Security

Books that protect themselves

Letting an AI keep your books only works if the ledger cannot be corrupted. Here is exactly how LedgerMCP guarantees that, in plain language.

Four rules the database enforces

  1. Every entry balances. Debits must equal credits to the cent, or the database rejects the write. Not a validation in the app; a constraint at commit.
  2. Postings are permanent. There is no edit and no delete, for anyone, including us. Corrections post as new entries linked to the original, so history is always complete.
  3. Repeats are harmless. Every posting carries an idempotency key. A retry or a confused AI replaying a request returns the original entry; nothing posts twice.
  4. Balances are computed, never stored. Reports always derive from the postings themselves, so they cannot drift from the ledger.

The AI works inside a fence

AI assistants connect through scoped credentials: sign-in tokens they cannot escalate, or API keys you can make read-only. Every write lands in an append-only audit log with the actor recorded; anything that posted an entry is one click from reversed. Destructive actions like deleting transactions or accounts are human-only, in the web app.

Infrastructure

  • All traffic is TLS. Sessions are httpOnly cookies; the browser never holds database credentials.
  • Bank credentials never touch us: Plaid handles the connection, and access tokens are encrypted at rest with AES-256-GCM.
  • Passwordless sign-in with 6-digit email codes, plus optional two-factor with an authenticator app.
  • Daily database backups. Row-level tenancy on every table.
  • API keys are stored hashed; you see a key once and can revoke it anytime.

Your data is yours

Export everything to CSV in one click: transactions, general ledger, chart of accounts, tags, journal, and assets. We do not sell data, run ads, or train models on your books. The privacy policy says the same thing in legal language: ledgermcp.com/privacy.

Found something? Write to [email protected] and we will respond quickly.

Trust, then verify

Start free, post a few entries, and read the audit log yourself.