Correctness Invariants
These are the guarantees that LaunchFast maintains. Violating any invariant is a correctness failure.
Architectural Invariants
- Server-only code stays server-only
- Database access only through
db.server.ts - Session management only through
session.server.ts - Environment variables declared in
env.server.ts - No alternate auth, database, or session mechanisms
Security Invariants
- Never commit secrets to version control
- Never disable rate limiting in production
- Never bypass CSRF protection
- Never expose server-only environment variables to client
- Never trust user input for redirects
Database Invariants
- Never modify committed migrations
- Always create new migrations for schema changes
- Never use
prisma db pushin production - Schema changes require migration strategy
Payment Invariants
- Stripe webhooks are critical paths
- Webhook handler changes require tests and mock updates
STRIPE_ENABLEDgates all Stripe behavior- Webhook failure equals revenue loss
Definition of Correctness
A founding state is correct if all of the following hold:
- Minimizes irreversible downside
- Defers complexity
- Collapses decision surface
- Supports small teams (1-5 engineers)
- Remains auditable end-to-end
- Survives misuse
Weakening any property violates correctness.