Last Updated: January 2025
Project Phase: MVP Development - Early Stage
Synchro is a self-custodial subscription management platform that empowers users to control their recurring payments using crypto. The project consists of three main components: a client (Next.js frontend), a backend (Express.js API), and smart contracts (Soroban on Stellar). Currently, the client has a fully implemented UI with mock data, while the backend and contracts are in early setup stages.
SYNCRO/
├── client/ # Next.js frontend application
├── backend/ # Express.js API server
└── contracts/ # Soroban smart contracts (Stellar)
Frontend UI/UX (100% Complete)
- Complete dashboard with subscription cards and analytics
- Subscription management (CRUD operations with mock data)
- Team management interface
- Settings page with all configuration options
- Notifications panel
- Onboarding flow
- Command palette (Ctrl+K)
- Keyboard shortcuts
- Dark mode support
- Responsive design
- Accessibility features (ARIA labels, keyboard navigation)
Business Logic Utilities
- Currency conversion utilities
- Timezone handling
- Input validation
- Duplicate detection algorithms
- Price tracking
- CSV export functionality
- Audit logging utilities
- Network utilities (retry logic, exponential backoff)
- Performance utilities (debounce, throttle, memoization)
- Cache utilities
Security Utilities
- Input sanitization (HTML, SQL, email, URL)
- CSRF token generation/verification
- Rate limiting (client-side)
- Session timeout management
- Security headers in middleware
Database Schema
- SQL migration scripts ready:
profilestableemail_accountstablesubscriptionstableteam_memberstablenotificationstable- Row Level Security (RLS) policies defined
API Route Structure
/api/subscriptions- GET, POST/api/subscriptions/[id]- GET, PATCH, DELETE/api/analytics- GET/api/payments- POST
Supabase Integration
- Browser client singleton
- Server client singleton
- Middleware for session refresh
- Subscription CRUD utilities
API Routes
- Routes exist but return mock data
- Need to connect to real database
- Authentication checks not implemented
Supabase Connection
- Client utilities exist but have environment variable typos (
proSUPABASE_...instead ofprocess.env.SUPABASE_...) - Database schema ready but not executed
- Not connected to frontend (still using mock data)
Authentication
- Login/signup pages created
- Not enforced (users can access app without login)
- Session management not integrated
Database Integration
- Database migrations not executed
- Frontend still using mock data
- No real data persistence
Email Integrations
- Gmail API integration (UI ready, backend pending)
- Microsoft 365 / Outlook integration (UI ready, backend pending)
- Email parsing and subscription detection
Payment Processing
- Stripe integration (configured but not processing)
- Payment webhooks not implemented
- Checkout flow incomplete
Real-time Features
- Real-time notifications (Supabase Realtime not connected)
- Live subscription updates
- WebSocket connections
Testing
- No unit tests
- No integration tests
- No E2E tests
Basic Setup
- Express.js 5.2.1 installed
- Package.json configured
- Project structure initialized
Core Infrastructure
- No API route handlers
- No database connection
- No authentication middleware
- No error handling
- No request validation
- No CORS configuration
- No environment variable management
API Endpoints
- Authentication endpoints (signup, login, logout)
- Subscription CRUD endpoints
- Email account management
- Payment processing endpoints
- Analytics endpoints
- Integration endpoints (Gmail, Outlook)
Services
- Email scanning service
- Payment processing service
- Notification service
- Telegram bot integration
Security
- Rate limiting
- Input validation
- API key encryption
- Webhook signature verification
Testing
- No tests configured
- No test framework setup
Documentation
- API documentation exists in
/client/BACKEND_DOCUMENTATION.mdbut backend not implemented
Project Setup
- Soroban workspace configured
- Cargo.toml with Soroban SDK 23
- Build configuration
- Example hello-world contract structure
Smart Contracts
- No subscription management contract
- No payment processing contract
- No gift card tracking contract
- Only placeholder hello-world contract exists
Integration
- No Stellar network integration
- No contract deployment scripts
- No contract interaction utilities
Testing
- Test framework exists but no real tests
- Only example test in hello-world
-
Fix Supabase Environment Variables
- Fix typos in
/lib/supabase/browser-client.ts - Fix typos in
/lib/supabase/server-client.ts - Set up
.env.localwith correct variables
- Fix typos in
-
Execute Database Migrations
- Run all SQL scripts in
/scripts/on Supabase - Verify tables and RLS policies
- Run all SQL scripts in
-
Connect Frontend to Database
- Replace mock data with real Supabase calls
- Update all components to use database data
- Implement data fetching hooks
-
Implement Authentication
- Add authentication middleware
- Protect routes
- Enforce session management
- Connect login/signup to Supabase Auth
-
Implement Real API Routes
- Replace mock data in API routes
- Connect to Supabase database
- Add authentication checks
- Implement error handling
-
Set Up Express Server
- Configure middleware (CORS, body parser, error handling)
- Set up environment variables
- Configure database connection
-
Implement Core Endpoints
- Authentication endpoints
- Subscription CRUD endpoints
- User management endpoints
-
Add Security
- Rate limiting
- Input validation
- Authentication middleware
-
Email Scanning
- Gmail API integration
- Outlook API integration
- Email parsing logic
-
Payment Processing
- Stripe integration
- Paystack integration
- Webhook handling
- Contract Development
- Subscription registry contract
- Payment processor contract
- Integration with backend
- Production database setup
- Environment variable management
- Logging and monitoring
- Error tracking (Sentry, etc.)
- CI/CD pipeline
- Real-time notifications
- Email integrations
- Payment processing
- Telegram bot
- Calendar sync
- Slack notifications
- Unit tests
- Integration tests
- E2E tests
- Performance testing
- Security auditing
- API documentation (OpenAPI/Swagger)
- Deployment guides
- Developer onboarding guide
- User documentation
- Framework: Next.js 15.1.6
- UI: React 19, Tailwind CSS v4
- Database: Supabase (PostgreSQL)
- Auth: Supabase Auth
- Payments: Stripe (configured)
- Deployment: Vercel (ready)
- Framework: Express.js 5.2.1
- Database: To be determined (PostgreSQL recommended)
- Auth: JWT (to be implemented)
- Payments: Stripe, Paystack (to be integrated)
- Deployment: Render (referenced in docs)
- Platform: Stellar Soroban
- Language: Rust
- SDK: Soroban SDK 23
- Status: Early development
-
Environment Variable Typos
- Location:
/client/lib/supabase/*.ts - Issue:
proSUPABASE_...instead ofprocess.env.SUPABASE_... - Impact: Supabase connection not working
- Location:
-
Mock Data in Production
- Location: Throughout client application
- Issue: Frontend uses in-memory mock data
- Impact: No data persistence
-
Authentication Not Enforced
- Location:
/client/middleware.ts - Issue: Routes not protected
- Impact: Users can access app without login
- Location:
-
Backend Not Implemented
- Location:
/backend/ - Issue: Only Express setup, no endpoints
- Impact: Cannot process payments, scan emails, etc.
- Location:
-
Contracts Are Placeholders
- Location:
/contracts/ - Issue: Only hello-world example
- Impact: No blockchain functionality
- Location:
-
Fix Supabase connection (1-2 hours)
- Fix environment variable typos
- Test connection
-
Execute database migrations (30 minutes)
- Run SQL scripts on Supabase
- Verify tables created
-
Connect frontend to database (4-6 hours)
- Replace mock data
- Test CRUD operations
-
Implement authentication (2-3 hours)
- Add middleware
- Protect routes
- Test login flow
-
Set up backend infrastructure (1 day)
- Configure Express server
- Set up database connection
- Implement basic endpoints
- Estimated Time: 1-2 weeks
- Priority: Critical
- Dependencies: Supabase setup, environment variables
- Estimated Time: 2-3 weeks
- Priority: High
- Dependencies: Phase 1 completion
- Estimated Time: 2-3 weeks
- Priority: Medium
- Dependencies: Phase 2 completion
- Estimated Time: 3-4 weeks
- Priority: Low (Future)
- Dependencies: Stellar non-custodial card issuance availability
- Database not connected: Blocks all functionality
- Authentication not enforced: Security risk
- Backend not implemented: Cannot process payments or scan emails
- No testing: Quality issues may arise
- No monitoring: Difficult to debug production issues
- Environment variables: Configuration errors possible
- Smart contracts not implemented: Not needed for MVP
- Advanced features missing: Can be added later
- Users can register and login
- Users can add/edit/delete subscriptions
- Data persists in database
- Authentication is enforced
- Basic API endpoints work
- Email scanning works (at least one provider)
- Payment processing works (at least one provider)
- All MVP features working
- Tests written and passing
- Security audit completed
- Monitoring and logging set up
- Documentation complete
- Performance optimized
- The client has excellent UI/UX foundation - this is a major strength
- Most business logic utilities are implemented and ready to use
- Database schema is well-designed with proper RLS policies
- Backend and contracts need significant development
- Focus should be on connecting existing client to database first
- Backend can be developed in parallel once client is functional
For detailed information about each component, see:
/client/README.md- Client-specific documentation/backend/README.md- Backend-specific documentation/contracts/README.md- Contracts-specific documentation/README.md- Project overview