see revisions.md for list of changes.

Author: xskcdf

1-Aquiis.Infrastructure/Data/SqlCipherConnectionInterceptor.cs

@@ -58,6 +58,19 @@ public override void ConnectionOpened(DbConnection connection, ConnectionEndEven
         {
             Console.WriteLine("[SqlCipherConnectionInterceptor] No password provided, skipping encryption");
         }
+
+        // Enable WAL mode for all connections (encrypted or not).
+        // WAL mode is persistent in the database file — this is a no-op for databases
+        // already in WAL mode, and upgrades fresh databases from the default DELETE journal.
+        // NORMAL synchronous is safe with WAL and gives a meaningful performance boost.
+        using (var cmd = connection.CreateCommand())
+        {
+            cmd.CommandText = "PRAGMA journal_mode = WAL;";
+            cmd.ExecuteNonQuery();
+            cmd.CommandText = "PRAGMA synchronous = NORMAL;";
+            cmd.ExecuteNonQuery();
+        }
+
         base.ConnectionOpened(connection, eventData);
     }
 
@@ -99,6 +112,19 @@ public override async Task ConnectionOpenedAsync(DbConnection connection, Connec
         {
             Console.WriteLine("[SqlCipherConnectionInterceptor] No password provided, skipping encryption (async)");
         }
+
+        // Enable WAL mode for all connections (encrypted or not).
+        // WAL mode is persistent in the database file — this is a no-op for databases
+        // already in WAL mode, and upgrades fresh databases from the default DELETE journal.
+        // NORMAL synchronous is safe with WAL and gives a meaningful performance boost.
+        using (var cmd = connection.CreateCommand())
+        {
+            cmd.CommandText = "PRAGMA journal_mode = WAL;";
+            await cmd.ExecuteNonQueryAsync(cancellationToken);
+            cmd.CommandText = "PRAGMA synchronous = NORMAL;";
+            await cmd.ExecuteNonQueryAsync(cancellationToken);
+        }
+
         await base.ConnectionOpenedAsync(connection, eventData, cancellationToken);
     }
 }

1-Aquiis.Infrastructure/Services/DatabaseEncryptionService.cs

@@ -186,13 +186,33 @@ public DatabaseEncryptionService(
                 await encryptedConn.OpenAsync();
                 _logger.LogInformation("✅ Encrypted database opened successfully");
 
-                // Set password using PRAGMA
+                // Set password using PRAGMA — must be first operation on the connection
                 using (var cmd = encryptedConn.CreateCommand())
                 {
                     cmd.CommandText = $"PRAGMA key = '{password}';";
                     await cmd.ExecuteNonQueryAsync();
                     _logger.LogInformation("Encryption key set with PRAGMA");
                 }
+
+                // Explicitly set SQLCipher 4 parameters to match how the database was created.
+                // On Windows the native library does not always auto-detect these from the file
+                // header, causing decryption to silently fail with wrong defaults.
+                using (var cmd = encryptedConn.CreateCommand())
+                {
+                    cmd.CommandText = "PRAGMA cipher_page_size = 4096;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA kdf_iter = 256000;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA cipher_hmac_algorithm = HMAC_SHA512;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA512;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    _logger.LogInformation("SQLCipher 4 cipher parameters set explicitly");
+                }
 
                 // Attach unencrypted database
                 using (var cmd = encryptedConn.CreateCommand())
@@ -261,11 +281,23 @@ private async Task<bool> VerifyEncryptedDatabaseAsync(string dbPath, string pass
             {
                 await conn.OpenAsync();
 
-                // Set the password using PRAGMA
+                // Set password then explicit SQLCipher 4 params — mirrors DecryptDatabaseAsync
                 using (var cmd = conn.CreateCommand())
                 {
                     cmd.CommandText = $"PRAGMA key = '{password}';";
                     await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA cipher_page_size = 4096;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA kdf_iter = 256000;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA cipher_hmac_algorithm = HMAC_SHA512;";
+                    await cmd.ExecuteNonQueryAsync();
+
+                    cmd.CommandText = "PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA512;";
+                    await cmd.ExecuteNonQueryAsync();
                 }
 
                 _logger.LogInformation("Encrypted database opened successfully");

4-Aquiis.SimpleStart/Program.cs

@@ -26,13 +26,14 @@
 
 var builder = WebApplication.CreateBuilder(args);
 
-// CRITICAL: Handle .restore_pending BEFORE any DbContext registration
-// This ensures encrypted database detection happens on the correct file
-HandlePendingRestore(builder.Configuration);
-
-// Configure for Electron
+// Configure for Electron FIRST — this sets HybridSupport.IsElectronActive, which
+// HandlePendingRestore depends on to compute the correct Electron user-data DB path.
 builder.WebHost.UseElectron(args);
 
+// CRITICAL: Handle .restore_pending BEFORE any DbContext registration.
+// Must run AFTER UseElectron so HybridSupport.IsElectronActive is true.
+HandlePendingRestore(builder.Configuration);
+
 // Configure URLs - use specific port for Electron
 if (HybridSupport.IsElectronActive)
 {
@@ -777,53 +778,137 @@
 // Local function to handle .restore_pending before service registration
 static void HandlePendingRestore(IConfiguration configuration)
 {
-    var connectionString = configuration.GetConnectionString("DefaultConnection");
-    Console.WriteLine($"[Program.HandlePendingRestore] Checking for staged restore on database connection string: {connectionString}");
-    if (string.IsNullOrEmpty(connectionString))
+    // CRITICAL: This runs before ANY service registration or DbContext creation.
+    // It must compute the correct database path independently of the DI container.
+    //
+    // BUG FIXED: Previously this read the path from appsettings.json DefaultConnection,
+    // which is a fallback path (e.g. Infrastructure/Data/app_v0.0.0.db) that is NEVER
+    // used by the Electron app. The Electron app stores its database in the OS user-data
+    // directory (e.g. %APPDATA%\Aquiis\app_v1.1.0.db on Windows). This mismatch meant
+    // the staged restore was never found and never applied, leaving the app in a broken
+    // state after an encrypt→decrypt cycle (the DPAPI key is deleted on successful
+    // decryption, so on the next startup the app saw an encrypted DB with no key and
+    // displayed the unlock screen indefinitely).
+
+    string dbPath;
+
+    if (HybridSupport.IsElectronActive)
     {
-        // Can't proceed without connection string
-        return;
+        // Replicate ElectronPathService.GetDatabasePathSync() without needing DI.
+        var dbFileName = configuration["ApplicationSettings:DatabaseFileName"] ?? "app.db";
+
+        string basePath;
+        if (OperatingSystem.IsWindows())
+            basePath = Path.Combine(
+                Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Aquiis");
+        else if (OperatingSystem.IsMacOS())
+            basePath = Path.Combine(
+                Environment.GetFolderPath(Environment.SpecialFolder.UserProfile),
+                "Library", "Application Support", "Aquiis");
+        else // Linux
+            basePath = Path.Combine(
+                Environment.GetEnvironmentVariable("XDG_CONFIG_HOME")
+                    ?? Path.Combine(
+                        Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), ".config"),
+                "Aquiis");
+
+        Directory.CreateDirectory(basePath);
+        dbPath = Path.Combine(basePath, dbFileName);
+        Console.WriteLine($"[Program.HandlePendingRestore] Electron mode — DB path: {dbPath}");
     }
-    
-    // Extract database path
-    var builder = new Microsoft.Data.Sqlite.SqliteConnectionStringBuilder(connectionString);
-    var dbPath = builder.DataSource;
-    
-    if (!Path.IsPathRooted(dbPath))
+    else
     {
-        dbPath = Path.Combine(Directory.GetCurrentDirectory(), dbPath);
+        // Web / non-Electron: derive path from appsettings.json connection string.
+        var connectionString = configuration.GetConnectionString("DefaultConnection");
+        Console.WriteLine($"[Program.HandlePendingRestore] Web mode — connection string: {connectionString}");
+
+        if (string.IsNullOrEmpty(connectionString))
+        {
+            Console.WriteLine("[Program.HandlePendingRestore] No connection string found, skipping");
+            return;
+        }
+
+        var csBuilder = new Microsoft.Data.Sqlite.SqliteConnectionStringBuilder(connectionString);
+        dbPath = csBuilder.DataSource;
+
+        if (!Path.IsPathRooted(dbPath))
+            dbPath = Path.Combine(Directory.GetCurrentDirectory(), dbPath);
+
+        Console.WriteLine($"[Program.HandlePendingRestore] Web mode — DB path: {dbPath}");
     }
-    
+
     var stagedRestorePath = $"{dbPath}.restore_pending";
-    
-    // Check if there's a staged restore waiting
-    if (File.Exists(stagedRestorePath))
+
+    if (!File.Exists(stagedRestorePath))
     {
-        Console.WriteLine($"[Program.HandlePendingRestore] Found staged restore file, applying it now: {stagedRestorePath}");
-        
-        // Clear SQLite connection pool
-        Microsoft.Data.Sqlite.SqliteConnection.ClearAllPools();
-        
-        // Wait for connections to close
-        Thread.Sleep(500);
-        
-        // Backup current database if it exists
-        if (File.Exists(dbPath))
+        Console.WriteLine($"[Program.HandlePendingRestore] No staged restore pending at: {stagedRestorePath}");
+        return;
+    }
+
+    var pendingSize = new FileInfo(stagedRestorePath).Length;
+    Console.WriteLine($"[Program.HandlePendingRestore] Staged restore found: {stagedRestorePath} ({pendingSize:N0} bytes)");
+
+    // At this point in startup no connections have been opened, but clear pools
+    // as a safety measure and force a GC pass on Windows to release any lingering
+    // SQLite native file handles from a previous process that didn't exit cleanly.
+    Microsoft.Data.Sqlite.SqliteConnection.ClearAllPools();
+
+    if (OperatingSystem.IsWindows())
+    {
+        GC.Collect();
+        GC.WaitForPendingFinalizers();
+        GC.Collect();
+        Console.WriteLine("[Program.HandlePendingRestore] GC collection complete (Windows handle safety)");
+    }
+
+    Thread.Sleep(300);
+
+    if (File.Exists(dbPath))
+    {
+        var currentSize = new FileInfo(dbPath).Length;
+        Console.WriteLine($"[Program.HandlePendingRestore] Current DB: {dbPath} ({currentSize:N0} bytes) — backing up before replace");
+
+        // Remove WAL/SHM files — they belong to the outgoing session
+        var walPath = $"{dbPath}-wal";
+        var shmPath = $"{dbPath}-shm";
+        if (File.Exists(walPath)) { File.Delete(walPath); Console.WriteLine("[Program.HandlePendingRestore] Deleted WAL file"); }
+        if (File.Exists(shmPath)) { File.Delete(shmPath); Console.WriteLine("[Program.HandlePendingRestore] Deleted SHM file"); }
+
+        var timestamp = DateTime.Now.ToString("yyyyMMddHHmmssfff");
+        var beforeRestorePath = $"{dbPath}.beforeRestore.{timestamp}";
+
+        try
         {
-            var timestamp = DateTime.Now.ToString("yyyyMMddHHmmssfff");
-            var beforeRestorePath = $"{dbPath}.beforeRestore.{timestamp}";
             File.Move(dbPath, beforeRestorePath);
-            Console.WriteLine($"Current database backed up to: {beforeRestorePath}");
+            Console.WriteLine($"[Program.HandlePendingRestore] Current DB backed up to: {beforeRestorePath}");
         }
-        
-        // Move staged restore into place
+        catch (Exception ex)
+        {
+            Console.WriteLine($"[Program.HandlePendingRestore] ERROR: Cannot back up current DB — restore aborted.");
+            Console.WriteLine($"[Program.HandlePendingRestore]   {ex.GetType().Name}: {ex.Message}");
+            if (OperatingSystem.IsWindows())
+                Console.WriteLine($"[Program.HandlePendingRestore]   HResult: 0x{ex.HResult:X8}  " +
+                                  "(0x80070020 = sharing violation / file locked by another process)");
+            Console.WriteLine("[Program.HandlePendingRestore]   Staged file preserved for next startup attempt.");
+            return;
+        }
+    }
+    else
+    {
+        Console.WriteLine($"[Program.HandlePendingRestore] No existing DB at {dbPath} — placing staged restore directly");
+    }
+
+    try
+    {
         File.Move(stagedRestorePath, dbPath);
-        Console.WriteLine("Staged restore applied successfully");
-        
-        // Delete orphaned WAL/SHM files if they exist
-        var walPath = $"{dbPath}-wal";
-        var shmPath = $"{dbPath}-shm";
-        if (File.Exists(walPath)) File.Delete(walPath);
-        if (File.Exists(shmPath)) File.Delete(shmPath);
+        Console.WriteLine($"[Program.HandlePendingRestore] ✅ Staged restore applied successfully.");
+        Console.WriteLine($"[Program.HandlePendingRestore]   New DB: {dbPath} ({new FileInfo(dbPath).Length:N0} bytes)");
+    }
+    catch (Exception ex)
+    {
+        Console.WriteLine($"[Program.HandlePendingRestore] ERROR: Failed to move staged restore into place.");
+        Console.WriteLine($"[Program.HandlePendingRestore]   {ex.GetType().Name}: {ex.Message}");
+        if (OperatingSystem.IsWindows())
+            Console.WriteLine($"[Program.HandlePendingRestore]   HResult: 0x{ex.HResult:X8}");
     }
 }

4-Aquiis.SimpleStart/electron.manifest.json

@@ -8,7 +8,7 @@
     "--disable-dev-shm-usage"
   ],
   "name": "aquiis",
-  "description": "Desktop property management application for landlords managing up to 9 residential properties",
+  "description": "Aquiis Property Management",
   "author": "Aquiis",
   "singleInstance": false,
   "environment": "Production",

Aquiis.code-workspace

@@ -1,14 +1,11 @@
 {
-  "folders": [
-    {
-      "path": ".",
-    },
-    {
-      "path": "../../Documents/Orion/Projects/Aquiis",
-    },
-    {
-      "path": "../appimage.github.io",
-    },
-  ],
-  "settings": {},
-}
+	"folders": [
+		{
+			"path": "."
+		},
+		{
+			"path": "../../Documents/Orion II/Projects/Aquiis"
+		}
+	],
+	"settings": {}
+}