Trust, but Verify.
Privacy shouldn't be a black box. Here is exactly how our architecture works, and how you can personally validate that we aren't lying.
1. Client-Side Encryption
When you create an account, we use PBKDF2 (Password-Based Key Derivation Function 2) to generate a cryptographic key from your password right in your browser. This key is used to encrypt your budget data using AES-256-GCM before it is ever sent to our servers.
What we store vs. What you see:
{
"transaction": "Grocery Store",
"amount": 150.00,
"category": "Food"
}eyJhbGciOiJBMjU2R0NNIiwi...
8f7a9c2d1e4b3a5f6e...
[Unreadable Blob]2. How to Validate (Easy Method)
The easiest way to confirm "Zero Knowledge" is to inspect the network traffic leaving your browser. You will see that the data payload is encrypted gibberish, not your financial details.
Open Developer Tools
Right-click anywhere on Sunny Budget and select Inspect. Go to the Network tab.
Trigger a Save
Add a transaction or update your budget. Look for a network request named sync or update.
Inspect the Payload
Click the request and view the Payload or Request Body. You will not find your transaction names or amounts—only encrypted strings.
3. Advanced Validation (Wireshark)
For network engineers who want to verify our transport security (TLS) and ensure no side-channel connections are being made.
0010 a1 b2 c3 d4 e5 f6 01 23 ... [Encrypted Application Data]