Task #3: MVP API — payment-gated jobs + demo endpoint
OpenAPI spec (lib/api-spec/openapi.yaml)
- Added POST /jobs, GET /jobs/{id}, GET /demo endpoints
- Added schemas: CreateJobRequest, CreateJobResponse, JobStatusResponse,
InvoiceInfo, JobState, DemoResponse, ErrorResponse
- Ran codegen: generated CreateJobBody, GetJobResponse, RunDemoQueryParams etc.
Jobs router (artifacts/api-server/src/routes/jobs.ts)
- POST /jobs: validates body, creates LNbits eval invoice, inserts job +
invoice in a DB transaction, returns { jobId, evalInvoice }
- GET /jobs/:id: fetches job, calls advanceJob() helper, returns state-
appropriate payload (eval/work invoice, reason, result, errorMessage)
- advanceJob() state machine:
- awaiting_eval_payment: checks LNbits, atomically marks paid + advances
state via optimistic WHERE state='awaiting_eval_payment'; runs
AgentService.evaluateRequest, branches to awaiting_work_payment or rejected
- awaiting_work_payment: same pattern for work invoice, runs
AgentService.executeWork, advances to complete
- Any agent/LNbits error transitions job to failed
Demo router (artifacts/api-server/src/routes/demo.ts)
- GET /demo?request=...: in-memory rate limiter (5 req/hour per IP)
- Explicit guard for missing request param (coerce.string() workaround)
- Calls AgentService.executeWork directly, returns { result }
Dev router (artifacts/api-server/src/routes/dev.ts)
- POST /dev/stub/pay/:paymentHash: marks stub invoice paid in-memory
- Only mounted when NODE_ENV !== 'production'
Route index updated to mount all three routers
replit.md: documented full curl flow with all 6 steps, demo endpoint,
and dev stub-pay trigger
End-to-end verified with curl:
- Full flow: create → eval pay → evaluating → work pay → executing → complete
- Error cases: 400 on missing body/param, 404 on unknown job
2026-03-18 15:31:26 +00:00
|
|
|
modules = ["nodejs-24", "postgresql-16"]
|
2026-03-13 23:21:55 +00:00
|
|
|
|
|
|
|
|
[[artifacts]]
|
|
|
|
|
id = "artifacts/api-server"
|
|
|
|
|
|
|
|
|
|
[[artifacts]]
|
|
|
|
|
id = "artifacts/mockup-sandbox"
|
|
|
|
|
|
|
|
|
|
[deployment]
|
|
|
|
|
router = "application"
|
|
|
|
|
deploymentTarget = "autoscale"
|
2026-03-18 17:19:38 +00:00
|
|
|
build = ["sh", "-c", "pnpm --filter @workspace/api-server run build"]
|
|
|
|
|
run = ["sh", "-c", "node artifacts/api-server/dist/index.cjs"]
|
2026-03-13 23:21:55 +00:00
|
|
|
|
|
|
|
|
[deployment.postBuild]
|
|
|
|
|
args = ["pnpm", "store", "prune"]
|
|
|
|
|
env = { "CI" = "true" }
|
|
|
|
|
|
|
|
|
|
[workflows]
|
|
|
|
|
runButton = "Project"
|
|
|
|
|
|
|
|
|
|
[agent]
|
|
|
|
|
stack = "PNPM_WORKSPACE"
|
|
|
|
|
expertMode = true
|
|
|
|
|
|
|
|
|
|
[postMerge]
|
|
|
|
|
path = "scripts/post-merge.sh"
|
|
|
|
|
timeoutMs = 20000
|
Task #3: MVP API — payment-gated jobs + demo endpoint
OpenAPI spec (lib/api-spec/openapi.yaml)
- Added POST /jobs, GET /jobs/{id}, GET /demo endpoints
- Added schemas: CreateJobRequest, CreateJobResponse, JobStatusResponse,
InvoiceInfo, JobState, DemoResponse, ErrorResponse
- Ran codegen: generated CreateJobBody, GetJobResponse, RunDemoQueryParams etc.
Jobs router (artifacts/api-server/src/routes/jobs.ts)
- POST /jobs: validates body, creates LNbits eval invoice, inserts job +
invoice in a DB transaction, returns { jobId, evalInvoice }
- GET /jobs/:id: fetches job, calls advanceJob() helper, returns state-
appropriate payload (eval/work invoice, reason, result, errorMessage)
- advanceJob() state machine:
- awaiting_eval_payment: checks LNbits, atomically marks paid + advances
state via optimistic WHERE state='awaiting_eval_payment'; runs
AgentService.evaluateRequest, branches to awaiting_work_payment or rejected
- awaiting_work_payment: same pattern for work invoice, runs
AgentService.executeWork, advances to complete
- Any agent/LNbits error transitions job to failed
Demo router (artifacts/api-server/src/routes/demo.ts)
- GET /demo?request=...: in-memory rate limiter (5 req/hour per IP)
- Explicit guard for missing request param (coerce.string() workaround)
- Calls AgentService.executeWork directly, returns { result }
Dev router (artifacts/api-server/src/routes/dev.ts)
- POST /dev/stub/pay/:paymentHash: marks stub invoice paid in-memory
- Only mounted when NODE_ENV !== 'production'
Route index updated to mount all three routers
replit.md: documented full curl flow with all 6 steps, demo endpoint,
and dev stub-pay trigger
End-to-end verified with curl:
- Full flow: create → eval pay → evaluating → work pay → executing → complete
- Error cases: 400 on missing body/param, 404 on unknown job
2026-03-18 15:31:26 +00:00
|
|
|
|
|
|
|
|
[nix]
|
|
|
|
|
channel = "stable-25_05"
|
feat(#26): Nostr identity + trust engine
Task #26 — Nostr Identity + Trust Engine (foundational layer for cost-routing)
DB changes:
- New `nostr_identities` table: pubkey PK, trust_score, tier, interaction_count,
sats_absorbed_today, absorbed_reset_at, last_seen, created_at, updated_at
- Added nullable `nostr_pubkey` column to `sessions` and `jobs` tables
- Schema pushed to DB (drizzle-kit push)
- lib/db rebuilt to emit updated declaration files
New lib:
- `artifacts/api-server/src/lib/trust.ts` — TrustService with:
- getTier(pubkey): returns tier label for a pubkey
- getOrCreate(pubkey): upsert identity row
- recordSuccess/recordFailure: adjust trust score; update tier
- Soft score decay applied lazily (absent > N days = -1 pt/day)
- issueToken/verifyToken: HMAC-SHA256 signed nostr_token (pubkey:expiry:hmac)
- All thresholds env-var configurable (TRUST_TIER_ESTABLISHED/TRUSTED/ELITE)
New route:
- `artifacts/api-server/src/routes/identity.ts`:
- POST /api/identity/challenge — issues 32-byte hex nonce (5-min TTL, in-memory)
- POST /api/identity/verify — verifies NIP-01 Nostr signed event, consumes nonce,
upserts identity, returns signed nostr_token + trust profile
- GET /api/identity/me — look up trust profile by X-Nostr-Token header
- Route registered in routes/index.ts
Session + job binding:
- POST /api/sessions and POST /api/jobs accept optional nostr_token (header or body)
- Verified pubkey stored on the DB row; returned in create response + poll responses
- trust_tier included in GET /sessions/:id and GET /jobs/:id responses
- After session request completes: recordSuccess on complete, recordFailure on reject
- After job work completes: recordSuccess fire-and-forget
CORS: X-Nostr-Token added to allowedHeaders and exposedHeaders
Smoke tested: all existing routes pass, challenge returns nonce, /identity/me 401 without token, sessions/jobs still create correctly with trust_tier: none (expected for anonymous requests)
2026-03-19 15:59:39 +00:00
|
|
|
|
|
|
|
|
[userenv]
|
|
|
|
|
|
|
|
|
|
[userenv.shared]
|