DEV Community

oludeleoluwapelumi
oludeleoluwapelumi

Posted on

Mapping CIF's Severity Taxonomy Against Real Apache Fineract Defects

Chronological Input Failure (CIF) started as a simulation. The baseline_simulation.py model in the cif-simulation repo showed that under realistic async delay conditions, commit events can process before their corresponding validation completes, producing a measurable causality violation rate.

A simulation proves a mechanism can occur. It does not prove the mechanism occurs in real systems. This post is an attempt to close part of that gap, not by running CIF against a live system yet, but by checking whether the failure patterns CIF describes already show up in the public issue history of a real, independently built financial platform.

What this is, and what it is not

This is a retrospective taxonomy mapping. I searched Apache Fineract's public JIRA issue tracker, an open source core banking platform used by financial institutions in dozens of countries, for tickets describing duplicate transaction processing, retry driven double execution, and chronological or ordering problems. I read each ticket directly, not a summary, and checked whether it matched CIF's categories.

This is not a case study. Nobody at Fineract used CIF. I did not diagnose these issues. Fineract's own engineers found, discussed, and resolved these tickets, in most cases years before I looked at them. What this shows is that CIF's categories are not arbitrary. They describe failure patterns that an unrelated, production financial system independently experienced and had to solve.

A real case study, where CIF is applied to a live system and produces new findings, is still the next milestone. This is groundwork toward that, not a substitute for it.

Method

I read four Fineract tickets directly on the Apache JIRA tracker, verified their status and description text myself, and checked each one against CIF's severity levels. One ticket I initially flagged as relevant, FINERACT-1876, is discussed separately below, because on close reading it does not actually fit CIF and I am not going to force it to.

The Mapping

FINERACT-2304, Batch retry issue, duplicate records
Link:https://issues.apache.org/jira/browse/FINERACT-2304
Status: Resolved, Fixed

A batch API call with an open transaction could trigger retry logic within that same open transaction, producing duplicate entries. Separately, if a transaction had already finished but an exception still occurred inside the retry boundary, a retry could fire on an already completed operation.

CIF classification: Level 2, Event Replay. This is a direct match, a duplicate write caused by retry logic firing after a completed operation.

FINERACT-1744, System idempotency
Link:https://issues.apache.org/jira/browse/FINERACT-1744
Status: Resolved, Implemented

This is not a bug report. It is a proactive systemic fix. Fineract's team identified that in high availability deployments, retried API operations could execute twice when a prior execution had already completed, and built dedicated infrastructure against it: an Idempotency-Key API header, idempotency handling for external events, and new command statuses (UNDER_PROCESSING, ERROR) to track execution state.

CIF classification: this does not map to a single severity level, and that is the point. It is stronger evidence than any individual bug ticket, because it shows the failure pattern was significant enough for the Fineract team to build permanent architecture against it, rather than patch isolated incidents after the fact.

FINERACT-2188, duplicate repayments reported via mobile app
Link:https://issues.apache.org/jira/browse/FINERACT-2188

Status: Closed, Resolution: Abandoned

A user reported repayments duplicating within milliseconds through a mobile app. This is a reported issue describing symptoms consistent with CIF, not a confirmed root caused bug. Fineract closed it as abandoned, meaning the root cause was never formally established. It could reflect a core platform issue, a client side integration problem, or a duplicated third party callback.

CIF classification: Level 2, Event Replay, symptom consistent, root cause unconfirmed. I am including it because the symptom matches, not because it was proven.

FINERACT-2457, share transaction chronological validation

Link:https://issues.apache.org/jira/browse/FINERACT-2457

Status: Confirmed via linked pull request

Fineract's share transaction validation logic blocked new transactions dated earlier than any existing transaction on the account, including transactions that had already been rejected or reversed. In effect, the system's record of transaction history included events that were no longer financially real, and it enforced ordering rules against that stale history, incorrectly blocking legitimate transactions.

CIF classification: this does not cleanly fit the existing four levels, and I would rather say that plainly than stretch it. It is a genuine chronological integrity problem, the system's understanding of event order did not reflect financial truth, but the mechanism is different from the retry and duplication pattern the four levels were built around. I am noting it as a related but distinct pattern worth folding into a future revision of the taxonomy, not forcing it into a box it does not belong in.

A pattern I checked and ruled out
FINERACT-1876 (https://issues.apache.org/jira/browse/FINERACT-1876) describes a Postgres serialization error, could not serialize access due to concurrent update, occurring intermittently during scheduled job execution. I initially thought this might be a CIF match. On reading the actual ticket, it is not. CIF describes silent divergence, the system reports success while the underlying state has quietly gone wrong, with no alert. FINERACT-1876 is the opposite of that. The database's own isolation guarantees caught the conflict and threw a hard, visible error, the job failed loudly, the test suite failed with it. That is a safeguard working as intended, not a CIF event. I am including this here because being willing to rule something out is part of taking the taxonomy seriously.

What this does and does not establish

It establishes that duplicate execution, stale chronological state, and ordering problems are real, recurring concerns in at least one production grade, independently built financial platform, serious enough in one case to justify dedicated architectural work.

It does not establish that CIF as a diagnostic process finds anything a competent engineering team would not already find on its own. Fineract found and fixed every issue above without CIF. The next real test for CIF is whether applying it to a live system surfaces something that was not already known.

What is next

I am looking for a small fintech engineering team willing to let me run a CIF style pass over a sample of their transaction or event logs, at no cost, with full confidentiality. If that is you, or you know someone it might be, I would like to hear from you.

Full simulation code is in the cif-simulation repository. The complete taxonomy mapping, including links to every source ticket, is at https://github.com/oludeleoluwapelumi/cif-simulation/blob/main/validation/FINERACT_TAXONOMY_MAPPING.md

Top comments (0)