Waqas Raza is an AI-Native Full-Stack Engineer based in Lahore, Pakistan. He is Top Rated on Upwork with over $180,000 earned, 93% job success score, and 12+ years of experience building production AI agents, LLM systems, Web3 platforms, and full-stack applications for global clients.

What does Waqas Raza specialize in?

Waqas Raza specializes in AI agent development (OpenAI, LangChain, LangGraph), LLM integration with RAG and guardrails, Web3 and Solidity smart contracts, full-stack development (Next.js, Node.js, TypeScript, Flutter), payment systems (Stripe), and data pipelines.

What is Waqas Raza's Upwork rating and track record?

Waqas Raza is Top Rated on Upwork with a 93% job success score, over $180,000 in total earnings, 12+ years on the platform, and 15 consecutive five-star reviews. He has completed projects across AI, Web3, SaaS, payments, and data engineering for clients globally.

Can Waqas Raza build AI agents and LLM-powered applications?

Yes. Waqas Raza builds production-grade AI agents with tool use, RAG, strict guardrails, and predictable cost controls using OpenAI, LangChain, LangGraph, and FastAPI. He has shipped a deep research agent, a DocOps automation agent, speech analytics platforms, and AI-powered pipelines.

Does Waqas Raza do Web3 and Solidity development?

Yes. Waqas Raza develops Solidity smart contracts on Ethereum and Base, DeFi banking platforms, ERC-4337 smart account systems, token launch studios, and milestone escrow contracts. He works with Foundry, Hardhat, and Ethers.js.

What technologies does Waqas Raza use?

Waqas Raza's core stack includes Next.js, TypeScript, Node.js, React, Flutter, Python, Supabase, PostgreSQL, Redis, Stripe, OpenAI, LangChain, LangGraph, Solidity, Foundry, Hardhat, Docker, AWS, and GCP.

Is Waqas Raza available for freelance projects?

Yes. Waqas Raza is available for freelance projects at 30+ hours per week with a typical response time of 0–4 hours. He can be hired through his Upwork profile at upwork.com/freelancers/waqasraza.

Where is Waqas Raza based?

Waqas Raza is based in Lahore, Pakistan. He works remotely with clients worldwide across the US, EU, and other regions. He is fluent in English and has worked with teams at Delivery Hero (Berlin) and Hello HD (EU startup).

Cetirc — Case Study

The Problem

Small and medium businesses in Germany needed a mobile-first way to manage payments, payouts, and business banking—integrated with their existing bank accounts and compliant with German data security expectations.

The app needed to handle real money movement (Stripe Connect), real identity documents (encrypted storage), and real customer support (AI-powered, context-aware chat).

It is live on the App Store.

What Was Built

Cetirc is a Flutter mobile app backed by a Node.js API. The four core systems are payments, identity, auth, and support chat.

Stripe Connect

The payment system uses Stripe Connect for platform-style payments: businesses onboard as Connected Accounts, receive payouts to their linked bank accounts, and manage payment methods within the app.

The integration covers:

Connect onboarding — the full KYC flow via Stripe-hosted onboarding, with webhook handling for account status transitions
Payouts — scheduled and on-demand payouts to verified bank accounts
Bank/card linking — customers link payment methods via Stripe's mobile SDK
Webhooks — all Stripe events are processed with signature verification and idempotency keys

The webhook handler is the most critical piece. Stripe retries failed webhook deliveries—without idempotency keys, a retry could trigger a duplicate payout. Every webhook handler checks for prior processing before executing its action.

Identity Document Encryption

Users upload identity documents (passport, ID card) as part of onboarding. These are encrypted with AES-256-CBC before storage.

The encryption key is derived from a combination of a server-side secret and the user's account ID—meaning a key compromise at the storage layer does not expose documents, and a key compromise for one user does not expose others.

Documents are never stored in plain text. The decryption path requires both the server secret and valid session authentication.

Auth: OTP + JWT

Authentication uses a two-factor OTP flow:

OTP delivered via AWS SNS (SMS) or AWS SES (email), depending on user preference
OTP codes are time-limited (5 minutes) and single-use
Successful OTP verification issues a JWT with a 15-minute access token and a 7-day refresh token
Refresh token rotation: each refresh issues a new refresh token and invalidates the previous one

The IP-based rate limiting on OTP issuance prevents brute-force code enumeration. After 5 failed attempts from a single IP within 10 minutes, OTP issuance is blocked for that IP for 30 minutes.

RAG Support Chat

The in-app support chat is powered by a Node.js RAG pipeline:

Business documentation (product guides, FAQ, policy documents) is chunked and embedded via OpenAI
User queries retrieve the most relevant chunks via cosine similarity
GPT-4o generates a grounded response with citations

The chat refuses to answer questions outside its document scope—it will not speculate about account-specific balances or transaction statuses, instead directing users to the relevant app screen or support escalation path.

Key Engineering Decisions

Flutter for cross-platform reach. A single codebase for iOS and Android with native Stripe SDK integration was the right call for the client's team size and budget. Performance is indistinguishable from native for this use case.

AES-256-CBC with per-user key derivation. The extra complexity of user-scoped key derivation was worth it for the blast radius reduction in a data breach scenario.

Stripe Connect over a custom payment layer. Building a payment layer from scratch for a German market would require navigating SEPA, PSD2, and BaFin compliance independently. Stripe handles the regulatory complexity; the app handles the UX.