Concrete runtime + library choices. Nothing exotic; every dependency is commodity infrastructure.
| Layer | Choice | Why |
|---|---|---|
| Runtime | Node.js 22 LTS | Stable + supported; no experimental flags required. |
| Framework | Next.js 16 (Turbopack) | Pages + App Router hybrid. Turbopack dev-loop; production build via Next's own compiler. |
| UI | React 19 + TypeScript strict | Strict TS catches whole categories of bugs at author time. |
| Storage | SQLite via better-sqlite3 + versioned migrations | Zero-ops durable state. WAL mode on. Postgres migration path reserved for T4. |
| Crypto | libsodium (wrappers + sumo-free) | Envelope encryption for the secrets vault; secretstream for backups. Battle-tested primitives only. |
| Password hashing | crypto.scrypt from node:crypto | No dependency; OWASP-recommended parameters (N=2^14, r=8, p=1). |
| Remote ops | ssh2 (JS) | Pure Node implementation; no libssh linker headaches. Pooled connections via lib/ssh.ts (v0.7.8z14). |
| Chain RPC client | ouronet-core (to be wired in, v0.8.x) | First-party TypeScript client for StoaChain /chainweb/0.0/<ver>/chain/<c>/pact/local + /send endpoints. Retry + per-chain endpoint rotation + batched-tx helpers. Becomes load-bearing when the hub starts reading on-chain state directly (Baron qualification, verified_at stamping) and signing its own transactions (autonomous tx transmitter, v0.9.x). |
| Authentication | Mailcow IMAP + iron-session cookies | Real mailboxes for ancient/modern/baron; scrypt-hash fallback for operators. One active scope per session. |
| Mailcow Dockerized | Independent mail server on the same VPS. Standard IMAP/SMTP/SOGo webmail. | |
| Content storage | IPFS cluster | Baron-tier pinning service (v1.0.x) + own-artefact repository (v1.1.x). |
| Styling | Tailwind CSS v4 | Brand tokens: gold #f0a500, black #0a0a0f, dark #0d1117. Inline utility classes. |
| Worker | tsx watch in dev, PM2 in prod | Same entry point (worker/index.ts); PM2 restarts on crash + logs to stdout. |
| Deployment | Hetzner-style VPS + PM2 + nginx | Single-server ops today. Let\’s Encrypt for TLS. Horizontal path reserved for T4+. |
| Observability | stdout logs + PM2 + netdata on nodes | Structured tracing + log-shipping are T3 work. |
What we deliberately avoid
- Native addons when a pure-JS alternative exists.
- Runtime flags that mark us as “experimental” in Node.
- Payment SDKs, exchange SDKs, broker libraries — we do not process payments, trade digital assets, or custody funds (see §0 Legal scope).