Desishub Automation · Technology
Engineering you can trust with your doors
Offline-first architecture, per-device encryption, and a retrofit approach that respects your building — here's how the system actually works.

System architecture
The architecture, drawn
Devices talk to the local hub; the hub syncs to our Go backend; your apps see everything. The internet connects the layers — it never gates them.

Inside the hardware
Serious silicon, not toys
Dual connectivity, proper CPUs, and battery backup — the same component classes running in our commercial installs across Kampala.
- Dual WiFi + 4G connectivity
- Battery-backed operation
- Tamper detection
- Industrial-grade components
The architecture
Four layers, each doing one job well
Devices
Smart locks, relays, infrared blasters, and sensors in each room — each with its own encrypted credentials.
Local hub
The property's brain. Runs scenes, holds access rules, and keeps everything working with zero internet.
Desishub backend
Cloud sync, analytics, billing, and remote management — built on the same Go/Grit stack as our production systems.
Your apps
Front-desk desktop, manager mobile, guest in-stay view, and owner analytics — each scoped to its role.
Devices → local hub → Desishub backend → your apps. The internet connects the layers — it never gates them.
Offline-first isn't a feature. It's the foundation.
Access rules live at the door. Scenes live in the hub. The cloud syncs, bills, and analyzes — but nothing a guest or resident needs waits on it. We learned this discipline building Shoppleet, our offline-first POS where the till never waits, and we applied it to every layer of the automation stack. When connectivity returns, every event reconciles automatically.
Security model
Built like the fintech systems we ship
Per-device credentials
Every lock and device carries unique encrypted credentials — compromising one never opens another.
Scoped, expiring access
Guest access is bound to the booking and dies at checkout. Staff access has schedules and scopes.
Encrypted links
Device-to-hub and hub-to-cloud traffic is encrypted end to end, with tamper alerts on anomalies.
Audited & updatable
Full audit trails, instant credential revocation, and secure over-the-air updates across the fleet.
Proven engineering
The same stack that runs our production systems
ESP32 hardware and embedded C++ firmware, MQTT device messaging, a Go backend, and apps in Next.js, Wails, and React Native — built on our open-source Grit Framework. This is not experimental tooling; it's the stack behind FundPier, Shoppleet, DGateway, and HMK Living.
FAQ
Technical questions, answered
For the security-conscious and the curious.
Still have questions? We're a message away.
Talk to an engineer, not a salesperson
Ask the hard questions — offline behavior, security model, failure modes. Our engineers answer directly on WhatsApp.