Job Description

Company
BlockQuote.ai (by Desta Labs)
Website: <https://blockquote.ai/>

What we’re building
BlockQuote.ai is an AI-assisted, policy-controlled “instant group quoting
rail” for resorts: turning email ping-pong into structured requests, instant
quote options, timed holds, approvals, proposals, and a measurable audit
trail. AI assists (parsing/drafting/explaining); deterministic logic +
guardrails decide pricing.

Role overview
We need a strong full-stack engineer to ship a pilot-ready MVP fast, with
clean multi-tenant security, a rule-based quote engine, and reliable workflow
states. This will be used by a real pilot customer and 10–20 repeat-booking
agencies.

What you’ll build (Pilot MVP scope)

1. Auth + roles

* Agency vs Resort vs Admin roles
* Magic link or password auth (Supabase)
* Role-based routing and access

1. Multi-tenant security

* Supabase Postgres + Row Level Security (RLS)
* Agencies only see their org’s deals
* Resorts only see their properties
* Audit logs on key actions

1. Agency portal

* Create group request (dates, rooms, room mix, notes)
* View Good/Better/Best quote options
* Request hold + expiry timer
* Proposal view/download (HTML first; PDF optional)

1. Resort portal

* Inbox of requests
* Approve/adjust quotes within guardrails
* Approve/decline holds
* Basic dashboard (time-to-first-quote, holds, routed volume estimate)

1. Quote engine + guardrails (non-negotiable)

* Deterministic quote engine reads rate sheet + policy
* Guardrails enforce floors/blackouts/approval thresholds
* AI must never invent rates or override guardrails
* Exception workflow for anything out-of-policy

1. AI endpoints (assistive only)

* Parse messy RFP text into structured fields (schema-validated)
* Draft proposal copy using stored quote numbers
* Explain guardrail flags in plain language (You can use OpenAI/Anthropic; we’ll decide together.)

Preferred stack

* Next.js (App Router) + TypeScript
* Supabase (Auth, Postgres, RLS)
* Tailwind/shadcn/ui (optional)
* Zod validation
* Deployment: Vercel

What “great” looks like in 2–3 weeks

* Pilot MVP deployed to staging + production
* RLS verified (no cross-tenant leakage)
* End-to-end flow works: request → quotes → hold → approval → proposal
* Guardrails are transparent and explainable
* Audit trail + KPI dashboard is accurate and reproducible
* Clear README + seed data to onboard new resorts

You’re a strong fit if you have

* Shipped Next.js apps with real users (not just demos)
* Strong Postgres fundamentals and either Supabase RLS or equivalent RBAC patterns
* Experience building workflow systems (state machines, audit logs, idempotent endpoints)
* Comfort integrating LLM APIs safely (schema validation, retries, no hallucinated numbers)

Nice to have

* Multi-tenant SaaS experience
* Experience with pgvector / RAG pipelines (later phase)
* Payments or e-sign integrations (future)

Engagement / compensation

* Contract to start (Wellfound), with option to extend or convert to longer-term
* Timezone: North America preferred; flexible if overlap exists

How to apply (high-signal)
Please include:

1. 2–3 relevant projects (links) where you implemented multi-role access and a real backend
2. A short plan (milestones) for shipping this MVP in 2–3 weeks
3. A brief explanation of how you’d implement “AI assists, guardrails decide” so pricing cannot hallucinate

Optional (we pay for this):
We may ask finalists to complete a short paid micro-task (4–8 hours): Supabase
schema + RLS + one API route + one role-filtered page. This is to validate fit
and speed.

Keywords to find candidates on Wellfound search
Next.js, App Router, TypeScript, Supabase, Postgres, Row Level Security (RLS),
multi-tenant, RBAC, workflow engine, audit log, Zod, Vercel, LLM integration,
RAG, pgvector.