CLI privacy

The CLI runs a local privacy pass before any trace payload is posted to SellTraces. This is the first privacy boundary for contributor-owned traces. During setup, source selection is local inspection only. The CLI reads selected source stores on the device to count traces and build a project/repository review list. Trace content is not posted until the user approves projects, reviews the upload preview, and confirms the upload checkpoint.

Local upload gates

Before upload, every CLI path applies:
  1. Approved-source filtering.
  2. Project/repository approval filtering.
  3. Blocked-term filtering.
  4. Local PII preflight.
  5. Already-synced filtering.
  6. Duplicate-source and duplicate-content filtering.
  7. Upload chunking.

Local redaction

Current CLI local preflight redacts detected PII and secrets before a trace leaves the machine. A trace is not skipped solely because one of these detector classes fired:
  • detected secrets
  • SSNs and government identifiers
  • payment cards
  • email addresses
  • phone numbers
  • public IP addresses
  • physical-address patterns
  • local home-directory usernames
  • covered trace-level string fields and metadata
The accepted trace carries local preflight metadata in piiScrub.version and piiScrub.findingsCount when redactions are applied. Traces can still be skipped locally for approved-source policy, blocked terms, already-synced content, duplicate content, duplicate source identity, or missing required source identity. Trace length is not a local upload skip reason.

Local retry cache

The CLI stores repeat-sync state in ~/.selltraces/traces.db. The hot ledger keeps hashes, source identity, status, job ids, and preliminary value. A separate trace_payloads retry cache keeps serialized redacted upload payloads only while a trace is pending retry. Successful upload, server reconciliation, or local skip clears the retry payload while preserving ledger proof.

Blocked terms

Blocked terms are case-insensitive and match trace text plus metadata such as:
  • title
  • source id
  • current working directory
  • repository URL
  • source path
  • structured message blocks
If a blocked term only appears in metadata, the trace is still skipped locally.

Server backstop

Server-side ingest still validates, queues, scrubs, deduplicates, scores, and prices traces. The local preflight is the first privacy boundary, not the only one. The server scrub may still reject traces during ingest if it detects content that the server policy treats as unsafe.
Raw uploads and per-trace raw blobs are currently part of server-side retention. Download endpoints stream the derived scrubbed blob, not the raw blob.