Everything you need. Nothing you don't.
A focused toolkit for small teams that need dependable timekeeping without the bloat of enterprise software.
Independent timekeeping
Server-authoritative timers, breaks, revisions, and approvals continue working through every PA outage. Your time data never stops being captured.
Reliable synchronization
Durable queues, idempotency keys, signed webhooks, reconciliation, and visible conflicts protect every integration event when you connect Project Alpha.
Financially controlled
Administrator approval freezes duration, rate, amount, currency, and revision before records leave AlphaLedger. No silent changes to financial data.
Layered security
TOTP for admins, AES-256-GCM for credentials, CSRF on every mutation, rate-limited login, session rotation, and HMAC-SHA256 webhooks.
Employee pay
Pay rate hierarchy, billable and non-billable tracking, and is_payable decoupled from billable so non-billable time can still be employee pay.
Reports and exports
PDF and CSV exports, dashboard charts rendered from your own data. No third-party analytics or charting service. Your data stays yours.
Layered controls by default
A PA outage, duplicate event, employee account, or database-only disclosure cannot silently alter financial records.
Session security
SHA-256 hashed session tokens in MySQL. Rotation at login and TOTP enrollment. 15-minute idle timeout, 8-hour absolute (7-day remember-me). HttpOnly, SameSite=Strict, Secure cookies.
Admin TOTP required
Administrators must enroll TOTP. Integration enablement requires password plus TOTP reauthentication. Recovery key shown once, stored outside the host.
AES-256-GCM encryption
PA credentials encrypted with a 256-bit key generated atomically in the data volume. Key never stored in MySQL or committed. Recovery key for volume loss.
HMAC-SHA256 webhooks
Signed webhooks with 5-minute replay window. Durable storage and event-ID deduplication. Incoming events stored before processing.
CSRF and rate limiting
Symfony CSRF tokens on every browser mutation. Login attempts rate-limited by hashed IP and email bucket. Role and ownership checks on every operation.
Hardened deployment
Security headers deny framing, MIME sniffing, unneeded capabilities. HSTS with subdomains. Containers run as unprivileged www-data user.
Standalone now. Connected later.
AlphaLedger works perfectly on its own. When you're ready, connect Project Alpha for billing, invoicing, and client management.
Phase 1: Standalone
Run AlphaLedger independently for time tracking, approvals, and employee pay. No PA required.
- Clock in / out / breaks
- Admin review and approval
- Pay calculation and freezing
- PDF and CSV reports
- Employee and project management
Phase 2: Connect PA
When ready, supply PA URL and token, reauthenticate with TOTP, and map projects and employees. AL backfills history and syncs going forward.
- Durable transactional outbox
- Project and employee mapping
- Idempotent event delivery
- Reconciliation every 6 hours
- Operational ledger mirroring
Ownership boundaries
AL owns time, breaks, pay rates, approvals. PA owns clients, billing, invoices, payment status. Neither silently overwrites the other.
Visible conflicts
Foreign-owned conflicts are recorded with timestamps. No silent winner selection. Admin resolves explicitly.
Graceful degradation
When PA is unreachable, AL queues pushes, uses cached data, and never blocks clock in / out. Timekeeping always works.
See how to deploy AlphaLedger
Self-hosted, source-available, and ready for your infrastructure.