# SSDIWorkflow Security and UI Review

## Completed

- Created a separate `ssdiworkflow` project folder from the SSDISalaryGuard source.
- Renamed app identity, manifest, service-worker cache, export names, shortcut docs, command files, and browser storage keys to SSDIWorkflow.
- Removed the copied SSDISalaryGuard deployment zip from the new project to avoid deploying the old app by mistake.
- Rebuilt `dist` from the renamed SSDIWorkflow source.
- Reduced the phone UI to a shorter Today flow: Start, Stop, date/time, gross pay, miles, notes, Save.
- Consolidated optional work type, expenses, time split, tax details, proof checklist, benefit warnings, checklist, and shortcut setup into collapsible sections.
- Reduced bottom navigation to five plain tabs: Today, Entries, Import, Proof, Export.
- Added stronger deployment headers: CSP, frame blocking, no content sniffing, referrer policy, and camera/microphone/geolocation denial.
- Added import/backup file size checks to reduce accidental large-file lockups.
- Escaped restored or imported text before rendering it into HTML, including IDs used in button attributes.
- Added a passphrase-protected encrypted vault using WebCrypto PBKDF2-SHA256 and AES-GCM.
- Added an app lock screen that blocks use until the vault is unlocked or created.
- Migrates old local plaintext SSDIWorkflow records into the encrypted vault after creating the lock, then removes the plaintext keys.
- Added privacy mode to blur dollar amounts, mileage, notes, review text, and entry details.
- Added a monthly backup reminder and “Backup now” shortcut in the Export tab.

## Security and Privacy Recommendations

- Keep the passphrase private and memorable. If it is lost, encrypted records cannot be recovered from this app alone.
- Keep all evidence files in iCloud/Files or another trusted storage location; this app only records file names/paths and does not safely store original evidence files.
- Export CSV and JSON monthly, then store backups somewhere private. Backup JSON is readable by whoever has the file.
- Before publishing, confirm the final Cloudflare Pages domain and update Shortcut URLs from the placeholder `ssdiworkflow.pages.dev` if needed.
- Review SSA/SSI thresholds every year. The app currently includes 2026 values and should not be treated as legal or benefits advice.
- If multi-device sync is desired later, do not add a database until encryption, authentication, access logs, and deletion/export controls are designed.

## Verification

- Ran JavaScript syntax checks for `app.js` and `server.mjs`.
- Ran import estimator, preflight, and SSA/SSI policy tests.
- Rebuilt `dist`.
- Browser visual verification was attempted, but the in-app browser blocked both local server and local file URLs in this session.