pendig · wauputr4 · May 30, 2026 · May 19, 2026 · May 19, 2026 · May 19, 2026
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/README.md b/README.md
@@ -19,13 +19,22 @@ provider/model routing, OpenAI-compatible non-streaming and streaming chat,
 usage metering, credit ledger updates, Redis runtime limits, and Prometheus
 gateway metrics.
 
+The long-term contract is:
+
+- Keep API-facing provider output in an OpenAI-compatible shape.
+- Support both `/v1/chat/completions` and `/v1/responses` through the same
+  normalization path.
+- Add non-API provider adapters later (CLI/browser session types) without changing
+  client contract.
+
 This is not a stable/full release yet. The remaining tracked work before a
 broader MVP is the RTK-backed CLI proxy baseline and durable request/admin
 audit log foundations.
 
 ## MVP Scope
 
-- OpenAI-compatible gateway for `/v1/chat/completions` and `/v1/models`
+- OpenAI-compatible gateway for `/v1/chat/completions`, `/v1/responses`, and
+  `/v1/models`
 - Admin-managed upstream connections for API providers and local models
 - User registration, virtual API keys, model access rules, and usage history
 - Credit accounting based on input/output token prices per 1M tokens

diff --git a/crates/mizan-api/Cargo.toml b/crates/mizan-api/Cargo.toml
@@ -15,6 +15,7 @@ futures-util.workspace = true
 redis.workspace = true
 sha2.workspace = true
 serde.workspace = true
+serde_json.workspace = true
 sqlx.workspace = true
 tokio.workspace = true
 tower-http.workspace = true

diff --git a/crates/mizan-api/src/billing.rs b/crates/mizan-api/src/billing.rs
@@ -8,13 +8,19 @@ use mizan_metering::UsageChargeInput;
 use mizan_providers::{ChatMessage, TokenUsage};
 use mizan_wallet::{RoutePrice, calculate_usage_charge};
 use serde::{Deserialize, Serialize};
+use serde_json::json;
 use sqlx::{Any, AnyPool, FromRow, Transaction, query, query_as};
+use tracing::warn;
 use uuid::Uuid;
 
 use crate::AppState;
 use crate::auth::ApiKeyIdentity;
+use crate::logging::{AdminAuditInput, record_admin_audit, serialize_payload};
 use crate::utils::{from_app_error, prepare_sql, unix_timestamp_string};
 
+const AUDIT_ACTION_CREDIT_GRANT: &str = "credit_granted";
+const AUDIT_ENTITY_USER: &str = "user";
+
 const DEFAULT_USAGE_LIST_LIMIT: i64 = 100;
 const MAX_USAGE_LIST_LIMIT: i64 = 500;
 const CREDIT_GRANT_REASON: &str = "credit_grant";
@@ -163,6 +169,7 @@ pub async fn list_usage_admin(
 pub async fn grant_credits(
     State(state): State<AppState>,
     Path(user_id): Path<Uuid>,
+    Extension(identity): Extension<ApiKeyIdentity>,
     Json(payload): Json<GrantRequest>,
 ) -> BillingHttpResult<Json<GrantResponse>> {
     if payload.amount_microcredits <= 0 {
@@ -240,6 +247,21 @@ pub async fn grant_credits(
         )))
     })?;
 
+    let audit = AdminAuditInput {
+        actor_user_id: Some(identity.user_id),
+        action: AUDIT_ACTION_CREDIT_GRANT.to_owned(),
+        entity_type: AUDIT_ENTITY_USER.to_owned(),
+        entity_id: Some(user_id.to_string()),
+        payload_json: serialize_payload(json!({
+            "amount_microcredits": payload.amount_microcredits,
+            "reason": reason,
+        })),
+    };
+    if let Err(error) = record_admin_audit(&state.database, state.database_backend(), &audit).await
+    {
+        warn!(error = %error, "failed to record credit grant audit");
+    }
+
     Ok(Json(GrantResponse {
         user_id,
         wallet_id: wallet.id,