Infrastructure
The kit ships as a library and a reference demo. Both have a small, public list of runtime and build-time dependencies. This document enumerates them, names where they run, and explains what would break if any of them disappeared.
What runs at user runtime
At the moment a user performs a passkey ceremony in the reference demo, only three things are in the loop:
- The user's authenticator hardware — Touch ID, Windows Hello, YubiKey, etc. Manufactured by Apple, Microsoft, Google, Yubico, and others. The kit does not operate this, nor does any maintainer.
- A Soroban RPC endpoint. The reference demo defaults to
https://soroban-testnet.stellar.org, the Stellar Development Foundation's public testnet RPC. Any RFC-compliant Soroban RPC provider (stellar-rpc, third-party providers, a self-hosted instance) is a drop-in substitute — the SDK reads the URL from a constructor argument, never from a baked-in constant. - A static HTTP host serving the demo's JavaScript. Currently Cloudflare Pages at
https://passkey-demo-3vk.pages.dev. The static build artefacts (apps/demo/dist) are checked in to git and reproducible from a singlepnpm build:demo— any S3, GitHub Pages, or self-hosted Nginx will serve them identically.
No server operated by this project mediates a passkey ceremony. The kit has no opinion on, and no view of, the user's private key, the network they connect to, or the address they sign for.
What runs at build/CI time
- GitHub Actions runs the matrix CI farm (
{ os: [ubuntu-latest, windows-latest, macos-14], browser: [chromium, firefox, msedge, webkit-safari] }per YK-275/PSK-044). The job artefacts (Playwright traces, matrix JSON) live underdocs/matrix/data.json, checked into git so reviewers can reproduce them without re-running CI. - Cloudflare Pages hosts the reference demo and (after YK-280) the VitePress docs site. Pages here are stateless static deploys — swapping providers is a workflow file edit.
- Linear is used for sprint-internal task tracking only; project artefacts always live in git or on the documented public URLs.
Substitution matrix
| Component | Default | Substitutable with |
|---|---|---|
| Soroban RPC | https://soroban-testnet.stellar.org | any RFC-compliant Soroban RPC, including self-hosted stellar-rpc |
| Static host | Cloudflare Pages | any static-file host (S3 + CloudFront, Netlify, GitHub Pages, Nginx) |
| CI | GitHub Actions | any CI runner with Node 20+ and stellar-cli installed; matrix CI farm is declarative YAML |
| Authenticator | Touch ID / Windows Hello / YubiKey | any FIDO2 CTAP2 authenticator that supports ES256 |
If a maintainer disappears, every dependency above still resolves and runs. The compatibility matrix and the reference contract WASM hash are content-addressable from git history, so a fork can stand the project up again in under an hour.