Stop fraudulent App Store refunds in real-time — 100% on Supabase.
Single-tenant, secure, and easy to set up for one app.
You own your keys — In-App Purchase Keys are never uploaded to any third party.
Welcome, Product Hunters! Watch the demo and try the quick setup below.
Chinese | English
Simplified single-tenant Apple App Store refund prevention service using Supabase.
Refund Swatter Lite significantly reduces malicious refund risks by processing Apple's CONSUMPTION_REQUEST notifications in real-time and sending detailed consumption data back to Apple, enabling Apple to make informed decisions on refund requests.
- You Own Your Keys (BYOK, Bring Your Own Key) - Keep your In-App Purchase Keys within your own Supabase project; no third‑party uploads required
- Real-time Processing - Instantly handles notifications as they arrive
- 100% Supabase - No additional servers required
- Auto-processing - Fully automated workflow
- 12 Consumption Fields - Calculates all required Apple fields
- Secure Vault Storage - Private keys encrypted in Supabase Vault
- Simple Setup - One configuration file, one setup script
- Real pain: many iOS teams have suffered sudden large-scale refund abuse overnight — hundreds to tens of thousands of dollars, sometimes even leading to app takedowns.
- How it works: after a user requests a refund, Apple sends up to three CONSUMPTION_REQUEST notifications. If developers respond with consumption data in real-time (e.g., cumulative spend, cumulative refunds, developer refund preference), Apple can make a fairer decision and abuse drops significantly.
- Timeline: refund eligibility can extend up to 90 days from purchase; your backend must remain ready throughout that period.
- Gap in existing tools: some platforms (e.g., RevenueCat) automate replies but require uploading the App Store Server API key (AuthKey.p8) and In-App Purchase Key to their cloud, effectively delegating App Store Connect query/operation rights to a third party — unacceptable for security‑sensitive teams.
- Our approach: runs 100% on Supabase with one‑command setup and zero server maintenance; BYOK (Bring Your Own Key) — your In-App Purchase Keys stay only in your Supabase project (Vault/env), never uploaded to any third party.
- Observability: auto‑responds to CONSUMPTION_REQUEST while surfacing field meanings, jobs, and logs for easy debugging and audits.
- Impact: keeps AuthKey/IAP Key safe and meaningfully reduces fraudulent refunds (especially for consumables).
- Supabase CLI installed and authenticated (
supabase login). opensslandpython3available on your PATH for key generation and JSON parsing.- Node.js + npm installed for the dashboard (
node --version,npm --version).
- Clone and configure
git clone [email protected]:argus-sight/refund-swatter-lite.git
cd refund-swatter-lite
cp .env.project.example .env.project
# Edit .env.project with your credentials- Run setup script
./setup-simple.shThe script prints the default admin email ([email protected]) together with a freshly generated one-time password—store it securely and replace it right after the first sign-in.
- Start web dashboard and configure Apple credentials
cd web && npm install && npm run devThen access http://localhost:3000 to configure Apple credentials
- Set webhook URL in App Store Connect:
https://[your-project-ref].supabase.co/functions/v1/webhook
For detailed setup instructions, see SETUP_GUIDE.md.
Local development relies on Git hooks that run gitleaks before every commit. After cloning the repo on a new machine, make sure to:
- Install Node dependencies and Husky:
npm install && npx husky install. - Install
gitleaksso the pre-commit hook can run. For example,brew install gitleakson macOS, or download the latest release from the GitHub project and place the binary in yourPATH.
Once set up, commits will automatically scan staged files for potential secrets.
refund-swatter-lite/
├── supabase/
│ ├── functions/ # Supabase Edge Functions
│ └── migrations/ # Database schema migrations
├── web/ # Next.js dashboard
├── setup-simple.sh # Guided Supabase setup script
├── export_baseline.sh # Helper to dump current DB schema
└── .env.project.example # Environment template copied to .env.project
- Overview - Consumption metrics and system health
- Notifications - View and reprocess Apple notifications
- Test & Initialize - Test webhook and import historical data
- Consumption Requests - Track processing status
- Settings - Manage Apple credentials
Webhook not receiving notifications
- Verify webhook URL in App Store Connect
- Check Edge Function logs:
supabase functions logs webhook - Ensure Edge Functions are deployed
- Ensure JWT verification is disabled for webhook Edge Function
Test notification failing
- Ensure correct environment selected
- Verify Apple credentials are valid
- Check
apple_api_logstable for errors
See FAQ.md for answers to common questions, including local Supabase Docker usage and optional cron scheduling.
- Private keys encrypted in Supabase Vault
- Authentication verification for all Edge Functions
- Service role keys never exposed to client
- CRON_SECRET protects scheduled endpoints
- No third‑party key upload — In-App Purchase Keys remain in your Supabase project only
For issues or questions, please open an issue on GitHub.
Version 1.0 was generated by AI and delivered the core functionality.
Version 2.0 was also authored by AI with a focus on tightening security and performance in line with Supabase best practices. I led the code review process and guided the AI to implement those practices, adding detailed comments to the core code for clarity and maintainability.
Thanks to advances in AI, I can independently bring projects like this to life.
Thanks to our partners for their valuable suggestions and assistance.
Licensed under the Apache License 2.0. See LICENSE for details.
- Multi-tenant SaaS: zero-deploy service
- Refund Swatter Pro: risk control system for professional fraud rings
- Have ideas or interested in collaboration? Please open an issue on GitHub - we'd love to hear from you!
