back to /home
~/projects/ P-03
03 casesfiled 2021–2025
work/case studies · 3 projects/filed under: shipped

the /work
directory.

Each project is a case: what it had to do, what made it hard, what I built, what it became. Click in for the long version — topology, decisions, results — not just a logo and a stack list.

↳ CASE STUDIES — newest → oldest
P-012025

blockvest

Buy, sell and trade NFTs with an ML model that surfaces forward price signals. Every transaction settles on-chain so provenance and ownership stay tamper-proof. Capstone project at CUST.

SoliditySolidity · React · Node
P-022022

emitter clone

An Emitter-style web app with Twilio voice underneath, so users dial from the browser straight to a phone line. Live SMS layered on top — the whole thing held together by a tight WebSocket layer.

JavaScriptNode · Twilio · WebRTC
P-032024

ido-crm

A CRM with several teeth — accounting, sales pipeline, security staffing, and an ATIS complaint system. Each its own module, sharing one identity and audit layer. Backend integration owned end-to-end.

TypeScriptNestJS · Postgres · RBAC
↳ EOF · 3 of 3 casesesc to close · click to read
~/projects/P-03/private/private

ido-crm

multi-tenant business platform
RoleFull-stack engineer · BufferSol
Duration14 months
Team6 engineers
Year2024
+60%operator throughput
−50%deploy time
07modules
RBACtenant-aware

A CRM with several teeth — accounting, sales pipeline, security staffing, and an ATIS complaint system. Each its own module, sharing one identity and audit layer. Backend integration owned end-to-end.

Overview

ido-crm is the back office of a security firm dressed as a SaaS. Four real businesses run inside it: accounting, sales pipeline, security-staffing, and an ATIS complaint workflow. Each is a module; each writes to the same identity, the same audit log, and the same Postgres schema partitioned by tenant.

I owned backend integration for fourteen months at BufferSol on a team of six. The brief was "make four products feel like one product." The product manager had a list of 200 things; we shipped them in 7 modules.

The Problem

Multi-tenancy is the obvious technical challenge. Less obvious — and the one that quietly burns teams — is **module independence**. Each product team wanted to ship on their own cadence. None of them wanted to coordinate releases. All of them wanted the same login.

Solution: hard module boundaries with soft data sharing. Identity, RBAC, and audit are the only cross-module concerns. Everything else lives behind a versioned internal API.

The Approach

NestJS modules with a strict import rule: a module may import from `@ido/identity` and `@ido/audit` and nothing else from a sibling. Cross-module reads go through a small `@ido/internal-api` package that lives in the same repo but is treated as if it were external — versioned, deprecated on a schedule, never broken silently.

Postgres schema-per-tenant for hard isolation. RBAC at the row level; every query that crosses a tenant boundary requires a system role explicitly held by maintenance jobs, never by the API. Audit log is append-only, partitioned by month, and the only thing legal asked us to add later — and we already had it.

Deploys are GitHub Actions → Docker → Kubernetes. The boring choice. Twelve weeks in we had it under nine minutes. Twenty-six weeks in we had it under five.

If you can't deploy a module without three other teams approving, the boundaries aren't where you think they are.

Stack Deep-Dive

● project topologyfig.Ascoped to this project
CLIENTSEDGESERVICESDATA / EXTOperator WebREACTField AppRNAPI GatewayAUTH · RBACidentity-svcJWT · TENANTaudit-svcAPPEND-ONLYBusiness Modules × 7NESTJSPostgresSCHEMA-PER-TENANTRedisCACHE · QUEUES3DOC STORE

Seven modules, one identity, one audit log. That ratio is the project. Everything else is implementation detail.

Results

Operator throughput up 60% measured by tickets-closed-per-shift across the staffing module — the kind of number the customer cared about, not the kind we like to put on dashboards. Deploy time down 50% from the inherited pipeline. Seven modules in production, each independently deployable, each behind a feature flag we actually used.

Most useful artefact: a module-boundary lint rule we built in week three that blocks cross-module imports at PR time. We never had a single illegal cross-module import merged in the entire fourteen months, because the build refused to.

Gallery

01 operator console · ticket triage
02 sales pipeline · drag-to-stage kanban
03 ATIS complaint workflow · sla timer
04 audit log · per-tenant filter

Links

× private repo brief a similar build
← Previous case
emitter clone
oosama_hashmi/full-stack engineer
online/v5.0 · build 2026.05.08/Pakistan → remote

osama
hashmi.

Full-stack engineer building the parts users don't see. APIs that don't fall over, microservices that talk to each other, payment rails, real-time voice/SMS over WebRTC, and the React Native frontends that ride on top.

years shipping
04yrs
since Jul 2021 · 3 teams
primary stack
node · nest
react native
k8s · docker · aws · stripe · twilio

./identity.json

{
  "name":    "Osama Hashmi",
  "role":    "full_stack_engineer",
  "focus":   ["apis", "microservices", "mobile"],
  "runtime": "node · nest · react-native",
  "deploy":  "k8s · docker · aws",
  "replies": "~within 24h"
}

$ uptime

// last 4 years, in numbers
shipping_years    04  // since 2021
services_owned    07  // across 3 teams
languages         06  // ts · py · rust · sol · go · js
deploy_speedup    −50%  // k8s pipeline tuning
system_efficiency +60%  // at BufferSol
realtime_scale    +150% // at Web Stacking
section / 01The Stack

What I build, drawn out.

Most portfolios list tools. I draw systems. Hover any node to see how it fits — from a React Native client all the way down to a Kubernetes pod running NestJS talking to Stripe and a Postgres replica.

● live topologyfig.1v4 · productionhover any node
Service topology: clients (RN/web/web3) → edge (nginx/gateway/websockets) → services (core/payments/comms/contracts) → data (postgres/redis/s3/k8s)CLIENTSEDGESERVICESDATA / EXTReact NativeiOS · ANDROIDReact + ReduxWEB · SPAWeb3 dAppETHERS · WAGMINginxREVERSE PROXYAPI GatewayAUTH · RATELIMITWebSocket HubREAL-TIMENestJS · core-apiMICROSERVICENode · payments-svcSTRIPE · PAYPALTwilio · comms-svcVOICE · SMS · WEBRTCSolidity · contractsEVMPostgresPRIMARY · REPLICARedisCACHE · QUEUES3 + IPFSOBJECTS · NFTSKubernetesEKS · DOCKER
primary path sync call async / event↳ animated packets show production traffic
section / 02Deploy Log

Three teams, one philosophy.

Pick the boring tool that scales. Test the parts that move money or messages. Automate the deploy on day one. Below: a chronological log of what shipped.

MAY 2022 → AUG 2025/ 3y · 4mo

Full Stack Engineer

@ BufferSol Technologies · New York, NY

Built a full-stack product on React Native + NestJS, deployed to Kubernetes. Owned the mobile client and the services it talks to end-to-end — auth, payments, push, plus the IDO‑CRM (accounting, sales pipelines, security staffing, ATIS complaint workflow).

React NativeNestJSKubernetesDockerPostgresStripeAWS
+60%efficiency
−50%deploy time
07services
OCT 2021 → APR 2022/ 7 mo

Backend Engineer

@ Web Stacking · Islamabad, Pakistan

Engineered a microservices architecture wired into Twilio Voice/SMS and WebRTC, routing real-time calls and messages between web users and phone lines. Containerised the lot with Docker, orchestrated on Kubernetes.

Node.jsMicroservicesTwilioWebRTCDockerKubernetes
+150%scalability
voice+ sms
JUL 2021 → SEP 2021/ 3 mo

Mobile Developer

@ KawanBantu · Jakarta

First production gig. Built interactive UI with React + Redux, profiled the client, and cut perceived load on the heaviest screens roughly in half.

ReactReduxJavaScript
+50%client perf
section / 03Selected Work

Three projects, three problems.

From an NFT marketplace with on-chain provenance, to a Twilio-backed comms clone, to a CRM that quietly runs a security firm's back office. Click any card for the full case.

P-01 / 2025shipped

blockvest

NFT marketplace · ML price oracle

Buy, sell and trade NFTs with an ML model that surfaces forward price signals. Every transaction settles on-chain so provenance and ownership stay tamper-proof. Capstone project at CUST.

SolidityReactNodePython · MLIPFS
Solidity14228on-chainview case →
P-02 / 2022shipped

emitter clone

real-time voice + SMS · WebRTC

An Emitter-style web app with Twilio voice underneath, so users dial from the browser straight to a phone line. Live SMS layered on top — the whole thing held together by a tight WebSocket layer.

NodeTwilioWebRTCWebSocketsReact
JavaScript8814realtimeview case →
P-03 / 2024private

ido-crm

multi-tenant business platform

A CRM with several teeth — accounting, sales pipeline, security staffing, and an ATIS complaint system. Each its own module, sharing one identity and audit layer. Backend integration owned end-to-end.

NestJSPostgresRBACMicroservicesDocker
TypeScript649privateview case →
P-04 / on-goinglive

open to brief

your project · let's wire it up

Available for a long-running engagement where I can own a service end-to-end — backend, mobile, deploy. Short architecture or Twilio / payments consults also fine. Drop a brief over the fence.

contractfull-timeremote · GMT+5
open a brief →accepting
section / 04Toolbelt

Things I reach for without thinking.

Highlighted = primary tools — what I'd start a new system in tomorrow. The bar is intuitive frequency, not skill level. Everything listed I've shipped with.

languages06
TypeScript
JavaScript
Python
Solidity
Rust
Go
backend06
NestJS
Node.js
Microservices
WebSockets
Nginx
Flask
frontend / mobile04
React Native
React
Redux
Expo
infra · deploy07
Docker
Kubernetes
AWS
GitHub Actions
Serverless
Azure
Render
integrations06
Stripe
Twilio Voice
Twilio SMS
Twilio Video
PayPal
Custom Bank Gateways
data04
Postgres
Redis
S3
IPFS
web304
Solidity / EVM
Ethers / Wagmi
NFT contracts
IPFS pinning
education
B.Sc Computer ScienceCapital University of Science & TechnologyIslamabad, Pakistan
section / 05 — /writing

Notes from
the service mesh.

Things I've learned shipping APIs, mobile apps and real-time systems — written when the rubber duck wasn't enough. The whole site shifts to read.

cd ./writing
v0.3

Twilio Voice + WebRTC: notes from production.

Thu Jan 22 2026 00:00:00 GMT+0000 (Coordinated Universal Time) · realtime · 11 minv0.2

How we cut deploy time in half.

Sun Nov 02 2025 00:00:00 GMT+0000 (Coordinated Universal Time) · devops · 7 minv0.1

React Native, four years in: what stuck.

Sun Aug 17 2025 00:00:00 GMT+0000 (Coordinated Universal Time) · mobile · 9 minv0.4

The boring stack is the right stack.

Sat Mar 14 2026 00:00:00 GMT+0000 (Coordinated Universal Time) · architecture · 8 min
section / 06Get In Touch

Send a brief, get a response.

I'm best on long-running engagements where I can own a service end-to-end — backend, mobile, deploy. Architecture and Twilio / payments consults also fine. Drop a note with what you're building.

email github call résumé.pdf
contact · POST /v1/inbox
nameOsama Hashmi
emailhashmiosama555@gmail.com
phone+92 312 521 4124
githubgithub.com/OSAMA-tec
timezonePKT · UTC+5
overlap~6h EST · ~4h PST
replies~within 24h
osama_hashmi() · full-stack engineer · v5.0 · build 2026.05.08
crafted with html, css, and four years of muscle memory
┌─[ end of file ]─┬─[ thanks for reading ]─┬─[ →  /writing ]─┐
back to /home
~/writing
04 entriesupdated 2026.05
writing/changelog · 4 entries/filed under: technical

the /writing
directory.

Notes I write when something in production teaches me a lesson I don't want to forget. About boring choices, realtime plumbing, deploy pipelines, and the difference between shipping and shipping-shipping.

↳ ENTRIES — most → least recent
v0.3Thu Jan 22 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

Twilio Voice + WebRTC: notes from production.

The Twilio docs are excellent, until you actually put load on the thing. Then you discover the bits the docs skipped. This is the missing manual.

realtime11 min · technical
v0.2Sun Nov 02 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

How we cut deploy time in half.

Our k8s pipeline used to take 23 minutes from green tests to traffic. Now it takes 9. Here's the exact thing we changed, and what didn't help.

devops7 min · technical
v0.1Sun Aug 17 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

React Native, four years in: what stuck.

Four years of shipping React Native apps to real users on real devices. Here's the patterns I keep using on every new project, and the ones I quietly stopped recommending.

mobile9 min · technical
v0.4Sat Mar 14 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

The boring stack is the right stack.

I've watched three teams burn a quarter trying to live on the bleeding edge. The fourth one — mine — picked Postgres, NestJS, and a boring CI pipeline, and shipped before the others finished their Helm chart. Boring is a feature.

architecture8 min · technical
↳ EOF · 4 of 4 entriesesc to close · click to read