This is all the more interesting since it is virtually impossible for you to test all possible failure scenario's. Instead, we replace failure semantics with one simple primitive: either everything works and is saved ("committed") or there is a problem and the entire effects of your transaction are whiped out ("rolled back").Isn't that just replacing the problem elsewhere? In a way yes - but we use standardized APIs to make this work (XA), along with a protocol that can be proven correct (two-phase commit). This makes it easier for us to test all possible failure outcomes, which significantly increases reliability. And because our software is an embeddable component, you can easily reuse that tested reliability in your applications.