LayPas — retail OS for regulated storefronts
- Strategy
- Product design
- Engineering
- Compliance
A retail operating system where compliance is a server-side invariant — six rulebooks, an offline-first POS, an AI operations analyst. Live across 50 US stores in twelve weeks.
50
US stores live
<50 ms
Rule check latency
14 days
Migration window
The shape of the problem
Every age-restricted retail vertical — vape, cannabis, liquor, firearms, adult, CBD — shares the same problem: a rule matrix that changes per state, per SKU, per day. Incumbent POS systems (Lightspeed, Square, Shopify POS) treat compliance as an add-on, not a core invariant. Operators end up maintaining spreadsheets, manual age logs, and $1,200/year Avalara bolt-ons — and still missing fines.
LayPas's founders had experienced this directly across a multi-state smoke-shop franchise. They needed a retail operating system where compliance is a server-side invariant, not a UI reminder.
What we shipped
A single engine with six rulebooks — vape, cannabis, liquor, firearms, adult, CBD — each a data-driven class over a shared state × SKU × date matrix. Every sale passes through one function call, canSell(), before it hits the database.
- POS terminal: offline-first Electron app with a SQLite write-ahead queue. Network down? The sale still rings. Reconciliation happens on reconnect.
- Compliance engine: PACT Act, METRC seed-to-sale, state ABC rules, ATF Form 4473, state flavor bans — all first-class, all logged immutably.
- AI Operations Analyst: GPT-powered agent with fourteen live tools over real customer data. Plain-English questions, auditable reasoning traces.
- Franchise billing: automated royalty splits and per-store P&L for chains running 20+ locations.
- Contract-first APIs: every endpoint has a Zod schema + OpenAPI. Integrations ship in an afternoon, not a quarter.
The stack: Next.js, Postgres, Electron, Stripe, Avalara, Claude. Fixed fee. Fixed outcome. Launched to production in under twelve weeks.
The outcome
LayPas went live at a 50-store multi-state franchise with 1,847 day-one transactions and zero rollback. Two compliance bypass attempts were caught in the first week. The AI analyst surfaced $9,400 in refund fraud in the first month. Migration from Lightspeed took 14 days.
Every system on the platform is instrumented, audit-logged, and measurable in dollars. That's the discipline we bring to every engagement.
“Compliance alone pays for what MYC built. We stopped two bypass attempts in week one that would've been five-figure fines. The AI analyst paid for a year of subscription in month one.”