Private, local portfolio management (Rotki at EthCC)

Source: https://www.youtube.com/watch?v=ZYdgPtxVZ3s

Private, local portfolio management (Rotki at EthCC)

The problems

We have the newbie user who makes their first transaction, and everything is great. Then suddenly they realize that there is more. (Ethereum, Optimism, Arbitrum, Gnosis, Cello, Scroll, Polygon, BSC, ZK-Sync, Base, Zora...)

EVM is indeed probably one of the most well-used tech stacks, but it's not the only one Monero, Cosmos, Bitcoin, Polkadot, Solana, DFINITY)

When we want to buy/sell crypto, we often have multiple exchange accounts due to moving countries or asset availability.

The more we use exchanges, the more it is risky (the barred names are bankrupt exchanges)

Numerous decentralized finance (DeFi) protocols on each network (Uniswap, Aave, Velodrome, Bayes Aerodrome, Osmosis, Crescent, Kudzira)

There is an overwhelming number of protocols and accounts to track as a DeFi user (not to mention the networks above)

Need tools to manage (3:00)

Unless we only hold Bitcoin or Ether, we need tools to manage our crypto portfolio, and there are many crypto portfolio trackers and management tools available.

Rotki is a portfolio tracker built by Lefteris Karapetsas and his team since 2017. It is an open-source and fully transparent tool, allowing users to inspect the code.

Rotki provides a "bird's eye view" of our portfolio, tracking across exchanges, blockchain networks, and DeFi protocols. It offers customization features to cater to individual user needs.

Issues with closed-source crypto management tools:

  • Most crypto portfolio trackers are closed-source, which raises trust issues.
  • Users cannot verify the calculations or how their data is handled in closed-source tools.
  • Closed-source tools are dependent on the company that created them, and their fate is tied to the company's survival.

A German company forked Rotki's open-source code and created a closed-source portfolio tracker.

Lefteris and his team took legal action, and the company eventually shut down. This highlights the risk of closed-source tools disappearing if the company behind them fails.

Centralized software-as-a-service (SaaS) crypto management tools pose significant risks to user privacy and security.

Users' sensitive financial data is entrusted to a third party, who can potentially misuse, sell, or lose it through hacks or accidental leaks.

"Privacy" Policy (7:45)

Privacy policies often claim to "respect our privacy," but this is a standard claim made by many tools. Most people do not read the privacy policies of the tools they use.

If the company wants to, the privacy policy allows it to:

  • Keep all technical data (IP addresses, locations, etc.) indefinitely
  • Retain all communication and user data even after account closure for at least 10 years
  • Create user profiles based on behavioral and preference data
  • Collect additional data about users from public sources like debt registers, media, and social media

Privacy policies do not provide real protection, as hackers or other parties can still access the data. So they cannot eliminate the need for trust in centralized crypto management tools.

Users should not have to trust the dev team, database admins, or the website security of centralized tools. The goal should be to use software that is fundamentally incapable of misusing or leaking user data.

For centralized services, data leaks are inevitable, not just a possibility. Some real examples:

  • Evolve Bank, Wwise, and the Ledger data leak incidents.
  • Physical robberies and attacks on users whose data was exposed
  • Laws in some countries (e.g., Sweden) that make it easy to find people's addresses and income information.

Active management makes it worse, like 3Commas and CoinStats, where user funds were stolen due to leaked API keys. The CEO of 3Commas initially blamed users before admitting the company's fault.

Leaked data can include users' net worth, taxable activities, addresses, and sensitive API keys.

We need Self-sovereign applications (14:30)

Self-sovereign apps give users ownership and control over their data.

Characteristics of self-sovereign, local-first software:

  • Majority of functionality is local, with minimal network reliance.
  • All data is stored locally on the user's device.
  • Prioritizes user privacy and security.
  • Should be open-source to promote transparency, community involvement, and innovation.

Speaking about it, Rotki is a self-funded, grant-funded crypto portfolio management tool. It aims to be a "self-sovereign" solution that does not require trusting third-party services.

Lefteris encourages users to use Rotki for their benefit, rather than for Rotki's growth as a company.

The future vision for Rotki:

  • Integrating active management features, allowing users to trade directly from within the app.
  • Connecting to traditional finance tools like SEPA transfers through integrations (e.g., Monerium).
  • Expanding support for more blockchain networks and DeFi protocols.
  • Improving performance and speed of the application.

Lefteris encourages users to use Rotki, share it with others, and contribute to the project as open-source contributors or by purchasing the premium version.

He emphasizes that Rotki's growth relies on word-of-mouth and user adoption, rather than a traditional marketing approach.

Questions & Answers (24:20)

Does Rotki do tax and basis tracking?

Rotki has different cost basis calculation methods (FIFO, HIFO, LIFO, average cost basis). It doesn't automatically generate tax reports or transmit data to tax authorities.

Users who use it for accounting and tax reporting need to do some manual work with the data.

Does Rotki have export functionality?

Users can export data based on the filters they apply, e.g., export a CSV file.

Rotki also has a Profit and Loss (P&L) report, but the developers are transitioning to using the filtered transaction history view instead of a monolithic P&L report.

Users can edit transaction details like type, subtype, etc. within Rotki.