Engineering depth, not marketing fluff.

View all posts →
8 min read

Why We Built ToasterDB

Every B2B SaaS team eventually rebuilds the same infrastructure. We decided to build it once and build it right.
6 min read

Field-Level Security: Why Row-Level Isn't Enough

Row-level security controls which records you see. Field-level security controls which columns. You need both.
7 min read

The True Cost of Enterprise SaaS Infrastructure

Most B2B SaaS teams spend 20-40% of engineering time on undifferentiated plumbing. Here's what that costs.

Stop building plumbing.
Start building product.

Free tier. No credit card. The PostgreSQL you already have.

Get Started Free Talk to Us