Blabber.ai

Architected and executed launch readiness reviews, subscription lifecycle sync integrations, security boundary hardening, and production error debugging for a voice-focused automation platform.

Product interface screenshot for Blabber.ai
Role: Principal Software Engineer & Architect
Duration: Documented Case Study
Describe Your Technical ChallengeView Related Technologies

Project Overview

Blabber.ai is a creator-focused communication platform that facilitates voice and messaging automation.

Technical Highlights

  • Performance Optimization
  • Security Hardening
  • Automation & CI/CD Pipelines

Business Challenge

  • Subscription sync failures between Stripe and Supabase resulting in access resolution issues.
  • Webhook queue delays under concurrent payment events.
  • Security vulnerabilities in access control checks on public API endpoints.
  • High Sentry exception volumes prior to public release.

System Constraints

  • Zero-Downtime Hardening: System upgrades had to be deployed to the live staging environment without interrupting ongoing user testing.
  • API Latency Constraints: Supabase database latency and external webhook handlers had to respond within a 500ms SLA.
  • Strict Compliance: Payment and session management flows had to adhere to security best practices without introducing heavy operational overhead.

Engineering Approach

SazM executed a launch readiness audit, profiling database queries and API routing structures. A decoupled webhook handler was introduced to process Stripe subscription lifecycles asynchronously, and access controls were hardened at the Supabase Row Level Security (RLS) and API gateway levels.

System Architecture

  • Frontend & Routing: React and Next.js frontend integrated with Next.js API routing.
  • Database & Auth: PostgreSQL database hosted on Supabase, secured with custom Row Level Security (RLS) policies and session-based authentication checks.
  • Payment & Event Tier: Decoupled Stripe webhook receiver with retry and idempotency validation layers.

Technical Stack

Measurable Outcomes

  • Production readiness audit and launch validation checklist.
  • Hardened Supabase database schema with optimized PostgreSQL queries.
  • Idempotent Stripe webhook handler with built-in retry mechanisms.
  • Decoupled API endpoint security validations.
  • Audited platform codebase for launch readiness
  • Stabilized Stripe subscription lifecycle syncing
  • Decoupled high-frequency webhooks for webhook reliability
  • Hardened authentication and external APIs boundaries
  • Resolved Sentry errors and optimized production query flows

Lessons & Insights

  • Webhook integrations must be idempotent at the database layer; network retries will duplicate incoming events.
  • Client-side security checks are insufficient; database-level security policies (like Postgres RLS) are critical to defend multi-tenant architectures.

Working on something similar?

Submit a technical brief.

This project demonstrates experience in Architecture Review & Assessment and Platform Migration & Performance Optimization. If you are facing a related problem, share the technical context and the outcome you need.

Continue Exploring