Explore feature guides, reports and exports, and our privacy-first security stance.
Pre-egress Encryption
A plain-language explanation of “encrypt before it leaves the device” — what it protects, and what it doesn’t.
Security Explainer
What it means
Pre-egress encryption means Solid Invoice encrypts your data before it exits your device — before it travels over the network, and before it is stored in the cloud.
Solid Invoice does not sync any data to third-party cloud services. If you enable iCloud Sync, encrypted data is sent only to Apple’s iCloud servers.
Key idea: what leaves your device is ciphertext. A service can store it and move it around, but it can’t read it.
Why it matters
Cloud compromise resistance: if a server is breached, attackers don’t get readable invoices or client lists.
Provider privacy: the sync provider only sees scrambled blobs — not business details.
TNO alignment: it supports TNO (Trust No One) by keeping control with you.
How to think about it
Imagine a locked safe:
Your device locks the safe and keeps the key.
The network only transports the safe.
The cloud can store the safe and deliver it to your other devices — but it cannot open it.
This is the core difference between “encrypt in transit” and “encrypt before leaving the device.”
What it does not do
Pre-egress encryption is powerful, but it’s not magic. A few practical notes:
Exports are separate: PDFs/CSVs you create may live outside the encrypted container depending on where you save/share them (see Privacy-Aware Exports).
Device security still matters: if someone has your unlocked device, they may access data through the app like you can.
Sharing is intentional: if you email a PDF, the recipient now has a copy — that’s the point of sharing.
