Security model

The bootstrap release avoids hosted customer portfolio data. The website stores billing/license metadata only.

Local encryption

The desktop app stores the ledger in an encrypted local database using an OS-protected local key.

Automatic and manual local snapshots include integrity hashes and pre-restore safety snapshots.

The license server receives license key and machine identity information, not holdings, CUSIPs, source files, or report packages.

Production installers pass release-channel, checksum, signing, notarization, and integrity gates before customer distribution.

Imports, approvals, restores, report packages, and security-sensitive events write audit evidence.