System Overview

Created: Thu Jul 10 21:47:22 CEST 2025
Last Updated: Mon 28 Jul 2025 11:36:24 CEST - Added frontend/backend separation documentation
Architecture Version: 3.0 - Payment-to-Object Design
Document Version: 1.3 - Added multi-layer architecture explanation
Security Classification: Public Technical Documentation
Target Audience: Developers, System Architects, Business Stakeholders
Author: Paul Wisén

Platform Goals & Principles

Plings is a Universal Object Graph System that transforms physical objects from passive identifiers into autonomous economic endpoints. The platform’s revolutionary breakthrough is enabling direct financial transactions to objects through HD wallet infrastructure and Solana blockchain integration.

Core Problem Solved

Traditional commerce: Objects require separate payment infrastructure (POS systems, card readers, cashiers) Plings innovation: Objects become self-selling commerce endpoints that can receive payments directly

Design Principles

1. Objects as Economic Agents

• Every physical object can receive payments via Solana blockchain
• Instance keys are native Solana addresses enabling instant ownership transfer
• Objects participate in global economy as first-class citizens

2. HD Wallet Infrastructure Foundation

• Critical Choice: HD wallets instead of PKI specifically to enable financial transactions and manufacturing control
• Hierarchical paths map to Program Derived Addresses (PDAs) on Solana blockchain for payments
• Enables secure delegation of specific path ranges to subcontractors and plants
• PDAs prevent payment interception while preserving manufacturer cryptographic verification

3. Infrastructure Elimination

• No POS systems, card readers, or payment terminals needed
• Objects sell themselves with just QR codes/NFC tags
• Same system scales from $1 candy bars to $50M corporate jets

4. Cryptographic Verification + Commerce

• Offline authentication proves manufacturer origin
• Online payments enable instant ownership transfer via NFTs
• Combined: “Scan → Verify → Buy → Own” in under 1 second

Multi-Layer System Architecture

Multi-Service Ecosystem Architecture

The Plings ecosystem operates as an intelligent routing network with specialized services:

Service Specializations:

Core Architecture Components

┌─────────────────┐    ┌──────────────────┐    ┌─────────────────┐
│   Physical      │    │    Plings        │    │    Solana       │
│   Objects       │◄──►│   Platform       │◄──►│   Blockchain    │
│                 │    │                  │    │                 │
│ • QR/NFC Tags   │    │ • HD Wallet      │    │ • Object PDAs   │
│ • Identifiers   │    │ • Graph Database │    │ • NFT Minting   │
│ • Commerce URLs │    │ • Auth System    │    │ • Payments      │
└─────────────────┘    └──────────────────┘    └─────────────────┘

Data Layer - Dual Database Architecture

PostgreSQL (Supabase)

• User authentication and organization management
• HD wallet path registry (collision prevention)
• Object metadata and image storage
• Row Level Security for multi-tenancy

Neo4j (Graph Database)

• Object relationships (spatial, functional, ownership)
• Complex hierarchy navigation (PART_OF, CURRENT_IN chains)
• Graph traversal for advanced queries

Solana Blockchain

• Object ownership via dynamic NFTs
• Payment routing through Program Derived Addresses
• Smart contracts for commerce, rental, insurance
• Global state independent of Plings infrastructure

API Layer - GraphQL with HD Wallet Extensions

Core Object Operations

• createObject → Generates HD wallet path and Solana PDA
• transferOwnership → Updates both Neo4j and Solana NFT
• processPayment → Routes through PDA to appropriate parties

Commerce Integration

• getObjectPricing → Service marketplace discovery
• executeTransaction → Atomic payment + ownership transfer
• validateAuthenticity → Cryptographic manufacturer verification

System Layer Responsibilities

Frontend Layer - User Interface (Vercel)

Repository: Plings-Lovable-Frontend
URL: https://plings.io
Technology: React + TypeScript PWA

Responsibilities:

• QR/NFC scanning with instant object identification
• Progressive enhancement (works with/without app)
• Real-time payment integration via Solana wallets
• Scan → Authenticate → Purchase user flows
• Service marketplace interface (rent, repair, insure)
• Ownership history and transfer tracking
• Future: Task-specific mobile applications

Director Layer - Intelligent Routing & Security

URL: https://s.plings.io
Technology: Edge-deployed routing service with four core functions

The Director’s Four Functions:

1. Director Function - Intelligent Context-Aware Routing
   • Route based on object status (for sale → market.plings.io, for rent → rent.plings.io)
   • User authentication-aware routing (owner scans vs. public scans)
   • A/B testing and experimentation without changing QR codes
   • Service discovery and geographic routing
2. Logger Function - Centralized Analytics & Tracking
   • Universal scan event logging before any redirect
   • GPS location tracking (with consent) for Lost & Found
   • Cross-service analytics independence
   • Privacy-compliant scan pattern analysis
3. Firewall Function - Security & Protection Layer
   • Rate limiting per IP/identifier (100 scans/minute)
   • DDoS protection at edge level
   • Input validation and injection prevention
   • Malicious URL parameter filtering
4. Freedom to Evolve - Future-Proof Architecture
   • Add new services without reprinting physical QR codes
   • Update routing logic globally and instantly
   • Handle service outages with graceful fallbacks
   • Enable new features through routing changes only

Why Not Direct Routing: Physical QR codes are permanent infrastructure. The Director layer provides infinite flexibility to evolve services, add features, and adapt user experiences without the cost and complexity of replacing millions of physical identifiers.

Director Verification Strategy

The Director implements a hybrid verification approach using cached manufacturer public keys for class verification at the edge, reducing backend load by ~70% while maintaining security through API-based instance verification. For detailed implementation, see s.plings.io Implementation Guide.

Backend Layer - Core Services (Vercel)

Repository: Plings-Backend
URL: https://api.plings.io
Technology: FastAPI + Python + Ariadne GraphQL

Responsibilities:

• GraphQL API: Single endpoint for all frontend data needs
• HD Wallet Operations: Cryptographic verification and key management
• Dual Database Management: PostgreSQL (Supabase) + Neo4j coordination
• Solana Integration: Blockchain transactions and NFT management
• Authentication: User management and API security
• Business Logic: Object lifecycle, relationships, ownership

Data Flow Summary

Object Creation Flow

1. Manufacturer requests HD path allocation
2. Path Registry allocates collision-free path
3. HD Wallet Service generates Solana keypair from path
4. Object metadata stored in PostgreSQL
5. Relationships stored in Neo4j
6. QR code contains path → Solana PDA for payments

Commerce Transaction Flow

1. Consumer scans object QR code
2. Frontend resolves path to object data + Solana PDA
3. Payment sent to PDA (manufacturer cannot intercept)
4. Smart contract validates and routes payment
5. NFT ownership transferred atomically
6. Neo4j relationships updated for new owner

Authentication Flow

1. Scan reveals HD path and manufacturer signature
2. Cryptographic verification proves manufacturer origin
3. Path validation confirms authentic Plings identifier
4. Offline verification possible without network
5. Online enhances with full object history

Economic Architecture

Revenue Model Transformation

Traditional: Platform fees on transactions Plings: Payment infrastructure replacement - becomes the global commerce backbone

Transaction Fee Structure

• Solana network fee: $0.00025 per transaction
• Plings service fee: Competitive with credit card processing (2-3%)
• Manufacturer royalties: Automatic distribution on resales
• Service commissions: Rent, repair, insurance marketplace fees

Global Scale Potential

• Current credit card volume: ~$4 trillion annually
• Plings addressable market: All physical object commerce
• Firedancer upgrade: 600K TPS (10x Visa capacity)

API Architecture & Developer Integration

GraphQL API Endpoint

Production URL: https://api.plings.io/graphql
Technology: Ariadne GraphQL over FastAPI
Documentation: Interactive GraphiQL explorer available at endpoint

Key API Capabilities

• Object Operations: Create, query, update object instances and classes
• Relationship Management: Spatial, functional, and ownership relationships
• Authentication: JWT-based user sessions with Supabase integration
• HD Wallet Integration: Cryptographic verification and key operations
• Blockchain Operations: Solana transaction management and NFT operations

Example GraphQL Queries

# Query object by identifier
query GetObject($identifier: String!) {
  objectByIdentifier(identifier: $identifier) {
    id
    name
    objectClass {
      name
      description
    }
    spatialLocation {
      name
      path
    }
    owner {
      username
    }
  }
}

# Create new object instance
mutation CreateObject($input: CreateObjectInput!) {
  createObject(input: $input) {
    id
    plingsPath
    solanaAddress
    verificationKey
  }
}

For New Developers

Multi-Service Architecture Understanding:

1. Director-First Routing: All QR scans enter through s.plings.io Director layer
2. Service-Specific Frontends: Objects route to specialized services based on status/context
3. Unified Backend API: All services consume the same api.plings.io/graphql endpoint
4. Shared Authentication: .plings.io domain cookies enable seamless service transitions

Backend Strategy Understanding:

1. Single GraphQL Endpoint: All frontend data needs served through api.plings.io/graphql
2. Dual Database Coordination: Business logic in Python coordinates PostgreSQL + Neo4j
3. HD Wallet Security: Cryptographic operations handled server-side with multi-tier key management
4. Blockchain Integration: Solana operations abstracted through GraphQL mutations
5. Multi-Tenant Security: Supabase RLS ensures data isolation between organizations

Development Flow with Director:

1. QR Scan Flow: QR codes → Director verification → Service routing → GraphQL API
2. Frontend Development: Each service queries GraphQL API for specialized data needs
3. Backend Development: Implement business logic in FastAPI resolvers (shared across services)
4. Database Operations: Use PostgreSQL for security/metadata, Neo4j for relationships
5. Director Integration: Services receive enriched parameters from Director routing

Deployment Topology

Multi-Service Deployment Strategy

Service Distribution:

• Main App: Plings-Lovable-Frontend → Vercel CDN (plings.io)
• Director: Intelligent routing service → Vercel Edge (s.plings.io)
• Marketplace: Specialized commerce frontend → Vercel CDN (market.plings.io)
• Rentals: Rental platform frontend → Vercel CDN (rent.plings.io)
• Lending: Lending platform frontend → Vercel CDN (lend.plings.io)
• Business: Enterprise tools frontend → Vercel CDN (business.plings.io)
• Backend API: Plings-Backend → Vercel Serverless (api.plings.io)

Director Parameter Enrichment:

// Director transforms scanned URLs into enriched service URLs
// Input:  https://s.plings.io?t=q&i=ABC123&p=4.2.3.3.6
// Output: https://market.plings.io/item?oid=obj-123&ikey=ABC123&path=4.2.3.3.6&src=scan

Database Infrastructure

• Supabase PostgreSQL (managed, global) - User auth, object metadata
• Neo4j Aura (managed graph database) - Relationship traversal
• Solana validators (decentralized blockchain) - Object ownership & payments

Authentication & Session Management

• Shared Domain Cookies: .plings.io enables seamless service transitions
• Single Sign-On: Login once, access all specialized services
• Session Persistence: Director preserves user context during routing

Development Coordination

• Cross-Repository Features: Claude Code coordinates full-stack features across services
• Unified Backend: All services share the same GraphQL API at api.plings.io
• Consistent Authentication: Shared auth system across all domains
• Centralized Documentation: Unified docs at https://docs.plings.io

Security & Compliance Posture

Cryptographic Security

• HD wallet master key in Hardware Security Modules (HSM)
• BIP32 standard compliance for interoperability
• Ed25519 signatures for Solana blockchain compatibility
• Program Derived Addresses prevent payment interception

Financial Compliance

• Payment routing through regulated Solana programs
• Audit trails on immutable blockchain ledger
• Anti-money laundering integration with service providers
• Tax reporting APIs for transaction transparency

Data Protection

• Row Level Security in PostgreSQL for multi-tenancy
• GraphQL authentication for API access control
• Minimal data storage (only objects using Plings services)
• GDPR compliance with right to be forgotten

Competitive Moat

Technical Moat

1. HD Wallet Innovation: First system to use HD paths as Solana addresses
2. PDA Security Model: Solves payment interception while preserving manufacturer control
3. Dual Database Architecture: Leverages strengths of relational + graph databases
4. Offline + Online Hybrid: Works without network, enhanced with connectivity

Economic Moat

1. Network Effects: Every object strengthens ecosystem
2. Infrastructure Lock-in: Replaces traditional payment systems
3. Global Scale: Same system works for any price point
4. First Mover Advantage: Establishing object commerce standards

Strategic Positioning

Vision: Replace Visa/Mastercard by making every physical object a payment terminal Path: Build through niche use cases → expand to universal commerce infrastructure Timeline: 5-10 years to global payment infrastructure significance

This system overview emphasizes the revolutionary nature of enabling direct financial transactions to objects through HD wallet architecture. For detailed technical specifications, see Plings Identifier Specification.