Background
Context
We have two repos:
- Private (
gonka-proxy-service): /root/.openclaw/workspace/gonka-proxy-service → MinglesAI/gonka-proxy-service — основная разработка, все изменения идут сюда
- Public (
gonka-proxy): /root/.openclaw/workspace/gonka-proxy → MinglesAI/gonka-proxy — публичная версия, только избранные фиксы вручную
Currently both repos are at the same commit (b73e093). The user has made recent updates to the private repo (locally or on a feature branch) including changes to the signing mechanism.
What the stack does
The proxy is an OpenAI-compatible FastAPI service that:
- Takes API key auth from external clients (
API_KEY env var)
- Signs requests to Gonka backend using ECDSA (SECP256k1) with hybrid monotonic timestamps
- Streams responses back to clients
Key files:
app/main.py — FastAPI app, settings, routesapp/gonka_client.py — signing logic (_sign_payload, _hybrid_timestamp_ns, _prepare_request)app/auth.py — API key verificationDockerfile, requirements.txt
Goal
Prepare a concrete migration plan for publishing a minimal working public version from the private repo. Key requirements:
- No registration — works with just env vars (
GONKA_PRIVATE_KEY, GONKA_ADDRESS, GONKA_ENDPOINT, GONKA_PROVIDER_ADDRESS, API_KEY) — no DB, no user accounts
- Signing mechanism — must include any recent signing changes from private repo (signing currently uses SECP256k1 ECDSA; user mentioned changes to signing mechanism need to be ported)
- Clean public version — strip any MinglesAI-specific infra details, internal tooling, or sensitive config
Tasks for the architect
- Diff both repos: Compare
MinglesAI/gonka-proxy-service HEAD vs MinglesAI/gonka-proxy HEAD — identify exactly what diverged
- Review signing mechanism: Examine
app/gonka_client.py in private repo — document current signing approach and any recent changes that need to go public
- Define what goes public: Which files/changes are safe to publish? What must stay private?
- Migration strategy: How to sync — direct cherry-pick to gonka-proxy, or maintain a clean public branch?
- Break down into implementation tasks ready for a developer
Local paths
/root/.openclaw/workspace/gonka-proxy-service/ # private
/root/.openclaw/workspace/gonka-proxy/ # public (already cloned)
Focus Areas
- signing mechanism diff
- private vs public classification
- minimal env-only setup
- migration strategy
Background
Context
We have two repos:
gonka-proxy-service):/root/.openclaw/workspace/gonka-proxy-service→MinglesAI/gonka-proxy-service— основная разработка, все изменения идут сюдаgonka-proxy):/root/.openclaw/workspace/gonka-proxy→MinglesAI/gonka-proxy— публичная версия, только избранные фиксы вручнуюCurrently both repos are at the same commit (
b73e093). The user has made recent updates to the private repo (locally or on a feature branch) including changes to the signing mechanism.What the stack does
The proxy is an OpenAI-compatible FastAPI service that:
API_KEYenv var)Key files:
app/main.py— FastAPI app, settings, routesapp/gonka_client.py— signing logic (_sign_payload,_hybrid_timestamp_ns,_prepare_request)app/auth.py— API key verificationDockerfile,requirements.txtGoal
Prepare a concrete migration plan for publishing a minimal working public version from the private repo. Key requirements:
GONKA_PRIVATE_KEY,GONKA_ADDRESS,GONKA_ENDPOINT,GONKA_PROVIDER_ADDRESS,API_KEY) — no DB, no user accountsTasks for the architect
MinglesAI/gonka-proxy-serviceHEAD vsMinglesAI/gonka-proxyHEAD — identify exactly what divergedapp/gonka_client.pyin private repo — document current signing approach and any recent changes that need to go publicLocal paths
Focus Areas