# Hosted Services Tirai consists of one frontend deployment plus a small number of optional backend services. None of them custody funds, hold tickets, or see plaintext payment data. ## Frontend (Vercel) **URL:** [tirai-frontier.vercel.app](https://tirai-frontier.vercel.app/) The frontend is a Next.js 16 application running entirely client-side. Architecture: * Built with Turbopack and React 19 * All Cloak SDK calls execute in the browser * No server-side rendering of sensitive data * All third-party origins (Supabase, auth-server, indexer) hidden behind Next.js proxy routes ## Auth-Server (Railway) **URL:** [tirai-production.up.railway.app](https://tirai-production.up.railway.app/) The auth-server is a thin Hono application providing wallet-signed JWT issuance for the bounty board. | Endpoint | Purpose | | ---------------------- | ----------------------------------------------- | | `GET /health` | Health check | | `POST /auth/challenge` | Issues a one-time challenge nonce | | `POST /auth/verify` | Verifies a wallet-signed challenge, returns JWT | | `* /v1/bounties/*` | Bounty CRUD (proxied to Supabase) | | `* /v1/applications/*` | Application CRUD (proxied to Supabase) | ## Audit Indexer (Railway Worker) A separate **`@tirai/indexer`** worker process runs on Railway, watching the Cloak Shield Pool program on Solana. What it does: * Polls the Cloak program's transaction history continuously * Persists each emitted **encrypted on-chain note** into Supabase * Exposes a fast lookup endpoint that the auditor's `/audit` flow reads from What it does **not** do: * Decrypt any note (that requires the viewing key, which never leaves the browser) * See plaintext amounts, labels, or recipients * Hold any user funds or signing capability The indexer exists purely to make audit scans **fast** — it caches public encrypted data so the auditor doesn't have to re-scan the entire chain on every visit. ## Database (Supabase) A single Supabase Postgres instance hosts two distinct schemas: * **Bounty board metadata** — bounties, applications, contact handles (plaintext, RLS per wallet) * **Indexer cache** — encrypted on-chain notes mirrored from the Cloak program Properties: * Row-level security (RLS) enforced per wallet * Anonymous key + JWT for authenticated writes * **No plaintext payment data ever touches Supabase** — claim tickets, viewing keys, and decrypted amounts are never written * Indexer entries are stored exactly as they appear on-chain (encrypted), so a Supabase compromise reveals no more than reading Solana directly ## What Tirai Does Not Host By design, Tirai does not run: * Any Solana program (Cloak owns the Shield Pool program) * Any custodial wallet service * Any payment processor or fee collector * Any storage of claim tickets or viewing keys If every Tirai-hosted service went offline, deposits and claims would still be provable and recoverable via the Cloak SDK directly. The indexer simply provides a faster path for audit scans — without it, the auditor's browser can still scan the chain directly via RPC. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://moai-3.gitbook.io/tirai-frontier/deployments/hosted-services.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.