Frontend Services
These services power the frontend's authentication, communication, and media features.
Dynamic Labs — Web3 Authentication
What: Wallet abstraction and authentication SDK. Handles multi-chain wallet connection (MetaMask, WalletConnect, Coinbase Wallet, etc.) and session management.
Criticality: CRITICAL — users cannot log in without Dynamic Labs.
SDKs used:
@dynamic-labs/sdk-react-core— core SDK@dynamic-labs/ethereum— EVM wallet support@dynamic-labs/solana— Solana wallet support
Auth: NEXT_PUBLIC_DYNAMIC_ENVIRONMENT_ID
How it works:
- User clicks "Connect Wallet"
- Dynamic Labs SDK presents wallet options
- User connects and signs a message
- Dynamic Labs issues a JWT
- Frontend validates JWT and creates a session
CometChat — Real-Time Communication
What: Chat and video calling SDK. Enables advisor-client communication within the platform.
Criticality: HIGH — advisory/consultation feature depends on it.
SDKs used:
@cometchat/chat-uikit-react— chat UI components@cometchat/calls-sdk— video/voice calls
Auth: NEXT_PUBLIC_COMETCHAT_APP_ID
Features:
- Text messaging between users and advisors
- Video and voice calls
- Online/offline presence indicators
- Message delivery webhooks
Supabase — Backend-as-a-Service (Disabled)
What: Was originally planned as an authentication provider (magic link / OTP login, email verification, password-based admin login). All Supabase code has been commented out across 6 files.
Current status: DISABLED — Supabase is not active in the application. Authentication is now handled by Dynamic Labs (wallet connection) and iron-session (cookie-based sessions). User data is stored directly in PostgreSQL via Prisma.
Criticality: NONE (disabled)
Auth (configured but unused):
NEXT_PUBLIC_SUPABASE_URL(public)NEXT_PUBLIC_SUPABASE_ANON_KEY(public)SUPABASE_JWT_SECRET(server)SUPABASE_SERVICE_ROLE_KEY(server)
ImageKit — Media Processing
What: Image CDN and processing service. Handles image uploads, optimization, and delivery.
Criticality: LOW
Auth:
NEXT_PUBLIC_IMAGEKIT_URL_ENDPOINT(public endpoint)IMAGEKIT_PRIVATE_KEY(server-side uploads)
Gelato — Transaction Relay
What: Enables gasless (sponsored) transactions. The platform pays gas fees on behalf of users via Gelato's relay network. Gelato acts as a transaction relayer — we pay them USDC in a Gas Tank, they submit and pay for transactions with ETH on our behalf.
Criticality: MEDIUM — gasless transactions won't work, but users can still pay their own gas. Automated subscription renewals will stop.
SDKs used:
@gelatonetwork/relay-sdk(frontend)- Direct HTTP API via
reqwest(backend)
Auth: GELATO_API_KEY
Frontend usage:
- Gasless Safe transaction execution via
SponsoredTxBuilder— users sign a message, Gelato submits and pays for the tx - Bundled transaction relay via the Bundler service — multiple calls executed atomically through a custom Bundler contract
Backend usage:
- Automated subscription renewals — the backend worker calls
payForSubscriptionfor each eligible Safe on a timer, then callswithdrawFeesto collect protocol revenue - Eliminates the need to manage a hot wallet (private key, ETH balance, nonce management, gas estimation, tx resubmission)
- Sends calls in chunks of 8 with 60-second delays between chunks to respect rate limits
Gas Tank — Known Operational Risks:
The Gelato Gas Tank is a prepaid USDC balance that funds sponsored transactions. Key concerns:
| Risk | Impact |
|---|---|
| Gas Tank runs dry | All gasless transactions fail — Safe operations and subscription renewals stop |
| No automated monitoring | The Gas Tank balance is not tracked by any alerting system |
| No automated refill | Refilling requires manual action via the Gelato dashboard |
| Cost unpredictable | Gas costs vary with network congestion; no budget projections exist |
Monitoring the Gas Tank balance and establishing a refill process should be an operational priority.
Rate limits (by plan tier):
| Plan | Requests/Min | Monthly Compute Units |
|---|---|---|
| Free | 1 | 10M |
| Pro ($99/mo) | 10 | 20M |
| Growth ($399/mo) | 50 | 100M |
Cow Protocol — MEV-Protected Swaps
What: A DEX aggregator that protects users from MEV (Miner Extractable Value) — front-running and sandwich attacks.
Criticality: MEDIUM — swap feature falls back to other DEXs.
SDKs used:
@cowprotocol/cow-sdk
Auth: None (protocol-level, no API key needed)
Sentry — Error Monitoring
What: Application error tracking and performance monitoring.
Criticality: MEDIUM — errors won't be tracked, but the app still works.
SDKs used:
@sentry/nextjs(frontend)sentryRust crate (backend)
Hyperspeed — CMS
What: Content management system for blog posts and collections.
Criticality: LOW — only affects marketing content.
Auth: HYPERSPEED_TOKEN
Mailtrap — Email
What: Email delivery service for notifications and communications.
Criticality: LOW — email notifications won't send.