All Projects

Designed and implemented FIDO2/WebAuthn biometric authentication for crypto withdrawal, eliminating SMS OTP vulnerabilities and SIM-swap attacks.

• Designed credential registration flow, server-side verification, and device binding.
• Eliminated SMS OTP vulnerability — zero SIM-swap incidents post-launch.
• Coordinated with security team for threat modeling and pentest review.

Automated fraud detection system to identify mule accounts used for money laundering using async scoring pipeline.

• Scoring pipeline using multiple signals: transaction patterns, account age, behavioral data.
• Async RabbitMQ architecture — zero latency impact on main withdrawal flow.
• Collaborated with compliance team to define rules and tune false-positive thresholds.

Integrated liveness detection into the crypto withdrawal verification flow to prevent account takeover fraud.

• Built API layer connecting Bitkub's backend to 3rd-party liveness check provider.
• Reduced account takeover fraud via biometric identity verification.

Real-time monitoring service for detecting suspicious on-chain transactions, integrated into compliance workflows.

• Evaluates risk signals per transaction and triggers alerts for compliance review.
• Integrated into the main wallet processing pipeline with minimal latency impact.

Non-custodial rules system allowing whitelisted addresses for withdrawals, with transfer rules and approval workflows.

• Whitelist management for non-custodial withdrawal addresses.
• Transfer rules and multi-step approval workflows for compliance requirements.

Blacklist management for flagged wallets and automated HR03 reporting bot improvements for compliance workflows.

• Enhancements to internal blacklist management for flagged wallets.
• Automated HR03 reporting bot improvements.

Re-architected the Etax (electronic tax document) system from a monolithic EC2 process into a stateless Golang microservice.

• Before: monolithic process running 5–6 hrs/day on dedicated EC2 instance.
• After: reduced to 2–3 hrs/day (~50% improvement).
• Stopped idle EC2 instance → saved $300.08/month in infrastructure costs.

Redesigned the crypto withdrawal service from a PHP monolith to Golang microservices, improving maintainability and reliability.

• Improved maintainability, scalability, and independent deployability.
• Reduced customer-facing bugs by >50% post-migration.

LLM-powered internal support triage tool (ReactJS + Golang) that reduces manual ops workload for mid-management — won Rising Stars Award 2025.

• Integrated LLM-based features for internal workflow automation.
• Reduced manual triage time for the operations team.
• Won Rising Stars Award 2025.

Automated the entire coin listing pipeline — configuration, network setup, validation, draft/icon upload — reducing manual effort and time-to-market.

• Covers coin configuration, network setup, and validation for new asset onboarding.
• Significantly reduced time-to-market for new coins.

Internal tool for recovering funds sent to incorrect wallet addresses, with multi-step approval process.

• Handles edge cases in on-chain recovery.
• Multi-step approval process for security and auditability.

Internal admin tool to toggle deposit availability per coin/network without code deployment.

• Toggle deposit availability per coin/network level.
• Enables rapid response to security incidents without code deployment.

Airdrop API for distributing tokens to eligible user accounts with bulk processing and disbursement tracking.

• Supports bulk processing with validation rules.
• Disbursement tracking and audit trail.

API for processing compensation payouts to users, including validation, approval workflow, and audit logging.

• Validation, approval workflow, and audit logging.
• Used for system-error compensation and reconciliation.

Integrated Nonbank payment gateway for expanded fiat deposit/withdrawal options.

• API integration, validation rules, and error handling.
• New payment channel expanding fiat access for users.

Improved crypto BFF (Backend-for-Frontend) service and internal bot automation for approval flows.

• Improved mobile/web client BFF service reliability.
• Internal bot automation: approval flows for internal and external transactions.
• Added automated regression testing suite for BFF endpoints.

Report generation system for SCG's retail network — quotations, purchase orders, invoices, credit notes, booking orders, and receipts exported as PDF/Excel.

• Built with jsreport using HTML/CSS/JS templates → PDF export via Node.js API.
• Supports 6 document types: Quotation, PO, Invoice, Credit Note, Booking Order, Receipt.
• Connected report APIs to frontend screens for PDF/Excel export.

Full-stack development for SCG's retail network — permission management, inventory, product listing, payment screens, and REST APIs.

• Frontend: permission management, inventory/warehouse, product listing, payment screens.
• REST APIs: user permissions, product data sync, search, report printing, Excel generation.
• Stored procedures in MS SQL Server integrated via Node.js.

Sales reporting system with PostgreSQL backend, automated FTP-to-GCS file pipeline, and in-browser file viewer.

• Designed PostgreSQL database schema for report data storage.
• Built FTP-to-GCS job: fetches files → stores in Google Cloud Storage → displays via iframe.
• APIs for report management, user permissions, custom menus, system access logging.

Seat/desk reservation system with floor plan upload, user permission management, and Swagger API specifications.

• REST APIs for seat reservation, user data management, access control, org chart management.
• Floor plan image upload feature for visual seat booking.
• API specification written in Swagger for team collaboration.

System for recording and tracking farm animal data including registration, history, vaccinations, weight, and veterinary visits.

• Database design for animal data and history records.
• Animal registration screen and history record screen.
• Tracks vaccinations, weight measurements, and veterinary visits.