Nasez — financial controls for fuel stations
Shift-based verification engine for petroleum stations. PostgreSQL triggers calculate expected cash from meter readings. Variance triggers supervisor review.
The problem
Fuel station owners in East Africa lose money to cash skimming. Pump attendants report lower meter readings, pocket the difference, and the owner finds out weeks later — or never.
Nasez makes this structurally difficult by running the math on the server, not the frontend.
How it fits in the monorepo
Nasez lives at apps/nasez-web inside the Bexze monorepo. It shares the same Supabase project as Fikalo but uses a dedicated PostgreSQL schema (nasez_schema) with its own RLS policies.
One Supabase project for multiple products saves roughly $25/month per additional product. Schema isolation with RLS gives data separation without the cost of separate infrastructure.
The shift closure engine
When an attendant ends a shift, the server runs this calculation:
Expected Liters = Final Meter Reading - Start Meter ReadingExpected Cash = Expected Liters × Price Per Liter- Compare Expected Cash vs Actual Cash Submitted
- If variance exceeds the threshold → flag the shift → force supervisor review
This runs as a PostgreSQL trigger on the shift_closures table. The frontend cannot bypass it. Even if someone modifies the client code, the trigger fires on INSERT regardless.
Role hierarchy
| Role | Access |
|---|---|
| Owner | All stations. Receives fraud alerts. Views aggregate reports. |
| Station Manager | One station. Records bank deposits. |
| Supervisor | Approves or rejects shift closures. First fraud filter. |
| Pump Attendant | Submits meter readings and cash totals. |
Each role maps to Supabase RLS policies scoped by station_id and user_role.
Current state
The database schema is written. RLS policies are mapped. The web app is scaffolded at apps/nasez-web.
No UI code exists yet. The next step is building the Attendant shift-start and shift-end flow, then the Supervisor approval queue.
The real question
The hard part is not the code. It is the operational environment. Do pump attendants in East African fuel stations use tablets? What happens when the internet drops in the middle of a shift closure? Does the station even have reliable power?
These questions do not have answers in the codebase. They require field testing.