Application · Backend Engineer, Egypt · Cairo

A working slice of nsave’s backend, instead of a PDF that says I could build one.

Below is a live USD→EGP remittance engine on PostgreSQL: a double-entry ledger, idempotent transfers, sanctions screening, an append-only audit trail, and partner reconciliation. Every button hits a real API; every number is derived from real postings. I’m Muhannad, a backend and data engineer in Cairo. This page is my application for the Backend Engineer role.

→ 60-second tour:
1. Lock a quote, send $250
2. Double-fire the same request
3. Send to “Victor Reznik”
4. Verify the ledger invariant
5. Run reconciliation
01

The console

A sandboxed tenant is seeded for your visit: $2,000 opening balance, clean ledger, one deliberately unreconciled partner-statement line. Break things; that is what it is for.

api postgres fx circuit: region:
01 · Send USD → EGPno active quote
Recipient (try “Victor Reznik” to trip screening)
Amount USD (fee $0.50 · daily limit $10,000)
02 · Try to break itraw responses below

Money endpoints must survive retries, replays and tampering. These buttons attack the API the way flaky networks and hostile clients do, and show the exact HTTP responses.

# output appears here. Try the double-fire button too
04 · Journal (double-entry)
no entries yet
05 · Partner reconciliation

The simulated payout partner keeps its own statement. Reconciliation matches it against our ledger on (reference, amount); the seeded statement contains one payout we never initiated.

complete a transfer or two, then run it; the orphan is waiting
02

How it is put together

Small surface, production-shaped decisions. The interesting part is not the feature list; it is where the correctness guarantees live and what was deliberately left out.

browserthis consoleroute handlerszod · error envelopeadvisory lockper (sandbox, idem-key)ONE POSTGRES TRANSACTIONcompliance pipelinescreening → velocity → quotedouble-entry ledgerjournal + postings, Σ = 0events (append-only)update/delete raisetransfers · fx_quotes · accountspartner railsimulatedrecon(ref, amount)stmt
Decisions and why
  • Balances are queries, not columns. A stored balance can disagree with its history; a derived one cannot. Overdrafts become structurally impossible instead of policed.
  • Idempotency is serialized in the database.A per-key advisory lock inside the transaction means two concurrent submissions cannot both execute; the loser reads the winner’s committed row. No distributed lock service to operate or to fail.
  • Screening holds; it does not reject. Compliance outcomes need human review and an audit trail, so a hit produces a held transfer with events, not an error the client can retry around.
  • The audit trail cannot be edited, enforced by a trigger so the guarantee travels with the schema, not with application discipline.
  • Errors are one envelope everywhere: code, message, request id. Integrations are built against failure shapes, not success shapes.
Deliberate cuts (and what production needs instead)
  • Held funds are not reserved. Production needs a pending hold on the wallet the moment screening fires, released or captured on review.
  • The FX feed is simulated. A real one gets a circuit breaker with a stale-quote policy and a hedging position check, not a jittered constant.
  • Screening is exact-match. Real sanctions screening is fuzzy matching with transliteration (Arabic names especially), scored candidates, and case management.
  • Synchronous pipeline. At volume this becomes an outbox + worker with the same idempotency keys carried end to end.
  • One region, one database. The next conversation is read replicas, CDC into the warehouse, and jurisdiction-scoped data residency.
03

Evidence, mapped to the role

Shipped client work with the same shape as this demo. Quotes are from the job description; metrics are from the engagements.

Databases & correctness“own critical backend subsystems”

Marketplace matching engine on PostgreSQL

Audited a 50-table production Supabase/Postgres schema (211 migrations), then ran the automated matching tier for a collectibles arbitrage platform where a wrong match means buying the wrong asset. 2,481 automated commits, zero wrong IDs, with precision held at 99.4%, governed by an explicit “abstain rather than guess” rule.

Client review: 5.0. “Clear communicator… will hire again.”

Reconciliation & controls“integration with compliance and banking services”

Commission reconciliation for an Irish financial advisory

Consolidated monthly commission statements from 7 insurance and investment providers (multi-format, provider-specific rules) into one verified ledger append, with a human-confirm gate before anything is committed. The same match-then-flag-exceptions shape as the reconciliation panel above.

Client review: 5.0 · delivered as tooling the client runs himself.

Payments & idempotency“security-minded”

forsah.me: production billing that survives retries

Built and operate forsah.me solo: a bilingual subscription SaaS for Egyptian stock predictions (Next.js, Stripe, Postgres). Hardened the webhook lifecycle after finding a retried-event double-apply in production: raw-body signature verification plus idempotent event handling. That incident is why the double-fire button exists on this page.

Live at forsah.me with paying subscribers.

AI agents, bilingual product“ship features across multiple markets”

Daleel: Egyptian Arabic AI sales agent + demand intelligence

Solo-built PropTech MVP: one grounded agent core behind web chat, a live dashboard and WhatsApp. Supabase Postgres locked down with RLS and server-only keys, deterministic sticky A/B routing across frontier models with a kill switch, and WhatsApp delivery made double-send-proof with a mark-then-send cursor. Public API ships hashed lead ids only.

Working end-to-end MVP, live at daleel-pink.vercel.app (seeded demonstration dataset).

Systems depth“strong engineering fundamentals”

NRT: Rust cluster manager with real SLM inference

Open prototype of a manifest-driven Rust cluster manager running real small-model inference via HuggingFace Candle: 29 passing tests, clippy clean under -D warnings, CI on every push, and honestly reported benchmarks including where it loses to Ollama.

Public repo: github.com/MHNDhq/nrt-rust

Data platforms & reliability“proactively improve system health”

7.1M-row multi-source data platform

Unified five regulatory water-quality sources into one queryable surface for an environmental-tech company: canonical schema with per-row provenance, a censored-statistics module with 18 unit tests, and a 45-check build verifier that caught a silent regression before the client ever saw it.

Milestone approved with the client “really impressed.”

Working stackPostgreSQLPythonTypeScript / Next.jsSQL-first (no ORM)SupabaseStripeCI + verification gatesClaude-assisted tooling
04

Contact

The fastest way to evaluate me is 30 minutes of me walking your team through this codebase: schema, locking strategy, failure modes, and what I would build differently at nsave’s scale.


Independent demo built by Muhannad as a job application. Not affiliated with, or endorsed by, nsave. No real money moves here; FX rates are simulated around published mid-market levels; the watchlist is fictional. Sandbox data is isolated per visitor and deleted after 7 days.