Background
Background
We maintain two repos:
- Private:
MinglesAI/gonka → /root/.openclaw/workspace/gonka (origin: https://github.com/MinglesAI/gonka)
- Public upstream:
gonka-ai/gonka → (upstream remote in the same local clone)
The private repo contains accumulated changes that need to be selectively migrated to the public repo as a minimal working public version.
Goal
Prepare a concrete migration plan for publishing a minimal working public proxy from the private repo to the public repo. Key requirements:
- No registration required — the public proxy should work with just an API key set via environment variable (
.env file), no user account/DB setup needed
- Signing mechanism changes must be included — recent commits in private repo changed the signing approach (ed25519 instead of secp for bundle signing, race condition fixes in concurrent artifact reads, auth/gossip/keys fixes in subnet)
- The public version should be deployable locally with just a key in an env file
Key recent commits in private repo to review
In decentralized-api/:
2889e943 — use ed25519 for signing bundle instead of secp
bf19a615 / b19b7fa1 / 6b6d0652 — fix(poc): fix concurrent artifact read race causing data corruption
3b540a07 — fix(inference): resolve subnet bugs in auth, keys, config, and gossip
6a3cbb68 — fix: data race conditions (#543)
7e5fd39f — feat(subnet): add payload endpoint auth and clean up validation interface
533741ed — [#935] Sign + Include fees in settlement
ad24c321 — fix: cache corruption and auth
In inference-chain/ (our additions on top of upstream):
In proxy/:
- Various nginx config updates
Tasks for architect
- Diff analysis: Compare
MinglesAI/gonka (HEAD) vs gonka-ai/gonka (upstream/main) across all directories — identify what is private-only vs what should be public
- Classify changes:
- Security-sensitive (keep private)
- Infrastructure/operational (can be public but optional)
- Core protocol improvements (should be public: signing mechanism, race fixes)
- Define minimal public proxy: What components does a "no-registration, env-key-only" proxy need? What can be stripped?
- Migration strategy: How to push changes to public repo — fork + PR, or direct push to upstream? What conflicts to expect?
- Concrete implementation tasks: Break down the migration into actionable dev tasks
Constraints
- The public proxy must be runnable with just
INFERENCE_API_KEY=xxx in env — no database, no user registration
- Don't expose any MinglesAI-specific infrastructure details
- Signing mechanism fix (ed25519) is mandatory — it's a correctness fix
Local context
/root/.openclaw/workspace/gonka/
├── decentralized-api/ # Main API service
├── inference-chain/ # Cosmos chain module
├── proxy/ # Nginx proxy config
├── proxy-ssl/ # TLS cert issuer
├── mlnode/ # ML node
└── ...
Upstream public remote is already configured as upstream in the local git clone.
Focus Areas
- signing mechanism migration (ed25519)
- minimal proxy without registration
- private vs public change classification
- migration strategy to upstream
- race condition fixes
Background
Background
We maintain two repos:
MinglesAI/gonka→/root/.openclaw/workspace/gonka(origin: https://github.com/MinglesAI/gonka)gonka-ai/gonka→ (upstream remote in the same local clone)The private repo contains accumulated changes that need to be selectively migrated to the public repo as a minimal working public version.
Goal
Prepare a concrete migration plan for publishing a minimal working public proxy from the private repo to the public repo. Key requirements:
.envfile), no user account/DB setup neededKey recent commits in private repo to review
In
decentralized-api/:2889e943—use ed25519 for signing bundle instead of secpbf19a615/b19b7fa1/6b6d0652—fix(poc): fix concurrent artifact read race causing data corruption3b540a07—fix(inference): resolve subnet bugs in auth, keys, config, and gossip6a3cbb68—fix: data race conditions (#543)7e5fd39f—feat(subnet): add payload endpoint auth and clean up validation interface533741ed—[#935] Sign + Include fees in settlementad24c321—fix: cache corruption and authIn
inference-chain/(our additions on top of upstream):In
proxy/:Tasks for architect
MinglesAI/gonka(HEAD) vsgonka-ai/gonka(upstream/main) across all directories — identify what is private-only vs what should be publicConstraints
INFERENCE_API_KEY=xxxin env — no database, no user registrationLocal context
Upstream public remote is already configured as
upstreamin the local git clone.Focus Areas