Enterprise Desktop Application

PreonCheque

🎯 Problem Solved: Licensed Windows desktop app for cheque management with military-grade security to prevent piracy while enabling offline use. 💡 Technical Challenges: HMAC-SHA256 signed API requests (timestamp + appId + signature) prevent replay attacks. Machine binding via hardware fingerprint (canvas, screen, CPU cores, timezone) locked with SHA-256 hash. AES-256 encryption for license tokens with machine-derived keys. Anti-time-manipulation via server time sync detects clock tampering. Rate limiting (30 req/min per IP) prevents brute force. Request expiry with 5-minute timestamp window. Obfuscated storage with SHA256/MD5 derived keys. 🦀 Rust Backend: Tauri 2 runtime (10x smaller than Electron), native performance. 🔐 Security: HMAC-SHA256, AES-256, JWT admin auth, XSS/IDOR protection on admin endpoints. 📈 Business Impact: Admin dashboard for license CRUD, machine unbinding, configurable recheck intervals per customer, auto-update via Tauri updater.

Tauri 2 Rust React 19 TypeScript SQLite Node.js Express PostgreSQL Radix UI TailwindCSS
🔐 HMAC-SHA256 🔐 AES-256 🔐 Machine Binding 🔐 Rate Limiting 🔐 JWT 🔐 Request Expiry
Technical Details
🎯 The Problem

Businesses needed a secure, offline-capable cheque management system that prevents software piracy while allowing regular use without constant internet.

💡 The Solution

Built a Tauri 2 desktop app with HMAC-SHA256 signed API requests, AES-256 encrypted license tokens, and machine binding via hardware fingerprints. Anti-time-manipulation detects clock tampering.

📈 The Impact

Admin dashboard for license CRUD, machine unbinding, configurable recheck intervals. Auto-update via Tauri updater. 10x smaller than Electron.

💡 Technical Challenges Solved
  • 1

    HMAC-SHA256 signed API requests (timestamp + appId + signature) prevent replay attacks

  • 2

    Machine binding via hardware fingerprint (canvas, screen, CPU cores, timezone) locked with SHA-256 hash

  • 3

    AES-256 encryption for license tokens with machine-derived keys

  • 4

    Anti-time-manipulation via server time sync detects clock tampering

  • 5

    Rate limiting (30 req/min per IP) prevents brute force attacks

  • 6

    Request expiry with 5-minute timestamp window

  • 7

    Obfuscated storage with SHA256/MD5 derived keys

Technical Architecture

Frontend Stack

  • React 19 with TypeScript
  • Radix UI primitives
  • TailwindCSS 4
  • Recharts for analytics
  • Lucide icons

Backend & Database

  • Rust/Tauri 2 runtime
  • SQLite local database
  • Node.js license server
  • PostgreSQL cloud DB
  • Express.js REST API

Infrastructure

  • Tauri auto-updater
  • GitHub Actions CI/CD
  • Vercel Edge Functions
  • Encrypted local storage

📸 Screenshots

Dashboard
Dashboard 🖥️
License Activation
License Activation 🖥️
Cheque List
Cheque List 🖥️
Statistics
Statistics 🖥️
Print Preview
Print Preview 🖥️
Settings
Settings 🖥️

🚀 Use the buttons above to explore: Full Technical Details