Architecture | posit. Developer Portal

High-Level Overview

User Browser

↓

Next.js Web App

↓

Hono API + Workers

Privy Auth

↓

Solana (Helius)

Base (Alchemy)

Hyperliquid

Multi-Chain Parser Architecture

┌─────────────────────────────────────────────────────────────┐
│                    Parser Factory                           │
│              getParser(chain, marketType)                   │
└─────────────────────────────────────────────────────────────┘
                              │
        ┌─────────────────────┼─────────────────────┐
        │                     │                     │
        ▼                     ▼                     ▼
┌───────────────┐     ┌───────────────┐     ┌───────────────┐
│    Solana     │     │     Base      │     │  Hyperliquid  │
│  SpotParser   │     │  SpotParser   │     │  PerpParser   │
├───────────────┤     ├───────────────┤     ├───────────────┤
│ • Helius API  │     │ • Alchemy RPC │     │ • REST API    │
│ • DEX normals │     │ • EVM decode  │     │ • Fills       │
│ • Bot detect  │     │ • Uniswap/Aero│     │ • Positions   │
│ • MEV detect  │     │ • Gas tracking│     │ • Funding     │
└───────────────┘     └───────────────┘     └───────────────┘
        │                     │                     │
        └─────────────────────┼─────────────────────┘
                              │
                              ▼
              ┌───────────────────────────┐
              │   Cost Basis Engine       │
              │   FIFO / HIFO / Spec-ID   │
              └───────────────────────────┘
                              │
                              ▼
              ┌───────────────────────────┐
              │       PostgreSQL          │
              │  (swaps · lots · ratings) │
              └───────────────────────────┘

Data Flow

User enters wallet address - Web app accepts address + chain
Parser factory selects chain parser - Routes to Solana/Base/Hyperliquid
Transactions fetched from RPC - Chain-specific API calls
Normalizers process each transaction - Extract swaps/fills
Pricing API fetches USD values - Jupiter for Solana, CoinGecko fallback
Cost basis engine calculates - FIFO/HIFO lots and PnL
Results stored + displayed - Dashboard and available for export

Package Dependencies

@posit/web
  └── @posit/types

@posit/api
  ├── @posit/parser
  ├── @posit/db
  ├── @posit/auth
  └── @posit/config

@posit/parser
  ├── @posit/config
  ├── @posit/types
  └── chain clients (helius, viem, etc.)

@posit/db
  ├── drizzle-orm
  └── @posit/types

Database Schema

Core Tables (Books)

Table	Purpose
`users`	User accounts (Sign-in-with-Solana)
`entities`	Tax entities (personal, LLC, trust)
`wallets`	Tracked wallet addresses (multi-chain)
`address_registry`	Unified address tracking
`swaps`	Parsed swap transactions
`lots`	Tax lots for cost basis
`positions`	Current token positions

Perpetual Trading (Hyperliquid)

Table	Purpose
`perp_positions`	Open perpetual positions with margin/PnL
`perp_trades`	Individual perpetual fills
`perp_funding`	Funding payment history
`perp_liquidations`	Liquidation events

Intelligence/Scorecard

Table	Purpose
`wallet_flags`	Immutable timestamp when wallet was flagged
`wallet_labels`	Labels (smart, sniper, whale) with confidence
`wallet_relationships`	Graph edges between wallets
`wallet_ratings`	Computed scores and decay states
`cohort_snapshots`	Monthly cohort decay metrics

API/Platform

Table	Purpose
`api_keys`	Customer API keys with rate limits
`webhook_subscriptions`	Webhook endpoint registrations
`organizations`	Fund/team accounts

Authentication

Authentication is handled via Privy (Sign-in-with-Solana):

Privy SDK - Handles wallet connection and signing
JWT tokens - Access tokens for API authentication
Server verification - Privy SDK verifies tokens server-side
Encryption - Wallet-user mapping encrypted at rest

External APIs

Solana

API	Purpose	Rate Limit
Helius RPC	Transaction history, enhanced parsing	100k credits/mo (free)
Helius Webhooks	Real-time transaction notifications	Per webhook
Jupiter Price API	Token pricing (primary)	Higher with API key
Birdeye	Token pricing (fallback)	Per plan

Base (EVM)

API	Purpose	Rate Limit
Alchemy	RPC + Transaction history	Per plan
Basescan	Contract verification, ABI	5/sec (free)

Hyperliquid

API	Purpose	Rate Limit
REST API	Fills, positions, funding	1200/min
WebSocket	Real-time updates	Per connection

Security Considerations

Read-only access - Never request private keys or signing
No custody - No funds are held or managed
API keys in env - Never exposed to client
HTTPS only - All traffic encrypted
Webhook signatures - HMAC-SHA256 verification
Wallet encryption - User-wallet mapping encrypted at rest