What does Two Bit Digital do?

Two Bit Digital is a SaaS development and AI engineering studio that builds mission-critical digital systems for regulated markets. We design, build, and deploy end-to-end SaaS platforms, AI-powered workflows, and secure cloud infrastructure for enterprises, startups, and government bodies across the UK, US, Australia, and Pakistan.

Is Two Bit Digital a registered company?

Yes. Two Bit Digital Ltd is registered in England and Wales under Company Number 14710072, verifiable at Companies House. The company also holds a D&B D-U-N-S Number (77-532-7428) and is registered as a UN Global Marketplace vendor (No. 1177996), and with the SECP in Pakistan (CUIN: 0250598).

Does Two Bit Digital work with government bodies?

Yes. Two Bit Digital is actively positioned to bid on government and civil tenders for web, app, and AI solutions in the UK. We are a registered UN Global Marketplace vendor and hold a D&B D-U-N-S number, meeting common procurement verification requirements.

What technology stack does Two Bit Digital use?

Two Bit Digital builds primarily on Next.js 14, TypeScript, Supabase, React Native, Vercel, and AWS. AI integrations are built using LLM APIs including OpenAI and Claude. All systems are type-safe, production-grade, and built for scale.

Where is Two Bit Digital based?

Two Bit Digital is headquartered in the United Kingdom with core development operations in Karachi, Pakistan. The studio serves clients across the UK, United States, Australia, and Pakistan.

What in-house products has Two Bit Digital built?

Two Bit Digital has built three proprietary SaaS products: Tikkit X (a live event ticketing and management platform for Pakistan), Averon Legal Systems (a CPR Part 47/36 case management SaaS for UK law firms, currently in beta), and Terra Core (a zero-knowledge AES-256 document intelligence platform, in development).

How do I contact Two Bit Digital for a project?

You can contact Two Bit Digital by emailing sales@twobitdigital.com for new project enquiries, or mwasif@twobitdigital.com to reach the Founder & CEO directly. Alternatively, use the contact form at twobitdigital.com.

Supabase Technology Partner

Building Production SaaS on Supabase

Two Bit Digital is a Supabase-native engineering studio. Every SaaS platform we build uses Supabase as the primary backend — not as a convenience, but as the architectural foundation. Multi-tenant isolation, real-time data, and role-based access all live at the database layer.

Start a Project View Architecture ↓

Why Supabase

Postgres-first, RLS-native architecture

Multi-tenancy is the hardest problem in SaaS. Most studios bolt on tenant isolation after the fact — middleware guards, application-level filters, fragile ownership checks. We solve it at the database layer from day one using Supabase's Row Level Security. When a query runs, Postgres enforces the tenant boundary before a single row is returned. There is no code path that bypasses it.

Supabase gives us a full production backend — Auth, Storage, Realtime, Edge Functions, and the Management API — that integrates natively with our Next.js App Router stack. The result is a cohesive architecture with fewer seams and significantly less infrastructure to manage.

🔐

Row Level Security

Every query filtered at the database layer. Multi-tenant isolation without application-level guards — RLS policies are the boundary, not an afterthought.

⚡

Realtime

Postgres changes streamed to connected clients over WebSockets. Powers live dashboards, case-update feeds, and event check-in views without a separate pub/sub layer.

🔑

Auth + JWT

Built-in user management with custom JWT claims for role-based access. Firm invite flows, role elevation, and session management handled without third-party services.

📦

Storage

Object storage with RLS-extended access control — the same policy layer that governs rows governs file access. Legal documents, event media, and CNIC docs in one stack.

🔧

Edge Functions

Deno-native serverless functions at the database edge. Used for payment webhooks, court deadline calculations, and HMAC-SHA256 QR key seeding without cold-start latency.

🛠️

Management API

Programmatic project provisioning and schema migrations via Supabase's Management API — enabling repeatable, auditable infrastructure across environments.

In-House Products

Live SaaS built on Supabase

Two Bit Digital has shipped two production SaaS platforms using Supabase as the primary backend. Both are multi-tenant from the ground up, with all isolation enforced at the database layer via RLS.

Tikkit X

LIVE

Mobile-first event ticketing and management platform for the Pakistan market. Multi-tenant architecture serving independent event organisers, venues, and enterprise clients — all on a single Supabase instance.

Supabase Usage

→Multi-tenant RLS — organiser-scoped event and attendee data
→Auth — JWT with organiser_id claim injected at login
→Realtime — live check-in dashboard via Postgres changes
→Storage — event media, banners, and CNIC document uploads
→Edge Functions — JazzCash / EasyPaisa payment webhooks
→Edge Functions — HMAC-SHA256 offline QR key seeding

Visit tikkitx.com ↗

Averon Legal

BETA

CPR Part 47/36 legal case management SaaS for UK costs lawyers and law firms. Multi-tenant by firm — each firm is fully isolated with role-based access for partners, fee earners, and costs lawyers.

Supabase Usage

→Multi-tenant RLS — firm_id enforced on every table
→Auth — custom JWT claims: firm_id, role (partner / fee_earner / costs_lawyer)
→Auth — firm invite flow with email magic links
→Realtime — live case status updates across fee earner sessions
→Storage — legal document uploads with RLS-extended access control
→Edge Functions — CPR court deadline engine (Part 47 / Part 36 logic)

View all products →

Architecture

Standard Two Bit Digital stack

All production SaaS platforms follow the same architectural spine: Next.js App Router on the front end, Supabase as the primary backend, deployed on Vercel with optional AWS for compute-heavy workloads. RLS is defined first, schema second, application code third — never the other way around.

Frontend

Next.js App Router

TypeScript · React · @supabase/ssr

Backend

Supabase

Postgres · Auth · Storage · Realtime · Edge

Infra

Vercel + AWS

CI/CD · Serverless · Managed DB · Observability

RLS Policy Pattern

-- Example: firm-scoped Row Level Security for a legal case management system
-- All tenant isolation happens at the Postgres layer — not in application code.

alter table cases enable row level security;

create policy "Users see only their firm's cases"
  on cases for select
  using (
    firm_id = (auth.jwt() ->> 'firm_id')::uuid
  );

create policy "Fee earners can insert cases for their firm"
  on cases for insert
  with check (
    firm_id = (auth.jwt() ->> 'firm_id')::uuid
    and (auth.jwt() ->> 'role') in ('fee_earner', 'costs_lawyer', 'partner')
  );

-- JWT payload injected at login via Supabase Auth hook:
-- { "firm_id": "uuid", "role": "costs_lawyer", "user_id": "uuid" }

Supabase Client — Next.js App Router

// lib/supabase/server.ts — App Router server-side client
import { createServerClient } from '@supabase/ssr'
import { cookies } from 'next/headers'
import type { Database } from '@/types/supabase'

export async function createClient() {
  const cookieStore = await cookies()

  return createServerClient<Database>(
    process.env.NEXT_PUBLIC_SUPABASE_URL!,
    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
    {
      cookies: {
        getAll() {
          return cookieStore.getAll()
        },
        setAll(cookiesToSet) {
          cookiesToSet.forEach(({ name, value, options }) =>
            cookieStore.set(name, value, options)
          )
        },
      },
    }
  )
}

Integration Guide

Getting started with our stack

The core integration is straightforward. The opinionated part is the RLS-first methodology — every table has RLS enabled before any application code touches it.

1. Install dependencies

npm install @supabase/supabase-js @supabase/ssr

2. Configure environment variables

# .env.local
NEXT_PUBLIC_SUPABASE_URL=https://your-project-ref.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key

# Server-side only — never expose to the client
SUPABASE_SERVICE_ROLE_KEY=your-service-role-key

3. RLS-first principles

Enable RLS before everything else

Run `alter table <name> enable row level security;` as the first migration on every new table. No exceptions.

Inject tenant context via JWT

Use a Supabase Auth hook to inject firm_id, org_id, or tenant_id into the JWT at login. Policies reference auth.jwt() directly.

Default-deny, explicit-allow

With RLS enabled and no policies defined, all access is denied. Add policies only for the operations each role legitimately needs.

Extend RLS to Storage

Storage bucket policies mirror your table policies. A user who cannot read a case record cannot read the documents associated with it either.

Supabase Technology Partner

Work with Two Bit Digital

Ready to build a production SaaS platform on Supabase? We'd love to hear about your project.

Start a Project twobitdigital.com →