Decide-O-Mat — Runtime Architecture
v1.6 · How the system components interact at runtime
BROWSER
React SPA
Vite build · React Router
react-i18next (EN / DE)
Firebase SDK (Auth + Firestore)
CSS Modules · Design tokens
Capability URL access control
html-to-image export
My Decisions · Profile management
E2EE — Web Crypto API
AES-256 GCM (client-side only)
Encryption key stored in URL #hash
Key never sent to server
Encrypt question + arguments before write
Decrypt after read from Firestore
localStorage caches key for My Decisions
Server sees only ciphertext
Firebase SDK (HTTPS / WebSocket)
HTTPS calls
GOOGLE CLOUD · FIREBASE · europe-west4
App Hosting (CDN)
Serves React SPA bundle globally · Global edge network · Automatic HTTPS · Zero-config deploys
Firebase Auth
Google OAuth
Email / Password
Magic Link (device transfer)
Anonymous display name
JWT session tokens
GDPR account deletion
Firestore
NoSQL document store
Real-time listeners (WSS)
decisions/ collection
arguments/ subcollection
Stores ciphertext only
Security rules enforced
Cloud Functions
Node.js 20 · Stateless · Scale-to-zero
deleteUser — GDPR account removal
Business logic validation
Rate limiting
Firebase Admin SDK (elevated access)
Firestore + Auth admin operations
admin