TPA FK UI prep

Planning, not yet built

An adaptive TPA study app that actually raises the score.

A planning hub for a Tes Potensi Akademik study tool for FK UI specialist (PPDS) preparation. It does not just score: it diagnoses weak subskills, explains step by step, confirms understanding, then drills until mastery rises. Built Cloudflare-free-tier-first, secure by design.

Read the plan View repository

Deliverables

Twelve planning documents

Each lives in the repository as markdown. The repo is private; the owner can open any file from the list below.

PRD.md

The master product requirements: problem, personas, TPA taxonomy, journey, gamification, MVP cut, and 23 sections in all.

FREE_TIER_ASSESSMENT.md

Honest Cloudflare free-tier limits and the real edges (KV write cap, Queues not free) with cost-risk triggers. No overclaiming.

TECHNICAL_PLAN.md

Architecture, the auth decision (Cloudflare Access for MVP), pluggable AI and OCR providers, config, and deploy.

DATABASE_SCHEMA.sql

D1 schema: 19 tables with indexes, CHECK enums, privacy notes, migration order, and cascade delete and takedown.

API_CONTRACT.md

Every endpoint with method, path, auth, input and output, validation, rate limit, and error cases. Correctness is server-side.

SECURITY_PLAN.md

Threat model and a secure-by-design checklist. No system is 100% unbreakable; residual risk is stated honestly.

LEARNING_ENGINE_SPEC.md

The adaptive math: mastery formula, careless-vs-concept, spaced repetition, promotion and demotion, next best question.

OCR_PROVIDER_BENCHMARK_PLAN.md

Pluggable OCR with a golden set and a measurable decision rule. PaddleOCR baseline, Tesseract fallback, others on merit.

DESIGN_SYSTEM.md

A mature academic design system (this page dogfoods it): teal accent, off-white and off-black, color-blind-aware mastery scale.

IMPLEMENTATION_ROADMAP.md

Phases 0 to 10, each with tasks, files, acceptance criteria, test commands, and a rollback plan.

TEST_PLAN.md

Unit, integration, e2e, security, migration, OCR golden-sample, engine, accessibility, mobile, and free-tier load tests.

CLAUDE_IMPLEMENTATION_PROMPTS.md

Ready-to-paste prompts to build each phase with an agent, wired to the skills and these docs.

Architecture decisions

What was decided, and why

  • Cloudflare Access for auth (MVP). No password handling, free up to 50 users, lowest code. Email OTP is the migration path for open multi-user.
  • D1 for everything relational. 10k questions and attempt history fit the free tier with indexes and snapshots.
  • No Cloudflare Queues (not free). Background work uses Cron Triggers polling a D1 job table.
  • Rate limits and counters in D1 or a Durable Object, never KV. KV allows only about 1,000 writes per day.
  • AI and OCR are pluggable and server-side only. Keys never reach the browser; usage is budgeted with a circuit-breaker.
  • Legality is first-class. Every item is authorized, public-legal, personal-OCR, or generated; generated is always labeled prediction.
Biggest risks: exhausting Workers AI on generation; KV write cap if misused for counters; OCR accuracy and the copyright/privacy of source material; and analytics burning the D1 daily read budget. Each has a mitigation in the docs.

Needs your decision

Open questions before coding

  • Is English and/or spatial reasoning in scope for the FK UI selection, or Indonesian verbal/numerik/logika only?
  • Which AI provider and what monthly budget for the tutor and generated questions (kept pluggable either way)?
  • Do we retain uploaded OCR source files (encrypted in R2) or process-then-delete by default?
  • Confirm single-user MVP now, with multi-user as a later switch.