feat(concurrency): add optimistic concurrency control to portfolio updates

Add a version field to portfolio records and implement compare-and-set
semantics for all writes to prevent silent lost updates during concurrent
rebalance/create/update flows.

Changes:
- Add `version INTEGER NOT NULL DEFAULT 1` to portfolios table (SQLite
  schema, PostgreSQL schema.sql, and auto-migration for existing DBs)
- Export `ConflictError` from types/index.ts with `currentVersion` payload
- `DatabaseService.updatePortfolio` accepts optional `expectedVersion`;
  uses `WHERE id = ? AND version = ?` + `version = version + 1` atomically,
  throws `ConflictError` on mismatch
- PostgreSQL `dbUpdatePortfolio` mirrors the same compare-and-set logic
- `StellarService.executeRebalance` passes `portfolio.version` as
  expectedVersion and re-throws `ConflictError` unwrapped
- Rebalance route catches `ConflictError` and returns 409 Conflict with
  `currentVersion` in the response body
- All portfolio GET responses include `version` transparently
- 7 new unit tests: version init, increment, CAS success, stale-version
  rejection, conflict payload, lost-update simulation, not-found path

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: JamesVictor-O

backend/src/api/routes.ts

@@ -11,6 +11,7 @@ import { logger } from '../utils/logger.js'
 import { requireAdmin } from '../middleware/auth.js'
 import { blockDebugInProduction } from '../middleware/debugGate.js'
 import { writeRateLimiter } from '../middleware/rateLimit.js'
+import { ConflictError } from '../types/index.js'
 
 const router = Router()
 const stellarService = new StellarService()
@@ -282,6 +283,16 @@ router.post('/portfolio/:id/rebalance', writeRateLimiter, async (req, res) => {
             riskAlerts: riskCheck.alerts
         })
     } catch (error) {
+        if (error instanceof ConflictError) {
+            logger.warn('Rebalance rejected — concurrent modification detected', {
+                portfolioId: req.params.id,
+                currentVersion: error.currentVersion
+            })
+            return res.status(409).json({
+                error: 'Portfolio was modified by a concurrent request. Fetch the latest version and retry.',
+                currentVersion: error.currentVersion
+            })
+        }
         logger.error('Rebalance failed', { error: getErrorObject(error), portfolioId: req.params.id })
         res.status(500).json({
             error: getErrorMessage(error),

backend/src/db/portfolioDb.ts

@@ -1,4 +1,5 @@
 import { query } from './client.js'
+import { ConflictError } from '../types/index.js'
 
 export interface PortfolioRow {
     id: string
@@ -9,6 +10,7 @@ export interface PortfolioRow {
     total_value: number
     created_at: Date
     last_rebalance: Date
+    version: number
 }
 
 function rowToPortfolio(r: PortfolioRow) {
@@ -20,7 +22,8 @@ function rowToPortfolio(r: PortfolioRow) {
         balances: r.balances || {},
         totalValue: Number(r.total_value),
         createdAt: r.created_at.toISOString(),
-        lastRebalance: r.last_rebalance.toISOString()
+        lastRebalance: r.last_rebalance.toISOString(),
+        version: r.version ?? 1
     }
 }
 
@@ -33,8 +36,8 @@ export async function dbCreatePortfolio(
     totalValue: number
 ) {
     await query(
-        `INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance)
-         VALUES ($1, $2, $3, $4, $5, $6, NOW(), NOW())`,
+        `INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance, version)
+         VALUES ($1, $2, $3, $4, $5, $6, NOW(), NOW(), 1)`,
         [id, userAddress, JSON.stringify(allocations), threshold, JSON.stringify(balances), totalValue]
     )
 }
@@ -61,9 +64,23 @@ export async function dbGetAllPortfolios() {
     return result.rows.map(rowToPortfolio)
 }
 
+/**
+ * Update a portfolio record.
+ *
+ * When `expectedVersion` is provided the update uses compare-and-set semantics:
+ * the row is only modified when its current version matches `expectedVersion`,
+ * and the version counter is incremented atomically.  A `ConflictError` is
+ * thrown when the match fails, signalling that a concurrent write has already
+ * advanced the version.
+ *
+ * Omitting `expectedVersion` performs an unchecked update (backward-compat)
+ * while still incrementing the version so that subsequent versioned callers
+ * detect the change.
+ */
 export async function dbUpdatePortfolio(
     id: string,
-    updates: { balances?: Record<string, number>; totalValue?: number; lastRebalance?: string }
+    updates: { balances?: Record<string, number>; totalValue?: number; lastRebalance?: string },
+    expectedVersion?: number
 ) {
     const sets: string[] = []
     const values: unknown[] = []
@@ -81,6 +98,36 @@ export async function dbUpdatePortfolio(
         values.push(updates.lastRebalance)
     }
     if (sets.length === 0) return false
+
+    // Always increment the version counter on every write
+    sets.push(`version = version + 1`)
+
+    if (expectedVersion !== undefined) {
+        // Compare-and-set: WHERE id = $n AND version = $m
+        values.push(id)
+        values.push(expectedVersion)
+        const result = await query(
+            `UPDATE portfolios SET ${sets.join(', ')} WHERE id = $${i} AND version = $${i + 1}`,
+            values
+        )
+        if ((result.rowCount ?? 0) === 0) {
+            // Distinguish not-found from conflict
+            const check = await query<{ id: string }>(
+                'SELECT id FROM portfolios WHERE id = $1',
+                [id]
+            )
+            if (check.rows.length === 0) return false
+            // Row exists but version didn't match — concurrent write detected
+            const current = await query<{ version: number }>(
+                'SELECT version FROM portfolios WHERE id = $1',
+                [id]
+            )
+            throw new ConflictError(current.rows[0]?.version ?? -1)
+        }
+        return true
+    }
+
+    // Unchecked update
     values.push(id)
     const result = await query(
         `UPDATE portfolios SET ${sets.join(', ')} WHERE id = $${i}`,

backend/src/db/schema.sql

@@ -6,7 +6,8 @@ CREATE TABLE IF NOT EXISTS portfolios (
     balances JSONB NOT NULL DEFAULT '{}',
     total_value NUMERIC NOT NULL DEFAULT 0,
     created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    last_rebalance TIMESTAMPTZ NOT NULL DEFAULT NOW()
+    last_rebalance TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    version INTEGER NOT NULL DEFAULT 1
 );
 
 CREATE INDEX IF NOT EXISTS idx_portfolios_user ON portfolios(user_address);

backend/src/services/databaseService.ts

@@ -2,6 +2,7 @@ import Database from 'better-sqlite3'
 import { mkdirSync } from 'node:fs'
 import { dirname } from 'node:path'
 import type { RebalanceEvent } from './rebalanceHistory.js'
+import { ConflictError } from '../types/index.js'
 
 // ─────────────────────────────────────────────
 // Types (mirrored from portfolioStorage.ts)
@@ -16,6 +17,7 @@ export interface Portfolio {
     totalValue: number
     createdAt: string
     lastRebalance: string
+    version: number
 }
 
 // Raw row shape as stored in SQLite
@@ -28,6 +30,7 @@ interface PortfolioRow {
     total_value: number
     created_at: string
     last_rebalance: string
+    version: number
 }
 
 interface RebalanceHistoryRow {
@@ -60,7 +63,8 @@ CREATE TABLE IF NOT EXISTS portfolios (
     balances      TEXT NOT NULL,
     total_value   REAL NOT NULL DEFAULT 0,
     created_at    TEXT NOT NULL,
-    last_rebalance TEXT NOT NULL
+    last_rebalance TEXT NOT NULL,
+    version       INTEGER NOT NULL DEFAULT 1
 );
 
 CREATE TABLE IF NOT EXISTS rebalance_history (
@@ -113,8 +117,8 @@ function seedDemoData(db: Database.Database): void {
     const balances = { XLM: 11173.18, BTC: 0.02697, ETH: 0.68257, USDC: 1000 }
 
     db.prepare(`
-        INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance)
-        VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+        INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance, version)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1)
     `).run(
         DEMO_PORTFOLIO_ID,
         'DEMO-USER',
@@ -221,7 +225,8 @@ function rowToPortfolio(row: PortfolioRow): Portfolio {
         balances: safeJsonParse(row.balances, {}, `portfolio(${row.id}).balances`),
         totalValue: row.total_value,
         createdAt: row.created_at,
-        lastRebalance: row.last_rebalance
+        lastRebalance: row.last_rebalance,
+        version: row.version ?? 1
     }
 }
 
@@ -257,6 +262,7 @@ export class DatabaseService {
         mkdirSync(dirname(dbPath), { recursive: true })
         this.db = new Database(dbPath)
         this.db.exec(SCHEMA_SQL)
+        this._migrateSchema()
 
         // Seed demo data on first run (empty portfolios table)
         const count = (this.db.prepare('SELECT COUNT(*) as cnt FROM portfolios').get() as { cnt: number }).cnt
@@ -267,6 +273,14 @@ export class DatabaseService {
         console.log(`[DB] SQLite database ready at: ${dbPath}`)
     }
 
+    private _migrateSchema(): void {
+        const cols = this.db.prepare("PRAGMA table_info(portfolios)").all() as Array<{ name: string }>
+        if (!cols.some(c => c.name === 'version')) {
+            this.db.exec("ALTER TABLE portfolios ADD COLUMN version INTEGER NOT NULL DEFAULT 1")
+            console.log('[DB] Migration: added version column to portfolios')
+        }
+    }
+
     // ── Public accessor for backward-compat (routes use portfolioStorage.portfolios.size) ──
     get portfolios(): { size: number } {
         return { size: this.getPortfolioCount() }
@@ -285,8 +299,8 @@ export class DatabaseService {
             const id = generateId()
             const now = new Date().toISOString()
             this.db.prepare(`
-                INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance)
-                VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+                INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance, version)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1)
             `).run(id, userAddress, JSON.stringify(allocations), threshold, JSON.stringify({}), 0, now, now)
             return id
         } catch (err) {
@@ -305,8 +319,8 @@ export class DatabaseService {
             const now = new Date().toISOString()
             const totalValue = Object.values(currentBalances).reduce((sum, bal) => sum + bal, 0)
             this.db.prepare(`
-                INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance)
-                VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+                INSERT INTO portfolios (id, user_address, allocations, threshold, balances, total_value, created_at, last_rebalance, version)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1)
             `).run(id, userAddress, JSON.stringify(allocations), threshold, JSON.stringify(currentBalances), totalValue, now, now)
             return id
         } catch (err) {
@@ -332,30 +346,73 @@ export class DatabaseService {
         }
     }
 
-    updatePortfolio(id: string, updates: Partial<Portfolio>): boolean {
+    /**
+     * Update a portfolio record.
+     *
+     * When `expectedVersion` is supplied the update uses compare-and-set
+     * semantics: the row is only written when its stored version matches
+     * `expectedVersion`, and the version counter is incremented atomically.
+     * A `ConflictError` is thrown when the match fails, signalling that a
+     * concurrent write has already advanced the version ahead of the caller.
+     *
+     * Omitting `expectedVersion` performs an unchecked update (backward
+     * compatible) while still incrementing the version so that any subsequent
+     * versioned callers detect the change.
+     */
+    updatePortfolio(id: string, updates: Partial<Portfolio>, expectedVersion?: number): boolean {
         try {
             const row = this.db.prepare<[string], PortfolioRow>('SELECT * FROM portfolios WHERE id = ?').get(id)
             if (!row) return false
 
             const current = rowToPortfolio(row)
             const merged = { ...current, ...updates }
 
-            this.db.prepare(`
-                UPDATE portfolios
-                SET user_address = ?, allocations = ?, threshold = ?, balances = ?,
-                    total_value = ?, last_rebalance = ?
-                WHERE id = ?
-            `).run(
-                merged.userAddress,
-                JSON.stringify(merged.allocations),
-                merged.threshold,
-                JSON.stringify(merged.balances),
-                merged.totalValue,
-                merged.lastRebalance,
-                id
-            )
+            if (expectedVersion !== undefined) {
+                // Compare-and-set: only update when version matches
+                const result = this.db.prepare(`
+                    UPDATE portfolios
+                    SET user_address = ?, allocations = ?, threshold = ?, balances = ?,
+                        total_value = ?, last_rebalance = ?, version = version + 1
+                    WHERE id = ? AND version = ?
+                `).run(
+                    merged.userAddress,
+                    JSON.stringify(merged.allocations),
+                    merged.threshold,
+                    JSON.stringify(merged.balances),
+                    merged.totalValue,
+                    merged.lastRebalance,
+                    id,
+                    expectedVersion
+                )
+
+                if (result.changes === 0) {
+                    // Row exists but version didn't match — concurrent write detected
+                    const currentRow = this.db.prepare<[string], { version: number }>(
+                        'SELECT version FROM portfolios WHERE id = ?'
+                    ).get(id)
+                    throw new ConflictError(currentRow?.version ?? -1)
+                }
+            } else {
+                // Unchecked update — still increment version for future versioned callers
+                this.db.prepare(`
+                    UPDATE portfolios
+                    SET user_address = ?, allocations = ?, threshold = ?, balances = ?,
+                        total_value = ?, last_rebalance = ?, version = version + 1
+                    WHERE id = ?
+                `).run(
+                    merged.userAddress,
+                    JSON.stringify(merged.allocations),
+                    merged.threshold,
+                    JSON.stringify(merged.balances),
+                    merged.totalValue,
+                    merged.lastRebalance,
+                    id
+                )
+            }
+
             return true
         } catch (err) {
+            if (err instanceof ConflictError) throw err
             throw new Error(`Failed to update portfolio '${id}': ${err}`)
         }
     }

backend/src/services/stellar.ts

@@ -1,5 +1,6 @@
 import { Horizon } from '@stellar/stellar-sdk'
 import type { PricesMap } from '../types/index.js'
+import { ConflictError } from '../types/index.js'
 
 export class StellarService {
     private server: Horizon.Server
@@ -240,10 +241,12 @@ export class StellarService {
             // Calculate new balances
             const updatedBalances = await this.calculateRebalancedBalances(portfolio, prices)
 
-            await portfolioStorage.updatePortfolio(portfolioId, {
-                lastRebalance: new Date().toISOString(),
-                balances: updatedBalances
-            })
+            // Compare-and-set: only commit if no concurrent write advanced the version
+            portfolioStorage.updatePortfolio(
+                portfolioId,
+                { lastRebalance: new Date().toISOString(), balances: updatedBalances },
+                portfolio.version
+            )
 
             // Record successful rebalance
             const event = await rebalanceHistory.recordRebalanceEvent({
@@ -269,6 +272,10 @@ export class StellarService {
                 eventId: event.id
             }
         } catch (error) {
+            // Bubble up concurrency conflicts without wrapping so callers can
+            // distinguish a 409 Conflict from a generic 500 failure.
+            if (error instanceof ConflictError) throw error
+
             const { RebalanceHistoryService } = await import('./rebalanceHistory.js')
             const rebalanceHistory = new RebalanceHistoryService()