Safupay

SafuPay is a secure payment dApp that combines an on-chain escrow mechanism with cross-chain settlement. It solves two big problems in Web3 payments:

1.Safe transfers → funds don’t go directly to a recipient’s wallet, but are locked until verified.

2.Cross-chain flexibility → users can send and claim funds across Kadena EVM and multichain ecosystems.

-> Core Features

1.Escrow with Claim Code + Signature Verification -> When a sender initiates a transfer, funds are locked in a smart contract (not directly to recipient).

2.The recipient must provide: -> A signature proving ownership of the receiving wallet. -> A claim code (encrypted) for two-factor style verification. (Only if both are valid → funds are released.)

3.Refund & Safety Conditions ->If the sender entered a wrong recipient, they can cancel & reclaim funds within 5 minutes (only sender can do this). ->If the recipient doesn’t claim funds within 30 days, the sender can reclaim.

(Cross-Chain Payments) -> Users can lock tokens on one chain (e.g., Kadena EVM) and unlock/mint them on another supported chain.

Implemented via Bridge contracts: BridgeA: locks tokens and emits an event for cross-chain transfer. BridgeB: relayer listens to events → mints/unlocks tokens on the target chain.

Backend (Node.js + Database)

Off-chain storage of: Transaction metadata (sender, recipient, amount, status). Claim code (encrypted). Expiry timestamps (5 min cancel, 30 days timeout). Enables fast retrieval without always querying blockchain. Provides APIs for users & dApp frontend.

For cross-chain, we designed two contracts (BridgeA and BridgeB): one to lock or burn tokens on the source chain, and another to mint or unlock them on the target chain. A lightweight relayer listens to events from BridgeA and triggers corresponding actions on BridgeB, enabling Kadena ↔ multichain transfers.

Deployed verified Contract links: BridgeA --> https://chain-20.evm-testnet-blockscout.chainweb.com/address/0x37e988e9b8862AB026D76c3fE7100974dbb3B3e7?tab=contract

BridgeB --> https://chain-21.evm-testnet-blockscout.chainweb.com/address/0x0eb2825fF6B58a8469DF9Cb865DE579A0600F72C

Token A --> https://chain-20.evm-testnet-blockscout.chainweb.com/address/0x4888b2deA99a1F92F3bb29BaE482dC6D79D5E8D8

Token B --> https://chain-21.evm-testnet-blockscout.chainweb.com/address/0xdc11176f6552D2eC5Da686747E73b2eCDde5BE5e

SafuPay is built with two main modules: cross-chain settlement and escrow payments.

For cross-chain, we designed a bridge system between Kadena EVM chains and multichain ecosystems. On the source chain, users lock or burn tokens through BridgeA, which emits an event. A lightweight relayer service built in Node.js with ethers.js listens to these events and verifies the parameters. Once verified, it calls BridgeB on the target chain to mint or unlock tokens for the recipient. Only the relayer is authorized to perform this action, ensuring the tokens on the target chain are always backed by those on the source chain. Thanks to Kadena’s multichain EVM environment, we can operate across multiple chains in parallel, avoiding bottlenecks and making bridging faster and more scalable.

Separately, SafuPay also includes an escrow system for secure payments. Instead of sending funds directly to a wallet, the tokens are locked in a smart contract until the recipient verifies ownership. To claim, the recipient must provide both a valid wallet signature and a claim code. The claim code is hashed using keccak256 with solidityPacked, so plain codes are never stored. This creates a two-factor authentication style verification directly in the contract. If funds are sent to the wrong address, the sender can cancel and reclaim them within 5 minutes. If they remain unclaimed for 30 days, the sender can reclaim them as well.

On the backend, we used Node.js with a MySQL database to index transactions, track timeouts (5 minutes for cancel, 30 days for reclaim), and store encrypted claim codes. This enables fast retrieval for the frontend without constantly querying the blockchain. The frontend itself is built using React, TailwindCSS, and wagmi for wallet connectivity and smooth UX.

One of the hackier parts was building the claim code verification: instead of storing or comparing plain codes, we used keccak256 hashing and only verify the hash match on-chain, effectively bringing a 2FA-like security layer into Web3 escrow.

Deployed contracts are live on Kadena testnet: BridgeA on chain 20, BridgeB on chain 21, and paired test tokens for cross-chain transfers.

Deployed verified Contract links: BridgeA --> https://chain-20.evm-testnet-blockscout.chainweb.com/address/0x37e988e9b8862AB026D76c3fE7100974dbb3B3e7?tab=contract

BridgeB --> https://chain-21.evm-testnet-blockscout.chainweb.com/address/0x0eb2825fF6B58a8469DF9Cb865DE579A0600F72C

Token A --> https://chain-20.evm-testnet-blockscout.chainweb.com/address/0x4888b2deA99a1F92F3bb29BaE482dC6D79D5E8D8

Token B --> https://chain-21.evm-testnet-blockscout.chainweb.com/address/0xdc11176f6552D2eC5Da686747E73b2eCDde5BE5e