[HN Gopher] Show HN: Safe Money - privacy-first finance tracker
___________________________________________________________________
Show HN: Safe Money - privacy-first finance tracker
Author : dkzlv
Score : 13 points
Date : 2021-06-25 15:57 UTC (7 hours ago)
(HTM) web link (safeapps.io)
(TXT) w3m dump (safeapps.io)
| dkzlv wrote:
| Founder here. I've been eager to make such a product for a very
| long time, so I very much hope you'll like it.
|
| We're like Mint.com but open-sourced, with end-to-end encryption
| and anonymous signup. No way for us to sell your data or even
| peek into it.
| threatofrain wrote:
| What are the consequences of non-payment? Can the user still
| view their account in a frozen state and export their data?
| dkzlv wrote:
| Yes. We have a hard-limit of entities you can create. You
| only lose the ability to create new stuff, but you still can
| view and export everything.
|
| We don't believe in taking data as a hostage.
| mprime1 wrote:
| Two questions that the page didn't answer:
|
| - can this import and sync my bank/credit card transactions?
|
| - what is an entity ("150 free entities")
| diggernet wrote:
| I think "Smart import" answers your first question. But
| entities is a great question.
|
| My own unanswered question:
|
| Can this work offline?
|
| I spend a lot of time in areas with no signal. So I am
| uncomfortable with apps that require a connection to a remote
| server to work with my own data. Besides connectivity issues,
| there is also the possibility of a poorly-timed service
| outage, or an eventual permanent shutdown. Bottom line, I
| have a strong preference for what I call the "KeePass" model:
| local-first encrypted data, that can be optionally synced for
| convenience.
| dkzlv wrote:
| Yes, it actually can! We do not have native apps, but you
| can install a PWA on any platform, including mobile and
| desktop. It will work in offline thanks to Service Workers.
|
| The app itself is 100% rendered on the client side, so we
| are in that sense local-first. We use backend solely for
| data sync and authorization.
| diggernet wrote:
| I can't decide if that answers my question or not. Maybe
| you can clarify.
|
| If I start up the PWA with no connectivity (assuming I've
| previously run it where it can sync data) it will have
| the data already? The full data set, or just whatever
| subset was previously rendered? And will it be usable
| without a connection for authorization, or will it be
| locked?
| dkzlv wrote:
| 1. you can import bank statements. We aim to support all the
| banks our users have. 2. since we encrypt every bit of data
| on the client side, we cannot differentiate transactions from
| categories. So entity is anything you create within the
| product. Most often, it's a transaction.
| diggernet wrote:
| These seem contradictory to me:
|
| > End-to-end encryption > No user data leaves the client in
| plaintext.
|
| > Smart import > Upload any OFX/CSV file from any bank in the
| world. Leave the rest to us.
|
| Edit: To clarify, "No way for us to sell your data or even peek
| into it" is more the contradiction I had in mind than just end-
| to-end encryption.
| dkzlv wrote:
| Can you elaborate a little bit on what you find contradictory
| in these statements?
| diggernet wrote:
| Sure... If the OFX/CSV we upload is encrypted before we
| upload it, how can you process it ("Leave the rest to us").
| Conversely, if you are processing the OFX/CSV, how can you
| not peek into it?
| dkzlv wrote:
| Oh, I see.
|
| OFX/CSV files are processed on the client-side, and we
| never get the raw file, only the processed and encrypted
| transactions. Does that make sense?
| dkzlv wrote:
| Ooooh, I get it! "Upload" is a bad word for that. Will
| change it to something else, thanks!
| diggernet wrote:
| Yup, I think that's where the mental conflict comes from.
| How about "import"?
___________________________________________________________________
(page generated 2021-06-25 23:02 UTC)