Cloudflare-native loyalty wallet, Apple & Google passes at the edge

Overview

A Cloudflare-native loyalty-wallet platform that turns a single API call into a live mobile wallet pass. It targets Apple Wallet (signed .pkpass), Google Wallet (loyalty objects + save links) and a generic web fallback, and layers on PassKit-style live features: dynamic field updates, push, geofencing and multi-channel distribution.

The Challenge

Issuing real wallet passes normally means native crypto toolchains (OpenSSL) for Apple’s PKCS#7 signing, plus servers to push updates and fan out distribution. Doing all of that on a serverless edge runtime, with no native binaries, and keeping it cheap and global is the hard part.

What We Built

A Hono app on Cloudflare Workers with a clean module split: pass/ (pkpass assembly, signing, Google loyalty objects, web fallback), push/ (APNs delivery + queue consumer), distribute/ (email, SMS, queue consumer), webhooks/ (inbound CRM/POS + outbound HMAC- signed events), routes/ (public, dashboard, PassKit web-service, auth, API) and a Drizzle-backed db/ on D1. The standout is .pkpass signing implemented purely in JavaScript with pkijs/asn1js, no native OpenSSL binding, so it runs inside the Worker. State and assets use the full Cloudflare data plane: D1 (SQLite) for records, R2 for assets and cached pass blobs, KV for auth and rate limits, Queues for APNs fan-out / distribution / webhook delivery, Analytics Engine for metrics, and Cron Triggers for a daily expiry sweep. The PassKit web-service routes let Apple devices register and pull live updates. Integrator-facing docs (concepts, full API reference, webhook contracts, Apple/Google specifics, runnable Node/Python/PHP samples) ship in docs/, with a machine-readable llms.txt.

Technologies & Approach

Everything runs on Cloudflare Workers with nodejs_compat, bound to a custom domain. Drizzle ORM over D1 keeps schema/migrations typed; Zod validates inputs. Choosing pure-JS signing over native OpenSSL was the key decision that made an edge deployment viable.

Outcome / Impact

A working single-call wallet-issuance service spanning Apple, Google and web, with live updates, multi-channel delivery and CRM/POS webhooks, the loyalty backbone behind the community-hub platform, deployed entirely on the Cloudflare edge.

Capabilities Demonstrated

• Apple Wallet .pkpass signing implemented in pure JavaScript (no native dependencies)
• Google Wallet loyalty objects and save-link generation
• Live pass updates via APNs with queue-based fan-out
• Multi-channel distribution: email, SMS, QR, hosted link
• Inbound and outbound (HMAC-verified) CRM/POS webhooks
• End-to-end use of the Cloudflare data plane: D1, R2, KV, Queues, Analytics Engine, Cron
• Integrator-grade documentation with runnable multi-language samples