Overview
CYA (Cover Your Assets) was born from a simple problem: tradespeople were getting into disputes about the work they did — or didn't do. A builder finishing a job had no reliable way to prove what state they left a site in. A plumber had no timestamped evidence of work completed.
I built CYA to solve that. Every photo taken through the app is embedded with a GPS coordinate, timestamp, and cryptographic hash before being attached to an invoice. The invoice itself is tamper-evident.
The Problem
"I did the work. I just can't prove it."
That's the feedback that drove this project. After talking to 12 solo tradespeople across Melbourne and Warsaw, the pattern was clear: disputes happened, and without photographic evidence that could be trusted, small business owners were losing money.
What I Built
Mobile App (React Native)
- GPS-tagged photo capture with device timestamp
- Job management — create, track, and close jobs
- Client management with contact details
- Invoice generation with embedded photo proof
Backend (FastAPI + PostgreSQL)
- RESTful API with JWT authentication
- Photo metadata extraction and embedding pipeline
- PDF invoice generation with embedded proof photos
- Stripe integration for subscription billing
Infrastructure
- Docker-based deployment on Railway
- PostgreSQL for relational data
- S3-compatible object storage for photo assets
- Webhook handling for Stripe events
Design Decisions
Why React Native? Single codebase for iOS and Android was critical for a solo founder with limited time. Expo managed the native layers.
Why FastAPI? Python's ecosystem for PDF manipulation (ReportLab, pypdf2) was mature and well-documented. FastAPI gave me async performance with minimal boilerplate.
Tamper evidence without blockchain. I chose cryptographic hashing embedded in the PDF metadata rather than a blockchain approach. Simpler, faster, and the verification story is just as strong for court purposes.
What I Learned
Building payment infrastructure as a solo founder is humbling. Stripe's API is excellent, but the edge cases (failed webhooks, partial refunds, subscription pauses) require more attention than the happy path suggests.
The hardest part wasn't the code — it was the copy. Explaining "tamper-evident invoice" to a plumber in one sentence took longer than the PDF pipeline.
Status
Live in beta. Available on iOS and Android. Actively gathering feedback from early users.