Layer 1 — The account side
Anything that touches your Monexit account — signing in, paying, downloading an update — passes through a stack of server-side defenses. Every request is authenticated, rate-limited, validated, and logged before it can reach anything sensitive. A list of specific named mitigations is intentionally omitted: a public shopping list is a shopping list attackers can test against. Assume every common class of web attack has something purposeful in front of it.
Layer 2 — The launcher
The launcher is the small program that starts Monexit. Its job is to verify the environment before the core application is allowed to open your data. It confirms the app is the genuine Monexit build, watches for signs of interference with the running process, protects sensitive values from common in-memory leakage paths, and keeps the connection to our servers honest end-to-end. If any of its checks fail, the launcher stops; the core app never starts on a compromised surface.
Layer 3 — Your machine
Once the launcher hands off, Monexit runs entirely on your PC. It does not call our servers during use. No telemetry, no analytics, no background sync, no "anonymous" usage data. Your bank accounts, transactions, and receipts are processed and stored on your own device. That boundary is the most important line on this page — nothing on the server side can protect data that never reaches the server in the first place.
What Monexit does not do, and will not pretend to
The local database is not wrapped in a second app-level password by Monexit. It is protected by the same data-protection measures your operating system already applies to every file you own on that device. Adding a second password layer would force you to manage another secret and would create a recovery path we do not want to have — less attack surface, fewer places for things to go wrong.
The launcher's environment checks live in the launcher, not in the core app, on purpose: they run before any of your data is touched. Doing them inside the application would be theater.
The principle
One client, one machine, one set of keys — yours. Our job is to make sure the code running on your PC is the code we shipped, and that nothing leaks to us or anyone else while you use it. Beyond that, the less we know, the less anyone can take.