Security & privacy
Your network is the trust boundary
Prest intentionally has no authentication. That keeps the stage connection direct, but it means network access grants control access.
Safe and unsafe networks
Use
A band-owned router or personal hotspot whose connected devices you control.
Do not use
Public Wi-Fi, shared venue Wi-Fi, guest networks, or any network where untrusted devices can reach the host.
Anyone who can reach Prest can control transport and open projects. There is no login prompt, user role, or approval step.
Data and connections
- NetworkThe default runtime serves HTTP and WebSocket traffic on the local network without transport encryption.
- Browser storageProject-source configuration, view preferences, onboarding state, and current performance selections use browser local storage.
- BackupsExported `.rpbak` files contain the Prest song and setlist catalog.
- TelemetryNo product analytics, telemetry, tracking, account, or cloud synchronization code was found in the inspected source.
Threat boundary
Outside: the internet, public venue networks, and untrusted clients. Boundary: the private router or hotspot. Inside: the DAW host, Prest runtime, and approved browser devices.
Report a vulnerability
A vulnerability-reporting address or security policy has not been published. This blocks public launch; the site will add the verified route here when the owner supplies it.