Technical overview
BitView is built as four components that share one backend and one on-chain program family. This section is the engineering view of each component — what it does, what stack it runs, and where the seams between them live.
If you're skimming, the Architecture page is the one-screen visual. For the operator runbook, see Operations.
The four components
| Component | Tech | Role |
|---|---|---|
public-web (bitview-app) | Next.js 16, React 19, TypeScript, Tailwind v4, next-intl, Solana wallet-adapter, Anchor 0.29 + Metaplex, Meteora @meteora-ag/cp-amm-sdk | Consumer surface — streamer studio, viewer dashboard, claim UX, public swap, marketing pages, i18n routing |
admin-web (bitview-admin) | Next.js 16, React 19, Tailwind v4, shadcn-style + ECharts + TanStack, iron-session over Keycloak OIDC + dormant SIWS fallback | Internal operator console — KPI dashboard, distribution/pool/treasury monitors, publish wizard, fraud queue, network config, KYC review, sponsorship admin |
bot (bitview-bot) | Rust 1.75+, actix-web 4, MongoDB, twitch-irc, tokio | Always-on backend — Twitch presence oracle, accrual loop, merkle-tree assembly, REST API consumed by both web apps, unsigned-transaction builders for every on-chain action |
| distributor | Anchor 1.0.2 + solana-program 3.0; Rust CLI + axum proof API + merkle-tree builder | On-chain program family — three Anchor programs (merkle-distributor, streamer-vault, launchpad-vault) plus the off-chain proof server and CSV tree builder |
There is one supporting piece of infrastructure that does not run application code but is referenced by all four components:
| Infrastructure | Tech | Role |
|---|---|---|
| identity | Keycloak (latest LTS) on the BitView Kubernetes cluster, PostgreSQL, cert-manager | Single sign-on for human auth — OIDC issuer at identity.bitview.club. Two realms: bitview (end users + streamers) and bitview-ops (staff). Federation with Twitch / GitHub / Google. MFA for ops. Wallet linking via SIWS attribute. |
Wallet signatures remain the on-chain auth root. Keycloak is the human auth root for off-chain surfaces only.
What ties the four components together
identity (Keycloak)
https://identity.bitview.club
│ │
OIDC PKCE bearer verify
(browsers) (JWKS)
│ │
▼ ▼
┌──────────────────────────┐ ┌──────────────────────────┐
│ public-web │ ──▶ │ bot │
│ (bitview-app) │◀── REST + Swagger ── ── │
│ │ │ │
│ • viewer dashboard │ │ • Twitch IRC oracle │
│ • streamer studio │ │ • Accrual loop │
│ • claim + swap UX │ │ • Merkle assembly │
│ • token launch wizard │ │ • Unsigned-tx builders │
└────────────┬─────────────┘ │ • Stripe billing webhook │
│ └────┬───────────────────┬─┘
│ │ │
▼ ▼ ▼
┌──────────────────────────┐ ┌─────────────┐ ┌──────────────┐
│ admin-web │ │ MongoDB │ │ distributor/ │
│ (bitview-admin) │ │ (state) │ │ api (axum, │
│ │ └─────────────┘ │ proofs) │
│ • KPI dashboard │ └──────┬───────┘
│ • pool / distribution │ ▲
│ monitors │ │
│ • publish wizard │ │
│ • fraud + treasury │ │
└────────────┬─────────────┘ │
│ │
└─────── wallet.signTx ─────────────────┐ │
│ │
▼ │
┌───────────────────────────────────┐
│ Solana cluster │
│ │
│ • merkle-distributor (claims) │
│ • streamer-vault (escrow) │
│ • launchpad-vault (BTV pool) │
│ • Meteora DLMM / DAMM v2 (pools) │
│ • Metaplex Core (NFT collections) │
│ • Streamflow (vesting streams) │
└───────────────────────────────────┘
The viewer's, streamer's, or admin's wallet — not BitView — signs every on-chain transaction. The bot builds unsigned transactions and the web apps submit them via the user's wallet. The bot never holds Solana keys.
Reading order
- bot — start here to understand accrual, the REST surface, and how chat presence becomes a merkle root.
- distributor — read this for the three Anchor programs, the bitmap-claim design (~$9 vs $16K rent at 100K claimants), the purpose-gated vaults, and the proof API.
- public-web — read this for the streamer studio, the multi-phase token launch wizard, viewer claim UX, and Meteora DAMM v2 pool seeding.
- admin-web — read this for the operator dashboards
and the Keycloak
bitview-opsrealm gate. - identity — read this for the Keycloak realm/client/role model.
Status summary
Each per-component page has its own Status section. The summary:
| Component | Built | In progress | Not started |
|---|---|---|---|
| bot | Twitch IRC, accrual, merkle assembly, full REST surface (20+ namespaced scopes), unsigned-tx builders for distributor + vaults + Meteora + launchpad + vesting, Stripe checkout + webhook, tx lifecycle watcher, OpenAPI/Swagger | Anti-fraud engine (routes return stubs today), admin audit-log persistence, SSE event stream wiring | Subscription-tier accrual weighting, Streamflow auto-unlock tracking, NFT badge minting (Phase 5) |
| distributor | merkle-distributor (init, claim SPL, NFT-Core proof+bitmap, NFT-compressed proof+bitmap, clawback, 2-step admin transfer, enable-slot scheduling), streamer-vault (init + 3 purpose-gated withdraw paths), launchpad-vault (allowlist + seeding + DAMM v2), CLI tree builder, axum proof API, Neodyme + OtterSec audits at v0.30 | NFT Layer 2 (mpl-core mint CPI + Bubblegum mint CPI), re-audit pass after Anchor 1.0 / Solana 3.0 bump | Creator-royalty enforcement on STREAM/BTV pool |
| public-web | Wallet adapter + Twitch OAuth handoff, viewer dashboard, viewer claim UX (SPL + NFT-Core), full streamer studio (/studio/distributions/new 5-step wizard, /studio/token 8-phase resumable launch, /studio/collections/new, /studio/sponsorships), public swap UI (Jupiter + Meteora direct), Stripe checkout entry, i18n routing | NFT batch claim, launch-resume graceful early-exit, mobile wallet deeplinks | OBS overlay widget, Plus-tier sponsorship marketplace seller UI |
| admin-web | Repo scaffold, Keycloak auth (Authorization Code + PKCE against bitview-ops), bot proxy, KPI / distributions / pools / streamers / sponsorships / fraud / treasury / reports / activity / network / bot-status / launchpad-vault pages (all wired with mock-data fallbacks where backend endpoints are stubs), publish wizard (ported from public-web), command palette | Audit-log persistence on backend, fine-grained per-endpoint role enforcement, Squads multisig propose flow for sensitive ops | — |
| identity | Kubernetes cluster, Keycloak HA deployment, PostgreSQL StatefulSet, daily backups, TLS via cert-manager, identity.bitview.club reachable | Realm exports (bitview, bitview-ops), Twitch IdP federation, MFA policy for staff, audit forwarding | Removal of the legacy X-Admin-Api-Key fallback (kept while admin-web migration completes) |
See Roadmap for the phased view.
Public vs internal documentation
BitView publishes two views of these docs:
| View | Audience | Where |
|---|---|---|
| Public (this site) | Open-source contributors, investors, prospective streamers, anyone with a link | What you're reading now |
| Internal | BitView engineering team | A parallel build of the same Docusaurus source with docs/_internal/** included — hosted on an access-controlled deployment |
The internal build adds per-component "implementation detail" pages
(bitview-bot-detail.md, distributor-detail.md, bitview-app-detail.md,
bitview-admin-detail.md, identity-detail.md) that include sprint-level
work plans, attack-surface analysis, audit-remediation log, and operational
runbooks. Public docs reference these by name but do not link to them.
Cross-references
- Architecture — one-screen visual
- On-chain program — distributor + vault reference
- API reference — REST surface served by the bot
- Operations — running locally, env vars, deployment
- Security — disclosure policy, bug bounty, audit reports