Skip to main content

EP-MEL-10 — Offline-First Desktop with Sync Engine

Companion: Backlog README · EPICS.md · canonical: 07-epics-and-user-stories.md §12

Summary

WaveR1
PriorityP0
Primary ownerbff-backoffice-service (orchestration) + every domain service (per-aggregate sync)
Participating servicesreservation-service, inventory-service, pricing-service, payment-gateway-service, billing-service, lock-integration-service, housekeeping-service, maintenance-service, ai-orchestrator-service (edge)
Journeys realisedJ-19 (12-hour outage), J-20 (Reconnect & reconcile)
WorkflowsWF-09
Frontend surfacesElectron Desktop
Story count9

Outcome

The desktop app survives multi-hour internet outages with zero monetary loss: an encrypted local SQLite store backs every read; an outbox queue serialises every write; pull-with-cursor + push-with-idempotency reconciliation runs continuously; conflict resolution policies are explicit per aggregate; the sync status pill is always visible.

Cross-cutting AC for this epic

  • SQLCipher encryption with key in OS keychain; never stored in cleartext.
  • Outbox is FIFO per aggregate; backoff with jitter; max-attempt → DLQ + alert.
  • Edge AI inference (ONNX Runtime Node) used for offline anomaly detection.
  • Conflict resolution policies documented per aggregate (last-write-wins, merge-three-way, manual-resolve).

Stories

IDTitle
US-MEL-0082Local SQLite store with SQLCipher encryption
US-MEL-0083Sync pull with cursor + delta
US-MEL-0084Sync push with idempotency
US-MEL-0085Per-aggregate conflict resolution policy
US-MEL-0086Outbox flusher with FIFO ordering and backoff
US-MEL-0087Sync status pill always visible
US-MEL-0088Edge AI inference via ONNX Runtime Node
US-MEL-0089Bandwidth-aware sync throttle
US-MEL-0090Migration runner for SQLite schema

Full AC in ../07-epics-and-user-stories.md §12.

Cross-references