ZenStack is a toolkit that simplifies the development of a web app's backend. It enhances Prisma ORM by adding an access control layer, allowing developers to save time writing boilerplate code and focus on building real features. ZenStack accomplishes this by extending the Prisma schema language with custom attributes and functions and implementing a flexible access control layer around Prisma. Transparent proxies are created around Prisma clients at runtime to enforce access policies. Framework integration packages help you wrap an access-control-enabled Prisma client into backend APIs that can be safely called from the frontend. Plugins generate a strong-typed client library that talks to the APIs, and framework adapters for Next.js, Fastify, ExpressJS, and more are available. ZenStack also offers various features such as data validation rules, auto-generated OpenAPI specifications, end-to-end type safety, extensibility, multi-file schema, and model inheritance. Collaborative Todo App provides running examples of Next.js + React hooks implementation and Next.js + tRPC implementation. The project is licensed under MIT.