How We Protect Your Data

We built 2ATracker with the understanding that your firearms data is some of the most sensitive information you own. Here's exactly how we protect it.

Zero-Knowledge Encryption

Your serial numbers and trust names are encrypted with a key derived from your password using PBKDF2-SHA256 with 600,000 iterations.

This means:

  • We cannot read your serial numbers. Even with full database access, your encrypted data is indecipherable without your password.
  • Each user has their own unique encryption salt — no two users share a key.
  • If you forget your password, your encrypted data is mathematically unrecoverable. This is by design.
key = PBKDF2(password, user_salt, iterations=600000, hash=SHA-256)
ciphertext = Fernet(key).encrypt(serial_number)
NFA Document Encryption

Form 4 and Form 1 PDFs (which contain SSNs, addresses, and ATF stamps) are encrypted at rest on disk using Fernet symmetric encryption.

  • Documents are encrypted immediately after upload
  • OCR processing happens before encryption, then the plaintext is discarded
  • Decryption happens on-the-fly only when you download
  • Backups are GPG-encrypted before upload to cloud storage
Data Isolation

Every piece of data is tied to your account. No user can see another user's:

  • Firearms, suppressors, or parts
  • Serial numbers or NFA documents
  • Ammo inventory or shooting sessions
  • Uploaded photos

Sharing is opt-in — you explicitly choose which firearms to share and with whom.

Infrastructure Security
  • HTTPS everywhere — TLS 1.2/1.3, HSTS with preload
  • No tracking — zero analytics, zero ad trackers, zero third-party scripts (except Bootstrap CDN with integrity verification)
  • Encrypted backups — daily GPG-encrypted backups to isolated cloud storage
  • Container hardening — runs as non-root, dropped capabilities, no privilege escalation
  • Rate limiting — brute-force protection on all authentication endpoints
  • Audit logging — every document access is logged with timestamp and IP
  • Account deletion — you can permanently delete all your data at any time
What We Can't See
Encrypted (we CANNOT read):
  • Firearm serial numbers
  • Suppressor serial numbers
  • NFA trust names
  • NFA documents (Form 4 / Form 1 PDFs)
  • Backup archives
Not encrypted (visible to platform):
  • Firearm make, model, caliber (needed for builder/catalog features)
  • Ammo inventory counts
  • Shooting session dates and round counts
  • Your username and email

These fields are not encrypted because they power search, filtering, and the parts catalog. They contain no regulated information.

Open source commitment: Our security model is transparent by design. We believe the best security is security you can verify, not security you have to trust.