Skip to content

Comments

feat: add tempo-admin app with mainnet faucet#608

Closed
gakonst wants to merge 1 commit intomainfrom
zygis/tempo-admin-faucet
Closed

feat: add tempo-admin app with mainnet faucet#608
gakonst wants to merge 1 commit intomainfrom
zygis/tempo-admin-faucet

Conversation

@gakonst
Copy link
Contributor

@gakonst gakonst commented Feb 22, 2026

Summary

Internal mainnet faucet for day-to-day employee ops, behind Okta authentication.

Motivation

Employees need a simple way to get TEMPO on mainnet for testing and ops. This faucet tracks who's dispensing funds via Okta email in D1.

Changes

  • New apps/tempo-admin Hono app on Cloudflare Workers
  • Okta OIDC JWT verification (RS256 via JWKS, with alg enforcement)
  • D1 database for tracking dispensations (email, amount, purpose, tx hash, status)
  • Pending → confirmed/failed tx flow (record-first to prevent double-pay)
  • Per-request cap (10 TEMPO) and daily per-user cap (50 TEMPO)
  • /api/faucet/history scoped to the authenticated user's email
  • CORS restricted to admin.tempo.xyz

API

Endpoint Method Description
/health GET Health check
/api/faucet/dispense POST Dispense TEMPO (requires recipient, amount, purpose)
/api/faucet/history GET View your dispensation history
/api/faucet/balance GET Check faucet wallet balance

Setup

Secrets needed: OKTA_ISSUER, OKTA_CLIENT_ID, FAUCET_PRIVATE_KEY

D1 database TEMPO-ADMIN-DB needs to be created and the database_id updated in wrangler.jsonc.

Testing

  • pnpm check passes (biome + types)
  • Pre-existing apps/og type errors are unrelated

Prompted by: zygis

@gakonst @ampcode-com
feat: add tempo-admin app with mainnet faucet
0f3492c 
- Okta OIDC JWT auth (RS256 JWKS verification)
- D1-backed dispensation tracking (email, amount, purpose, tx hash)
- Pending/confirmed/failed status flow for safe tx recording
- Per-request (10 TEMPO) and daily (50 TEMPO) dispense caps
- History endpoint scoped to authenticated user's email
- Restricted CORS to admin.tempo.xyz

Amp-Thread-ID: https://ampcode.com/threads/T-019c86a8-ae33-7259-afb9-64eeaa5a60e6
Co-authored-by: Amp <amp@ampcode.com>
@github-actions
Copy link

github-actions bot commented Feb 22, 2026

Bundle Size Report

Metric Size Δ Change
Total 5.3 MB +527.3 KB (+10.8%)
Gzip 1.5 MB +192.5 KB (+14.4%)
Brotli 1.3 MB +161.0 KB (+14.0%)
Chunk changes (>1KB)
Chunk Change
assets/QueryBuilder.js (removed) -423.4 KB
assets/createSsrRpc.js (removed) -43.8 KB
assets/stringify.js (removed) -19.7 KB
assets/base.js (removed) -12.8 KB
assets/TxEventDescription.js -2.3 KB
assets/useWatchBlockNumber.js (removed) -2.1 KB
assets/utils.js -1.7 KB
assets/Intro.js +1.2 KB
assets/profiling.js +1.3 KB
assets/_layout.js +1.7 KB
assets/wagmi.config.js +4.0 KB
assets/block-number.js (new) +4.3 KB
assets/useChainId.js +4.4 KB
assets/isAddressEqual.js +19.0 KB
assets/_address.js +19.5 KB
index.js +92.4 KB
assets/router.js +160.7 KB
assets/fetch.js (new) +249.2 KB
assets/tempo-queries.js (new) +475.2 KB

Compared against main branch (baseline from 2/4/2026, 5:13:51 PM)

@github-actions
Copy link

github-actions bot commented Feb 22, 2026

Cloudflare Deployments

App Environment Status Preview
api - [OK] Deployed View Preview
explorer devnet [OK] Deployed View Preview
explorer moderato [OK] Deployed View Preview
explorer presto [OK] Deployed View Preview
explorer testnet [OK] Deployed View Preview
fee-payer devnet [OK] Deployed View Preview
fee-payer privy [OK] Deployed View Preview
fee-payer testnet [OK] Deployed View Preview
og - [OK] Deployed View Preview
tokenlist - [OK] Deployed View Preview

@gakonst gakonst closed this Feb 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@zerosnacks zerosnacks

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gakonst @zerosnacks