Anti-Cheat System

Ensuring data integrity through planning vs execution separation

Problem Without Anti-Cheat

❌ Manipulable Data
  • Users can change category after session ends
  • Project selection can be modified retroactively
  • Duration can be inflated for better scores
  • Planning vs execution data gets mixed
❌ Trust Issues
  • Team productivity metrics become unreliable
  • Leaderboards lose credibility
  • Planning notifications show wrong data
  • Analytics and reporting are compromised

Anti-Cheat Solution

The anti-cheat system separates planning data (locked) from execution notes (editable).

🔒 Locked Fields
  • Category: Set when timer starts
  • Project: Set when timer starts
  • Duration: Fixed by timer length
  • Planning Note: What you planned to do
✏️ Editable Fields
  • Execution Note: What you actually accomplished
  • Quality Rating: How focused you were
  • Tags: Additional context

Complete System Flow

1
Timer Start

User sets category, project, planning note. Data saved to PreSession table.

Mac App: /api/mac_timer_start
Windows App: /api/windows_timer_start
2
Session Running

Planning fields locked. Slack notifications sent. User works on planned task.

Planning data locked
3
Post-Session Form

Planned data shown as read-only. Only execution note editable.

API: /api/get_presession/{id}
API: /api/pomodoro/submit

Platform Implementation Status

Platform Timer Start API Planning Notifications Anti-Cheat Forms Status
Web Timer Implemented Working Working Complete
Mac App Implemented Working Missing Needs Fix
Windows App ⚠️ UI updated, needs API integration Needs timer start API call Working Needs API Integration

API Endpoints

POST /api/mac_timer_start

Purpose: Create PreSession record and trigger planning notifications

{
  "category": "Doing",
  "duration": 25,
  "project_id": "team_2",
  "note": "Planning note here"
}

Response: Fast (<200ms) with background Slack processing

GET /api/get_presession/{session_id}

Purpose: Get planned data for anti-cheat post-session forms

{
  "success": true,
  "presession": {
    "category": "Doing",
    "planned_duration": 25,
    "planning_note": "Planning note here",
    "project": {
      "id": "team_2",
      "name": "Cross Border Summit",
      "type": "team"
    }
  }
}
POST /api/pomodoro/submit

Purpose: Submit completed session with execution notes

{
  "category": "Doing",        // From PreSession (locked)
  "project_id": "team_2",     // From PreSession (locked)
  "duration": 25,             // From PreSession (locked)
  "note": "What I actually accomplished",  // Editable
  "start_time": "2025-08-21T15:00:00Z",
  "end_time": "2025-08-21T15:25:00Z"
}

Implementation Guide

For Mac App Team
Issue: Post-session forms are fully editable
  1. Call /api/get_presession/{session_id} when opening post-session form
  2. Pre-fill and disable category, project, duration fields
  3. Show planning note as read-only
  4. Only allow editing execution note
  5. Style locked fields with gray background
For Windows App Team
Status: UI updated, needs API integration
  1. Call /api/windows_timer_start when timer begins
  2. Implement post-session anti-cheat forms
  3. Use /api/get_presession/{session_id} to load planned data
  4. Lock planned fields, allow execution note editing
  5. Test with team projects for Slack notifications

Benefits of Anti-Cheat System

🛡️ Data Integrity
  • Prevents retroactive data manipulation
  • Maintains accurate productivity metrics
  • Preserves planning vs execution distinction
👥 Team Trust
  • Reliable team productivity dashboards
  • Credible leaderboards and competitions
  • Accurate planning notifications
📊 Analytics Quality
  • Clean data for business intelligence
  • Accurate time tracking reports
  • Meaningful productivity insights

Questions about the anti-cheat system? Contact the RegardingWork development team.

Full API Documentation