Own the last mile: fix core flows, harden the codebase, and publish to iOS and Android. Set up daily automated tests so the app stays shippable. Current stack Frontend: Next.js + React, TypeScript, Vercel Backend: Supabase (Postgres, Auth, Realtime, Storage, Edge Functions) Infra: Vercel + Supabase Built initially on lovable.dev What’s broken vs working Works: listing cards and browsing Not working: messaging, transactional flow Goal: get messaging and payments live, stabilize app, submit to stores, and wire CI with tests Scope of Work (you own end-to-end) Productization and polish Audit repo, remove lovable.dev scaffolding debt, align file structure, add env management Resolve iOS Safari caching issues, PWA service worker sanity, and performance regressions UX pass on listing cards, empty states, error states, loaders, and optimistic updates Messaging that actually ships Implement real-time 1:1 messaging via Supabase Realtime Features: unread counts, typing indicator, attachments via Supabase Storage, basic moderation/report Edge cases: reconnect, offline queueing, duplicate message guards, idempotent writes Transactions that clear Implement Stripe Connect Standard (or Express if needed) with webhooks Flows: create intent, hold funds at accept, capture on completion, refund/cancel paths Receipts, fees, tax settings, payout to sellers, idempotency keys, webhook signature verification Basic dispute hooks and audit logs App Store delivery Pick a pragmatic path and execute: Option A fast track: Capacitor wrapper for iOS/Android + PWA hardening + TWA on Android Option B cleaner native shell: Expo + WebViews for transactional screens you rebuild natively Deliverables either way: iOS: App Store Connect setup, bundle IDs, signing, TestFlight build, App Privacy details Android: Play Console setup, keystore, internal testing track Store assets: icons, screenshots, short and long descriptions, privacy policy link Quality gates and CI Unit tests: Vitest + Testing Library for components and hooks E2E: Playwright across desktop and mobile viewports; stub Stripe/Supabase where needed API tests: Edge Functions with supertest or fetch-based harness CI: GitHub Actions with nightly cron, on-PR runs, flaky test quarantine, artifacts Observability: Sentry for FE/BE, PostHog or Plausible for product analytics Security and compliance basics Role-based access checks server-side, not just client Input validation and Zod schemas at boundaries Secrets in Vercel/Supabase, rotate keys, principle of least privilege Stripe PCI scope minimized, webhook retries handled idempotently Privacy policy + terms templates integrated into app