Raxx · internal docs

internal · gated ↑ index

APM Vendor Research: Sentry vs Honeybadger

Status: research-only. This document does NOT constitute legal or tax advice. Before acting on any contractual, licensing, or compliance item, consult a technology transactions attorney licensed in your jurisdiction. Last updated: 2026-05-05. Verify pricing and terms freshness before renewal or plan change. Cross-reference: #1106 (APM vendor selection)

Decision Matrix

Dimension	Sentry	Honeybadger	Winner
Free tier	Yes (1 user, 50k errors/mo)	Yes (1 user, 5k errors/mo)	Sentry
Price at ~100k events/mo	~$26/mo (Team)	~$26/mo (Team)	Tie
Price at ~1M events/mo	Overage or upgrade — see §1	Overage at $0.0003/error	Needs scoping
EU data residency	Yes (explicit EU region on GCP)	Yes (US or EU region choice)	Tie
PII scrubbing	Yes (SDK + middleware relay)	Yes (auto + configurable SDK)	Tie
SDK open source	Yes — Apache 2.0	Yes — MIT	Tie
Self-host option	Yes (40+ containers, 16 GB RAM min)	No	Sentry
GDPR DPA	Yes, standard	Yes, standard	Tie
CCPA explicit	Yes (DPA states no sale/sharing)	Not explicitly documented	Sentry
Branding obligation on customer	None (Sentry may list you; opt-out available)	None found	Tie
Securities transaction prohibition	None	HARD BLOCK — see §3	Sentry
Existing Raxx integration	Partial (`sentry_backend` flag, #1106)	None	Sentry

TL;DR

Sentry is the correct choice for Raxx. Honeybadger's Terms of Service contain an explicit, verbatim prohibition on using the service for "software that executes securities transactions" — which is a direct description of Raptor/MQ-A functionality. That prohibition makes Honeybadger a non-starter regardless of any other comparison dimension. Sentry has no equivalent restriction, has an existing partial integration, and is price-competitive at the expected scale.

1. Pricing

Sentry

Source: https://sentry.io/pricing/

Tier	Monthly (annual)	Error limit	Spans (tracing)	Users
Developer	$0	~50k errors	Included	1
Team	$26	50k errors	5M spans	Unlimited
Business	$80	50k errors	5M spans	Unlimited
Enterprise	Custom	Custom	Custom	Unlimited

Overage pricing (Team/Business): errors billed per additional unit beyond quota. Logs/metrics: $0.50/GB. Uptime monitors: $1.00/additional. Cron monitors: $0.78/additional.

Raxx fit: - Year 1 (<100k events/mo): Team tier at $26/mo covers the base 50k; the second 50k would require either a quota bump or overage — confirm exact overage rate for errors directly with Sentry sales (not published as a per-unit number on the public pricing page as of 2026-05-05). - Year 2 (~1M events/mo): Business tier likely insufficient at base quota; expect Enterprise conversation or significant overage. Model this with a CPA before committing to an annual contract.

Honeybadger

Source: https://www.honeybadger.io/plans/

Tier	Monthly (annual)	Error limit	Logging	Users
Developer	$0	5,000 errors/mo	50 MB/day	1
Team	$26	50,000 errors/mo	100 MB/day	Unlimited
Business	$80	50,000 errors/mo	100 MB/day	Unlimited

Overage: continues processing to 125% of quota, then halts. Optional billing at $0.0003/error (Team) or $0.0006/error (Business) beyond quota.

Note: Honeybadger bundles uptime monitoring, status pages, and logging in all tiers — Sentry charges for these separately. At equivalent error volume the bundle value is real, but this is irrelevant given the ToS prohibition below.

2. Privacy Posture / Data Residency

Sentry

Sources: - https://sentry.io/trust/privacy/ - https://sentry.io/privacy/ (Privacy Policy 3.3.2, October 29, 2025) - https://sentry.io/legal/

Hosting: Google Cloud Platform. US default; explicit EU region available (data stays in Germany/EU).
PII scrubbing: SDK-level data scrubbing tools + a standalone relay middleware that intercepts and scrubs before transmission to Sentry's ingestion endpoint. Both are configurable.
GDPR: Self-certified EU-U.S. Data Privacy Framework, UK Extension, Swiss-U.S. Framework. Standard Contractual Clauses available as fallback. DPA is standard.
CCPA: DPA explicitly states Sentry does not "sell" or "share" personal data under CCPA definitions.
Encryption: All data at rest encrypted by default on GCP. HIPAA-eligible configuration available.

Raxx implications: US launch with EU expansion in roadmap — Sentry's explicit EU region satisfies data residency needs. PII scrubbing options give the operator control over what event payloads reach Sentry's servers (relevant for any user-PII that might appear in stack traces or breadcrumbs).

Honeybadger

Sources: - https://www.honeybadger.io/security/ - https://www.honeybadger.io/gdpr/ - https://www.honeybadger.io/terms/data-processing-addendum/

Hosting: Multi-region; US or EU region choice available.
PII scrubbing: Auto-scrubs passwords, tokens, credit card numbers by default. SDK is open-source (MIT), so payload filtering is fully inspectable.
GDPR: Standard DPA, SCCs, subprocessor list published.
CCPA: Not explicitly documented on the public security/privacy pages as of 2026-05-05. Unsourced — confirm with Honeybadger directly if ever reconsidered.
SOC 2: Type II certified.

Raxx implications: Privacy posture is comparable to Sentry. Moot given ToS prohibition.

3. License + Terms — CRITICAL FLAG

Sentry ToS

Source: https://sentry.io/terms/ (Terms of Service 3.0.0, February 12, 2024)

Data ownership: Customer retains all IP rights in Service Data. Sentry receives a non-exclusive license to process/store/transmit solely to provide the service.
Indemnification: Customer indemnifies Sentry for third-party claims arising from Service Data or customer's breach. Standard commercial SaaS posture.
Branding: Sentry may list customer name in promotional materials / case studies. Customer may opt out in writing at any time. No affirmative obligation on customer to display Sentry branding.
Termination: Either party, material breach + 30-day cure. Customer cancels via account settings before renewal. Fees for current term remain owed.
Data export: Customer may export or delete Service Data during the subscription period using built-in tools. Post-termination, Sentry deletes on standard schedule (exact schedule not published inline — confirm in DPA).
Competitive use: Customer may not use the service to develop a competing product, or reverse-engineer. Standard.
Liability cap: 12 months of fees paid.
Securities prohibition: None found.

Honeybadger ToS — STOP

Source: https://www.honeybadger.io/terms/

Verbatim restriction, Usage Restrictions section:

"You may not use the Site to create, support, or work on software that executes securities transactions, makes medical diagnoses, or is involved in manufacturing or process control."

This prohibition applies directly to Raptor (order execution layer) and MQ-A (algo layer). Using Honeybadger to monitor a platform that executes securities transactions would be a plain-language violation of this clause.

Additional terms concerns: - Termination: Honeybadger may terminate "at any time, without notice" and "in its sole discretion." No cure period. - Data export: No data portability provisions on termination. Risk of data loss on sudden termination. - Liability cap: Full disclaimer — "as is," no consequential damages, remedy is to stop using the service. - Data ownership language: Grants Honeybadger broad rights to "copy, distribute, transmit, publicly display" customer submissions — language is broader than Sentry's narrower processing-only grant.

Bottom line: Honeybadger is contractually incompatible with Raxx's core function. This is not a gray-area interpretation. Flag for attorney review before any trial account is created with production data.

4. Lock-In Risk

Sentry

SDKs: Apache 2.0 open source on GitHub. Client libraries for Python, JavaScript, and all other Raxx-relevant runtimes.
Self-host: sentry/self-hosted repo exists and is maintained. However, the self-hosted stack requires 40+ containers and 16 GB RAM minimum — not practical for a small pre-launch team. Relevant as an escape valve, not a day-1 option.
Protocol: Sentry's ingestion protocol is widely adopted. Several alternatives (GlitchTip, Glitchtip-compatible tools) accept the same DSN/envelope format — switching is a DSN swap, not a code rewrite.
API key rotation: Keyed ingest DSN lives in Infisical, rotates via Velvet. No special concern.

Honeybadger

SDKs: MIT open source on GitHub.
SaaS-only: No self-host option.
Protocol: Honeybadger uses its own ingestion format; migration away requires SDK swap (not just a DSN change). Higher switching cost than Sentry.
Moot given ToS.

5. Fit With Raxx Posture

Factor	Assessment
Existing `sentry_backend` flag	Partial integration already merged — switching to Honeybadger would require rework with no benefit
Vendor name is internal-only	APM vendor is not customer-facing; `feedback_no_backend_branding.md` rule does not apply
API key in Infisical + Velvet rotation	Both vendors support keyed DSN ingest; no friction
EU expansion roadmap	Sentry EU region satisfies future data residency requirement
Securities ToS prohibition	Honeybadger is contractually prohibited for Raxx's use case

Recommendation

Continue with Sentry. The operator's existing lean is correct, and it is reinforced by a hard contractual blocker on the alternative. Sentry has no equivalent prohibition, has an existing partial integration, offers comparable pricing, better CCPA documentation, and an EU data residency option for the expansion roadmap.

Go Honeybadger if: You are monitoring a product with zero order-execution functionality and want bundled uptime + status pages at the same price point. Not applicable to Raxx.

Timing / Deadlines

None immediate. If the operator signs an annual Sentry contract, lock in at the Team tier ($26/mo) and set a calendar reminder to evaluate quota headroom at month 8 before auto-renewal.
If any Honeybadger trial or test account was created with production data, consult a technology transactions attorney about the ToS exposure before continuing use.

Questions for Attorney

Does the Honeybadger ToS securities-transaction prohibition create any liability exposure for any past or current use of a Honeybadger account for Raxx development? (Relevant even for a test/dev account if Raptor or MQ-A code was monitored.)
Sentry's ToS allows them to list Raxx in promotional materials. Is the standard written opt-out sufficient, or should this be addressed in a negotiated addendum given Raxx's pre-launch stealth posture?
Sentry's post-termination data deletion policy references "standard schedule and procedures" — the specific retention window is not in the public ToS. Request the DPA or a Data Retention Addendum before signing an annual contract to confirm the deletion timeline.
Sentry's indemnification clause is mutual in structure but the customer bears primary defense obligations for Service Data claims. Flag for review if Raxx event payloads could contain third-party PII (e.g., brokerage account identifiers captured in stack traces).

Recommended professional: Technology transactions attorney (not a general business attorney — this is a SaaS vendor contract review).

Sources

Sentry pricing: https://sentry.io/pricing/
Sentry Terms of Service 3.0.0 (2024-02-12): https://sentry.io/terms/
Sentry Privacy / Trust page: https://sentry.io/trust/privacy/
Sentry Privacy Policy 3.3.2 (2025-10-29): https://sentry.io/privacy/
Sentry GDPR best practices: https://sentry.io/trust/privacy/gdpr-best-practices/
Sentry Legal index: https://sentry.io/legal/
Honeybadger plans/pricing: https://www.honeybadger.io/plans/
Honeybadger Terms of Service: https://www.honeybadger.io/terms/
Honeybadger Privacy Statement: https://www.honeybadger.io/privacy/
Honeybadger GDPR page: https://www.honeybadger.io/gdpr/
Honeybadger DPA: https://www.honeybadger.io/terms/data-processing-addendum/
Honeybadger Security page: https://www.honeybadger.io/security/
Honeybadger vs Sentry (vendor comparison, Honeybadger authored): https://www.honeybadger.io/vs/sentry/

Auto-generated from docs/ in raxx-app/TradeMasterAPI. Gated behind Cloudflare Access. Re-deployed on every push to main.