I had trouble finding a good FI planning and simulation tool that could model things in enough detail to finally ditch my spreadsheets... so I built one.
Would love it if any of you want to try it out. It does not involve linking any accounts and almost all the functionality is free. And if anyone wants to become a beta tester for the few premium features, you can use coupon code BETA-6001 for 60% off :)
Having "choose your theme" as almost the first question felt very out of place. Like, someone is really proud of those themes, more than any other part of the site :) I'd just leave that out completely, the default theme is fine and you can change it from the menu anyway. Everything else was really slick, but I didn't understand any of the goals (not in the US).
I love the website, (it actually helps a lot). I think there should be some way to print out the plans, to be used in real-life planning. Also, it would be nice if there was some sort of disclaimer on how the financial data we input is used, because that stuff can be sensitive, and could peer people off.
I've always wanted to build a tool like this, but never went around to it. I am a FIRE nerd, and have used and tried many FI tools. I am an active YNABer and I was looking for a tool for longterm planning. This looked interesting enough that I actually went ahead and got the premium plan for a year. Thanks for the coupon code. It came out at roughly $12/year, which I think is a great value to the kind of insights you can get. To create something like this on my own would take months, if not years. I also like the fact that I am not linking this to any of my real accounts.
I had the same experience and even tinkered around with building this myself!
IMO the biggest problem with existing calculators, and yours, is that you have to make some pretty strong assumptions about the future. How will rental & housing prices grow? What returns will I get on my investments? Depending on the numbers you put in you will get very different results, and most people are not good at predicting these!
I think the real value here will be to find a way to reduce the number of knobs that users have to specify in some way, with either expert estimates for these variables, or joint distributions of these variables so that users can explore scenarios like "stock market crash" without having to figure out how that could impact every variable.
You're right about those user estimates and various knobs having a potentially huge effect on results. When I introduce a Monte Carlo simulation mode, I hope to be able to offer better insights into how distributions around some of these variables will impact likelihood of success. I'll also continue to look for opportunities to create smart defaults and/or links to resources that can be used to help calibrate estimates based on historical data, locality, etc. Thanks for the comment!
This looks interesting but I think it is still a little bespoke. A feature request would be to add an anticipated pension, since that has a major effect on how much you need to put into a retirement savings account.
Yep, I know the word, and agree it's not uncommon.
My point was that user to whom I replied seems to be using it in a generally negative way.
> looks interesting but I think it is still a little bespoke
As if "bespoke" is the opposite of "interesting" or othwerwise a counterpoint to a good review. As I understand the word "bespoke", it carries no negative nor positive charge - just means "made individually to order", which seems irrelevant to this app.
I think the parent was trying to express that the app seemed designed for a specific demographic, and didn't generalize as well as it could. (And they therefore suggested a feature that would help it function well for a broader audience.)
I think you should make it a little more obvious that you start off without creating an account, because I was a little off put at first that it looks like Personal Capital, Mint, etc where you have to provide a bunch of personal info before even seeing anything.
Anyways very interesting graphs and stuff, I'd be interested if once you have the monte carlo simulations up if there was like a demo mode to just show what it did for a test person to show the value of what it could do for me.
Any thoughts on the best way to make this more obvious to new users? Just some copy on the front page saying you can test without an account? Or perhaps focus on the fact that there will be a "sandbox" where you can test everything right away with canned data(?)
For me personally it's fine as it is - I was simply positively surprised to see that I got to play around with it without creating an account first.
I suppose you could get more users that have a lower interest in the product to try it by adding either one or your solutions. Those that have a higher interest off the bat will click "Getting started" anyways (and expect to get an "Open account" dialogue).
Thanks! Do you mean like a feature tour video on the home page, or something more like quick "templates" you could choose from that would pre-populate everything with sample data?
I personally would like the second (like the data doesn't need to be realistic or anything but I would want to see what the scenarios are like that are being run), but a walk thru would work too.
Looks interesting, but based on the privacy policy terms of data usage, transferability, and so forth, I can't in good faith test with real financial data:
https://projectifi.io/privacy-policy.html
Everytime I see a tool that shouldn't need to be hosted remotely as a service and could reasonably be deployed to the client where they have more control over their data (not as a service), it's a non-starter for me. I get it, that's the industry model now and it's how you can get comped for your time investment, gain passive income, control IP, etc.
Unfortunately, those cost models will get no comp from me in any way. Having more data rights and ownership for a week or so free trial version where you can later shift to a pay model in which your data is still owned entirely by you during the entire course of the application usage would make more sense for people like me who still want privacy. I'm probably not the target market for something like this though and the number of people like me seem to be on the decline, so there's that.
Thanks for the feedback! I've thought about maybe creating a version which is wrapped up as an Electron app and runs natively and with no google analytics, etc. Does it sound like that might alleviate some of your concerns?
I guess I should also add that with the current web version, you can opt out of sending telemetry data via cookie preferences, and with the Premium version you choose whether or not you want your data persisted or not. (there is also a button to remove all your data at a later date if desired). Perhaps something else that might be helpful to add is an import/export button so you can save and load data locally(?)
Currently just google analytics dashboards showing things like navigation within the app and where users are dropping off during the onboarding process.
> I guess I should also add that with the current web version, you can opt out of sending telemetry data via cookie preferences, and with the Premium version you choose whether or not you want your data persisted or not.
Rather than ameliorate concerns about privacy, this intensifies them. This is the approach I would expect from a megacorporation hellbent on mining my private data to death while pointing to the by-sheer-coincidence-hidden option to opt out of telemetry. And the choice to pay for the ability to not be data-mined to death.
These are the design choices I expect from a product team that regards privacy as something to be defeated and evaded. It's the sort of thing I would expect from Facebook.
Perhaps a privacy-centered approach might be worth considering? What might the user experience look like if behavior was not tracked until the user explicitly consented to just specifically that? What if the ability to upload your data was a premium option, with the local-only privacy-preserving experience the default? What data do you need to let people do incredibly personal calculations, as opposed to what data do you want?
Oops, it seems my attempt to add clarity on the current implementation only added more confusion. Sorry about that. Let me try to break down the status quo in more detail.
1. User arrives on the site, no google analytics activated unless user accepts cookie settings (which includes option to accept some types and not others).
2. User onboards and creates a plan for free, experiments with app -- no plan data or results are transmitted. Everything done client-side in JavaScript and goes away on page refresh.
3. User decides to upgrade to premium. If they do, the app asks if they would like to enable persistent data. If they enable this feature, only then is plan data saved.
I think part of the disconnect is communicating what the app actually does vs. what the terms permit it to do in the future.
It sounds like you've put genuine thought into this, and your privacy policy is very readable, but it suffers from the generic "WTFPL" clauses.
For example, you clearly specify who the third-parties are and what data is shared, which again is commendable. But it's combined with "we may use your data for [any] other purposes", "we may sell and may have sold [extremely personal PII]", and so on.
Are you doing this? Doesn't seem like it. Could you? Apparently, and that's part of the concern.
I would really be interested in that approach as well. I don't necessarily need my data synced to the cloud. A way to import and export data for backups would be nice.
I just created an account but did not feel comfortable uploading data, having already associated my account with my identity via Gmail. Would love to run something locally.
You should be able to use the app without making an account. And plan data is not synced to the cloud unless you upgrade to premium and also explicitly enable that feature.
How is data hoarding evil? Data lets us improve things, know what services need to be made, connect everything better. There's potential for abuse as in anything but we don't call cough syrup evil.
Hoarding of any type is a disorder, just like how addiction used to (still is) be considered a moral defect.
Cough syrup not being evil -used as intended to alleviate symptoms but not cure OR chugged like a panacea ambrosia delivered by the gods- is such a weird analogy to write as the burden of use falls on the individual rather than the collector.
How dare people prescribed highly addictive advertised as nonaddictive cocaine start taking it spoonful up the butthole~
People thought that data is the new oil, but it turns out it's not. Data is the new uranium. Powerful, yet toxic and irradiates everything in proximity. You most emphatically do not keep large piles of it if you can help it, and if you do, you silo and audit the sh*t out of that to control access and prevent theft because the potential for abuse is very high.
I love the oil vs. uranium analogy. Uranium can be powerful and useful, but risky to hold, difficult to protect, and probably more of a liability than an asset.
This is exactly why I like to use this analogy as well. Being all naïve and starry-eyed about the potential of data without considering the fallout from its use belongs to the pre-GDPR stone age of technology.
I agree. The trend of handing over all your data (especially your financial data) to some nebulous service isn't exactly my favourite. Which is why I built https://ufincs.com, a nebulous service where you hand over all your financial data!
Yes, that was a joke.
In reality, uFincs is more of a stop-gap between what you seek (native app where you own the data) and what the status quo is (web-based app where your data ownage is dubious). Yes, uFincs is a web app, but we take the extra step to do client-side encryption so that the only financial data being stored in our database is a jumble of base64; I don't want to touch your actual financial data with a 10-foot pole.
Of course, like some other people in this thread have mentioned, having a completely client-side app is also pretty important. Well, we have exactly that: https://ufincs.com/noaccount. You can use uFincs right away, without any account, and the app works completely client-side, completely offline. You can even export your data and then re-import it later if you so prefer!
Of course, the tech that enables this 'no account' option is also what makes the logged-in app work offline-first, so I think it's pretty cool :)
And if anyone asks "Well, why a web app at all then?", it's because I wanted a web app. Yes, I do enjoy accessing my finances on all my devices, thank you very much. But we do have plans to build out standalone desktop/mobile apps in the future.
ufincs looks very cool! During my December holiday, I was thinking of making a web-based platform that had a more modern UI than GNUcash, and it looks like you built it already!
Just curious, what's your tech stack, how long have you been working on it, and how many users do you have?
That's exactly what uFincs is, a modern version of GnuCash! I had the exact same thoughts as you did :)
The simple tech stack breakdown is that the client-side is React + Redux + TypeScript + Sass. Of note, I use redux-saga, which has been an absolute boon for some of the more complex flows.
Design system is completely custom.
Backend API is Node + Feathers. Database is Postgres.
Marketing site is served separately from the app and is React + NextJS + Tailwind CSS.
I intend to write up a more complete breakdown of the tech stack sometime in the future.
In terms of how long it's taken to get this far, longer than I'd like to admit... there was a version '0.1' that was built as a capstone project over the course of 2019, then the redesigned version (uFincs as it exists now) that's been ongoing since the start of 2020.
And the user situation can look... misleading. I only 'officially' launched last week, so for the longest time the only user has been le-moi (and some friends that did testing), but I actually did just acquire my first paying customer yesterday!
It definitely isn't. At least, not yet. I've been thinking through different ways we could handle that aspect, but I don't have any concrete plans to open-source uFincs at the moment.
Assuming you had a perfect plug-in/extension system where I could write some JavaScript to create my own behaviors, that might do 80% of what people are looking for in the open source question.
I wonder if the "most private" way to do this would be to distribute as a jupyter notebook or some sort of local bundle/distro to run as a local webapp?
Well, uFincs is a PWA, so you could 'install' it that way. We send a little in-app notification whenever a new update is pushed, so you could theoretically just ignore those and never update to keep using that one version of uFincs forever (assuming your browser never decides to update it otherwise).
But yeah, in terms of more standalone distribution and sandboxing, that's where the future desktop/mobile apps would be more appropriate. Of course, they'd be Electron-esque, but that would at least fulfill my end-goals of being privacy-first, offline-first, and providing 'long-term' software.
You could store the data in the user's cloud (or local) storage, so you don't have a copy of the data.
Having an "encrypted" copy of the data, with a key controlled by you (unless there's some browser API for encrypting using the user's key?) is a lot shorter than a "ten foot pole"
That's the thing, the key isn't controlled by me. The key is derived from your account password. If you want some more technical details, feel free to check out https://ufincs.com/policies/security. tl;dr Yes, that browser API is called WebCrypto.
As for storage, all data is kept in-browser in local storage (specifically, IndexedDB), until it gets saved to our database. And before it leaves the browser to be saved in our database, it gets encrypted using the user's key.
Finally, if you only ever use the 'no account' option (https://ufincs.com/noaccount), then all your data is only ever stored in-browser; it never gets saved to our database because you don't even have an account to save it to! Feel free to monitor the network requests to prove it for yourself (or even turn off your network connection).
Hmm, that's a good question to add to the Security doc!
Not quite. See, we make use of a scheme called envelope encryption. That means we have two separate keys: one to encrypt your data (the 'data encryption key' or DEK) and one to encrypt the DEK (the 'key encryption key' or KEK). We use the KEK to encrypt your DEK to get something called the 'EDEK' (or 'encrypted data encryption key'). The EDEK is what we store in our database.
Something that never changes after you sign up is your DEK. This is completely random and not dependent on your password.
What is dependent on your password is your KEK. So when you change your password, all that actually changes is your KEK. With your new KEK, we just re-encrypt your DEK to get a new EDEK, and we store that new EDEK in our database. Again, the Security doc (https://ufincs.com/policies/security) outlines the basic process.
So no, all your data isn't passed back to the browser to be decrypted and re-encrypted when you change your password, but thanks for the question!
⇒ when users change their password, you have access to the DEK (you decrypt it and then encrypt it with the new KEK)
“one to encrypt your data (the 'data encryption key' or DEK)”
⇒ when users change their password, you could decrypt their data.
I think this boils down to “you don’t store user passwords, but when users change their password, they must trust you to not look at your data or store the KEK”.
The 'error', as you put it, is that the password change process (i.e. the changing of the KEK and the re-encryption of the DEK into the EDEK) all happens client-side (except for the part where we verify your old password against the hashed version in the database, for obvious reasons).
'We' have 'access' to your DEK at all times — if you define 'we' as the 'client-facing portion of the app'. All of the encryption/decryption, key management, etc happens on the client-side (i.e. in-browser). Remember, as part of signing in to the app, the EDEK is transmitted from our servers and decrypted client-side so that the client can then use that DEK to decrypt your data.
If we instead redefine 'we' to be the backend servers, database, or even myself personally, then 'we' never have access to your keys nor data.
The fact is, there's nothing special about the password change process itself. It's essentially the same as the sign-up process. Nothing is especially exposed during the password change process that isn't exposed during the sign-up process (again, the DEK is present on the client-side the moment you sign up or sign in, although the KEK is slightly more ephemeral than that).
However, I do understand the implication you're making here, and here's the darker side of it: 'we' (uFincs) could change the client-facing portion of the app to steal your DEK (or your password, or even your data) and send it off elsewhere. This is... just true of any piece of software. It just so happens that, since web apps can be arbitrarily updated, it's a lot easier for us to act maliciously if we so chose (although, at least with web apps, inspecting network requests is quite easy).
So indeed, there is an element of trust here. You trust that I (or the entity known as 'uFincs') won't change the code in such a way that the security of the app is compromised. You also have to trust that we have such security measures in place that make it harder for some third-party malicious actor to forcefully change the operation of the app.
uFincs is not a trust-less system. Unfortunately, due to the nature of web apps (or even most apps for that matter), it simply cannot be. Anytime the code can be updated (and can't be audited), there is effectively zero security (for those who are particularly security-conscious). So if your (the general 'your') financial data is so sensitive that any chance of a leak would be utterly catastrophic, then don't even think of using uFincs.
But I like to think that putting these measures in place (particularly, using client-side encryption, not connecting to banks, not using any in-app analytics beyond our own, etc) is at least a step better — in terms of security and privacy — than what most other services do. And I like to think that, even if it's not perfect, it was still worth doing. Otherwise, I wouldn't have 'wasted' 2+ years of my life building uFincs :)
Thanks. I never would have thought “we encrypt” to mean “your browser encrypts”.
I think a few pictures showing how passwords and data flow between the user’s browser and the backend when you do various things would make your technical description easier to understand.
Lacking that, using phrases such as “our code, running in your browser” rather than that ambiguous “we”, would have made things clearer for me, too.
As I replied down below (https://news.ycombinator.com/item?id=26972907), I don't have any concrete plans to open-source it at the moment. However, I know this is a pretty big sticking point for some people, so I have been working through some plans on how we could do it.
In particular (but again, no promises), I want to start by open-sourcing the custom Redux middleware that we use to handle data encryption. I feel like that's one of the most important parts to open-source (ya know, since it's the foundation of uFincs' security), but it's a matter of getting everything in order.
That is a huge "living paycheck to paycheck" upcharge!
I get the incentive, but considering how financial planning can be most vital to folks with spotty income, I'd strongly encourage you to bring the price of the monthly plan down. Or perhaps a bare-bones "free" tier folks can use between paid months?
Yep, I agree, it's a pretty big upcharge. That's precisely why our 'free tier' is the 'no account' option (https://ufincs.com/noaccount). I'm not kidding when I say it's the full version of uFincs; the only (real) difference is that you don't have an account to sync to. And if you make sure to never log out (or take the time to export/import your data every time), then you can basically simulate having an account. It's just a free tier of 'inconvenience' rather than 'features' or some such.
But yeah, there's definitely some pricing psychology at play there. Thanks for taking the time to leave some feedback!
This looks like exactly something i've been after! I used to use an iOS app but really missed becuase able to access it on windows....but the pricing just seems way too high. Its more expensive than a photoshop sub...
Do you pay for desktop software though? Such tools could be built for desktops-first with no data ever leaving the machine, but people will scoff at paying for them...
No. After long years of trying to fix my financial life, I am sure of one thing that apps do not help. Simplifying it with a simple excel sheet is way more efficient because it is much more simple, realistic and more flexible too. Simple math, you make X, spend Y. If there is a new expense, add a new line in excel and finished. I tried many of these apps in the past. Excel wins every time. (For me.)
You might want to reconsider the name -- it looks way too similar to Google's Project Fi. Or at least the logo, which looks like cell phone reception bars, which even further reminds me of Project Fi.
Very few people I know understand and appreciate double entry bookkeeping for finances. I learned about it recently from beancount [1] and it was a revelation. I don't go overboard with detailed transactions and keep it high level with around 5 accounts salary/mortgage/cc/investments etc.
I now personally keep my raw data (monthly income/expense/balances) in a spreadsheet. I have 1 html file with js embedded that does my homegrown calculations (works great on a phone). Spreadsheet is updated monthly. I add data from my monthly bank statements (same day I pay my credit card bills so I don't forget). Run the calculations whenever I need to (so far has been very rare).
My takeaway: discipline around personal finances is more important than what tool, services or process I use.
Looking at my income/expense/balances and mapping to what happened last month, looking at trends is valuable. For me that comes from piggybacking on the critical routine/ritual of paying my bills.
The importance of this cannot be overstated. I used to use Mint when I was in college, but got sick of them pushing credit cards on me, and the uncomfortable feeling of giving a service full access to my bank account. I tried tracking all my expenses in a spreadsheet for a year, which worked fine, but wasn't the most flexible system (or rather, it very quickly became a UX monstrosity).
Now I use hledger, which has been fantastic. I back up the file to a shared drive that's sync'ed to my phone, so every time I get a message from the bank or pay with cash, I can immediately note it down (this would have been much less workable before I found the "cone" app) and track my spending across dozens of accounts.
There are some improvements that could be made as to the visualization of data, which I might write a quick webapp for, but in terms of simplicity, robustness, and ease of use, plaintext is definitely the way to go.
For "Financial Goals", allow me to opt set a fixed number, not just a percentage of income (i.e, if I want to max out my 401k).
When inputting investments, instead of having a field for the sum of the different categories, have line items, so I can add my copy/paste my 401k, IRA, etc into the website without having to add them up myself.
Thanks for the input! Within financial goals, if you're looking to max out your 401k, you could always put in a high percentage and it should stop contributions within the sim if it reaches the IRS limit. But you do have a great point -- it would be more useful to have additional input options there such as fixed amounts.
I agree, having a general % vs absolute value switch for entry boxes would be nice. I think about my 401K contributions in terms of dollars, and this forced percentages, ostensibly because many employers work that way and there's a focus on salary. Would be nice to just plug in, "My goal is $10000 per year" or whatever the goal is.
There is no reason at all for this to be server-hosted. I have of course done this for myself a very long time ago creating an effectively identical feature set using spreadsheets and even put them onto Microsoft's sharing pages (no idea what happened to them, it was such a long time ago).
I'm not saying this isn't a better solution than Excel. You work with what's available at the time. But there is nothing at all about the size of the data or complexity of the calculations that requires it to be centrally hosted. This is financial data and you're not a bank with reporting and privacy requirements being audited by state charter associations and federal law enforcement. No reason for people to trust you with this data. Make this an executable someone can put on their own machine. Don't require a network connection. Don't send telemetry.
Like Frost1x, though, maybe I'm just a minority and you don't need my business. Ultimately, do what the market will tolerate, I guess.
By doing all of the computation of user data clientside, and making all of the persistence in localstorage.
It’s very doable, especially with small data.
Unfortunately, you have to take projects’ words that they do this on good faith as an end user. You’d need to GET the app bundle, and then firewall the tab / disable your network interface to be certain that no data is leaking out. It’s not so easy to control this as an end user these days, and web apps can be quite sneaky.
Maybe we’ll see some innovation in this space from browsers in the future, where an app can identify itself as local only and then be sandboxed by the browser.
It might just be easier to partner with a respected company or companies that people trust with their money/data already. The biggest one that comes to mind that also seems a bit behind on the visualizations and sleek UI that this has would be Vanguard.
> Maybe we’ll see some innovation in this space from browsers in the future, where an app can identify itself as local only and then be sandboxed by the browser.
That would be a really cool 'HTML5' API — let the page do:
document.addEventListener('DOMContentLoaded', () => {
// some bootstrap
document.goOffline();
});
Which could prompt the user — "this web page wants to disable its own internet access. Do you want to continue? (Refresh the page to reload from server)[OK/Cancel]" — and then it can do longer use the internet & has its own storage which gets wiped before it's allowed back online.
Would allow all the benefits to devs of doing things in the browser (if that's their choice), & end-users could trust that it was truly offline.
I Agree very much with the general idea. One addition, though:
> Unfortunately, you have to take projects’ words that they do this on good faith as an end user
The same is true for applications running natively. Of course, those can be firewalled from any outgoing and incoming network traffic more easily. And they don’t feel like and don’t default to using a network connection all the time. But still, they could.
Any thoughts on the comments under the Frost1x post? (e.g. Electron app version, and/or import/export or local storage options for web premium users). Certainly local storage is very doable -- I didn't anticipate how hotly requested that might be. I'll also note that all calculations are actually already client-side.
I like the impression of your tool, but I share Frost1x’s reluctance. However, I was pleasantly surprised to read this up front:
> Free planning and projection tools that will never ask to link your financial accounts
If it were followed up by convincing me that my data is stored in LocalStorage and doesn’t leave my browser, I’d be sold :). I know I’d still have to trust you that you’re actually implementing what you claim, but I think I’d be willing to. After all, the same would be true for an application running natively: those, too, can submit my data “to the internet.”
For me personally, having an Electron app would not make much of a difference. Do I run your code in my Firefox or in a separate process? I’m still running your code on my machine. Maybe browser-based even has some advantage because it is sandboxed filesystem-wise. Not sure whether this holds true for Electron.
Import/export as CSV or whatever format would also be a huge plus for me.
As a last point, I’m not sure I understand the status quo: you are saying all caluclations are done client-side – but the results are stored server-side?
Thanks! A LocalStorage only option seems very doable. With all the interest expressed here, I'll add that to the roadmap. As for the status quo, without Premium no plan data is stored server-side. With Premium, plan data is stored server-side only if the user chooses to enable that feature. Calculations/projections are always made client-side and the results are not stored server-side.
The big problem is: installing a dubious (not saying this is dubious, but lets say anything not from a MNC) program on your computer might lead to a hostile takeover of your computer. But a web-based solution means your data is in somebodies else hand. So one has to pick ones poison...
I’d like to see everything as a web app (a secure sandbox everyone already has installed in their computer), but running with service workers and using indexeddb for persistence. Best of both worlds: you can access everything offline, the data stays local, and the app can’t infect your computer (absent a browser exploit that’d be bad news regardless)
For me I break it down as such: If it's supposed to be "social", I'll use the web based app (ie: twitter, etc). If it is personal (ie: banking), unless it is my actual bank, I want that on my machine.
Let me just say that I'm glad people like you and Frost1x are here, fighting the good fight. Ten years ago, I still though the "make an app on the web" thing was a fad that would go away soon, and the pendulum would swing back to native apps. That hasn't happened, and if anything, the practice of just putting it on the web has become the default, which is a little scary.
The web site looks great, and I sincerely appreciate the courage and vulnerability it takes to throw one's project to the "Show HN wolves," but I have to agree that this needs to be a native application (that I can demonstrably run with the network plug disconnected) for me to touch it with real financial information. It also needs to be "better than old-school desktop Quicken" for its use case, in order to un-sticky me from that application and migrate my 20+ years of data from it.
> That hasn't happened, and if anything, the practice of just putting it on the web has become the default, which is a little scary.
The problem is that everyone making something like this wants to have at least seven zeros in their bank account when they cash out after 5-10 years - selling licenses to a desktop app doesn't get you that.
How is installing an executable on my machine and then entering my financial info any less sketchy than entering my data into a website? The average user would still have to take it on faith that the data isn't going anywhere, and as an industry we have spent the last 20 years telling people not to download unknown software onto their systems. I think it would be a complete own-goal for the builder of this to switch to that model.
But the default expectations are very different. The default expectation for a web hosted application is that all your private stuff is stored in a database with dubious security, and if your data is stolen as a result the only consequences are a 'whoops, my bad' (at most!) from the company.
I started out using excel and quicken but at some point ended up using beancount, fava and python. There are so many variables like some investments are tax free, others are tax deferred, some are exempt from state but not federal taxes, etc. I didn't dive in too deep to the app, I agree with other comments here that it would be nice if he had some demo accounts with a few different scenarios, like single, family, different ages, incomes and investments to showcase how the modeling works.
There is absolutely a reason. It's a service and many people (myself included) don't want to download a desktop app to use it.
He's not asking for your SSN or your address. If you want to use a burner email and a VPN or enter fake data to try it out, you can. This hardline approach of "every service should be an open source desktop app that I can run with zero telemetry from my cabin in the woods with no internet" so often found on HN is clearly not the opinion of the majority of internet users.
Again, unless you provide some _other_ piece of data (full real name, email, etc) connecting that data back to you, I fail to see the harm. Regardless, no one is forcing you to use the site, or even provide real numbers. If anonymously providing your salary and savings data worries you then don't use it.
I'm trying to understand the concern but most of my worry around "historical financial data" would be actual transaction-level information, not rough summary figures to estimate a financial plan.
I just played around with the site myself and I didn't see anywhere that it imports data, plus the tagline on the homepage says "never ask to link your financial accounts"?
Isn't this essentially the same risk profile as like FIREcalc [1], or the NYT Rent or Buy calculator [2], or some portfolio analysis tool [3], are you saying that those shouldn't be online calculators either?
Looks fantastic. I entered some close to real numbers and found the flow fairly easy. I specifically like the edge-case prompts ("you didn't enter mortgage/rent, are you sure?"). In that case I just entered an average monthly total expenses, but I like the checks. The graphs at the end are nice. Something like a toast for "congrats your goals are probably going to happen" might be good.
I briefly tried this out. I prefer Personal Capital because it gives you a probability of meeting a retirement goal. I can see though how this would be a little nicer to use if you don't want to link your accounts as encouraged by Personal Capital.
Great job, I wish you the best! I'm sure you'll get lots of feedback about issues and will work to fix them. But overall the polish, simplicity, power, and uniqueness are an amazing start!
This was also posted 9 days ago [0], when OP created their account, with 3 other also freshly created accounts (with no other activity on them) praising it. Make of that what you wish.
Thank you for digging into this! Private finance data like this, submitted to a server, makes me uneasy. This isn't some calendar app or a game. The reputation of the site should be beyond reproach.
Fair point. I've been a long-time HN reader but never made an account before. After working hard building the app, I was excited to create my first post to share it, and mentioned to my friends I had posted it to HN. Evidently a few of them decided to create accounts to show support. If this was any kind of breach of HN etiquette, my sincere apologies -- that certainly was not the intent.
The comment that was being replied to didn't say that he'd posted more than once. The one to which OP was replying said that the article had been posted earlier, but not by whom.
Have you any proof? By the same justification, I could claim that you're a competitor, and trying to make things difficult for OP. Say you're not? Well, you are.
The explanation [0] they gave makes it a non-issue for me, but it’s very relevant mentioning in general, even more so for an app that asks for your financial data.
Nothing makes me more annoyed than when simulations like this make assumptions which don't make any sense. For example.
>"Note: currently, ProjectiFi taxes inheritance as ordinary income for simplicity and to maintain a conservative estimation strategy. More nuanced options that more closely mirror current inheritance tax liability scenarios are coming soon."
This is an absolutely ridiculous assumption. Federal inheritance/estate taxes in the US don't start until $11 million. If you can't figure that out your app is not ready to publish.
Tough crowd. I think this looks great. I've been managing these sorts of calculations manually, and I think there's definitely a market for better tools in the financial planning space. (I agree with removing the theme selector though.)
I'd love to see a little more flexibility in putting some kinds of numbers in, especially as someone not great with understanding financial data. For instance, I'm currently plugging numbers in about my mortgage. I know how much I currently pay per year in homeowner's insurance, but ProjectFi is asking me for the annual rate. I divided what I'm paying per year by the current estimated market value and got 0.3%... but I'm sure that's not accurate.
I had a similar problem with the mortgage insurance. I had to bring out my calculator to calculate the % it was asking for. Who pays mortgage insurance as a percentage of their mortgage? I think this should be a dollar amount, with inflation added.
I'd love to see some kind of pre-populated sample account to play around in. My willingness to test out an app has an inverse relationship to the number of forms that app asks me to complete to view its functionality. In this case, i felt like there were quite a few forms that I needed to fill out to get to the charts.
Beyond that feedback, I think this looks really interesting and would love to see where it goes.
265 comments
[ 3.7 ms ] story [ 399 ms ] threadWould love it if any of you want to try it out. It does not involve linking any accounts and almost all the functionality is free. And if anyone wants to become a beta tester for the few premium features, you can use coupon code BETA-6001 for 60% off :)
https://projectifi.io/
Edit: Tried again, but with PayPal, and it worked.
IMO the biggest problem with existing calculators, and yours, is that you have to make some pretty strong assumptions about the future. How will rental & housing prices grow? What returns will I get on my investments? Depending on the numbers you put in you will get very different results, and most people are not good at predicting these!
I think the real value here will be to find a way to reduce the number of knobs that users have to specify in some way, with either expert estimates for these variables, or joint distributions of these variables so that users can explore scenarios like "stock market crash" without having to figure out how that could impact every variable.
My point was that user to whom I replied seems to be using it in a generally negative way.
> looks interesting but I think it is still a little bespoke
As if "bespoke" is the opposite of "interesting" or othwerwise a counterpoint to a good review. As I understand the word "bespoke", it carries no negative nor positive charge - just means "made individually to order", which seems irrelevant to this app.
Edit: Hm, seems like sometimes it's a pair of handcuffs, and other times it's a more innocuous iron weight.
Anyways very interesting graphs and stuff, I'd be interested if once you have the monte carlo simulations up if there was like a demo mode to just show what it did for a test person to show the value of what it could do for me.
There are too many tools I never try because I get hit by the "Create account" dialogue.
I suppose you could get more users that have a lower interest in the product to try it by adding either one or your solutions. Those that have a higher interest off the bat will click "Getting started" anyways (and expect to get an "Open account" dialogue).
Everytime I see a tool that shouldn't need to be hosted remotely as a service and could reasonably be deployed to the client where they have more control over their data (not as a service), it's a non-starter for me. I get it, that's the industry model now and it's how you can get comped for your time investment, gain passive income, control IP, etc.
Unfortunately, those cost models will get no comp from me in any way. Having more data rights and ownership for a week or so free trial version where you can later shift to a pay model in which your data is still owned entirely by you during the entire course of the application usage would make more sense for people like me who still want privacy. I'm probably not the target market for something like this though and the number of people like me seem to be on the decline, so there's that.
Do you keep database backups?
Rather than ameliorate concerns about privacy, this intensifies them. This is the approach I would expect from a megacorporation hellbent on mining my private data to death while pointing to the by-sheer-coincidence-hidden option to opt out of telemetry. And the choice to pay for the ability to not be data-mined to death.
These are the design choices I expect from a product team that regards privacy as something to be defeated and evaded. It's the sort of thing I would expect from Facebook.
Perhaps a privacy-centered approach might be worth considering? What might the user experience look like if behavior was not tracked until the user explicitly consented to just specifically that? What if the ability to upload your data was a premium option, with the local-only privacy-preserving experience the default? What data do you need to let people do incredibly personal calculations, as opposed to what data do you want?
1. User arrives on the site, no google analytics activated unless user accepts cookie settings (which includes option to accept some types and not others).
2. User onboards and creates a plan for free, experiments with app -- no plan data or results are transmitted. Everything done client-side in JavaScript and goes away on page refresh.
3. User decides to upgrade to premium. If they do, the app asks if they would like to enable persistent data. If they enable this feature, only then is plan data saved.
It sounds like you've put genuine thought into this, and your privacy policy is very readable, but it suffers from the generic "WTFPL" clauses.
For example, you clearly specify who the third-parties are and what data is shared, which again is commendable. But it's combined with "we may use your data for [any] other purposes", "we may sell and may have sold [extremely personal PII]", and so on.
Are you doing this? Doesn't seem like it. Could you? Apparently, and that's part of the concern.
Maybe another analogy would be like if you had to give your full banking information to every restaurant your family dines at?
imo this is the single correct perspective to have about data
Cough syrup not being evil -used as intended to alleviate symptoms but not cure OR chugged like a panacea ambrosia delivered by the gods- is such a weird analogy to write as the burden of use falls on the individual rather than the collector.
How dare people prescribed highly addictive advertised as nonaddictive cocaine start taking it spoonful up the butthole~
- Offer a service.
- Claim that your service exists to make the world better in some vague way.
- Train yourself to sound like a compassionate, altruistic person that cares about others.
- Sell user data. Hide the information about what data is being sold and who is buying it and why as much as possible.
- Become wealthy selling data from users who trusted you.
- Buy bona-fide companies and put them to the service of your evil cause.
- Normalize evil behavior. Force other companies to become evil in order to compete.
- Turn the Internet into a privacy nightmare.
- Turn the field of computer science into satanism.
Yes, that was a joke.
In reality, uFincs is more of a stop-gap between what you seek (native app where you own the data) and what the status quo is (web-based app where your data ownage is dubious). Yes, uFincs is a web app, but we take the extra step to do client-side encryption so that the only financial data being stored in our database is a jumble of base64; I don't want to touch your actual financial data with a 10-foot pole.
Of course, like some other people in this thread have mentioned, having a completely client-side app is also pretty important. Well, we have exactly that: https://ufincs.com/noaccount. You can use uFincs right away, without any account, and the app works completely client-side, completely offline. You can even export your data and then re-import it later if you so prefer!
Of course, the tech that enables this 'no account' option is also what makes the logged-in app work offline-first, so I think it's pretty cool :)
And if anyone asks "Well, why a web app at all then?", it's because I wanted a web app. Yes, I do enjoy accessing my finances on all my devices, thank you very much. But we do have plans to build out standalone desktop/mobile apps in the future.
Just curious, what's your tech stack, how long have you been working on it, and how many users do you have?
The simple tech stack breakdown is that the client-side is React + Redux + TypeScript + Sass. Of note, I use redux-saga, which has been an absolute boon for some of the more complex flows.
Design system is completely custom.
Backend API is Node + Feathers. Database is Postgres.
Marketing site is served separately from the app and is React + NextJS + Tailwind CSS.
I intend to write up a more complete breakdown of the tech stack sometime in the future.
In terms of how long it's taken to get this far, longer than I'd like to admit... there was a version '0.1' that was built as a capstone project over the course of 2019, then the redesigned version (uFincs as it exists now) that's been ongoing since the start of 2020.
And the user situation can look... misleading. I only 'officially' launched last week, so for the longest time the only user has been le-moi (and some friends that did testing), but I actually did just acquire my first paying customer yesterday!
Congratz!
But yeah, in terms of more standalone distribution and sandboxing, that's where the future desktop/mobile apps would be more appropriate. Of course, they'd be Electron-esque, but that would at least fulfill my end-goals of being privacy-first, offline-first, and providing 'long-term' software.
Having an "encrypted" copy of the data, with a key controlled by you (unless there's some browser API for encrypting using the user's key?) is a lot shorter than a "ten foot pole"
As for storage, all data is kept in-browser in local storage (specifically, IndexedDB), until it gets saved to our database. And before it leaves the browser to be saved in our database, it gets encrypted using the user's key.
Finally, if you only ever use the 'no account' option (https://ufincs.com/noaccount), then all your data is only ever stored in-browser; it never gets saved to our database because you don't even have an account to save it to! Feel free to monitor the network requests to prove it for yourself (or even turn off your network connection).
Hopefully that makes things more clear.
Not quite. See, we make use of a scheme called envelope encryption. That means we have two separate keys: one to encrypt your data (the 'data encryption key' or DEK) and one to encrypt the DEK (the 'key encryption key' or KEK). We use the KEK to encrypt your DEK to get something called the 'EDEK' (or 'encrypted data encryption key'). The EDEK is what we store in our database.
Something that never changes after you sign up is your DEK. This is completely random and not dependent on your password.
What is dependent on your password is your KEK. So when you change your password, all that actually changes is your KEK. With your new KEK, we just re-encrypt your DEK to get a new EDEK, and we store that new EDEK in our database. Again, the Security doc (https://ufincs.com/policies/security) outlines the basic process.
So no, all your data isn't passed back to the browser to be decrypted and re-encrypted when you change your password, but thanks for the question!
⇒ when users change their password, you have access to the DEK (you decrypt it and then encrypt it with the new KEK)
“one to encrypt your data (the 'data encryption key' or DEK)”
⇒ when users change their password, you could decrypt their data.
I think this boils down to “you don’t store user passwords, but when users change their password, they must trust you to not look at your data or store the KEK”.
Where’s my error?
'We' have 'access' to your DEK at all times — if you define 'we' as the 'client-facing portion of the app'. All of the encryption/decryption, key management, etc happens on the client-side (i.e. in-browser). Remember, as part of signing in to the app, the EDEK is transmitted from our servers and decrypted client-side so that the client can then use that DEK to decrypt your data.
If we instead redefine 'we' to be the backend servers, database, or even myself personally, then 'we' never have access to your keys nor data.
The fact is, there's nothing special about the password change process itself. It's essentially the same as the sign-up process. Nothing is especially exposed during the password change process that isn't exposed during the sign-up process (again, the DEK is present on the client-side the moment you sign up or sign in, although the KEK is slightly more ephemeral than that).
However, I do understand the implication you're making here, and here's the darker side of it: 'we' (uFincs) could change the client-facing portion of the app to steal your DEK (or your password, or even your data) and send it off elsewhere. This is... just true of any piece of software. It just so happens that, since web apps can be arbitrarily updated, it's a lot easier for us to act maliciously if we so chose (although, at least with web apps, inspecting network requests is quite easy).
So indeed, there is an element of trust here. You trust that I (or the entity known as 'uFincs') won't change the code in such a way that the security of the app is compromised. You also have to trust that we have such security measures in place that make it harder for some third-party malicious actor to forcefully change the operation of the app.
uFincs is not a trust-less system. Unfortunately, due to the nature of web apps (or even most apps for that matter), it simply cannot be. Anytime the code can be updated (and can't be audited), there is effectively zero security (for those who are particularly security-conscious). So if your (the general 'your') financial data is so sensitive that any chance of a leak would be utterly catastrophic, then don't even think of using uFincs.
But I like to think that putting these measures in place (particularly, using client-side encryption, not connecting to banks, not using any in-app analytics beyond our own, etc) is at least a step better — in terms of security and privacy — than what most other services do. And I like to think that, even if it's not perfect, it was still worth doing. Otherwise, I wouldn't have 'wasted' 2+ years of my life building uFincs :)
I think a few pictures showing how passwords and data flow between the user’s browser and the backend when you do various things would make your technical description easier to understand.
Lacking that, using phrases such as “our code, running in your browser” rather than that ambiguous “we”, would have made things clearer for me, too.
In particular (but again, no promises), I want to start by open-sourcing the custom Redux middleware that we use to handle data encryption. I feel like that's one of the most important parts to open-source (ya know, since it's the foundation of uFincs' security), but it's a matter of getting everything in order.
I get the incentive, but considering how financial planning can be most vital to folks with spotty income, I'd strongly encourage you to bring the price of the monthly plan down. Or perhaps a bare-bones "free" tier folks can use between paid months?
But yeah, there's definitely some pricing psychology at play there. Thanks for taking the time to leave some feedback!
> If the Company is involved in an asset sale, Your Personal Data may be transferred.
The Personal Data is the asset. This is like saying: If we want to sell your financial data, we will do so.
> We may share Your personal information in the following situations:
> With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
You might want to reconsider the name -- it looks way too similar to Google's Project Fi. Or at least the logo, which looks like cell phone reception bars, which even further reminds me of Project Fi.
IMO, 99% of the real people know or care about Google's Project Fi.
But yes, this should really be an client-side / offline app.
Very few people I know understand and appreciate double entry bookkeeping for finances. I learned about it recently from beancount [1] and it was a revelation. I don't go overboard with detailed transactions and keep it high level with around 5 accounts salary/mortgage/cc/investments etc.
I now personally keep my raw data (monthly income/expense/balances) in a spreadsheet. I have 1 html file with js embedded that does my homegrown calculations (works great on a phone). Spreadsheet is updated monthly. I add data from my monthly bank statements (same day I pay my credit card bills so I don't forget). Run the calculations whenever I need to (so far has been very rare).
My takeaway: discipline around personal finances is more important than what tool, services or process I use.
Looking at my income/expense/balances and mapping to what happened last month, looking at trends is valuable. For me that comes from piggybacking on the critical routine/ritual of paying my bills.
1: https://beancount.github.io/docs/the_double_entry_counting_m...
Now I use hledger, which has been fantastic. I back up the file to a shared drive that's sync'ed to my phone, so every time I get a message from the bank or pay with cash, I can immediately note it down (this would have been much less workable before I found the "cone" app) and track my spending across dozens of accounts.
There are some improvements that could be made as to the visualization of data, which I might write a quick webapp for, but in terms of simplicity, robustness, and ease of use, plaintext is definitely the way to go.
For "Financial Goals", allow me to opt set a fixed number, not just a percentage of income (i.e, if I want to max out my 401k).
When inputting investments, instead of having a field for the sum of the different categories, have line items, so I can add my copy/paste my 401k, IRA, etc into the website without having to add them up myself.
Great work!
I'm not saying this isn't a better solution than Excel. You work with what's available at the time. But there is nothing at all about the size of the data or complexity of the calculations that requires it to be centrally hosted. This is financial data and you're not a bank with reporting and privacy requirements being audited by state charter associations and federal law enforcement. No reason for people to trust you with this data. Make this an executable someone can put on their own machine. Don't require a network connection. Don't send telemetry.
Like Frost1x, though, maybe I'm just a minority and you don't need my business. Ultimately, do what the market will tolerate, I guess.
It’s very doable, especially with small data.
Unfortunately, you have to take projects’ words that they do this on good faith as an end user. You’d need to GET the app bundle, and then firewall the tab / disable your network interface to be certain that no data is leaking out. It’s not so easy to control this as an end user these days, and web apps can be quite sneaky.
Maybe we’ll see some innovation in this space from browsers in the future, where an app can identify itself as local only and then be sandboxed by the browser.
That would be a really cool 'HTML5' API — let the page do:
Which could prompt the user — "this web page wants to disable its own internet access. Do you want to continue? (Refresh the page to reload from server)[OK/Cancel]" — and then it can do longer use the internet & has its own storage which gets wiped before it's allowed back online.Would allow all the benefits to devs of doing things in the browser (if that's their choice), & end-users could trust that it was truly offline.
> Unfortunately, you have to take projects’ words that they do this on good faith as an end user
The same is true for applications running natively. Of course, those can be firewalled from any outgoing and incoming network traffic more easily. And they don’t feel like and don’t default to using a network connection all the time. But still, they could.
> Free planning and projection tools that will never ask to link your financial accounts
If it were followed up by convincing me that my data is stored in LocalStorage and doesn’t leave my browser, I’d be sold :). I know I’d still have to trust you that you’re actually implementing what you claim, but I think I’d be willing to. After all, the same would be true for an application running natively: those, too, can submit my data “to the internet.”
For me personally, having an Electron app would not make much of a difference. Do I run your code in my Firefox or in a separate process? I’m still running your code on my machine. Maybe browser-based even has some advantage because it is sandboxed filesystem-wise. Not sure whether this holds true for Electron.
Import/export as CSV or whatever format would also be a huge plus for me.
As a last point, I’m not sure I understand the status quo: you are saying all caluclations are done client-side – but the results are stored server-side?
Nice work!
The web site looks great, and I sincerely appreciate the courage and vulnerability it takes to throw one's project to the "Show HN wolves," but I have to agree that this needs to be a native application (that I can demonstrably run with the network plug disconnected) for me to touch it with real financial information. It also needs to be "better than old-school desktop Quicken" for its use case, in order to un-sticky me from that application and migrate my 20+ years of data from it.
The problem is that everyone making something like this wants to have at least seven zeros in their bank account when they cash out after 5-10 years - selling licenses to a desktop app doesn't get you that.
He's not asking for your SSN or your address. If you want to use a burner email and a VPN or enter fake data to try it out, you can. This hardline approach of "every service should be an open source desktop app that I can run with zero telemetry from my cabin in the woods with no internet" so often found on HN is clearly not the opinion of the majority of internet users.
They're asking for even worse - all your historical financial data. Why would you want to give some random guy on the internet that?
I just played around with the site myself and I didn't see anywhere that it imports data, plus the tagline on the homepage says "never ask to link your financial accounts"?
Isn't this essentially the same risk profile as like FIREcalc [1], or the NYT Rent or Buy calculator [2], or some portfolio analysis tool [3], are you saying that those shouldn't be online calculators either?
[1] https://firecalc.com
[2] https://www.nytimes.com/interactive/2014/upshot/buy-rent-cal...
[3] https://www.portfoliovisualizer.com
[0]: https://news.ycombinator.com/item?id=26862841
https://news.ycombinator.com/newsguidelines.html
https://news.ycombinator.com/newsfaq.html
The HN community considers it spamming and guards its integrity rather zealously.
Posting the same site twice in 2 weeks seems more than "occasional", and in my opinion, crosses the line from "look what I made" to self promotion.
[0]: https://news.ycombinator.com/item?id=26970025
>"Note: currently, ProjectiFi taxes inheritance as ordinary income for simplicity and to maintain a conservative estimation strategy. More nuanced options that more closely mirror current inheritance tax liability scenarios are coming soon."
This is an absolutely ridiculous assumption. Federal inheritance/estate taxes in the US don't start until $11 million. If you can't figure that out your app is not ready to publish.
Most developers want to build features that service the majority, then add more functionality later.
I'd love to see a little more flexibility in putting some kinds of numbers in, especially as someone not great with understanding financial data. For instance, I'm currently plugging numbers in about my mortgage. I know how much I currently pay per year in homeowner's insurance, but ProjectFi is asking me for the annual rate. I divided what I'm paying per year by the current estimated market value and got 0.3%... but I'm sure that's not accurate.
Beyond that feedback, I think this looks really interesting and would love to see where it goes.