36 posts tagged with "Beancount"

Maintaining a secured and performant online service is never a one-time thing. It takes effort not only to develop new features but also to renew existing functionalities.

Stale software puts our customers at risk of security vulnerabilities. How do we reduce this risk? On the one hand, we proactively work with security researchers to find and resolve unexpected issues. On the other hand, we merge the latest version of the upstream software periodically.

Today we are glad to share some improvements we have made to improve Beancount.io.

1. We upgraded the server and sped up the service up to 30%. Service availability was also greatly improved.
2. We upgraded the MIT-licensed open-source software Fava to version 1.17. It fixed various bugs and added many new features.

Feeling excited? Try it now at https://beancount.io/ledger/

Having questions? We will be there for you at https://t.me/beancount :)

Beancount.io is excited to announce the brand new rewards program for developers in our community! A Security Bug Bounty program is an open offer to external individuals to receive compensation for reporting beancount.io and open-sourced Beancount mobile bugs related to the security of the core functionality.

No technology is perfect, and we believe that working with developers, engineers, and technologists across the globe is crucial in identifying weaknesses in our project while building. If you think you’ve found a security issue in our product or service, we encourage you to notify us. We welcome working with you to resolve the issue promptly.

Campaign Period​

2020-10-15 17:00 PST to 2020-11-30 17:00 PST

Scope​

The following components of Beancunt are included in 1 Stage of the Bug Bounty Campaign:

1. beancount.io/ledger : Your personal finance manager.
2. open-sourced Beancount mobile

Steps to participate and report bugs​

• If it is NOT related to personally identifiable information (PII) and exact ledger data. Provide information about bugs through the GitHub ISSUE request in https://github.com/puncsky/beancount-mobile/issues/:
  • Asset. Chose the repository the bug is related to and create a “New Issue” in it.
  • Severity. Chose the level of vulnerability according to “Qualifying Vulnerabilities”
  • Summary — Add a summary of the bug
  • Description — Any additional details about this bug
  • Steps — Steps to reproduce
  • Supporting Material/References — Source code to replicate, list any additional material (e.g., screenshots, logs, etc.)
  • Impact — What impact does the found bug has, what could an attacker achieve?
  • Your name, country, and Telegram id for contact.
• If it is related to PII and exact ledger data, contact puncsky on Telegram and send the information above.
• The Beancount.io team will review all bugs and will provide you with feedback as quickly as possible via the comments on the page with a specific bug or via Telegram in person if it is related to PII and exact ledger data.
• Distribution of rewards will be carried out in Physical Gift, Gift Card, or USDT equivalent after the campaign finishes around 2020-12-01 PST.

Qualifying vulnerabilities​

To qualify for the bounty, the security bug must be original and previously unreported.

Only the following design or implementation issues that substantially affect the stability or security of Beancount.io are qualified for the reward. Common examples include:

• Leak of the PII and ledger data while the host machine is not compromised
• A special action that causes the entire website or mobile app to suspend or crash
• A user impacts another user without prior access grant

For scenarios that do not fall within one of the above categories, we still appreciate reports that help us secure our infrastructure and our users and reward those reports on a case-by-case basis.

Out of Scope Vulnerabilities​

When reporting vulnerabilities, please consider the attack scenario, exploitability, and security impact of the bug. The following issues are considered out of scope, and we will NOT accept any of the following types of attacks:

• Denial of service attacks
• Phishing attacks
• Social engineering attacks
• Reflected file download
• Software version disclosure
• Issues requiring direct physical access
• Issues requiring exceedingly unlikely user interaction
• Flaws affecting out-of-date browsers and plugins
• Publicly accessible login panels
• CSV injection
• Email enumeration / account oracles
• CSP Weaknesses
• Email Spoofing
• Techniques allowing you to view user profile photos (these are considered public)

Rewards​

The prize for the most critical bug exposing PII and ledger data is an AirPods Pro (in the U.S.) or USDT equivalent.

The prize for a security bug is a $20 Amazon Gift Card or USDT equivalent.

We are a small team with a limited budget and could distribute only

• 1 AirPods Pro for all.
• 10 $20 rewards per month, up to 3 months. If the actual case exceeds that amount in that month, we will send the remaining reward in the next month. ($600 in total for this campaign)

Got questions?​

Ask us at https://t.me/beancount

Privacy is core to our DNA, our culture, and our values. We are committed to protecting your data across our systems.

And today, we are excited to open-source Beancount mobile. That means the code is publicly available, scrutinized by people. That level of transparency ensures both the security of the App, and your peace of mind concerning what we do with your data.

Open source gives our customers more choices on the market and better solutions in many ways. We build Beancount.io on top of excellent open-source projects and hope to open source as many modules of our system as possible in the future. And Beancount mobile is just the beginning of this journey :)

We're excited to announce version 0.4.0 of the Beancount app, bringing new features and improvements to enhance your financial management experience.

What's New​

📧 Email Report Subscription​

Stay on top of your finances with customizable email reports. Choose what financial information you want to receive and how often you want to receive it. Perfect for:

• Monthly budget reviews
• Weekly spending summaries
• Account balance updates

📢 Announcement Section​

Never miss important updates! Our new announcement section keeps you informed about:

• Latest features and improvements
• Tips for better financial tracking
• Community news and events

Performance Improvements​

As always, we've made the app faster and more reliable, ensuring a smooth experience as you manage your finances.

Share Your Thoughts​

Your feedback drives our development. Love the new features? Rate us on the app stores and help shape the future of Beancount!

Need Help?​

Join our community on Telegram for support, tips, and discussions about personal finance management with Beancount.

We're excited to announce a major milestone in Beancount's evolution: the launch of our dedicated mobile apps for both iOS and Android platforms! This release directly addresses one of the most frequent requests from our community – the ability to manage your ledger efficiently on mobile devices.

Key Features​

• Quick Transaction Entry: Seamlessly add new transactions on the go
• Mobile Financial Reports: Access your financial insights anywhere, anytime
• Direct Ledger Editing: Full access to your ledger file through an optimized web view
• Cross-Platform Sync: Keep your financial data consistent across all your devices

Community-Driven Development​

This release marks just the beginning of our mobile journey. We're committed to evolving these apps based on your needs and feedback. Join our vibrant community on Telegram at https://t.me/beancount to discuss Beancount, share your experience, and help shape future features.

Our Vision​

At Beancount, our mission is to empower everyone to achieve better financial control and understanding. These mobile apps represent a significant step toward that goal, with many more exciting features and tools on our roadmap.

Why Modern Bookkeeping Matters​

Still managing your investments with spreadsheets? While spreadsheets are versatile, they can become cumbersome and error-prone as your investment portfolio grows. Enter Beancount.io – a sophisticated yet user-friendly investment tracking platform designed specifically for managing stock and cryptocurrency portfolios. Built with engineers and financial minimalists in mind, Beancount.io combines powerful features with an intuitive interface to streamline your investment tracking experience.

Double-entry Bookkeeping: The Foundation of Accuracy​

Beancount.io is built on the principles of double-entry accounting – a time-tested methodology used by financial institutions worldwide. This system ensures mathematical accuracy through a simple yet powerful concept: every financial transaction must balance perfectly.

In double-entry bookkeeping, each transaction requires at least two entries – a debit (+) and a credit (-) – across different accounts. This built-in verification system makes it virtually impossible to record unbalanced transactions, ensuring your financial records remain accurate and reliable.

1970-01-01 open Income:BeancountCorp
1970-01-01 open Assets:Cash
1970-01-01 open Expenses:Food
1970-01-01 open Assets:Receivables:Alice
1970-01-01 open Assets:Receivables:Bob
1970-01-01 open Assets:Receivables:Charlie
1970-01-01 open Liabilities:CreditCard

2019-05-31 * "BeancountCorp" "Salary of May 15th to May 31st"
  Income:BeancountCorp               -888 USD
  Assets:Cash                         888 USD

2019-07-12 * "Popeyes chicken sandwiches" "dinner with Alice, Bob, and Charlie"
  Expenses:Food 20 USD
  Assets:Receivables:Alice 20 USD
  Assets:Receivables:Bob 20 USD
  Assets:Receivables:Charlie 20 USD
  Liabilities:CreditCard -80 USD

As you can see in the two examples above, every transaction must fulfill the accounting equation.

Assets = Liabilities + Equity(aka Net Assets)

We used the Beancount syntax by Martin Blais and the web project Fava by Jakob Schnitzer to build this website. And it will alert you if any transaction has any legs not summing to zero.

Now you understand how we enforce the correctness of the ledger. But you may ask what are those "accounts"?

Understanding Accounts: The Water Bucket Analogy​

Think of your financial accounts as a system of interconnected water buckets, where money flows like water between them. This analogy makes double-entry bookkeeping intuitive: when you transfer money from one account to another, it's like pouring water from one bucket to another – the total amount of water (money) in the system remains constant.

Beancount.io introduces five kinds of accounts.

1. Income — Its amount is always negative or in debit. This is because you are making money, and then the money is debiting from "Income" account and crediting to your "Assets."
2. Expenses — Its amount is always positive or in credit. This is because you are spending money, and the money is flowing from the "Assets" or "Liabilities" to the "Expenses."
3. Liabilities — Its amount is positive or zero. Your credit card liabilities are a good example, which rises and falls in cycles.
4. Assets — Its amount is positive or zero. Your cash or houses are always worth some prices.
5. Equity — Your net assets. The system will calculate automatically for you. Equity = Assets - Liabilities and it reflects how wealthy you are.

Now you can open your customized accounts with those keywords above:

1970-01-01 open Assets:Cash
1970-01-01 open Assets:Stock:Robinhood
1970-01-01 open Assets:Crypto:Coinbase
1970-01-01 open Expenses:Transportation:Taxi
1970-01-01 open Equity:OpeningBalance

Advanced Investment Tracking with Commodities​

Beancount.io excels at tracking diverse investments, from stocks to cryptocurrencies. Let's explore how it handles complex investment scenarios. For example, here's how you would record purchasing 10 Bitcoins at $100 each in 2014:

2014-08-08 * "Buy 10 Bitcoin"
  Assets:Trade:Cash -1000.00 USD
  Assets:Trade:Positions  10 BTC {100.00 USD}

And then three years later, you sell them (originally with costs of $100 per unit annotated with {100.00 USD}) at the price of $10,000 per unit annotated with @ 10,000.00 USD.

2017-12-12 * "Sell 2 Bitcoin"
  Assets:Trade:Positions                   -2 BTC {100.00 USD} @ 10,000.00 USD
  Assets:Trade:Cash                          20,000.00 USD
  Income:Trade:PnL                          -19,800.00 USD

Or the same transaction with @@ 20,000.00 USD means that at the price of $20,000 in total.

2017-12-12 * "Sell 2 Bitcoin"
  Assets:Trade:Positions                   -2 BTC {100.00 USD} @@ 20,000.00 USD
  Assets:Trade:Cash                          20,000.00 USD
  Income:Trade:PnL                          -19,800.00 USD

The sum of all legs of the transaction, including -2 BTC {100.00 USD}, are still, as always, zero.

The costs {100.00 USD} tag is important because you might have bought the same commodity at different costs.

100 BTC {10.00 USD, 2012-08-08}
10 BTC {100.00 USD, 2014-08-08}

If you want to simplify the process, you can set up the account at the beginning with FIFO or LIFO. FIFO stands for first in, first out, while LIFO stands for last in, first out. In the US, IRS uses FIFO to calculate your PnL and tax accordingly.

1970-01-01 open Assets:Trade:Positions "FIFO"

And then when you sell it in shorthand like -2 BTC {}, beancount will apply FIFO strategy automatically and sell the oldest commodity.

Getting Started with Beancount.io​

Beancount.io is a modern cloud-based financial management platform that transforms your text-based transaction records into comprehensive financial statements, including income statements, balance sheets, and trial balances. By combining the reliability of plain text files with powerful visualization tools, Beancount.io helps you maintain precise control over your financial life while gaining valuable insights into your investment performance.

Start your financial journey with Beancount.io - Free during our promotional period!