secure-shuttle

SecureShuttle is on-chain escrow for peer-to-peer deals on Solana, protecting buyers and sellers with transparent holds, live dispute chat, and fast trusted settlement.

Comment 1

Inspiration

Peer-to-peer payments for services and digital goods are still trust-heavy: one side often pays first and hopes the other follows through. We built SecureShuttle to remove that trust gap by using on-chain escrow and a clear dispute workflow, so both sides have protection by default. (Aka I got scammed online once)

What it does

SecureShuttle is a Solana-based escrow platform for two-party transactions.

  • Creates escrow wallets and shared claim links.
  • Lets two users claim sender/recipient roles.
  • Tracks funding and transaction state in real time.
  • Supports release, cancellation, and admin settlement actions.
  • Opens a dispute chat (with media attachments) when disputes are raised.
  • Adds post-deal mutual ratings and profile review score/history.
  • Provides admin analytics and live escrow activity refresh.

How we built it

  • Frontend: Next.js + React + Tailwind.
  • Auth: Clerk JWT-based auth and role-aware access.
  • Backend API: FastAPI for escrow/business logic.
  • Data layer: Convex tables/functions for escrows, transactions, chat, and ratings.
  • Chain integration: Solana RPC for balances, signatures, and transfer confirmation.
  • UX: sender/recipient workspaces, admin dashboard, dispute chat, profile insights.

Challenges we ran into

  • Designing safe auth boundaries across frontend, backend, and Convex.
  • Eliminating auth race conditions on new tabs/shared links.
  • Making dispute chat fast and consistent while polling and uploading media.
  • Handling edge cases in settlement flows (missing sender address, idempotent release/ cancel).
  • Keeping admin data views accurate and live without constant manual refresh.

Accomplishments that we're proud of

  • End-to-end escrow lifecycle with role claiming, funding detection, release, cancel, and disputes.
  • Admin-grade controls with safer settlement paths and clearer analytics.
  • Built-in dispute communication with attachment support.
  • Mutual rating system and profile deal history/reputation score.
  • Significant UX and performance improvements (sorting, auto-refresh, reduced friction in flows).

What we learned

  • Security and correctness in payment flows are mostly about edge cases and state transitions.
  • Auth is not just login: token timing, claim validation, and role gating matter everywhere.
  • Real-time UX needs pragmatic polling, caching, and good failure fallback behavior.
  • Clear product language in admin/user views is as important as backend correctness.

What's next for secure-shuttle

  • Mainnet support (Only on devnet right now)
  • WebSocket/event-driven updates to reduce polling.
  • Better sender wallet capture/recovery and stronger settlement fallbacks.
  • Richer analytics (time ranges, volume breakdowns, dispute resolution metrics).
  • Notifications for lifecycle events (funded, released, cancelled, disputed).
  • Expanded dispute tooling and moderation workflows.

Built With

  • clerk-authenti-cation
  • clerk-authentication
  • coingecko-api
  • convex-(database/functions/f-ile-storage)
  • convex-(database/functions/file-storage)
  • digitalocean
  • fastapi
  • next.js-16-(app-router)
  • pydantic
  • python-3.12
  • react-19
  • solana-rpc(solana/solders)
  • solana-rpc-(solana/solders)
  • tailwind-css-4
  • typescript
  • uvicorn
Share this project:

Updates