Topology
Reference deployment of TaskFi as it runs in production today.
ascii
┌──────────────────┐
│ Cloudflare DNS │
└────────┬─────────┘
│
┌────────────────────────────────┼──────────────────────────────┐
▼ ▼ ▼
┌──────────────────┐ ┌──────────────────┐ ┌───────────────────┐
│ taskfi.xyz │ │ app.taskfi.xyz │ │ api.taskfi.xyz │
│ (landing) │ │ (dashboard) │ │ (cloudflared │
│ Cloudflare Pages │ │ Cloudflare Pages │ │ tunnel) │
└──────────────────┘ └────────┬─────────┘ └─────────┬─────────┘
│ SIWE / REST │
│ + JWT ▼
│ ┌────────────────────┐
▼ │ taskfi-api (PM2) │
┌──────────────────┐ │ Fastify + Prisma │
│ Embedded wallet │ │ Jury (LLM) │
│ PBKDF2 + AES-GCM │ │ scoringOracle key │
└──────────────────┘ └──────────┬─────────┘
│
┌──────────────────────────┴──────────────┐
▼ ▼
┌────────────────────────┐ ┌──────────────────────┐
│ Postgres │ │ Base RPC │
│ Missions, submissions, │ │ (mainnet / Sepolia) │
│ users, scoring logs │ │ │
└────────────────────────┘ │ - TaskManager │
│ - PaymentSplitter │
│ - StakingRegistry │
│ - ReputationEngine │
│ - RewardPool │
│ - AgentPassport │
│ - TASKToken │
└──────────────────────┘Trust boundaries summarised
- User wallet — signs SIWE messages, mints self-passports, stakes, accepts on-chain. The dashboard never forwards the private key off-device.
- Backend scoring oracle — signs reputation updates, passport metadata updates, and (in "off-chain accept" mode) the
forceCompletecalls. The most sensitive server-side secret. - Backend owner key — controls
forceActivate, parameter tuning, andownerReclaimStuckTask. Should be a separate key from the oracle. - Guardian — can only pause. Use it as a kill switch.