← Back

Blitz PWA Suite

Built

Signature capability

The journal app ships an AES-256-GCM encrypted-at-rest store: entries are sealed in a self-describing JSON envelope, the key lives in the platform keychain, and decrypt throws on any tampering because GCM authenticates the whole box.

What it is

It's a Dart/Flutter monorepo (appstore-blitz) split into pure-Dart engines and thin Flutter UI shells: engines have zero Flutter or I/O imports and must pass dart test at 95%+ line coverage, while each app is a thin adapter over its engine. The four consumer apps here (budget, cycle, journal, scan) compile to Flutter web builds with manifest.json + a service worker, so they install as PWAs. Money and time are handled deterministically: the budget engine stores all amounts as int cents and is currency-agnostic, and both budget and cycle engines take an injected epoch-day instead of reading an ambient clock, which makes their logic fully unit-testable. Monetization is centralised in a shared blitz_core package (ads/IAP/analytics ports plus fakes) with a deliberate no-dark-patterns policy: player-initiated rewarded ads and a tip jar only, no energy systems or forced interstitials. Codemagic CI runs flutter test then builds a signed IPA and ships to TestFlight per app via an App Store Connect integration.

Highlights

  • Clean-architecture monorepo: pure-Dart engines (budget 422 LOC, cycle 306 LOC, journal ~390 LOC across 6 files) with a hard rule of zero Flutter/IO imports and 95%+ line coverage, wrapped by thin Flutter shells (journal app ~3,100 LOC, budget ~1,660, scan ~1,470)
  • Journal store uses AES-256-GCM (cryptography pkg) with a keychain-held key and a versioned, tamper-authenticated JSON envelope; wrong key or altered payload throws rather than returning garbage
  • Deterministic financial/date logic: all money as integer cents, currency-agnostic, and injected epoch-days instead of an ambient clock so every path is reproducible in tests
  • Strict TDD throughout (no production code without a failing test first); ~98 engine tests across the four apps' engines, part of ~1,100 test() calls across the wider portfolio
  • Shared blitz_core monetization layer with ports + fakes and an explicit anti-dark-pattern stance: rewarded ads and tip-jar IAP only, no energy meters or forced interstitials
  • Codemagic CI/CD with one reusable iOS workflow per app: runs flutter test, auto-signs via App Store Connect integration, builds the IPA and submits to TestFlight on tag

Tech · Dart 3.12, Flutter (stable), Flutter web/PWA, cryptography (AES-256-GCM), cunning_document_scanner, melos-style monorepo, Codemagic CI/CD, App Store Connect