If someone can edit the database, what stops them from turning off the triggers, should they exist, making the edits, then turning them back on? It strikes me that you could compile your own version of the SQLite library with the [SQLITE_FILE_HEADER value changed](https://sqlite.org/cgi/src/file?name=src%2FbtreeInt.h&ln=236). Then only your application can open or modify the database, so you could simply have flags in your database to protect content from being edited in your application. Well, of course, it's still trivial for someone in the know to modify the database binary using a hex editor, then change the file using the tool of their choice, and revert the header so your application will read it. The truth is much more nuanced than this. "The clever jackass" is often perfectly capable of opening a file, and changing all occurrences of "should" to "won't " and leaving something that isn't changed in size, but conveys different meanings. Sometimes they'll also go to surprising lengths to just break the protection for no real gain. You're at the bottom rung of a game of cat and mouse that others have played for various reasons, on there are no simple solutions that will handle all attack vectors.