Skip to main content
DARIKODA

Operational intelligence

How Darikoda is built: an offline-first operating record with role-attributed capture, immutable audit trail, and tenant isolation.

Engineer reviewing field data on a tablet against site infrastructure
Darikoda · Architecture

An operating record, captured at source.

Offline-first capture for sites with intermittent connectivity.

Role-attributed at the point of work. Immutable audit trail. Tenant-isolated. Sits alongside Cat Product Link, KOMTRAX and ERP. Does not replace them.

Book a 30-min audit windowOr message Theo on WhatsApp
Typical reply within the hour during UK and Ghana business hours

How Darikoda is built: an offline-first operating record with role-attributed capture, immutable audit trail, and tenant isolation, designed for Ghana site connectivity. Sits alongside OEM telematics and ERP systems, not as a replacement.

Offline-first capture

The local write is the system of record. The sync is a follow-up.

Ghana site connectivity is patchy. Pit edges, stripping benches, remote road sections and bowser stations regularly drop 4G. The platform assumes that and writes locally first.

  • Field writes commit to the local device store first, before any sync attempt.
  • Sync attempts run in the background when signal returns. Operators do not wait for 4G to log an event.
  • Each transaction carries its own sync state: saved, queued, synced or failed.
  • Failed syncs surface as visible issues for the supervisor, not silent gaps in the cert pack.

Sync states and conflict handling

Every transaction carries its own sync state.

No more “did it go through?” The four states cover the lifecycle of the record from local write to server acknowledgement.

Saved

Written to the local device. Operator can move on. The record is durable on disk before any network call is attempted.

Queued

Saved record awaiting upload. Visible in the sync queue with an event timestamp. Survives device restart.

Synced

Server acknowledged the transaction. The record is now visible across the operating tenant.

Failed

Server rejected or network refused. The supervisor sees the failure, the operator does not lose the data, and the conflict-resolution rules apply on retry.

Role and PIN attribution at point of work

The record knows who did the work. The dashboard knows who is allowed to see it.

  • Operator PIN at the tablet.

    Each entry carries the PIN of the person at the controls, not the tablet account. On shared tablets, multiple operators per shift each leave their own trail.

  • Role-routed views.

    Workshop sees workshop. Finance sees finance. Site engineer sees the section. The GM sees the exception roll-up. Same record, different cuts, role-routed at the API layer.

  • Machine, project, contract and time.

    Every event attributes to the asset, the project envelope, the contract or hire structure underneath it, and a server-side time-stamp on sync.

  • GPS where the platform requires it.

    Position confirmation on dispense events, hour-meter events at start and stop, and quantity claims at chainage. Strict mode required for billable evidence.

Immutable append-only audit trail

The record is what survives the dispute, the audit, and the cert review.

Operating records lose all their commercial value the moment they can be rewritten silently. Five properties make Darikoda's record forensically defensible.

  • Append-only. No silent edits to history.
  • Server-side timestamping on sync. Local time is recorded separately for forensic interest but cannot be the system of record.
  • Each correction is a new event with a reference to the prior event. The original entry remains in the record.
  • Cryptographic identifiers on each event so out-of-order syncs cannot rewrite earlier history.
  • Export packs include the chain of corrections so the audit trail is reproducible by a third party.

Security posture

Tenant isolation at the row level. Edge-hosted infrastructure.

  • Tenant isolation at the database row level. One operator cannot see another operator's record by accident or by design.
  • Authentication via the platform identity provider. Role-based access control inside the tenant.
  • Transport encrypted end to end. Local device store encrypted at rest.
  • Backups are tenant-scoped and access-logged.
  • Cloudflare-hosted edge infrastructure. Built on the same primitives Cloudflare operates for Workers, R2 and D1 customers.

Data export boundaries

The operator owns the data. Darikoda is the custodian.

  • The operator owns the data in the operating record. Darikoda is the custodian, not the principal.
  • Export bundles available in PDF (cert packs), CSV (per event), and JSON (full structured snapshot).
  • Bundle exports include the chain of corrections so the receiver can verify the audit trail.
  • Tenant-level data export available on request, in machine-readable formats, regardless of contract status.

Integration posture

Sits alongside OEM telematics and ERP. Does not replace them.

  • Cat Product Link, KOMTRAX, VisionLink, Sky Ledge, Introma: telemetry ingestion where the OEM stack exists. Darikoda is the operating record above that, not a replacement.
  • ERP systems (Sage, SAP Business One, QuickBooks, locally-deployed accounting): feed per-asset and per-project truth that ERP cannot produce on its own.
  • WhatsApp Business: approval-cycle integration with the cost-of-delay metric attached so the decision lands on the GM's phone with the data.
  • OEM-agnostic by design. Mixed fleets (CAT, Volvo, Komatsu, Hitachi) capture into the same operating record at the operational layer.

Maturity

What is built. What is in pilot. What is not yet live.

Built

  • Operating-record core (Darikoda Core v2.4.4): tenant isolation, append-only audit trail, role-routed API surface.
  • Sentinel V4 predictive layer: variance detection thresholds and exception roll-ups.
  • Cloudflare-hosted infrastructure: edge runtime, R2 storage, D1 database, hosted globally with Ghana-region failover.

In active pilot

  • Offline-first Flutter field app: in active build with pilot operators across Accra fleet operations.
  • Vertical workflows: mining contractor, plant hire, civils cert packs being shaped against live operator cadence.
  • Build & Activation phase: four-week fixed-fee configuration model proving on early customers.

Not yet published

  • Published case studies: pending pilot partner approval. Specific numbers and named operators will land here when the customer signs them off.
  • Self-service onboarding: every operating record currently goes through Build & Activation with Theo, by design, until pilots conclude.
  • Third-party developer API surface: roadmap, not shipped.

Want to walk through the operating record on your own fleet?

30 minutes on WhatsApp. You keep the one-page leakage map regardless of next steps.

Message Theo to book the auditOr read the audit page first
← Back to the homepage

The architectural commitments described here are the ones Darikoda customers can verify in the operating record. The platform is in active pilot. Specific maturity and roadmap discussions happen in the audit conversation.

Message Theo to book the audit