Commit and rollback information is managed for each Unit-of-work by the CDCStore transient Storage Manager and Publisher. Downstream Engines process only committed UOW changed data.
The Publisher keeps track of the in-flight transactions and knows, at all times the safe restart point, that is the SCN of the oldest record of the oldest in-flight transaction. This guarantees a safe restart without risk of losing part of a transaction but is only effective if the archived logs are available.
If on restart the Log Reader is unable to access the required log, an error message will be passed on to the Publisher which will stop until archived logs have been restored. In a normal production environment, where the Capture Agent is regularly monitored, this kind of extreme situation is very unlikely and would only occur if a capture agent remains in a stopped state for a significant amount of time.