APIs & Integrations

The platform deliberately avoids a centralized API in the reader request path. Integrations are either client‑side (direct browser calls to public services) or off‑path auxiliaries for analytics and search. Where a thin broker is required (e.g., sponsorship policy checks), it is strictly non‑authoritative.

Client‑side integrations

Identity providers: zkLogin via OIDC; login occurs in the browser.
Wallet adapters: standard Sui wallet connectors for signing.
Content delivery: CDN and Walrus aggregators via HTTPS.
Mapping/imagery: read‑only integrations invoked from the browser; pay‑per‑use handled by tokenized vouchers or pre‑signed requests where needed.

Oracle pipeline with Nautilus

Enclave service: attested compute using Nautilus architecture with AWS Nitro Enclaves; returns receipts with measurements/proofs.
zk proofs: zkTLS for verifiable web evidence without revealing sensitive data.
Privacy layer: MystenLabs Seal for threshold encryption of oracle inputs and selective disclosure of results.
On‑chain verifier: Move functions validate measurements/proofs and record resolution receipts.

Optional indexing/search (off‑path)

Indexer: follows Sui’s event streams and object states; projects into a local store for analytics and search.
API: read‑only endpoints (REST/GraphQL) for dashboards; never used to authorize content access.

Sponsorship broker (non‑authoritative)

Purpose: apply quotas and simple proof‑of‑personness to sponsorship requests; sign gas if eligible.
Inputs: user intent signature, zkLogin freshness, rate counters.
Outputs: sponsor signature or denial; no content or entitlement decisions.

Client‑side integrations​

Oracle pipeline with Nautilus​

Optional indexing/search (off‑path)​

Sponsorship broker (non‑authoritative)​

Client‑side integrations

Oracle pipeline with Nautilus

Optional indexing/search (off‑path)

Sponsorship broker (non‑authoritative)