When Trust Becomes Infrastructure: Secure-by-Default Postgres for the AI Era
Presented by:
Dan Lynch
Dan Lynch is a serial entrepreneur, builder, and web architect with multiple exits. While earning two EECS degrees from UC Berkeley, he founded several no-code and web infrastructure companies backed by Marc Benioff, Reid Hoffman, and Naval Ravikant. His ventures include Brandcast (acquired by TIME) and Amaze/Famo.us (acquired by AMZE). Today he is the CEO of Constructive, an open-source developer stack whose tooling—used by Supabase, Vercel, Databricks and other major platforms—has surpassed 100 million downloads and powers more than 10 million Postgres databases worldwide. With three decades of experience building web infrastructure, Dan is unifying the past, present, and future of software development through Constructive’s interoperable stack.
No video of the event yet, sorry!
As AI and automation accelerate software development, trust shifts from who wrote the code to what guarantees the system provides, making the backend the final line of defense. When software is generated, orchestrated, and executed at machine speed, security can no longer live in conventions, reviews, or application glue—it must be structural. This is where Constructive’s architectural approach comes in.
Constructive is a secure-by-default database platform built on PostgreSQL that treats security as an architectural property. Policy-driven schemas make authorization explicit and declarative, while Row-Level Security is elevated to a first-class concern with tooling to design, simulate, and test access control across users and roles. Deterministic migrations ensure the same input always produces the same output, making schema changes predictable, reviewable, and safe by default.
Security is encoded directly into the system—correct by construction, auditable by default, and safe for AI-generated software to run in production.
But backend guarantees only matter if they extend cleanly to the frontend. Constructive is built by people who have lived the promise—and the failure—of “end-to-end” developer platforms. We’re deeply empathetic to frontend developers because we’ve spent years building systems where data, state, and logic flow coherently from the database kernel all the way to the React component tree.
Constructive carries database guarantees forward by deterministically generating TypeScript types and schema-derived data operations, allowing modern React applications to work naturally with nested relational data through familiar state and data-fetching patterns. GraphQL exists as an implementation detail, not a mental model—its schema, queries, and ASTs are generated and abstracted away. Frontend developers get the ergonomics of document-style data access without re-implementing authorization, duplicating business logic, or guessing where security lives—while remaining grounded in PostgreSQL’s correctness, consistency, and enforcement guarantees.
Because frontend contracts are deterministically derived from the database schema, Constructive also enables agentic and AI-assisted development workflows—allowing both humans and agents to generate frontends safely from real data structures and types, without guessing or weakening guarantees. The result is a true end-to-end architecture—grounded in real database guarantees, not abstractions that leak under pressure.
As software shifts toward AI-assisted and agent-driven development, the database schema becomes the last stable contract in the system. Constructive is designed for that future—where software may be generated at machine speed, but correctness, security, and trust are enforced by architecture.
Attendees will learn how secure-by-default database architecture enables systems that are correct by construction and safe for both humans and agents to build with.
- Date:
- 2026 April 22 10:00 PDT
- Duration:
- 20 min
- Room:
- Almaden Ballroom
- Conference:
- Postgres Conference: 2026
- Language:
- Track:
- Dev
- Difficulty:
- Easy