Documentation Index

Bilko Documentation Index

Last updated: 2026-02-20 Project ID: bbd77cc0 Status: Backend SPECIFICATION (not implemented) Pipeline Status: 7/8 gates PASS — ~~Balkan~~See ~~Accounting~~Validation ~~SaaS~~Report

Key Documents

VALIDATION REPORT — Gate validation results (2026-02-20)

PIPELINE — 8-gate progress tracker

Purpose

This documentation defines the implementation contract for Bilko's backend. The database schema exists and the frontend is built with mock data. These docs specify what the backend MUST implement to complete the system.

Backend Documentation

Document	Description	Status
API Reference	All API endpoints — method, path, request/response, auth	SPECIFICATION
Database Schema	All 15 models — columns, types, constraints, indexes	IMPLEMENTED (Prisma)
Authentication	JWT auth flow, password hashing, 2FA, RBAC	SPECIFICATION
Business Logic	Double-entry bookkeeping, VAT calculation, multi-currency, reconciliation	SPECIFICATION
Middleware	Express middleware stack — security, auth, validation, error handling	SPECIFICATION
Services	External service integrations — SendGrid, Cloudflare R2, exchange rates, PDF generation	SPECIFICATION

Frontend Documentation

Document	Description	Status
Pages	All 10 implemented pages — routes, data requirements, mobile responsive	IMPLEMENTED
Component Inventory	All 17 shadcn/ui components — usage, props, examples	IMPLEMENTED
Design System	Colors, typography, spacing, shadows — 73 design tokens	IMPLEMENTED
State Management	Zustand setup, stores, patterns	SPECIFICATION
Forms	Form validation, error handling, submission patterns	SPECIFICATION
Web App CLAUDE.md	Next.js 15 frontend overview	REFERENCE

Infrastructure Documentation

Document	Description	Status
Deployment	Deployment strategy — Vercel (frontend), Railway (backend+DB), environments	SPECIFICATION
CI/CD	GitHub Actions pipeline — lint, test, build, deploy	SPECIFICATION
Environment	Environment variables, secrets management, config	SPECIFICATION

Security Documentation

Document	Description	Status
Security Architecture	JWT auth, RBAC, encryption, rate limiting, OWASP Top 10	SPECIFICATION
Compliance	GDPR compliance, data retention, user rights, privacy policy	SPECIFICATION

Testing Documentation

Document	Description	Status
Testing Guide	Testing philosophy, pyramid, tech stack (Vitest, Supertest, Playwright)	SPECIFICATION
Test Inventory	Critical test scenarios, coverage requirements, quality gates	SPECIFICATION

Regulatory Documentation

Document	Description	Status
Serbia SEF	SEF e-invoicing (UBL 2.1), 20% PDV, Kontni Okvir Chart of Accounts, e-Transport	RESEARCH COMPLETE
BiH PDV	17% PDV, UNO/ITA filing, e-invoicing draft law, FBiH (IFRS) + RS Chart of Accounts	RESEARCH COMPLETE
Croatia eRačun	eRačun B2G (2019) + B2B (2026), 25% VAT, RRiF Chart of Accounts, Fiscalization 2.0	RESEARCH COMPLETE
Chart of Accounts	Serbia (Class 0-9), BiH (IFRS/RS), Croatia (RRiF) — account structures	RESEARCH COMPLETE

How to Use This Documentation

QuickFor InfoBackend Developers

Start

Implement

Middleware Authentication

~~Field~~	~~Value~~
~~Product~~	~~Cloud~~with API Reference — this is your implementation contract Read Database Schema — understand the data model Review Business Logic — learn accounting ~~for~~domain ~~Balkan~~rules ~~SMBs~~
~~Markets~~	~~Serbia,~~endpoints ~~BiH,~~following ~~Croatia~~
~~Inspiration~~	~~Fiken~~and ~~(Norway)~~
~~Domains~~	~~bilko.io (primary), bilko.rs (Serbia)~~
~~Pipeline ID~~	~~bbd77cc0~~
~~Path~~	~~/Users/makinja/ALAI/products/Bilko/~~

TechFor StackFrontend Developers

~~Frontend:~~All ~~Next.js~~endpoints 15in +API ~~React~~Reference ~~19 +~~include TypeScript ~~+ Tailwind CSS 4 + shadcn/ui~~interfaces
~~Backend:~~Replace ~~Express~~mock +data ~~TypeScript~~imports +with ~~PostgreSQL~~API ~~+ Prisma (NOT BUILT YET)~~calls
~~State:~~Use ~~Zustand~~the ~~(installed,~~request/response ~~mostly~~types ~~React~~from ~~hooks)~~

API

~~Charts:~~ ~~Recharts~~

~~Icons:~~ ~~Lucide React~~

~~Monorepo:~~ ~~Turborepo~~Reference

BrandingFor QA Engineers

~~Name:~~API ~~Bilko~~Reference ~~(from~~includes ~~Serbian~~example ~~"bilans"~~requests/responses =for ~~balance~~all ~~sheet)~~endpoints
~~Primary~~Use ~~Color:~~these ~~#00E5A0~~as ~~(mint~~test ~~green)~~cases
~~Font:~~Verify ~~Inter~~

business

~~Logo:~~logic ~~Sharp~~rules Bfrom —Business ~~Minimalist~~Logic ~~Geometric (Figma Design #1)~~document

Key Architectural Decisions

Current1. StatusDouble-Entry Bookkeeping

Every

~~Frontend:~~financial 8+event ~~pages~~creates ~~implemented~~a Transaction with ~~mock~~debitAccount ~~data~~

~~Backend:~~creditAccount. ~~Empty~~Debits —= ~~Express~~Credits ~~scaffold only~~

~~Database:~~ ~~15 Prisma models fully defined~~

~~Design:~~ ~~Figma validated, sidebar fix applied 2026-02-21~~

always.

Key2. Decisions

~~Double-entry bookkeeping (debit/credit)~~

Multi-~~currency~~Currency with ~~exchange~~Rate Locking
Exchange rate ~~locking~~

locked at transaction date. Historical transactions NEVER recalculated with current rates.

3. Immutable Audit Trail

LoggedAction table is APPEND-ONLY. All INSERT/UPDATE/DELETE operations captured.

4. Organization-Scoped Multi-Tenancy

Every API request filtered by organizationId. No cross-org data access.

5. NUMERIC(19,4) for ALL ~~monetary~~Money
~~amounts~~
NEVER use float or JavaScript number for currency. Precision is critical.

Related Documents
- Product Requirements — Feature requirements, success metrics
- ~~UUID~~Tech ~~primary~~Stack ~~keys~~— Technology decisions
- ~~Immutable~~Wireframes ~~audit~~— ~~trail~~UI ~~(append-only)~~specifications
- ~~Organization-scoped~~Brand ~~multi-tenancy~~Identity — Branding guidelines
Contributing

When adding new documentation:
1. Add entry to this INDEX.md
2. ~~RBAC:~~Follow ~~owner,~~existing ~~admin,~~document ~~accountant,~~structure ~~viewer~~(Purpose → Spec → Examples)

Mark implementation status (SPECIFICATION, IN PROGRESS, IMPLEMENTED)

Update "Last updated" date in this file