Reza Pirighadim

An autonomous software engineer that turns a Jira ticket into a reviewed, tested pull request — no human in the loop until the final merge. It watches the board, picks up any tagged ticket, then clones the repo, branches, writes the code, opens a PR, runs CI, self-reviews its own diff, and drives the ticket through the workflow — across four production codebases (two PHP backends, a React/Vite frontend, a Next.js frontend) routed automatically by label.

The hard part isn't generating code — it's trusting it. A two-layer quality system handles that: a pre-merge gate runs linting, static analysis, and diff-focused test selection (seconds instead of 20+ minutes on a 6,000-test suite), a second LLM reviewer flags real issues and pushes fix commits, and after merge an independent deploy-QA agent re-verifies each change against the live server — driving a real browser via Playwright for frontends, replaying authenticated API calls for backends, and recording video evidence back to the ticket. Built to survive production: a single-writer SQLite queue with atomic task claiming, orphan reaping, self-healing git, retry-with-backoff, and a re-engagement loop that resumes work on any new Jira or PR comment — all behind a swappable LLM provider abstraction (Anthropic, OpenRouter, OpenAI).

Designed and built the long-term memory layer for a LangGraph multi-agent platform of five specialized agents (Orchestrator, Knowledge, Developer, Operator, Generator) — giving a previously stateless system the ability to remember users across sessions, learn their preferences, and personalize every response and task brief. Because it persists and recalls user data on live workflows, every change had to be privacy-aware, non-blocking, and safe to roll out incrementally.

A pluggable architecture built around an abstract AgentMemory interface, implemented on mem0 with pgvector for semantic storage — extracting meaningful facts from conversations rather than raw logs and retrieving the most relevant ones to enrich each agent's prompt. Memory loading is wired into all worker agents and the Orchestrator's clarification and brief nodes, with writes offloaded to Celery so persistence never blocks the workflow. Per-mode configuration (light/pro/auto) tunes retrieval depth against latency, and user-scoped REST endpoints list and delete memories for GDPR-style control — all settings- and flag-driven.

Re-architected how a LangGraph multi-agent platform connects to third-party tools through the Model Context Protocol — turning embedded, single-process integrations into a horizontally scalable service that lets the Operator agent securely act on a user's Gmail, Google Calendar, Drive, Atlassian/Jira, GitHub, Sentry, and YouTube. Because it executes real actions on live accounts under per-user OAuth, every change had to be secure, isolated, and degrade gracefully on failure.

Migrated every MCP server off stdio onto HTTP with health-check endpoints, then extracted them into a dedicated microservice fronted by an MCPHTTPClient — the main app talks to it over HTTP with request-scoped per-user OAuth credentials, so the heavy integration runtime scales separately from the agents and a broken server is isolated behind timeouts rather than crashing the workflow. A loader namespaces tools from many servers in a single request (gmail_, atlassian_, google_calendar_), and an LLM-based selection step filters the catalog to only the servers relevant to each task.

The identity backbone for the entire DrBalcony platform — a Laravel 11 microservice that handles authentication, authorization, and user management for every product in the ecosystem from a single source of truth. Any service plugs in and inherits social login (Google, Facebook, GitHub), passwordless OTP over email/SMS/phone-call, password auth, invitations, and a referral program — all behind one token-based API.

Everything is multi-tenant by design: every user, role, permission, and setting is scoped by account_id, so one deployment serves many independent organizations with isolated data, per-account auth methods, and custom roles. Granular RBAC sits on top (action-level permissions, cross-device session management, ban/unban with audit history), and an event-driven layer keeps downstream services in sync — Eloquent observers publish user changes to a central event bus and RabbitMQ. Designed around clean service-layer, DTO, observer, and strategy patterns, with distributed-lock-protected user creation and Redis caching.

Built and extended the core engine that keeps a high-throughput crypto exchange's market-maker inventory balanced in real time — pricing every market live, deciding how much of each asset to buy or sell, and routing those orders across multiple exchanges autonomously. Operating directly on live capital, every change had to be correct, reversible, and risk-aware.

Delivered three improvements: a chunked order-execution layer that slices large refillment orders into order-book-aware pieces bounded to a price band of the top of book (eliminating slippage from single market orders); automatic multi-exchange sourcing that atomically switches pricing and sourcing to a secondary exchange when a local market goes stale, then reverts; and end-to-end automation of manual ops — one guided command that idempotently onboards a new coin across enums, config, markets, and localization. Every behavior is config- and flag-driven.

A proprietary-trading product where users trade platform-funded capital against their own collateral over fixed-term contracts. Each prop contract runs as a ring-fenced trading identity with its own balances, funded atomically (collateral + loan + fee) in a single distributed-lock-protected transaction.

A cron-driven risk engine values each account in real time and triggers tiered warnings and automatic liquidation when losses breach the margin limit. The hardest part was multi-asset valuation — pricing every held coin through an Exchange→OTC fallback chain, handling inverse markets, sub-unit coefficients, and a two-hop USD→Rial conversion, then liquidating via OTC with retry/slippage handling. Automated settlement closes out orders, repays loan and fees, and returns remaining funds, with an independent watchdog alerting operators on any unsettled account and event-driven notifications fanned out across SMS, email, push, and in-app.

An independent reconciliation service that continuously audits a high-throughput crypto exchange for fraud, manipulation, and accounting drift. It treats the exchange's own database as untrusted and re-verifies every financial event against an external source of truth — blockchain explorers for crypto, payment-provider APIs for fiat — flagging any mismatch as a conflict for investigation.

With thousands of trades, deposits, and withdrawals per second, manual tracing was impossible. I designed an automated, incremental pipeline that processes only new records each run (checkpoint-based), batches in chunks of up to 10k, and retries failed external lookups automatically — so nothing slips through and nothing is double-scanned.

Designed and built the Wallet module for Digikala's Pindo C2C marketplace — a PHP financial-transactions engine that replaced the legacy finance services with a cleaner, extensible OOP architecture.

Implemented an abstract wallet hierarchy (Main, Safe-Payment, Review, Gateway), double-entry transaction recording with balance and eligibility validation, and integrations for 10+ payment gateways including Vandar, Saman, Zarinpal, Digipay, CafeBazaar, Myket, COD, and offline payments. Added a Transfer Wizard for consistent fund movements, DTO-based requests, and a static service resolver — all behind environment-based feature flags.