Skip to content
Frontend Guide

Architecture Overview

A high-level overview of Shiru’s technology for those curious about how the platform works.

Platform Components

Section titled “Platform Components”
┌─────────────────┐     ┌──────────────────┐     ┌─────────────────┐
│  Shiru Frontend  │────▶│   Shiru API      │────▶│   Database      │
│  (xiru.vercel.app)     │   (Backend)      │     │                 │
│  Next.js         │     │   REST API       │     │   PostgreSQL    │
└─────────────────┘     └──────────────────┘     └─────────────────┘
                                  
                         ┌──────────────────┐
                         │   Blockchain     │
                         │   Networks (4)   │
                         │   via RPC        │
                         └──────────────────┘

Frontend (What Users See)

Section titled “Frontend (What Users See)”
ComponentTechnologyPurpose
FrameworkNext.js 16Web application, routing, SSR
LanguageTypeScriptType-safe code
StylingTailwind CSS + shadcn/uiUI components and design
StateZustand + React QueryClient state + server data caching
Web3Wagmi + Reown AppKitWallet connection and blockchain interaction
AuthSIWE (Sign-In with Ethereum)Wallet-based authentication

Authentication Flow

Section titled “Authentication Flow”

Email Authentication

Section titled “Email Authentication”
User → Email + Password → API verifies → PIN sent to email → User enters PIN → Session token issued

Wallet Authentication (SIWE)

Section titled “Wallet Authentication (SIWE)”
User → Connects wallet → Signs message (free) → API verifies signature → Session token issued

Both methods result in a JWT (JSON Web Token) that authenticates all subsequent requests.

Security Measures

Section titled “Security Measures”
  • HTTPS everywhere — all communication encrypted in transit
  • JWT tokens — auto-expire, cleared on logout or suspicious activity
  • SIWE standard — industry-standard wallet authentication (EIP-4361)
  • Input validation — all user input validated on frontend and backend
  • No private key access — Shiru never has access to your wallet’s private keys
  • Role-based access — admin features restricted to authorized users only

Supported Chains

Section titled “Supported Chains”
ChainChain IDType
Ethereum1L1
Arbitrum42161L2 (Optimistic)
Base8453L2 (Optimistic)
BNB Chain56L1

API

Section titled “API”

The backend REST API handles:

  • User registration and authentication
  • KYC/KYB document submission and review
  • Survey response storage and processing
  • Portfolio data aggregation across chains
  • AI recommendation generation
  • Admin operations (user management, analytics)

Data Privacy

Section titled “Data Privacy”
  • User data stored in secure database with encryption at rest
  • KYC documents handled per regulatory requirements
  • Wallet addresses are public blockchain data (not private information)
  • Account deletion removes all stored personal data