ProofPoll Lite is a lightweight polling application with cryptographic proof mechanisms and messaging platform integrations. Built using Next.js 14 with App Router, TypeScript, Tailwind CSS, and Prisma ORM, the application provides secure polling with HMAC-SHA256 vote verification. The system includes fully operational Slack integration with slash commands and interactive buttons, plus Discord integration ready for deployment.
- SPDX Headers Added: Added dual-license SPDX headers
(MIT OR MPL-2.0)to all 24 source files - GitHub Actions CI: Comprehensive CI workflow with Node.js 20, SPDX verification, Prisma generation, and Next.js builds
- Professional Documentation: README enhanced with CI/license badges, updated feature descriptions
- Governance Files: Added SECURITY.md, CODEOWNERS, GitHub issue/PR templates, Dependabot configuration
- Smoke Testing: Created
scripts/smoke-test.mjsfor API endpoint validation (health, polls, voting) - Production Ready: All tests pass, CI validates headers and builds, ready for Vercel deployment
- Session Pooler Migration: Resolved PostgreSQL prepared statement conflicts (42P05) by switching from Transaction Pooler (port 6543) to Session Pooler (port 5432)
- Cryptographic Proofs: HMAC-SHA256 proof system verified as fully active with voterProofId and proofHash generation
- Live Testing Confirmed: End-to-end Slack integration verified operational on August 17, 2025
- Request URLs Active: Both
/api/slack/commandsand/api/slack/interactionsresponding correctly - Signature Verification: HMAC-SHA256 signature validation working (timestamp delta ~1s)
- Vote Flow Complete:
/pollcommand → button interactions → vote recording → response updates - Environment: SLACK_SIGNING_SECRET and SLACK_BOT_TOKEN configured, SLACK_CHANNEL_ID not required
- OAuth Integration Added:
/api/slack/oauth_redirectendpoint for workspace installation (August 18, 2025) - Team Persistence: SlackTeam model stores accessToken, botUserId, teamName for each workspace
- Full App Installation: Complete OAuth flow with success page and database persistence
- Signature Verification: Ed25519 verification hardened with proper encoding and 401 error handling
- Endpoints Ready:
/api/discord/interactionsreturns 401 for invalid signatures, handles PING correctly - Debug Logging: Added verification trace logs (headers, body length, PASS/FAIL status)
- Command Structure: Poll slash command JSON defined for registration
- Environment: DISCORD_PUBLIC_KEY and DISCORD_APP_ID configured
- Status: Ready for Discord Developer Portal PING test and command registration
- Deployment URL: https://proofpoll.replit.app
- Health Check:
/api/healthendpoint operational with database connectivity validation - Build Configuration: Production build successful with TypeScript validation
- Environment: All required secrets configured (DATABASE_URL, PROOF_SECRET, Slack/Discord keys)
- Development: Hot reload with Prisma generation via Run button
- Production: Optimized build with static generation for deployment
Preferred communication style: Simple, everyday language.
- Next.js 14 with App Router: Utilizes the latest Next.js features including the new app directory structure for improved routing and layouts
- TypeScript Configuration: Strict type checking enabled with modern ES6+ features and JSX support
- Component Structure: Follows Next.js 14 conventions with the app directory containing pages and layouts
- Styling Strategy: Tailwind CSS with custom CSS variables for theme management, supporting both light and dark modes
- Server-Side Rendering: Next.js handles both frontend and backend concerns through API routes and server components
- Database Layer: Prisma ORM configured for database management and type-safe database queries
- File Structure: Modular approach with separate configuration files for different concerns (PostCSS, Tailwind, TypeScript)
- Database ORM: Prisma client for type-safe database operations
- Schema Management: Prisma migrations for database schema versioning
- Database Agnostic: Prisma setup allows for multiple database backends
- Not Currently Implemented: No authentication layer present in the current codebase
- Future Consideration: Architecture supports adding authentication middleware through Next.js API routes
- Utility-First CSS: Tailwind CSS for rapid UI development
- Theme System: CSS custom properties for dynamic theming with automatic dark/light mode detection
- Responsive Design: Mobile-first approach with Tailwind's responsive utilities
- Typography: Inter font family loaded through Next.js font optimization
- Next.js (^15.4.6): React framework for production with built-in optimizations
- React (^19.1.1) & React DOM (^19.1.7): Latest React libraries for UI rendering
- TypeScript (^5.9.2): Static type checking and enhanced developer experience
- Prisma (^6.13.0): Database toolkit and ORM for TypeScript/Node.js
- @prisma/client (^6.13.0): Generated Prisma client for database operations
- Tailwind CSS (^4.1.11): Utility-first CSS framework
- PostCSS (^8.5.6): CSS preprocessing tool
- Autoprefixer (^10.4.21): Adds vendor prefixes to CSS automatically
- TypeScript Type Definitions: @types packages for Node.js, React, and React DOM
- Vercel Deployment: Configured for seamless deployment on Vercel platform
- No External APIs: Currently no third-party API integrations present
- No Authentication Services: No external authentication providers configured
- Deployment Ready: Pre-configured for Vercel hosting with optimized build settings