-
Talinn, Estonia
-
-
support@lnsolutions.ee

Back in the day I used the now-defunct site coin.fyi or coinexplorers.com to track my portfolio. When they disappeared, I looked at the alternatives — and none of them adapted to my necessities. The main one: a private, encrypted portfolio management platform in the style of ProtonMail. One where the service provider itself cannot see what I hold. So I decided to create my own: Coinwatch.space.
Privacy is something we take for granted, but in today’s digital world it’s actually very rare. Data leaks and “$5 wrench attacks” are unfortunately becoming common. A $5 wrench attack refers to a real-world threat: instead of hacking crypto wallets, criminals simply use physical force or intimidation to steal private keys. As crypto adoption grows, so does this troubling shift from online exploits to offline crime.
I learned this the hard way. When hardware wallet manufacturer Ledger suffered its data breach, over a million email addresses were exposed. Not only was my email leaked — so were my phone number and my home address. I had to incur the cost of moving to another residence, and live with the paranoia of a possible attack. And this keeps happening: as recently as January 2026, Ledger leaked customer personal data again.
Here’s the uncomfortable truth about portfolio trackers: they are an even juicier target than a wallet vendor’s shipping database. A wallet vendor’s leak tells an attacker you probably own crypto. A portfolio tracker’s database tells them exactly how much you own, in which coins, and when you bought it. If that data sits in plaintext on someone’s server, you are one breach away from being on a criminal’s shopping list.
Every tracker I evaluated stored my holdings in plaintext on their servers. Many wanted read access to my exchange accounts via API keys. Some were “free” — which usually means the portfolio data is the product. That was a hard no for me.
What zero-knowledge actually means at Coinwatch.space
The heart of coinwatch.space is the Privacy Vault — client-side, end-to-end encryption modeled on how ProtonMail treats your email:
- Your vault password never leaves your device. It’s run through Argon2id (a memory-hard key derivation function) to derive an AES-256-GCM encryption key — in your browser, not on the server.
- Quantities, prices, cost basis, notes, and loan amounts are stored as ciphertext in the database. If our servers were breached tomorrow, the attacker would get encrypted blobs, not a target list.
- Your browser does the math. The server provides market prices; your device decrypts your holdings locally and computes portfolio value client-side. We never see the result.
- Tax reports and AI sessions are opt-in compute moments. You enter your vault password to authorize a single in-memory session — nothing is persisted in plaintext afterward. Even your AI chat history is encrypted.
- On mobile, the vault password lives in the iOS Keychain / Android Keystore with hardware-backed encryption at rest.
And it goes beyond encryption:
- Sign in without an email address. coinwatch.space supports Nostr authentication — log in with your Nostr key and never hand over an identity at all. No KYC, no mandatory personal data.
- No exchange API keys required. You import your history from the CSV exports your exchange already gives you. I never ask for live access to your accounts.
- DeFi positions are read from public on-chain data (Aave V3, Compound V3) — nothing to hand over there either.
Everything else a serious portfolio tracker should do
Privacy would be pointless if the tool underneath were weak. Coinwatch.space is a full portfolio intelligence platform:
📊Real-time portfolio tracking. Unlimited portfolios, 20+ display currencies, live prices aggregated from major exchanges, 1h / 24h / all-time profit and loss. Import your trade history via CSV from exchanges like Bitfinex, Poloniex, or Wirex — including the messy stuff like split fee rows and credit lines.
🧾Automated, country-specific tax reports. This is where most trackers fall flat. Coinwatch.space generates capital-gains reports built on country-specific rules (Germany, Czech Republic, Slovakia, and more), correctly handling staking rewards, airdrops, and mining income. PDF and CSV export, ready in minutes — and with the Privacy Vault enabled, even your generated reports are stored encrypted. With MiCA now in force across the EU, this went from “nice to have” to mandatory.
🤖 An AI assistant that respects both your money and your privacy. The built-in AI assistant, can analyze your actual holdings, answer market questions, and run tax optimization — finding harvestable losses and lots approaching long-term exemption thresholds. Crucially, all numbers are computed deterministically by the tax engine; the AI explains, it doesn’t guess. It runs on privacy-respecting open models with a prepaid credit system — no subscription lock-in, and your data is never training material. Your AI agent even has a memory and persona you can edit as you like.
🏦 Loan and DeFi tracking with LTV alerts. If you borrow against your crypto (Aave, Compound, or centralized lenders), Coinwatch.space monitors your loan-to-value ratio and warns you before liquidation risk becomes liquidation reality.
🔔 Smart notifications. Price alerts, LTV threshold warnings, and loan payment reminders — delivered by push (iOS/Android) or email.
📰 News that matters to you. A curated feed filtered to the coins you actually hold, aggregated in part over the Nostr network.
🌍 Built for Europe, from day one. The full experience is available in 10 languages — English, German, French, Spanish, Italian, Portuguese, Polish, Czech, Slovak, and even Esperanto.
The trade-off I chose deliberately
Zero-knowledge encryption has a cost: if you lose your vault password, I cannot recover your data. There’s no “reset” that magically decrypts your holdings, because there’s no backdoor. That’s not a bug — it’s the entire point. The same property that locks me out locks out hackers, subpoena-happy data brokers, and anyone who breaches the server.
For me, after seeing my home address in a leaked database, that’s a trade I’ll make every single time.
Try it!
Your portfolio is nobody’s business but yours. If you feel the same way, give coinwatch.space a try — portfolio tracking is free, no email required if you sign in with Nostr, and the Privacy Vault is one click away in settings.
I built the tool I wished existed the day I found my address in someone else’s database. I hope it’s the tool you’ve been looking for too.