A user reinstalls your app, the local database is empty, and your launch logic treats them as brand new — even though their data is safe in your cloud. RestoreKit detects that exact moment and rehydrates from your source of truth: resumably, idempotently, and crypto-aware.
Pure-Dart engine · Supabase adapter · runnable demo · 19 passing tests
The naive fix — "if local is empty, pull from cloud" — breaks in four ways, and each one is its own outage.
A genuinely new user also has an empty local DB. Always-pull hammers your backend; never-pull loses returning users. After a reinstall the auth session is gone too — so you can't even check until they sign back in.
If your local DB is encrypted, the key lived in secure storage — also wiped. You must recover it before writing a single row. That's a real design decision, not an afterthought.
A 4,000-record pull dies at 2,200 on hotel wifi. Without a checkpoint, the next launch can't tell "done" from "half-full" — so you either lose rows forever or restart from zero.
A timed-out manifest request falls through to onboarding, and a returning user stares at a fresh-install screen. A transient blip must mean "retry" — never data loss.
ifRestoreKit resolves what a launch means from the four signals that matter, then runs a resumable restore you can watch.
// 1. What does this launch mean? switch (await resolver.resolve()) { case LaunchDecision.normalLaunch: goToApp(); case LaunchDecision.freshOnboarding: onboard(); case LaunchDecision.restoreAvailable: case LaunchDecision.resumeRestore: await restore(); } // 2. Run (or resume) it — observable + safe coordinator.states.listen(updateProgressUI); await coordinator.run(); // → restored | nothingToRestore | alreadyComplete
Zero Flutter / DB / network dependencies. Fully unit-testable and portable. Your stack plugs in through six small interfaces.
A durable checkpoint advances after every batch. An interrupted restore continues from the last cursor — no duplicates.
Bring your own key recovery — passphrase-derived, cloud-wrapped, KMS, biometric-gated. RestoreKit asks for the key, never dictates it.
Manifest count + keyset (cursor) pagination, scoped per-user by Row-Level Security. Firebase / REST are a small interface away.
Probe failures throw and force a retry — they're never collapsed into "new user." The one mistake that ruins trust, designed out.
Wipe the device, watch it restore, interrupt it, hit retry. Every guarantee on this page is backed by a test you can run.
Buy the weeks, not the glue. Full source, lifetime updates. Waitlist members get an early-bird discount.
One email at launch + the early-bird discount. No spam.
Building in public — follow along as the security/offline patterns get extracted.
No. Sync keeps two live stores in agreement. RestoreKit solves the cold-start case sync ignores: an empty device that must rehydrate from the cloud after a reinstall — including key recovery and resumable, idempotent restore.
Any. The core is backend-agnostic via six interfaces. A Supabase adapter ships in the box (keyset pagination + RLS); Firebase, a custom API, drift, sqflite, Hive, or Isar are a thin adapter away.
Yes — full source, yours to use under the license tier you buy, with lifetime updates.
Absolutely. Key recovery is optional — omit the KeyVault and you get the reinstall detection + resumable restore on their own.
Soon — join the waitlist to get the launch email and the early-bird price.