CAFE — Telegram-Native Tokenized Commerce
Telegram-native commerce where luxury partners launch storefronts, issue TEP-62 NFTs as proof of physical ownership, and run burn-to-claim redemptions settled in stablecoins.
CAFE is “Shopify + Visa for Telegram” — luxury commerce where the audience already is, with every physical item tied to an on-chain token that proves you own it. Luxury partners across fine art, fashion, horology, and hospitality launch branded storefronts inside Telegram. The interesting part is the redemption: burn the token, claim the goods, settle in stablecoins. We built the storefront, the contracts, and the bridge between them.
The challenge
Tokenized physical ownership only works if the chain and the warehouse agree. A TEP-62 NFT has to represent a real item, redemption has to be irreversible and auditable, and stablecoin settlement has to be exact. The full flow — partner creates a drop, customer reserves in the Mini App, pays in TON, receives the NFT, burns it to claim, partner receives USDC/USDT — crosses two blockchains and has to be idempotent at every step. All of it lives inside a Telegram Mini App, a constrained runtime with its own auth and UX rules, while still feeling like a premium storefront a luxury house is comfortable putting its name on.
The approach
We wrote the TON layer in Tact/FunC using Blueprint, where the TEP-62 NFTs and burn-to-claim logic live, with Solidity/Foundry contracts for settlement on Tempo. The backend runs on Fastify with Prisma, PostgreSQL, Redis, and BullMQ workers. The admin is Next.js 14, the customer storefront is React + Vite, and the grammY bot is the entry point.
What we built
- A dual-chain architecture — TON for customer payments, Tempo for merchant settlement — with a TON → Tempo bridge and reconciliation built in
- A Drop Engine with four distribution types: Open Sale (FCFS), Allowlist, Lottery, and Private, each with its own state machine and eligibility rules
- A provable lottery using commit-reveal so public draws are transparent and verifiable
- A burn-to-claim redemption protocol modeled as an explicit state machine, with ship-vs-collect fulfillment and QR redemption
- A partner admin dashboard (collections, drops, analytics, redemptions) with multi-tenant row-level security, plus a per-partner-branded Telegram bot for lifecycle notifications and deep links
- A Machine Payments layer (MPP) — HTTP 402, agent wallets and sessions — and a Partner SDK with a REST client and webhook verification
The outcome
CAFE is web3 commerce that doesn’t feel like a science experiment — fast, branded, and trustworthy end to end. It’s the same engineering we bring to any storefront we build, applied to a much harder settlement problem.