Hello there. During this week I was working on my personal budget tracking application by using Claude Code to develop it. I developed web SaaS application with end-to-end encryption to ensure high security for my data and then realized that this is not what I need in the era of AI and hacker attacks.

Before I will dive deeper in the final decision of personal applications development let me provide some context.

Budget Tracking Application

Loading...I want to track my finances and previously I was using Google Sheets to do it but the UX wasn’t so good for me. An one year ago I developed Telegram Bot for myself with tracking finances and it worked very well until I realized that it is under a constant hackers attack and it’s a question of time when hackers will hack my Telegram Bot and my financial information will be leaked. So I disabled bot and stopped tracking financial information for some time.

But 2 weeks ago when I bought 100 USD subscription for Claude Code I decided to fix this situation and build secure budget tracking application for myself. With power of AI I mitigated security issues by saving only encrypted data at backend and enabling end-to-end encryption where frontend used user secret key and decryption encrypted data from the backend. Loading... So even if my backend will be compromised and encrypted data will be available on hacker’s forums, I will be safe because it’s protected with end-to-end encryption. Also I applied my DDD knowledge which simplified application testing and allowed to cover it fully with unit and E2E tests. So again I was happy and confident that application is secure and works correctly.

After running tests I decided to configure GitHub workflows to enable CI/CD and automatically release application if build is successful. I did it and it allowed me to vibe code budget application from the Claude Code mobile application by simply push code to GitHub.

I started thinking what features I need for tracking my budget application during next Docker build process which was very fast because I used Go to build an backend and Svelte for frontend… And I was freezed at an one moment. Why do I need enterprise infrastructure for my personal budget tracking application???

Complexity of Personal Applications

Loading...
So just for tracking my personal finances I need to build a lot of non-functional requirements:

• Security - I need to have a proper user authorization and access control to REST endpoints and cover it with tests
• Monitoring - I need to have a proper monitoring to detect hackers attacks on my server.
• CI/CD - I need to configure automatic deployment after tests if I want to simplify my life.
• Hetzner - I need to manage infrastructure to host my application.
• Postgres - I need to self-manage Postgres in Hetzner to store data somewhere (I used SQLite previously but decided to move to Postgres, but it’s another story).
• Features - features of an application which is a core value has limited attention due to previous points.

And this is only for 1 user - me. I just applied my best skills to build distributed systems at the indie personal applications development and it became another enterprise application with it’s own pros and cons. I did it many times in the past during development applications for myself because I used my skills of backend development. But with Claude Code I decided that it’s enough from me and I will change it.

New approach of Personal Applications development

It’s all clear with a complexity of client-server applications non-functional requirements. But if I will build a mobile application I will focus solely on features which is a main value for me: Loading... And I can get rid of:

• Postgres - I will use SQLite inside iOS.
• CI/CD - I can use my laptop and manually deploy an application to my mobile phone.
• Hetzner - no hosting.
• Monitoring - no monitoring.
• Security - I will use FaceID supplied by my mobile phone.
• Features - I can focus in features with 100% efforts.

There is only one problem - I’m backend engineer, not mobile one. I did mobile development for Android in 2018 last time, not for iOS which I have currently. It could be a blocker for this idea of mobile application development if not Vibe Coding. But today everything is changed I can use Claude Code and build mobile application even if I don’t know Swift or specifics of mobile development. But I know backend development and I have a good knowledge about software engineering in general. So I opened Claude Code and told him to migrate my client-server application to iOS mobile application. And it worked! The story of this mobile application will be published in the separate article. Today I want to focus only on the development side.

Cybersecurity for Personal Applications

Cybersecurity matters because servers are constantly under an attack and for client-server traditional application it’s crucial to have:

• Authentication - to allow only me to use an application.
• Monitoring - to detect hacker’s attack and react on it.

And it’s completely not so simple to build these two points. Of course I built it and even ran security audit with Claude Code but I’m human and I can make a mistake, even my authentication tests developed by Claude Code may didn’t cover something which I missed on a review. And price of this mistake will be data leak or compromised server. In cybersecurity questions it’s better don’t trust nobody and test but even testing doesn’t guarantee that application is correct.

That’s why having client-server application is always a risk, especially if it’s available in the public Internet and not under VPN. One question is when you are developing backend at the full time job where you have 8 hours per day to do your work and a cybersecurity team which will run their own audit during your development.

And it’s a completely another question of cybersecurity when you are engineer who builds a software for yourself during 1-2 hours per day before a work. You simply don’t have enough resources to ensure that security will work at the proper level because security is really hard.

That’s why I firstly tried to use end-to-end encryption to make my data secure even if my server will be compromised and secondly I realized that I don’t want to deal with server compromise at all.

And mobile applications eliminates these cybersecurity risks because they are running on my personal device and hackers can’t use automated bot to try to hack my device as it was with my backend. Instead hackers need to focus solely on my device to hack data of my application but if this will be true then my personal application data is not the biggest concern :)

Conclusions

Vibe Coding enables for engineers to build applications in areas which were unkown previously. I still can apply my skills of software engineering in mobile development while I don’t know Swift or details of iOS application development. Claude Code assists me there and I can focus solely on application features.

Also cybersecurity which makes risks of running personal applications is eliminated in mobile applications. Because again personal applications are not commercial ones and their purpose is to serve my personal needs. So here I can fully build them for myself without wasting my efforts for non-functional requirements as it was a case for server side apps.

Thanks for reading! Subscribe on me and check my other stories :)