FRQN®

Work / Wheelness Technologies LLP

Wheelness

A car-wash subscription platform for apartment communities in India. Four role-based apps, recurring billing, field operations, and fraud prevention. One codebase, one engineer, real customers every day.

Sole engineerSince January 2026Visit live site ↗
Active subscribers
200+
Role-based apps
4
Tables behind RLS
30+
Engineer
1

01 / The problem

Apartment communities in India get their cars washed by informal cleaners. Payment is cash, schedules are verbal, and nobody can prove a wash actually happened. Residents complain, cleaners get blamed, and community managers sit in the middle with no records.

Wheelness sells daily-wash subscriptions to residents and manages the cleaner fleet for the building. That needs one system speaking to four very different users: a customer paying a subscription, a cleaner working from a cheap Android in a basement parking lot, a community manager verifying staff, and an admin running the business.

02 / What I built

The whole platform lives in one Next.js monolith with four role-scoped apps inside it. Neon Postgres holds the data behind Row-Level Security that is enforced at the connection level, not in app code. Supabase handles auth, Razorpay runs subscription billing with renewals, grace periods and webhook reconciliation, and Cloudflare R2 stores photos and KYC documents served only through short-lived signed URLs.

A nightly scheduler generates every cleaning task for the next day, assigns cleaners, rolls over unresolved work, and sends WhatsApp digests through MSG91. Nobody assigns tasks by hand. The three deep dives below are the systems I am most proud of.

03 / Deep dive

The task board works without a network

Cleaners work in basements and stairwells where 4G drops constantly. A task board that fails on a dead connection means lost proof and angry customers, so the board treats the network as optional.

Every status change goes into a localStorage queue first. Proof photos go into IndexedDB. A sync loop replays the queue whenever connectivity returns, in order, with the server reconciling duplicates. The cleaner just works; the phone catches up on its own.

  • Status flow: pending, in progress, arrived, completed or skipped
  • Photos persist in IndexedDB until upload is confirmed
  • Unresolved tasks carry over for 7 days automatically
CLEANER PHONEpatchy 4GLOCAL QUEUEstatus updatesSYNC LOOPreplays in orderSERVERdeduplicatesINDEXEDDBproof photosON RECONNECTPHOTOSOFFLINE: WORK CONTINUES, THE QUEUE GROWSONLINE: QUEUE REPLAYS, PHOTOS UPLOAD, SERVER RECONCILES
Fig 01 · Offline queue and replay

04 / Deep dive

Database-enforced tenant isolation

Four roles share one schema, which is exactly how data leaks happen. Instead of trusting every query to remember a WHERE clause, isolation lives in Postgres itself.

Each request opens an AsyncLocalStorage context carrying the authenticated user and role. The database wrapper reads that context and sets the session variables that Row-Level Security policies check. A query that forgets to filter still cannot read another tenant's rows, because the database refuses. No ORM in the path, just typed raw SQL at full speed.

  • AsyncLocalStorage scopes identity per request
  • RLS policies on 30+ tables check session variables
  • Raw SQL with TypeScript types, no ORM overhead
REQUESTJWT, role, tenantALS CONTEXTper-request scopePG CLIENTsets session varsRAW SQLtyped, no ORMPOSTGRES ROW-LEVEL SECURITYpolicies on 30+ tables decide what every query may readEVERY QUERYOWN TENANT: ROWS RETURNEDOTHER TENANT: REFUSED BY THE DATABASEA QUERY THAT FORGETS ITS WHERE CLAUSE STILL CANNOT LEAK DATA
Fig 02 · Connection-level row security

05 / Deep dive

A referral program that did not get farmed

Referral credits in rupees attract industrial-scale abuse. The engine assumes every signup is suspicious and makes it prove otherwise.

Each new account passes through layered checks: self-referral blocks, hashed device fingerprints, hashed phone numbers matched against accounts deleted in the last 12 months, IP rate limits, and per-referrer velocity caps. Rewards draw from a monthly budget with a FIFO queue, and wallet credits commit atomically so a credit can never be issued twice.

  • Device fingerprint and phone hashes catch recycled identities
  • 10 signups per IP per hour, 15 referrals per referrer per day
  • Monthly budget cap with FIFO reward queue
SIGNUPreferral codeFINGERPRINThashed devicePHONE HASH12-month dedupIP + VELOCITY10/hr, 15/dayBUDGET CAPmonthly, FIFOWALLET CREDITatomic, oncePASSES EVERY CHECKANY CHECK FAILS: REWARD QUEUED OR REJECTED, NEVER AUTO-PAIDCREDITS COMMIT ATOMICALLY, A REWARD CANNOT BE ISSUED TWICE
Fig 03 · Layered referral checks

06 / Outcomes

  • 200+ residents subscribe and get their cars washed daily
  • Task assignment, renewals and reminders run with zero manual steps
  • Fraudulent referral payouts dropped to almost nothing
  • KYC documents never touch a public URL

Stack

Frontend
Next.js 16, React 19, TypeScript, Tailwind CSS, Framer Motion
Data
Neon Postgres, Row-Level Security, raw SQL, Cloudflare R2
Services
Supabase Auth, Razorpay, MSG91, Resend, Gemini
Ops
Nightly cron schedulers, webhook reconciliation, Sharp image pipeline

Next case study

Sleek Interio