# Order Module — Manual Review Checklist

## State Machine
- [ ] All order states defined and documented
- [ ] Valid transitions enforced (no impossible state changes)
- [ ] Terminal states properly handled (no further mutations)
- [ ] State change audit log exists

## Concurrent Deduction
- [ ] Inventory deduction uses optimistic lock (version number) or pessimistic lock (SELECT FOR UPDATE)
- [ ] No race condition between check and deduction (not SELECT → check → UPDATE)
- [ ] Oversell prevention verified

## Timeout Cancellation
- [ ] Unpaid order timeout mechanism (scheduled job, delayed queue, or TTL)
- [ ] Cancellation releases held inventory
- [ ] Cancellation releases held coupons/promotions
- [ ] Timeout is configurable, not hardcoded

## Distributed Transaction
- [ ] Cross-service operations (order + inventory + payment) have compensation logic
- [ ] Saga pattern or eventual consistency defined
- [ ] Failure recovery documented (what happens if order succeeds but payment fails)