PainCave — Autonomous indoor cycling, end-to-end

Brief

PainCave is a fully autonomous indoor cycling centre in Milan — open 24/7, with no on-site staff at any hour. The brief was to deliver the product as a complete self-service system: a member should be able to book a slot online at any hour, walk up to the door, have the system recognise them, unlock the door, run the session, and bill the right wallet.

The product needed three things working together: a booking and payment platform on the web, a mobile-friendly user experience, and a physical access system that opened only the right door at the right time for the right person.

The constraints

A few things made this project less ordinary than it looks.

The centre runs 24/7 unattended. There is no manager on shift to override an error, restart a service, or check on a stuck booking. Every layer — web, payment, identity, hardware — needed to behave correctly at three in the morning with no human in the loop.

The integration crosses four planes at once: the web platform, the payment provider, the user’s web app, and a Raspberry Pi controlling a physical relay on the door. A failure in any of them produces a visible operational consequence — a member outside the door at midnight, or a payment captured for a session they could not access. Cross-layer reliability was the design constraint, not a nice-to-have.

The centre operates entirely over Wi-Fi, in a space full of cycling hardware, sensors, and electronic interference. The physical side of the system had to absorb that environment.

And the launch coincided with the start of the pandemic. A month after opening, the country closed. Regulatory and operational requirements then changed weekly for a long time — capacity limits, sanitisation protocols, opening hours. We needed a stack that could ship the same day a rule changed.

Approach

We chose a web app over a native app deliberately. With requirements moving on a weekly basis, no app store review window was acceptable. PHP and MySQL on the server, a mobile-first web app for users, and a small Raspberry Pi on site.

Booking logic, the calendar state machine, and the wallet were the parts where the system could not afford ambiguity. Each one was built so that a partial failure on one layer would not corrupt state on another: a booking is reserved before payment, payment confirms the booking, an unrecoverable payment error releases the slot back to the calendar — no orphan reservations, no double-booking.

Access works on two factors. When a member arrives at the door, the web app reads their geographic position. If they are physically at the venue, a session token is generated and sent to the Raspberry Pi, which validates it against the booking schedule and triggers the relay on the lock. The token is single-use and time-scoped to the booked slot.

Stripe was implemented as a wallet model rather than per-transaction billing. Members top up tokens, run recurring or one-off subscriptions, and buy standalone slots for ancillary services — including biomechanical assessment sessions, the only service in the centre that involves a trained operator.

What we delivered

• A PHP + MySQL platform handling bookings, calendar, accounts, and a Stripe wallet with recurring and one-off plans
• A mobile-first web app for members: booking, geofence-gated door access, wallet top-up, subscription management, coupon and promo handling
• Backend integration with the on-site Raspberry Pi for token-validated session unlock
• Time-of-day variable pricing (off-peak, standard, night)
• Operator scheduling for the biomechanical assessment service
• Unattended 24/7 operations, including overnight bookings

Outcome

The system has been in production since 2020. Several hundred registered members, hundreds of bookings per month.

The launch coincided with the start of the pandemic; the centre’s reopening was delayed many months, and the original commercial momentum was lost. The product later transitioned to an independent operating company without requiring a rewrite — a portability test the platform passed on its own merits.

We are honest about this case. The system held up. The market didn’t get the chance to.

What we took away

Commercial success is not always in our hands. Engineering durability is. PainCave is a system that has continued to run, largely autonomously, through circumstances none of its operators planned for. That is the test we care about, and the one we design for.