investigate how to utilize postgres SECURITY INVOKER and SECURITY DEFINER
It may be useful for HAF to use SECURITY INVOKER and SECURITY DEFINER function options to better and simply protect internal data (like shadow tables etc.) https://www.postgresql.org/docs/14/sql-createfunction.html