Automated Time Tracking. Tamper-Resistant Proof.
A highly precise, offline-first Windows time tracker backed by monotonic verification, cryptographic block mapping, and custom billing automation.
Interactive App Simulation
Minimalist Design. Comprehensive Scope.
Second-Level Precision
Monitors window switches in real time. Automatically logs focus duration and pauses tracking immediately when mouse or keyboard input drops.
Visual Charts Dashboard
Custom animated real-time PyQt6 Donut and Bar charts, rendering beautiful breakdown segments and historical range-filtered categories.
Premium HTML Invoicing
Generates beautiful client-ready invoices via customizable HTML templates, built-in print CSS styles, instant browser A4 PDF printing, multi-email chip inputs, user privacy masking, and base64 QR codes.
Earnings Calculator
Assign professional rates and dynamic billing currencies. TrueHour tracks accumulated session revenue on verified billable windows only.
Smart Exclusion System
Filters background system routines silently out of your workspace logs. Supports simple user-defined exclusions and name overrides.
Anti-Tamper Proofs
Utilizes independent system clock queries and cryptographic proof blocks to detect local time adjustments and protect metrics.
Crash Recovery Vault
Ensures complete session persistence by executing automated 10-second updates to local failover folders for instant crash recovery.
Premium HTML Reports
Converts tracked session histories into premium, glassmorphic HTML dashboards or clean standalone text summaries, ready for beautiful browser-based printing.
Cryptographic Time Ledger
Hardware Monotonic Verification
Leverages system-level monotonic clock ticks to measure actual elapsed time, rendering local timezone or calendar date adjustments useless.
Asynchronous Network Sync
Compares system timestamps against global UTC NTP pools dynamically in the background to catch unauthorized clock offsets.
Linked Block SHA-256 Chain
Structures every recorded switch as a cryptographically linked ledger block. Deleting or modifying entries invalidates the parent block signature.
Continuous Trust Evaluation
Aggregates anomalous clock actions into an overall session integrity index, automatically outputting trust flags for audits.
| Cheating Vector | TrueHour Mitigation | Status |
|---|---|---|
| Adjusting local clock backward | Monotonic timeline check | Blocked |
| Adjusting local clock forward | Background NTP delta checks | Blocked |
| Altering stored log values | SHA-256 cryptographic chain | Blocked |
| Modifying time zones | Global UTC verification | Blocked |
| Virtual Machine time tricks | Synchronized delta logging | Blocked |
from secure_time import get_detector, reset_detector
# Start tracking verification session
reset_detector()
detector = get_detector()
detector.start_session()
# Log active application switch event
result = detector.validate_and_record("VS Code", 120.0)
print(result["integrity_status"]) # Outputs: VALID, SUSPICIOUS, or TAMPER_DETECTED
# Generate final session cryptographic report
report = detector.end_session()
print(f"Session Integrity Level: {detector.get_trust_level()}")
print(f"Chain Intact: {detector.verify_chain_integrity()}")
Windows (CMD / PowerShell)
# Clone repository and access directory git clone https://github.com/yourusername/TrueHour.git cd TrueHour # Install application requirements pip install PyQt6 pywin32 psutil Pillow # Launch tracker script run.bat
macOS (Terminal)
# Clone repository and access directory git clone https://github.com/yourusername/TrueHour.git cd TrueHour # Install macOS requirements pip install PyQt6 pyobjc-framework-AppKit psutil Pillow # Grant executable permission and run shell launcher chmod +x run.sh ./run.sh
Windows (.exe)
# Install compilation tools pip install pyinstaller # Run automated assembly script (with telemetry ON) build_official.bat # Resulting binary is generated in root: # .\TrueHours.exe
macOS (.app Bundle)
# Install compilation tools pip install pyinstaller # Grant executable permission and run build script (with telemetry ON) chmod +x build.sh ./build.sh # Standalone double-clickable app bundle is generated in root: # ./TrueHours.app
- Three-Theme UI & Stylesheet Caching: Upgraded the interface to support three selectable themes ("Light", "Modern Dark", "Classic Dark") via a dropdown selector in the Settings dialog, with caching of QSS stylesheets and optimized theme application.
- Encrypted Profile Backups: Added password-protected encrypted backup support for settings and banking details, utilizing PBKDF2HMAC (100,000 iterations) for secure password key derivation while maintaining compatibility for legacy backups.
- Asynchronous Startup Optimization: Deferred heavy startup tasks, including database initialization and auto-exclusions loading, and added non-blocking incremental icon loading to eliminate UI freezes on application launch.
- Unit Test Coverage & Refactoring: Converted cryptography tests to standard `unittest.TestCase` and added tests specifically verifying PBKDF2 and SHA-256 legacy fallback validation.
- App-Specific Distraction Auto-Pause: Automatically pauses tracking when switching to a designated distracting application (e.g. Chrome, games, Spotify) and auto-resumes when returning to a productive task.
- App List Context Menu: Right-click any application in the live tracking list to quickly mark or unmark it as distracting.
- Manage Distraction Apps: Added a dedicated checklist dialog in Settings to manage, search, and manually add custom application executables.
- Dynamic Build Naming: Updated the unofficial build script to query both version and build number from `version.py` and programmatically construct the output filename at compile time.
- Priority Counted Time View: Swapped the primary display elements: the big main UI clock now displays the productive Counted Work Time (`00:00:00`), while the bottom footer displays the overall Total Session Time.
- Retroactive Idle Deduction: Integrated smart idle auto-pause math. The moment the idle threshold is reached, the inactive period is retroactively deducted from both the active foreground application's tracked time and the overall session duration.
- Process-Level Self-Exclusion: TrueHour now detects its own Process ID (PID) on both Windows and macOS and automatically marks itself as ignored, preventing tracking active window updates inside itself.
- Update Channel & Notification Label: Replaced the static footer version label with a fade-in/fade-out animated update label that alerts users when a newer release is available.
- Channel-Aware Update Checking: Built an asynchronous background updater that supports semantic versioning (SemVer) and release channel ranking (Alpha, Beta, RC, Stable).
- App List Layout & Elision Fix: Re-engineered the application usage rows with a custom ElidedLabel that automatically truncates long process titles using ellipsis (...).
- Dynamic Build Naming: Upgraded the pre-release build script to dynamically parse the version string directly from `version.py` at compile-time and name the output executable to match.
TrueHour v3.3.2
Our latest stable release featuring a new Three-Theme selector (Light, Modern Dark, Classic Dark), secure password-encrypted profile backups utilizing PBKDF2HMAC, asynchronous startup optimizations to eliminate launch freezes, and expanded unit test coverage.
Key v3.3.2 Highlights
- Three-Theme UI & Stylesheet Caching: Custom dropdown theme selector with cached stylesheets.
- Encrypted Profile Backups: High-security PBKDF2HMAC password-protected backups.
- Asynchronous Startup Optimization: Deferred initialization and non-blocking icon loads.
Common Questions & Security Details
Is my data kept private and stored locally?
- 100% Local Storage: All session records and tracked timelines are saved locally inside your user profile directory (
%APPDATA%/TrueHour/sessions/*.json). - Self-Contained Files: Logos, QR codes, and settings are preserved in local directories on-disk.
- No Cloud Uplink: We do not upload your tracking data, activities, or invoices to any database. Any telemetry is restricted to anonymous, diagnostic usage events and can be disabled completely at build time.
How does the billing and bank details security work?
- At-Rest Encryption: Your bank holder, routing numbers, account numbers, and SWIFT codes are encrypted before being written to disk in
app_settings.json. - Machine-Bound Key: Encryption keys are dynamically derived from a combination of your local user ID and hardware environment variables (like
COMPUTERNAME). This SHA-256 key binding makes the configuration file unreadable if transferred to a different computer. - Local Cipher: Uses XOR base64-encoded ciphers locally, guaranteeing that no plaintext banking data is left readable in standard text editors.
What happens if I copy settings or restore a backup on another computer?
- Direct Settings Copy: Copying raw configuration files directly to another PC will load general preferences, but banking fields will silently clear since the original machine key will not match the new device.
- Standard Backup: Creating a standard backup strips banking credentials completely, ensuring no sensitive data is exported. Other settings (categories, logs) import seamlessly.
- Encrypted Backup: Choosing the encrypted backup option prompts you to set a password. This encrypts banking data using a portable key, allowing secure transfer and restoration on any other computer running TrueHour.
Can I mask sensitive contact details on generated invoices?
- Email Masking: Replaces local parts beyond 2 characters and domains with asterisks (e.g.,
neil@gmail.combecomesne**@*****.com). - Phone Masking: Hides the last 7 digits of your business contact numbers while retaining international code formats (e.g.,
+1 (555) 123-4567becomes+1 (555) ***-****). - Granular Control: Masking options can be activated globally in Settings or toggled on/off individually for specific exports using the invoice generation wizard.
What is Monotonic Time Verification?
PolyForm Noncommercial 1.0.0 License
TrueHour is licensed under the terms of the PolyForm Noncommercial 1.0.0 License. You are permitted to use, modify, and redistribute this software for personal and non-commercial purposes. Commercial use or resale is strictly prohibited without obtaining prior written permission or a custom commercial license.
Permitted Actions
Copy, modify, run, and distribute the source code for personal, academic, research, or other private non-commercial requirements.
Prohibited Actions
Any use of the software by a business, for business purposes, commercial services, resale, or monetary compensation without licensing.