A complete ERP system I designed and built solo in 90 days for Pakistan's corrugated packaging industry — replacing spreadsheets with production-grade business software.
Pakistan's corrugated packaging factories manage complex material flows — reel paper, corrugated rolls, chemicals, ply calculations — across disconnected Excel files with no audit trail, no data security, and no domain-specific tooling.
Generic tools like Tally or QuickBooks cannot model corrugated production. They don't understand reel paper GSM, roll area calculations, ply-based material distribution, or delivery-then-invoice accounting.
Factory managers deal with purchase invoices, delivery challans, production orders, and customer ledgers simultaneously. Disconnected Excel files mean lost data, wrong balances, and zero audit trail.
When a delivery goes out, COGS must be captured at that exact moment's average cost — a snapshot that must never be recalculated. Spreadsheets cannot enforce this kind of hybrid accounting.
I served as product researcher, designer, design system architect, frontend developer, backend developer, database architect, security auditor, and QA engineer. One person, every discipline.
Tools
I used Claude AI extensively as my development partner — for architectural decisions, code generation, security auditing, and design system documentation. This is central to my approach as a vibe coder: leveraging AI to operate at a velocity that normally requires a team, while maintaining the judgment and creative direction myself.
Every token choice traces back to the user's context — factory managers and accountants who need to trust the numbers on screen the same way they trust a physical ledger.
The original section 03 remains above unchanged. This phase-1 redesign is added separately below so you can review both versions before replacing the old one.
Full dark mode support through semantic CSS tokens. Every component auto-switches. Every contrast ratio validated.
In the corrugated industry, goods leave the factory before the invoice is finalized. COGS must be recognized at delivery time using the item's weighted average cost at that exact moment — a snapshot that must never be recalculated.
I implemented this through a costAtDispatch field frozen at delivery creation. When the invoice is created days later, revenue is recognized separately. The invoice never touches stock.
A cancellation chain enforces consistency: you must cancel the invoice before you can cancel the delivery. This prevents the data corruption that factory accountants dread.
The production system models the actual physics of corrugated box manufacturing. A 5-ply box requires 2 medium sheets and 1 liner. Sheet dimensions come from box dimensions plus joint and flap allowances.
Medium consumption is area-based (m²), liner is weight-based (kg using GSM), and glue is a ratio of medium weight. All operations run inside serializable database transactions with automatic retry on conflicts.
Instead of hardcoding assumptions, I built a settings-first system: the HR module begins with a setup wizard where the business configures their exact rules. Features that aren't enabled don't appear in the UI.
Payroll uses dynamic working-day calculations per month, normalizes all salary types to a daily rate, and blocks approval if any employee has unmarked attendance — a deliberate friction that prevents accidental salary deductions.
Every query scoped by businessId. Session auth on all routes. Fatal error if test env touches production DB. Three isolated database environments.
SecurityAll inventory-mutating operations use PostgreSQL's highest isolation level. Automatic retry wrapper handles serialization conflicts transparently.
Data IntegrityFormal audit of my own codebase. Found 10 vulnerabilities across two batches. Every finding fixed and verified with regression tests. Full documentation.
Self-AuditedRate limiting, CSRF protection, email OTP, trusted device management, optional 2FA, Google OAuth. Browser security headers configured at app level.
AuthenticationCanonical JSON → generated TypeScript → CSS custom properties → Tailwind utilities. Sync checker validates runtime matches spec. Route-level adoption manifest.
Design SystemPlaywright coverage across auth, onboarding, CRUD, financial transactions, HR flows, and reports. 57 routes mapped with zero missing coverage.
Testing| Layer | Technology |
|---|---|
| Frontend | Next.js 16.1.4, React 19, TypeScript, Tailwind CSS 4 |
| Backend | Next.js API Routes, Prisma 7.2.0, PostgreSQL (Neon) |
| Auth | Session-based, Scrypt hashing, OTP, Google OAuth, optional 2FA |
| Design System | 24 components, token JSON → generated CSS/TS, sync checker |
| Testing | Playwright E2E (56 workflows), 3 isolated database environments |
| Security | Rate limiting, CSRF, serializable transactions, formal audit |
| AI Tooling | Claude AI (architecture, code, audit), Perplexity (research) |
| Module | What It Covers |
|---|---|
| Dashboard | KPI cards, time filters, quick actions, recent transactions |
| Invoices | Delivery-to-invoice chain, hybrid COGS/revenue accounting |
| Purchases | Relational line items, freight allocation, weighted average costing |
| Inventory | Typed materials (reel paper, rolls, chemicals, finished goods), production orders |
| Customers & Suppliers | CRUD, ledger with running balance, date filtering, smart caching |
| Banking | Bank accounts, computed ledger, petty cash, transfers |
| HR & Payroll | Setup wizard, departments, attendance, leave, salary structures, payroll runs |
| Reports | Profit & margin, accounts receivable, customer profitability |
| Settings | Profile, security (2FA, trusted devices), expense categories |
| Onboarding | 6-step wizard with CSV/Excel import, opening stock management |
The biggest challenge was operating across both disciplines simultaneously — maintaining design system coherence while shipping production code, making typography choices while debugging serializable transaction failures, thinking about empty states while implementing weighted average costing formulas. Most product designers don't touch database isolation levels. Most developers don't build design token pipelines. Doing both means neither discipline gets shortcuts.
Building first and systematizing after works, but the transition is expensive. I'd establish the token architecture and core component primitives earlier — even if the visual language is still evolving. Having a Button, Input, and Table component from day one would have saved significant refactoring. I'd also invest in the design system showcase page earlier — it became the most useful internal tool for consistency, but I built it late.