Taparoo

Taparoo is a tap-to-pay system built for concerts, festivals and other high-traffic events that replaces plastic wristbands or paper vouchers with inexpensive NFC cards tied to on-chain smart-contract wallets. When a guest “taps” their card at a merchant point-of-sale, the card’s UID and an ephemeral signature are relayed to a lightweight server that maps the UID to a Circle Smart Contract Account created for that user. The backend then evaluates a programmable rules engine: Is the card enabled, is the purchase amount below the per-transaction limit, has the guest stayed within today’s cumulative spend cap, has the daily transaction-count limit been exceeded, does the merchant category match the card’s allow-list, and does the destination address pass Circle’s Compliance Engine screening? If every rule passes, the server signs and forwards a gas-sponsored USDC transfer from the child wallet to the merchant wallet through Circle’s Gas Station so the guest never sees a gas prompt or holds ETH.

Each guest wallet is “disposable” because it holds only the event budget the user chooses to load. Funds come from a developer-controlled treasury wallet; if the child wallet balance is insufficient but the treasury has enough and the purchase still obeys all card rules, the system automatically tops up the child wallet and completes the payment, giving the user a seamless “overspend” experience without exposing the treasury keys. A single-click kill switch lets the guest or an administrator freeze a lost card and sweep remaining funds back to the treasury or to any chosen safe address, all while re-checking the Compliance Engine to block illicit flows.

The architecture keeps custody risk low: no user PII is stored, only the NFC UID, the child wallet address, and a handful of counters such as spend-today and last nonce to stop replay attacks. Because every transaction request and Circle API response is streamed to an append-only audit log, organizers can prove compliance after the event. The system is gasless, instant, and denominated entirely in familiar USD units, so users never realize they are interacting with crypto rails.

How It's Made - NFC Smart Wallet Technical Deep Dive

Core Architecture Stack

Built on Circle's Programmable Wallet infrastructure using their Web3 Services SDK. The system uses a dual-wallet architecture with a main developer-controlled MPC wallet acting as the treasury and individual Smart Contract Accounts (SCAs) for each NFC card. This design ensures the main wallet never gets exposed while still allowing sophisticated spending controls.

The backend is a lightweight Node.js server that handles NFC UID mapping, rules enforcement, and transaction relaying. We deliberately kept it minimal to avoid storing sensitive user data while still maintaining full compliance through Circle's screening services.

NFC Card Integration and Simulation

Since this was a solo hackathon build, I implemented a clever simulation system for NFC cards using UUIDs and cryptographic signatures. The functionality is identical to real NFC cards but allows for faster development iteration. Each simulated card generates a unique signature that the server maps to a specific Smart Contract Account, exactly how real NFC UIDs would work.

The hack here is that we're essentially creating a bridge between physical NFC taps and on-chain smart contract execution without requiring users to have any crypto knowledge or wallet management. When a real NFC card taps, it sends its UID to the server which triggers the entire transaction flow.

Circle Integration Deep Dive

The project leverages three key Circle services. First, the Programmable Wallets SDK for creating and managing both the main MPC wallet and child SCAs. Second, the Gas Station for complete transaction fee abstraction so users never see or pay gas fees. Third, the Compliance Engine for real-time transaction screening on all fund movements.

The particularly clever part is how we handle the overpay capability. If a card has 10 USDC but tries to spend 15 USDC, the system checks if the main treasury has sufficient funds and if the transaction passes all the card's programmed rules. If both conditions are met, it automatically funds the child SCA from the treasury and executes the transaction in a single flow.

Smart Contract Rules Engine

Each NFC card maps to a Smart Contract Account with programmable session key limits. We implemented a server-side rules engine that enforces maximum transaction amounts, daily spending caps, transaction count limits, and custom business rules. The beauty is that these rules are enforced both server-side for speed and on-chain for security.

The kill switch functionality was particularly interesting to implement. When triggered, it instantly disables the card, withdraws all funds back to the main wallet, and runs everything through Circle's Compliance Engine to ensure we're not moving illicit funds. The user never loses control of their money but gets the security of programmable limits.

Transaction Flow and Security

The payment flow starts when a merchant enters an amount on their POS terminal. The user taps their NFC card, sending the UID to our backend. The server looks up the mapped SCA, checks all programmed rules, verifies compliance, and if everything passes, uses Circle's SDK to transfer USDC from the child wallet to the merchant's wallet.

All of this happens in under 2 seconds with zero gas fees for the user. The transaction is completely gasless from the user perspective but still benefits from blockchain security and programmability.

Compliance and Security Measures

Every transaction and fund movement goes through Circle's Compliance Engine automatically. This includes card funding, payments, and kill switch withdrawals. The system ensures no sanctioned addresses or risky wallets are involved in any transaction without requiring manual compliance checks.

The server architecture is designed to be stateless and compliance-first. We don't store sensitive user data but maintain full auditability through Circle's infrastructure.

Notable Hacks and Innovations

The most notable hack is the NFC simulation system that maintains identical functionality to real NFC cards while allowing rapid development and testing. This could easily be swapped for real NFC readers without changing any core logic.

Another innovation is the overpay mechanism that lets cards spend more than their balance if the treasury approves it and all rules pass. This creates a credit-like experience while maintaining strict programmable controls.

The serverless-ready architecture means the entire backend could be deployed as cloud functions once Circle adds support for custom signatures beyond their current MPC and passkey options. This would make the system completely decentralized while maintaining the same user experience.

Future Technical Roadmap

The system is designed to integrate with Self Protocol for KYC and age verification, which would enable category-based spending rules like alcohol purchases. The architecture supports adding arbitrary compliance rules and spending categories without changing the core payment flow.

When Circle enables custom signature schemes, the entire system can move on-chain while maintaining the same tap-to-pay user experience. This would eliminate the need for the centralized backend while preserving all security and compliance features.