Add getTransakApiKey() and getTransakWebhookSecret() helpers that
resolve TRANSAK_API_KEY_STAGING or TRANSAK_API_KEY_PRODUCTION based
on TRANSAK_ENV, with fallback to legacy TRANSAK_API_KEY. All consumers
(rcart, rflows, transak-onramp) now use the shared helpers instead of
reading env vars directly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Switch TRANSAK_ENV default from PRODUCTION to STAGING in shared/transak.ts,
docker-compose.yml, and rflows config endpoint. All card purchases now
route through Transak's staging gateway until production is ready.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Resolves T-INF-101 Access Denied when accessing payment links from
subdomains like demo.rspace.online. Adds extractRootDomain() helper
to shared/transak.ts, used by both rcart and rflows onramp adapters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace TBFF preset with 19-node BCRG Community Flow (2 sources →
central funnel → 5 person funnels → 11 outcomes). Seed matching
BCRG Outcomes board in rTasks (4 DONE, 5 IN_PROGRESS, 2 TODO).
Add SyncServer.registerWatcher() for cross-module doc change hooks.
When an rFlows outcome is marked "completed", auto-create a DONE task
in rTasks with ref:rflows:outcome:{id} deduplication.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Transak deprecated direct query-parameter URLs. The new flow uses
their Create Widget URL API with a Partner Access Token to generate
one-time sessionId-based URLs server-side. Also stops exposing the
API key in config endpoints and adds referrerpolicy to the iframe.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Infisical has BASE_CHAIN_ID=84532 (Base Sepolia testnet) which
conflicts with the live Openfort API key. Hardcode 8453 to prevent
testnet/mainnet mismatch.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Openfort rejects ':' in player name query param. Changed label from
'user:email@example.com' to just 'email@example.com'. Also improved
error serialization for Openfort's non-standard APIError objects.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Transak: default env PRODUCTION, fail if API key missing instead of
falling back to STAGING_KEY
- Coinbase: default environment production instead of sandbox
- Openfort: default chain ID 8453 (Base mainnet) instead of 84532 (Sepolia)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- OpenfortProvider.findOrCreateWallet() searches by player name before
creating, ensuring the same email always maps to the same wallet
- Fund claims endpoint expires old pending claims before creating new ones
- Added expireFundClaim() to db layer
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
After payment via Coinbase/Transak, users receive a claim email to link
their funded wallet to their EncryptID account — no keys or seed phrases
needed. Adds fund_claims table, CRUD layer, internal service-to-service
API, public claim page, and post-payment UX showing claim instructions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- user-onramp endpoint accepts optional `provider` param
- /api/onramp/config returns `available` array of configured providers
- Fund modal shows provider dropdown when both are available
- Transak widget URL now built server-side (consistent with Coinbase flow)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace flow-service proxy for user-onramp with direct Coinbase + Openfort
provider calls. Eliminates double-hop dependency and simplifies deployment.
- Add CoinbaseOnrampProvider (Ed25519 JWT → CDP session → widget URL)
- Add OpenfortProvider (smart wallet creation on Base)
- Initialize providers from env vars in onInit()
- Update folk-flows-app to support Coinbase widget alongside Transak
- Add jose and @openfort/openfort-node dependencies
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix redrawNodeOnly() to use innerHTML for atomic DOM replacement
instead of child-by-child moves that cause blur-event reentrancy
- Fix openTransakWidget/openUserOnRamp to use getApiBase() instead
of hardcoded /s/ prefix
- Add content-type checking before res.json() to surface clear errors
- Add try/catch in server proxy for flow-service unreachable (502)
- Add "Fund" toolbar button with quickFund() one-step modal
- Replace promptEmail() with promptFundDetails() (amount+email+label)
- Pass actual flowRate instead of hardcoded fiatAmount: 50
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add POST /api/flows/user-onramp proxy route in mod.ts
- Add promptEmail(), openWidgetModal(), openUserOnRamp() methods
- Fund with Card now branches: wallet exists → direct Transak, no wallet → email → wallet → Transak
- Show truncated wallet address in source modal when provisioned
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Open rFlows directly into the interactive canvas instead of the landing
page. Adds a full flow storage system (Automerge for authenticated users,
localStorage for demo/anon) with CRUD operations, auto-save with 1.5s
debounce, flow switching via toolbar dropdown, and a management modal
for rename/duplicate/export/import/delete. Viewport state (zoom/pan)
persists per-flow in localStorage.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bare-domain URLs like rspace.online/rsocials/thread now render an info
page with CTAs instead of silently serving the functional app. The
functional app only appears inside a {space} context (e.g.
demo.rspace.online/rsocials/thread). API routes still pass through.
- Add SubPageInfo interface to shared/module.ts
- Add renderSubPageInfo() renderer to server/shell.ts
- Modify bare-domain routing: api/ passthrough → info page → demo fallback
- Add subPageInfos to 8 modules (rsocials, rflows, rnetwork, rtrips,
rbooks, rphotos, rinbox, rsplat)
- Add window.__rspaceSaveGate() auth prompt on write operations
- Wire save-gate into rsocials Thread Builder save handler
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update docker-compose, vite config, Traefik labels, module imports,
and all cross-module references to use the new rflows naming.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett