mikkel/felt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: apply requirements feedback (8 items — late reg, balancing confirm, sync templates, PIN rate limit, backup/recovery, display memory, CMS scope)

Browse source
This commit is contained in:
Mikkel Georgsen 2026-02-28 16:08:56 +01:00
parent b5b799cbc8
commit 19a66014e8
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
.planning/REQUIREMENTS.md
View file

@ -26,6 +26,8 @@ Requirements for Phase 1 (Development Focus: Live Tournament Management). Each m
- [ ] **ARCH-06**: SvelteKit frontend embedded in Go binary via `//go:embed` for single-binary deployment - [ ] **ARCH-06**: SvelteKit frontend embedded in Go binary via `//go:embed` for single-binary deployment
- [ ] **ARCH-07**: Leaf is sovereign — all tournament logic runs locally, cloud is never required for operation - [ ] **ARCH-07**: Leaf is sovereign — all tournament logic runs locally, cloud is never required for operation
- [ ] **ARCH-08**: Append-only audit trail for every state-changing action (operator, action, target, previous/new state, timestamp) - [ ] **ARCH-08**: Append-only audit trail for every state-changing action (operator, action, target, previous/new state, timestamp)
- [ ] **ARCH-09**: Automated daily backup of LibSQL database to USB or cloud, with documented recovery procedure
- [ ] **ARCH-10**: Leaf must recover cleanly from hard power-cycle during active tournament (verified by chaos testing)
### Tournament Clock ### Tournament Clock
@ -59,7 +61,7 @@ Requirements for Phase 1 (Development Focus: Live Tournament Management). Each m
- [ ] **FIN-01**: Buy-in configuration (amount, starting chips, per-player rake, fixed rake, house contribution, bounty cost, points) - [ ] **FIN-01**: Buy-in configuration (amount, starting chips, per-player rake, fixed rake, house contribution, bounty cost, points)
- [ ] **FIN-02**: Multiple rake categories (staff fund, league fund, house) - [ ] **FIN-02**: Multiple rake categories (staff fund, league fund, house)
- [ ] **FIN-03**: Late registration cutoff (by level or time) - [ ] **FIN-03**: Late registration cutoff (by level, by time, or by level AND remaining time — e.g., "end of Level 6 or first 90 minutes, whichever comes first")
- [ ] **FIN-04**: Re-entry support (distinct from rebuy — new entry after busting) - [ ] **FIN-04**: Re-entry support (distinct from rebuy — new entry after busting)
- [ ] **FIN-05**: Rebuy configuration (cost, chips, rake, points, limits, level/time cutoff, chip threshold) - [ ] **FIN-05**: Rebuy configuration (cost, chips, rake, points, limits, level/time cutoff, chip threshold)
- [ ] **FIN-06**: Add-on configuration (cost, chips, rake, points, availability window) - [ ] **FIN-06**: Add-on configuration (cost, chips, rake, points, availability window)
@ -88,7 +90,7 @@ Requirements for Phase 1 (Development Focus: Live Tournament Management). Each m
- [ ] **SEAT-02**: Table blueprints (save venue layout) - [ ] **SEAT-02**: Table blueprints (save venue layout)
- [ ] **SEAT-03**: Dealer button tracking - [ ] **SEAT-03**: Dealer button tracking
- [ ] **SEAT-04**: Random initial seating on buy-in (fills tables evenly) - [ ] **SEAT-04**: Random initial seating on buy-in (fills tables evenly)
- [ ] **SEAT-05**: Automatic balancing algorithm (size difference threshold, move fairness, button awareness, locked players, break short tables first) - [ ] **SEAT-05**: Automatic balancing suggestions with operator confirmation required (size difference threshold, move fairness, button awareness, locked players, break short tables first — dry-run preview, never auto-apply)
- [ ] **SEAT-06**: Drag-and-drop manual moves on touch interface - [ ] **SEAT-06**: Drag-and-drop manual moves on touch interface
- [ ] **SEAT-07**: Break Table action (dissolve and distribute) - [ ] **SEAT-07**: Break Table action (dissolve and distribute)
- [ ] **SEAT-08**: Visual top-down table layout (player names in seats), list view, movement screen - [ ] **SEAT-08**: Visual top-down table layout (player names in seats), list view, movement screen
@ -128,6 +130,7 @@ Requirements for Phase 1 (Development Focus: Live Tournament Management). Each m
- [ ] **DISP-08**: Multi-tournament routing (assign displays to specific tournaments or lobby) - [ ] **DISP-08**: Multi-tournament routing (assign displays to specific tournaments or lobby)
- [ ] **DISP-09**: Auto font-scaling to resolution; readable from 10+ feet - [ ] **DISP-09**: Auto font-scaling to resolution; readable from 10+ feet
- [ ] **DISP-10**: Display nodes connect via WebSocket, heartbeat every 5s, Leaf tracks status - [ ] **DISP-10**: Display nodes connect via WebSocket, heartbeat every 5s, Leaf tracks status
- [ ] **DISP-11**: All display views must stay under 350MB RSS on Pi Zero 2W during 4-hour continuous operation (non-functional, verified by soak testing)
### Digital Signage ### Digital Signage
@ -176,7 +179,7 @@ Requirements for Phase 1 (Development Focus: Live Tournament Management). Each m
- [ ] **SYNC-01**: NATS-based event sync from Leaf to Core (queued offline, replayed in order on reconnect) - [ ] **SYNC-01**: NATS-based event sync from Leaf to Core (queued offline, replayed in order on reconnect)
- [ ] **SYNC-02**: Idempotent upserts on Core (safe to replay, keyed on event ID) - [ ] **SYNC-02**: Idempotent upserts on Core (safe to replay, keyed on event ID)
- [ ] **SYNC-03**: Reverse sync (Core → Leaf) for player profiles, league config, new registrations, branding - [ ] **SYNC-03**: Reverse sync (Core → Leaf) for player profiles, league config, tournament templates, new registrations, branding
- [ ] **SYNC-04**: During running tournament, Core never overrides Leaf data for that tournament - [ ] **SYNC-04**: During running tournament, Core never overrides Leaf data for that tournament
### Authentication & Security ### Authentication & Security
@ -185,7 +188,7 @@ Requirements for Phase 1 (Development Focus: Live Tournament Management). Each m
- [ ] **AUTH-02**: Operator OIDC via Authentik when Leaf has internet - [ ] **AUTH-02**: Operator OIDC via Authentik when Leaf has internet
- [ ] **AUTH-03**: Operator roles: Admin (full control), Floor (runtime actions), Viewer (read-only) - [ ] **AUTH-03**: Operator roles: Admin (full control), Floor (runtime actions), Viewer (read-only)
- [ ] **AUTH-04**: Core Admin: OIDC via Authentik with mandatory MFA - [ ] **AUTH-04**: Core Admin: OIDC via Authentik with mandatory MFA
- [ ] **AUTH-05**: Player mobile: no auth for public views, 6-digit PIN claim for personal data - [ ] **AUTH-05**: Player mobile: no auth for public views, 6-digit PIN claim for personal data (rate limited: exponential backoff after 5 failures, lockout after 10)
- [ ] **AUTH-06**: Leaf ↔ Core sync: mTLS certificate + API key per venue - [ ] **AUTH-06**: Leaf ↔ Core sync: mTLS certificate + API key per venue
- [ ] **AUTH-07**: LUKS full-disk encryption on Leaf NVMe - [ ] **AUTH-07**: LUKS full-disk encryption on Leaf NVMe
- [ ] **AUTH-08**: PostgreSQL Row-Level Security (RLS) for multi-tenant isolation on Core - [ ] **AUTH-08**: PostgreSQL Row-Level Security (RLS) for multi-tenant isolation on Core
@ -263,7 +266,7 @@ Deferred to Development Phases 2-4. Tracked but not in current roadmap.
| Crypto payments | Volatile, regulatory uncertainty, wrong market | | Crypto payments | Volatile, regulatory uncertainty, wrong market |
| Real-time chip count entry by players | Cheating surface, operational chaos | | Real-time chip count entry by players | Cheating surface, operational chaos |
| Staking / backing / action splitting | Legal complexity, out of scope | | Staking / backing / action splitting | Legal complexity, out of scope |
| Casino CMS integration (IGT, Bally's) | Enterprise sales cycle, not needed for target market in Phase 1 | | Casino CMS integration (IGT, Bally's) | Out of scope for Phase 1-3; planned for Casino Enterprise tier in Phase 4+ |
## Traceability ## Traceability