Architecture
A visual guide to how the @cfxdevkit SDK is structured, how packages depend on each other, and how the full stack deploys.
Package layers
Packages are strictly layered — imports only flow downward, never sideways or upward.
Conflux dual-space model
Every Conflux chain runs two parallel execution environments on the same underlying chain.
Never construct raw viem/cive clients directly. Always use ClientManager from @cfxdevkit/core.
SDK data flow
How a typical on-chain interaction flows through the SDK layers.
CAS deployment architecture
Conflux Automation Studio — how the frontend, backend, and infrastructure relate.
Monorepo layout
packages/ @cfxdevkit/* published SDK packages
apps/ Deployable full-stack apps (backend → VPS, frontend → Vercel)
cas/
backend/ Fastify API → Hetzner VPS via Docker
frontend/ Next.js UI → Vercel
devtools/ Local-only dev tooling (Hardhat, CLI, dashboard)
docs-site/ This site → cfxdevkit.org (Vercel)
infra/
ansible/ VPS provisioning (5 roles: base · docker · caddy · backups · monitoring)
docker/ conflux-devkit local dev stack (never deployed to VPS)
scripts/ release.mjs, setup-npm-trust.mjsAnsible provisioning roles
Security-sensitive areas
| Component | Location | Key concern |
|---|---|---|
EncryptionService | packages/services/src/services/encryption.ts | AES-256-GCM, PBKDF2 (100k iter) |
KeystoreService | packages/services/src/services/keystore.ts | Encrypted mnemonics, in-memory password only |
SafetyGuard | packages/executor/src/safety-guard.ts | Circuit-breaker, max $10k/swap |
SessionKeyManager | packages/core/src/wallet/session-keys/ | Scoped permissions + expiry |
PermitHandler | devtools/contracts/contracts/PermitHandler.sol | ERC-2612 permit processing |
Last updated on