Skip to content

docs(plans): private-apps-on-Lit framework + Lambda-parity gateway plan#446

Closed
clawdbot-glitch003 wants to merge 2 commits into
mainfrom
glitch003/lit-private-apps-backend
Closed

docs(plans): private-apps-on-Lit framework + Lambda-parity gateway plan#446
clawdbot-glitch003 wants to merge 2 commits into
mainfrom
glitch003/lit-private-apps-backend

Conversation

@clawdbot-glitch003

Copy link
Copy Markdown
Collaborator

Adds two design plans (docs only — no code changes).

plans/private-apps-backend.md proposes a "backend-as-Lit-Actions" framework — an in-action runtime, CLI, client SDK, and optional relay — for building private apps where Postgres row contents are encrypted at rest and decrypted only inside the TEE, with plaintext index columns for querying. plans/chipotle-lambda-parity.md lays out the prioritized Chipotle gateway work (per-key spend cap with auto-disable, per-key/per-IP rate + concurrency limits, origin allowlist, and a public-key type) needed to make a usage key safe to embed directly in a frontend, with blast-radius parity to a public AWS Lambda URL. Together they argue the relay becomes optional once the gateway controls land, since confidentiality is already TEE/CID-gated and only spend/availability needs bounding. Both are grounded in the existing examples/dark-pool/ encrypted-Postgres pattern and the current lit-api-server guard/billing code.

🤖 Generated with Claude Code

Add two design plans:
- private-apps-backend.md: a "backend-as-Lit-Actions" framework (in-action
  runtime + CLI + client SDK + optional relay) for building private apps with
  encrypted-at-rest Postgres, decrypted only inside the TEE.
- chipotle-lambda-parity.md: prioritized gateway work (per-key spend cap,
  rate/concurrency limits, origin allowlist, public-key type) to make a usage
  key safe to embed in a frontend, with blast-radius parity to a public Lambda.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@clawdbot-glitch003
clawdbot-glitch003 requested a review from a team June 4, 2026 20:28
…mbda-parity

Add an "Architecture: where state lives & the zero-latency path" section grounded
in the existing hot path (BlockchainCache, Stripe SWR caches, async fire-and-forget
charge). Introduces P0.0 (hasSpendingRules on-chain bit fetched in the
canExecuteAction multicall) as the zero-latency gate, splits storage across
on-chain flag / lit-payments DB rules+usage / in-process per-node counters, and
records resolved decisions: rolling spend window, SWR rule cache, DB-backed durable
per-key spend, multicall flag fetch, and rule-write-before-flag-flip ordering.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
clawdbot-glitch003 pushed a commit that referenced this pull request Jun 17, 2026
Brings the two design plans from PR #446 into this branch so they ship with the
lambda-parity implementation they describe, and #446 can be closed.

- plans/chipotle-lambda-parity.md — prioritized gateway work (this PR implements
  P0.0/P0.1/P0.2/P1) for per-key blast-radius parity with a public Lambda URL.
- plans/private-apps-backend.md — the backend-as-Lit-Actions framework these
  gateway controls unlock (relay becomes optional).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@glitch003

Copy link
Copy Markdown
Contributor

closing - moved plan to #477

@glitch003 glitch003 closed this Jun 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants