Technical Requirements · v1.0

LedgerFlow

Technology stack, API design, data model, code standards, and development practices for LedgerFlow.

Architecture
Microservices + API-first
Code Standards
TypeScript, Python/Java
API Versioning
RESTful v1, v2, v3
Test Coverage
80%+ (unit + integration)
01

Technology Stack

A pragmatic, boring-by-design stack. Financial software rewards reliability over novelty; every choice below is selected for transactional safety and operational maturity.

Frontend

React 18+ with TypeScript

TanStack Query for server-state sync

Tailwind CSS for styling

Vite for bundling

Backend

Python 3.11+ FastAPI OR

Java 17+ Spring Boot 3

OpenAPI 3.0 specification

Pydantic / Jakarta Bean Validation for models

Database

PostgreSQL 13+ (primary)

Redis for cache & sessions

Elasticsearch for search & logs

S3/GCS for file storage

Messaging

RabbitMQ or AWS SQS

Celery (Python) or Quartz (Java)

Event sourcing for audit trail

Deployment

Docker containers

Kubernetes (EKS/GKE)

Terraform for IaC

ArgoCD for GitOps

DevOps

GitHub Actions for CI/CD

SonarQube for code quality

Prometheus + Grafana for monitoring

Vault for secrets

Framework Selection Rationale

02

API Design & Specifications

API-first architecture: the web UI consumes only the public REST API. All integrations, webhooks, and third-party access go through the same API.

REST API Principles

Core Endpoints (Phase 1)

ResourceEndpointMethodsAuth
Companies/api/v1/companiesGET, POST, PUT, DELETEUser + Tenant
Ledgers/api/v1/ledgersGET, POST, PUT, DELETEUser + Company
Vouchers/api/v1/vouchersGET, POST, PUT, DELETEUser + Company
Voucher Lines/api/v1/vouchers/{id}/entriesGET, POST, DELETEUser + Company
Reports/api/v1/reports/{type}GETUser + Company
Parties/api/v1/partiesGET, POST, PUT, DELETEUser + Company
Audit Log/api/v1/audit-logGETUser + Admin

OpenAPI Specification

Error Handling

Request Example

POST /api/v1/vouchers — Create a voucher with double-entry validation. Request must include date, type, narration, and entries array with balanced debits/credits. API responds with 201 and created voucher object including auto-assigned ID and number.

03

Data Model & Database Schema

The core is a classic double-entry schema. A Voucher is a header; its Entries (lines) each reference a Ledger and carry a debit or credit amount that must net to zero.

Key Entities

EntityPurposeKey Fields
TenantCustomer account; row-level isolationid, name, plan, created_at
CompanyAccounting book; child of tenantid, tenant_id, name, fy_start, base_currency
GroupLedger classification (tree)id, company_id, name, parent_id, category (Asset, Liability, etc.)
LedgerIndividual accountid, company_id, group_id, name, opening_balance, type
VoucherAccounting documentid, company_id, type, number, date, narration, status (draft/posted)
Voucher EntryLine in a voucher (debit or credit)id, voucher_id, ledger_id, amount, type (dr/cr), narration
PartyCustomer or vendorid, company_id, name, type, credit_limit, payment_terms
Bill ReferenceOutstanding trackingid, company_id, party_id, bill_number, bill_date, outstanding_amount
Audit LogImmutable change logid, company_id, entity_type, entity_id, action, user_id, old_values, new_values, timestamp

Double-Entry Invariant

Database Constraint

Each voucher enforces at the database level:

CHECK (SELECT COALESCE(SUM(CASE WHEN type='DR' THEN amount ELSE 0 END), 0) = COALESCE(SUM(CASE WHEN type='CR' THEN amount ELSE 0 END), 0) FROM voucher_entry WHERE voucher_id = NEW.id)

This prevents any code path (bug or malice) from posting an unbalanced voucher. Application-level validation rejects before insert; database constraint is the final gate.

Indexing Strategy

JSON Columns (for Flexibility)

04

Code Standards & Best Practices

Language-Specific Guidelines

Repository Structure

Testing Strategy

TypeToolCoverageTarget
UnitJest (TS), pytest (Python)Per function/module80%+
IntegrationJest + supertest, pytestAPI endpoints + DB70%+
E2ECypress, PlaywrightFull user workflowsCritical paths
Loadk6, JMeterPerformance targetsPre-release

Code Review & Quality Gates

Documentation

05

Performance & Optimization

Query Optimization

API Performance Targets

Frontend Performance

Resource Monitoring

06

Security Implementation

Authentication & Authorization

Data Protection

Secrets Management

Vulnerability Management

07

Deployment & CI/CD

CI/CD Pipeline (GitHub Actions)

Deployment Process

Infrastructure as Code

08

Monitoring & Observability

Metrics (Prometheus)

Logging (ELK Stack or Datadog)

Tracing (Jaeger/X-Ray)

Alerting Rules