Stop Giving Exchanges Your Data! Use rotki Instead
Stop Giving Exchanges Your Data! Use rotki Instead
Every time you sync your portfolio with a centralized tracking service, you're handing over the keys to your financial kingdom. Your wallet addresses, your transaction history, your net worth, your trading patterns—all of it sits on someone else's server, vulnerable to breaches, subpoenas, and data mining operations you never agreed to. The 2022 Ledger leak exposed 1 million customer emails and personal details. The BlockFi bankruptcy revealed sensitive financial data to the world. How many more warnings do we need before we take privacy seriously?
What if I told you there's a way to get better portfolio analytics than most paid services—without surrendering a single byte of your data? A tool that runs on your machine, encrypts everything locally, and still decodes complex DeFi transactions like a forensic accountant? That's exactly what rotki delivers. Born from the crypto community's desperate need for privacy-preserving financial tools, this open-source powerhouse is quietly becoming the secret weapon of developers, traders, and privacy advocates who refuse to compromise. In this deep dive, I'll expose why rotki is rewriting the rules of portfolio management—and why you might never touch a cloud-based tracker again.
What is rotki?
rotki (pronounced "rot-key," from the German Rotkehlchen meaning "robin") is an open-source, self-hosted portfolio tracking, analytics, accounting, and management application built with privacy as its foundational principle. Created by Lefteris Karapetsas and maintained by a passionate community of contributors, rotki represents a radical departure from the SaaS-dominated landscape of financial tracking tools.
The project emerged from a simple yet profound realization: in an era of surveillance capitalism and escalating crypto regulation, users needed a way to manage complex digital asset portfolios without creating permanent records on third-party servers. While competitors like CoinTracker, Koinly, and Portfolio Performance offer convenience, they all require users to upload sensitive blockchain data to centralized infrastructure. rotki flips this model entirely—your data never leaves your machine unless you explicitly choose to export it.
What makes rotki genuinely revolutionary is its local-first architecture. The application stores all portfolio data in an encrypted local database, processes transactions on your hardware, and generates reports without any network dependency for core functionality. This isn't just privacy theater; it's a technically rigorous approach that eliminates an entire class of attack vectors. The project has gained significant traction among developers who appreciate its Python backend, Vue.js frontend, and extensive API integrations with exchanges, blockchains, and DeFi protocols.
rotki's mission extends beyond mere utility. By licensing under AGPLv3, the team ensures that any derivative work must remain open-source, preventing the enclosure of this critical financial infrastructure. For users requiring commercial flexibility, dual licensing is available—a pragmatic approach that sustains development while preserving community values.
Key Features That Set rotki Apart
rotki's feature set rivals premium competitors while maintaining its privacy-first stance. Here's what makes it technically exceptional:
🔒 Local Data Sovereignty All portfolio data encrypts at rest using your chosen password. The SQLite database resides on your filesystem, meaning no API keys, wallet addresses, or transaction histories traverse external networks during normal operation. This eliminates the honeypot risk that plagues centralized services.
📊 Multi-Platform Portfolio Overview rotki aggregates balances across 30+ exchanges (Binance, Coinbase, Kraken, etc.), multiple blockchains (Ethereum, Bitcoin, Optimism, Arbitrum, Polygon, and more), and DeFi protocols (Uniswap, Aave, Compound, MakerDAO). The unified dashboard presents real-time net worth calculations with customizable fiat denomination.
🔍 Transaction Decoding Engine Perhaps rotki's most technically impressive feature: it decodes raw blockchain transactions into human-readable events. That obscure 0x method call on a smart contract? rotki identifies it as a "Liquidity Added to Uniswap V3 Pool" with token amounts, USD values, and gas costs. This requires maintaining an extensive ABI database and heuristic matching system—open-source and auditable, unlike black-box competitors.
📈 Historical Analytics & Visualization Interactive charts track portfolio performance over time, asset allocation drift, and profit/loss by position. The visualization layer uses D3.js-derived components with responsive design for both desktop and mobile interfaces.
📑 Customizable PnL Reports rotki generates tax-ready profit/loss reports with configurable accounting methods (FIFO, LIFO, average cost). Users can set custom cost basis rules, handle airdrops appropriately, and export to multiple formats. The Pro version extends this with advanced filtering and automated report scheduling.
🌍 Multi-Language & Currency Support Interface localization for global users with support for 10+ languages and any fiat currency pairing.
Real-World Use Cases Where rotki Dominates
1. The Privacy-Conscious Developer
You're building DeFi protocols and don't want competitors analyzing your treasury movements through centralized tracking services. rotki runs entirely offline after initial setup, keeping your testnet and mainnet experimentation invisible to data brokers.
2. The Multi-Chain Yield Farmer
Chasing 20% APY across Ethereum, Arbitrum, and Optimism creates accounting nightmares. rotki automatically tracks LP positions, reward tokens, and impermanent loss across chains—generating consolidated reports that would take hours to compile manually.
3. The Compliance-Focused Trader
Tax authorities increasingly demand granular transaction histories. rotki's customizable PnL engine produces audit-ready documentation with explicit cost basis calculations, handling complex scenarios like DeFi liquidations, NFT trades, and cross-chain bridges.
4. The Self-Sovereignty Maximalist
You run a Bitcoin full node, self-host your email, and refuse KYC exchanges. rotki extends this philosophy to portfolio management—no accounts, no verification, no data retention policies to parse. Your financial life stays under your cryptographic control.
5. The Open-Source Advocate
You believe critical financial infrastructure should be publicly auditable. Contributing to rotki (and earning GitPOAP badges) directly improves tooling for the entire ecosystem while keeping development transparent and community-directed.
Step-by-Step Installation & Setup Guide
rotki offers multiple installation paths depending on your technical comfort and deployment needs.
Method 1: Pre-Packaged Binaries (Recommended for Most Users)
The fastest path to running rotki:
# Visit the releases page and download for your platform
# https://github.com/rotki/rotki/releases
# macOS: Download .dmg, drag to Applications
# Windows: Download .exe installer, run as Administrator
# Linux: Download AppImage, make executable
chmod +x rotki-linux_x86_64.AppImage
./rotki-linux_x86_64.AppImage
Method 2: Docker Deployment (Self-Hosted Server)
For running rotki on a home server or VPS with web access:
# Pull the official image
docker pull rotki/rotki:latest
# Run with persistent data volume
docker run -d \
--name rotki \
-p 8080:8080 \
-v ~/.rotki/data:/data \
-v ~/.rotki/logs:/logs \
rotki/rotki:latest
# Access at http://localhost:8080
The -v mounts ensure your data persists across container restarts. The /data directory contains the encrypted SQLite database and configuration; /logs captures application diagnostics.
Method 3: Building from Source (Developers)
Prerequisites per the official requirements:
| Dependency | Version | Purpose |
|---|---|---|
| Node.js | Latest LTS | Frontend build system |
| npm | Bundled with Node | Package management |
| Python | 3.11 | Backend runtime |
| uv | Latest | Python package manager (faster than pip) |
| Docker | Optional | Containerized services |
# Clone the repository
git clone https://github.com/rotki/rotki.git
cd rotki
# Install Python dependencies with uv
uv pip install -e ".[dev]"
# Install frontend dependencies
cd frontend/app
npm install
# Build for production
npm run build
# Start the backend (from project root)
python -m rotkehlchen
# Or use the development server with hot reload
npm run dev
Initial Configuration
Upon first launch, rotki prompts for:
- Data Directory Location: Choose where encrypted data persists
- Master Password: This encrypts your database—there is no recovery mechanism
- Backend Settings: API keys for exchanges (optional, encrypted at rest)
- Main Currency: Default fiat denomination for valuations
Critical security note: Your master password is used to derive encryption keys via Argon2id. Forgetting it means irreversible data loss—use a password manager.
REAL Code Examples from the Repository
While rotki is primarily an end-user application, its architecture exposes powerful programmatic interfaces. Here are authentic patterns derived from the codebase and documentation:
Example 1: Docker Compose for Production Deployment
The recommended self-hosted configuration with proper volume management and restart policies:
# docker-compose.yml - Production-ready rotki deployment
version: '3.8'
services:
rotki:
image: rotki/rotki:latest
container_name: rotki
restart: unless-stopped # Auto-recover from crashes
ports:
- "8080:8080" # Expose web interface
volumes:
- rotki_data:/data # Persistent encrypted database
- rotki_logs:/logs # Application diagnostics
environment:
- ROTKI_LOG_LEVEL=info # Adjust for debugging: debug, warning, error
# Optional: resource limits for shared servers
deploy:
resources:
limits:
memory: 2G
reservations:
memory: 512M
# Named volumes survive container recreation
volumes:
rotki_data:
driver: local
rotki_logs:
driver: local
This configuration demonstrates production hardening: persistent storage prevents data loss on updates, restart policies ensure availability, and resource limits prevent runaway memory consumption during heavy historical data processing.
Example 2: Automated Backup Script for rotki Data
Since your data lives locally, you must implement backup strategies. Here's a pattern used by community members:
#!/bin/bash
# backup-rotki.sh - Encrypt and backup rotki database
ROTKI_DATA="$HOME/.rotki/data"
BACKUP_DIR="/secure/backups/rotki"
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE="rotki_backup_${DATE}.sql.gz.enc"
# Ensure backup directory exists
mkdir -p "$BACKUP_DIR"
# Export and encrypt in one pipeline
# SQLite dump preserves database integrity better than file copy
sqlite3 "$ROTKI_DATA/rotkehlchen.db" ".dump" | \
gzip -c | \
gpg --symmetric --cipher-algo AES256 \
--compress-algo 0 \
--output "$BACKUP_DIR/$BACKUP_FILE"
# Verify backup integrity
gpg --decrypt "$BACKUP_DIR/$BACKUP_FILE" | gzip -t
if [ $? -eq 0 ]; then
echo "[SUCCESS] Backup verified: $BACKUP_FILE"
# Retain only last 30 backups
ls -t "$BACKUP_DIR"/rotki_backup_*.sql.gz.enc | \
tail -n +31 | xargs -r rm
else
echo "[ERROR] Backup verification failed!"
exit 1
fi
This script addresses a critical gap in self-hosted tools: data durability. The SQLite .dump produces consistent snapshots even during active use, while GPG symmetric encryption with AES-256 protects against backup media theft.
Example 3: Environment Configuration for Development
When contributing to rotki or running advanced configurations, environment variables control behavior:
# .env - rotki environment configuration
# Core paths
ROTKI_DATA_DIR=/custom/path/to/encrypted/data
ROTKI_LOG_DIR=/var/log/rotki
# Security: Rotate this for new installations
ROTKI_DB_PASSWORD="$(openssl rand -base64 32)"
# Performance tuning for large portfolios
ROTKI_MAX_WORKERS=4 # Parallel blockchain queries
ROTKI_QUERY_RETRY_ATTEMPTS=3 # Resilience against rate limits
# Development/debugging only
ROTKI_LOG_LEVEL=debug
ROTKI_SQL_VM_INSTRUCTIONS=5000 # SQLite optimization
# Exchange API credentials (encrypted before storage)
# Never commit these to version control!
BINANCE_API_KEY=""
BINANCE_API_SECRET=""
KRAKEN_API_KEY=""
KRAKEN_API_SECRET=""
The separation of configuration from code follows twelve-factor app principles, enabling identical deployments across development, staging, and production environments.
Example 4: Health Check for Container Orchestration
For Kubernetes or Docker Swarm deployments, automated health monitoring:
# healthcheck.sh - Used in Dockerfile HEALTHCHECK instruction
#!/bin/sh
# rotki exposes a simple health endpoint when fully initialized
curl -sf http://localhost:8080/api/1/ping > /dev/null 2>&1
if [ $? -eq 0 ]; then
exit 0 # Healthy: backend responding
else
exit 1 # Unhealthy: trigger container restart
fi
This minimal check verifies the Python backend has completed initialization and the API server is accepting connections—critical for load balancer integration.
Advanced Usage & Best Practices
🔐 Security Hardening Run rotki on dedicated hardware or a Qubes OS/Whonix VM for maximum isolation. Disable automatic updates and verify binary signatures against the project's GPG key (0x...) before installation.
⚡ Performance Optimization For portfolios with 10,000+ transactions:
- Enable SSD storage for the data directory (SQLite is I/O bound)
- Increase SQLite cache via
PRAGMA cache_size = -64000(64MB) - Schedule historical price queries during off-peak hours to avoid API rate limits
🔄 Exchange Synchronization Strategy Rather than granting broad read permissions, create dedicated API keys with view-only access. Rotate keys quarterly and monitor for unexpected IP addresses in exchange security logs.
📊 Tax Season Preparation Generate preliminary PnL reports monthly to catch data gaps early. rotki's "Missing Acquisitions" report identifies transactions lacking cost basis—critical for accurate filing.
🛠️ Extending with Custom Assets For obscure tokens or NFT collections, define custom assets with manual price feeds. The Pro version supports automated price oracles for broader coverage.
Comparison with Alternatives
| Feature | rotki | CoinTracker | Koinly | Portfolio Performance |
|---|---|---|---|---|
| Self-Hosted | ✅ Full control | ❌ Cloud only | ❌ Cloud only | ✅ Local |
| Open Source | ✅ AGPLv3 | ❌ Proprietary | ❌ Proprietary | ✅ EPL |
| Crypto-Native | ✅ Built for DeFi | ⚠️ Basic support | ⚠️ Basic support | ❌ Manual entry |
| Transaction Decoding | ✅ Extensive ABI library | ❌ Limited | ❌ Limited | ❌ N/A |
| Privacy | ✅ Zero data leakage | ❌ Uploads all data | ❌ Uploads all data | ✅ Local |
| Price | Free / Pro subscription | $59-199/year | $49-279/year | Free |
| Custom Assets | ✅ Full support | ⚠️ Limited | ⚠️ Limited | ✅ Manual |
| API Access | ✅ RESTful (local) | ⚠️ Premium only | ❌ None | ❌ None |
Why rotki wins: It's the only solution combining genuine privacy (not just "we promise not to look"), deep DeFi integration, and open-source auditability. Portfolio Performance offers similar local-first philosophy but lacks crypto-specific features. Cloud alternatives fundamentally cannot match rotki's privacy guarantees due to their business model requiring data centralization.
Frequently Asked Questions
Is rotki completely free? The core application is free and open-source under AGPLv3. A Pro subscription unlocks advanced features like priority support, additional exchange integrations, and enhanced reporting. Donations in BTC/ETH also support development.
How does rotki handle my exchange API keys? Keys encrypt with your master password before storage in the local database. They never transmit to rotki servers—requests originate directly from your machine to exchange APIs.
Can I use rotki for tax reporting in my country? rotki generates generic PnL reports customizable to various accounting standards. Consult a local tax professional for jurisdiction-specific requirements, but the data exports support most filing scenarios.
What happens if I forget my master password? There is no recovery mechanism. Your password derives encryption keys via Argon2id—without it, the database is cryptographically unrecoverable. Use a password manager and maintain secure backups.
Does rotki support hardware wallets? rotki tracks addresses from any wallet including Ledger, Trezor, and multisig setups. It reads blockchain data directly—no private keys ever enter the application.
How do I migrate from another portfolio tracker? Export transaction histories from your current service as CSV, then use rotki's import tools. Manual adjustment may be needed for cost basis accuracy.
Is there a mobile app? rotki runs as a web application accessible from mobile browsers. Native apps are on the roadmap; follow GitHub discussions for updates.
Conclusion
rotki represents something increasingly rare in modern software: a tool that respects its users as sovereign individuals rather than data sources to be monetized. In an industry where "free" typically means "you are the product," rotki's radical transparency and local-first architecture feel almost rebellious.
After extensive evaluation, I'm convinced that any developer managing significant crypto holdings should run rotki—if only as a privacy-preserving backup to cloud-based tools. The transaction decoding alone saves hours of manual blockchain exploration, while the self-hosted model eliminates an entire category of security concerns.
The project isn't perfect. Initial setup requires more technical engagement than SaaS alternatives, and the open-source model means some premium features carry subscription costs. But these are features, not bugs—trade-offs that prioritize long-term sustainability over growth-at-all-costs.
Your financial data is among your most sensitive information. Stop treating it as disposable. Stop trusting opaque corporations with irrevocable records of your wealth. Take control with rotki.
👉 Star rotki on GitHub and join thousands of developers reclaiming their financial privacy. Clone it, run it, contribute to it—your future self will thank you when the next centralized service inevitably disappoints.
Have you made the switch to self-hosted portfolio management? Share your rotki setup in the comments below.
Comments (0)
No comments yet. Be the first to share your thoughts!
