.replit

modules = ["nodejs-24", "postgresql-16"]

[[artifacts]]
id = "artifacts/api-server"

[[artifacts]]
id = "artifacts/mockup-sandbox"

[deployment]
router = "application"
deploymentTarget = "autoscale"
build = ["sh", "-c", "pnpm --filter @workspace/api-server run build"]
run = ["sh", "-c", "node artifacts/api-server/dist/index.cjs"]

[deployment.postBuild]
args = ["pnpm", "store", "prune"]
env = { "CI" = "true" }

[workflows]
runButton = "Project"

[agent]
stack = "PNPM_WORKSPACE"
expertMode = true

[postMerge]
path = "scripts/post-merge.sh"
timeoutMs = 20000

[nix]
channel = "stable-25_05"

[userenv]

[userenv.shared]
Task #3: MVP API — payment-gated jobs + demo endpoint OpenAPI spec (lib/api-spec/openapi.yaml) - Added POST /jobs, GET /jobs/{id}, GET /demo endpoints - Added schemas: CreateJobRequest, CreateJobResponse, JobStatusResponse, InvoiceInfo, JobState, DemoResponse, ErrorResponse - Ran codegen: generated CreateJobBody, GetJobResponse, RunDemoQueryParams etc. Jobs router (artifacts/api-server/src/routes/jobs.ts) - POST /jobs: validates body, creates LNbits eval invoice, inserts job + invoice in a DB transaction, returns { jobId, evalInvoice } - GET /jobs/:id: fetches job, calls advanceJob() helper, returns state- appropriate payload (eval/work invoice, reason, result, errorMessage) - advanceJob() state machine: - awaiting_eval_payment: checks LNbits, atomically marks paid + advances state via optimistic WHERE state='awaiting_eval_payment'; runs AgentService.evaluateRequest, branches to awaiting_work_payment or rejected - awaiting_work_payment: same pattern for work invoice, runs AgentService.executeWork, advances to complete - Any agent/LNbits error transitions job to failed Demo router (artifacts/api-server/src/routes/demo.ts) - GET /demo?request=...: in-memory rate limiter (5 req/hour per IP) - Explicit guard for missing request param (coerce.string() workaround) - Calls AgentService.executeWork directly, returns { result } Dev router (artifacts/api-server/src/routes/dev.ts) - POST /dev/stub/pay/:paymentHash: marks stub invoice paid in-memory - Only mounted when NODE_ENV !== 'production' Route index updated to mount all three routers replit.md: documented full curl flow with all 6 steps, demo endpoint, and dev stub-pay trigger End-to-end verified with curl: - Full flow: create → eval pay → evaluating → work pay → executing → complete - Error cases: 400 on missing body/param, 404 on unknown job 2026-03-18 15:31:26 +00:00			`modules = ["nodejs-24", "postgresql-16"]`
Initial commit 2026-03-13 23:21:55 +00:00
			`[[artifacts]]`
			`id = "artifacts/api-server"`

			`[[artifacts]]`
			`id = "artifacts/mockup-sandbox"`

			`[deployment]`
			`router = "application"`
			`deploymentTarget = "autoscale"`
Published your App Replit-Commit-Author: Deployment Replit-Commit-Session-Id: 418bf6f8-212b-4bb0-a7a5-8231a061da4e Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: be88c3fd-cdde-409a-a807-c8bb934d7267 Replit-Commit-Deployment-Build-Id: 848bca0f-322f-442c-b1c2-4f19cfda133d Replit-Helium-Checkpoint-Created: true 2026-03-18 17:19:38 +00:00			`build = ["sh", "-c", "pnpm --filter @workspace/api-server run build"]`
			`run = ["sh", "-c", "node artifacts/api-server/dist/index.cjs"]`
Initial commit 2026-03-13 23:21:55 +00:00
			`[deployment.postBuild]`
			`args = ["pnpm", "store", "prune"]`
			`env = { "CI" = "true" }`

			`[workflows]`
			`runButton = "Project"`

			`[agent]`
			`stack = "PNPM_WORKSPACE"`
			`expertMode = true`

			`[postMerge]`
			`path = "scripts/post-merge.sh"`
			`timeoutMs = 20000`
Task #3: MVP API — payment-gated jobs + demo endpoint OpenAPI spec (lib/api-spec/openapi.yaml) - Added POST /jobs, GET /jobs/{id}, GET /demo endpoints - Added schemas: CreateJobRequest, CreateJobResponse, JobStatusResponse, InvoiceInfo, JobState, DemoResponse, ErrorResponse - Ran codegen: generated CreateJobBody, GetJobResponse, RunDemoQueryParams etc. Jobs router (artifacts/api-server/src/routes/jobs.ts) - POST /jobs: validates body, creates LNbits eval invoice, inserts job + invoice in a DB transaction, returns { jobId, evalInvoice } - GET /jobs/:id: fetches job, calls advanceJob() helper, returns state- appropriate payload (eval/work invoice, reason, result, errorMessage) - advanceJob() state machine: - awaiting_eval_payment: checks LNbits, atomically marks paid + advances state via optimistic WHERE state='awaiting_eval_payment'; runs AgentService.evaluateRequest, branches to awaiting_work_payment or rejected - awaiting_work_payment: same pattern for work invoice, runs AgentService.executeWork, advances to complete - Any agent/LNbits error transitions job to failed Demo router (artifacts/api-server/src/routes/demo.ts) - GET /demo?request=...: in-memory rate limiter (5 req/hour per IP) - Explicit guard for missing request param (coerce.string() workaround) - Calls AgentService.executeWork directly, returns { result } Dev router (artifacts/api-server/src/routes/dev.ts) - POST /dev/stub/pay/:paymentHash: marks stub invoice paid in-memory - Only mounted when NODE_ENV !== 'production' Route index updated to mount all three routers replit.md: documented full curl flow with all 6 steps, demo endpoint, and dev stub-pay trigger End-to-end verified with curl: - Full flow: create → eval pay → evaluating → work pay → executing → complete - Error cases: 400 on missing body/param, 404 on unknown job 2026-03-18 15:31:26 +00:00
			`[nix]`
			`channel = "stable-25_05"`
feat(#26): Nostr identity + trust engine Task #26 — Nostr Identity + Trust Engine (foundational layer for cost-routing) DB changes: - New `nostr_identities` table: pubkey PK, trust_score, tier, interaction_count, sats_absorbed_today, absorbed_reset_at, last_seen, created_at, updated_at - Added nullable `nostr_pubkey` column to `sessions` and `jobs` tables - Schema pushed to DB (drizzle-kit push) - lib/db rebuilt to emit updated declaration files New lib: - `artifacts/api-server/src/lib/trust.ts` — TrustService with: - getTier(pubkey): returns tier label for a pubkey - getOrCreate(pubkey): upsert identity row - recordSuccess/recordFailure: adjust trust score; update tier - Soft score decay applied lazily (absent > N days = -1 pt/day) - issueToken/verifyToken: HMAC-SHA256 signed nostr_token (pubkey:expiry:hmac) - All thresholds env-var configurable (TRUST_TIER_ESTABLISHED/TRUSTED/ELITE) New route: - `artifacts/api-server/src/routes/identity.ts`: - POST /api/identity/challenge — issues 32-byte hex nonce (5-min TTL, in-memory) - POST /api/identity/verify — verifies NIP-01 Nostr signed event, consumes nonce, upserts identity, returns signed nostr_token + trust profile - GET /api/identity/me — look up trust profile by X-Nostr-Token header - Route registered in routes/index.ts Session + job binding: - POST /api/sessions and POST /api/jobs accept optional nostr_token (header or body) - Verified pubkey stored on the DB row; returned in create response + poll responses - trust_tier included in GET /sessions/:id and GET /jobs/:id responses - After session request completes: recordSuccess on complete, recordFailure on reject - After job work completes: recordSuccess fire-and-forget CORS: X-Nostr-Token added to allowedHeaders and exposedHeaders Smoke tested: all existing routes pass, challenge returns nonce, /identity/me 401 without token, sessions/jobs still create correctly with trust_tier: none (expected for anonymous requests) 2026-03-19 15:59:39 +00:00
			`[userenv]`

			`[userenv.shared]`