feat: isolated dev environment, encrypted voting, slug-decoupled hackathon URLs

[agustinkassis]

Summary

Three related workstreams, built and tested together against an isolated local environment so nothing touches production relays during development.

Stacked on #36. Base is claude/thirsty-galileo-a3303c (PR #36's branch), so this PR shows only its own commit. Retarget to main once #36 merges.

1. Isolated dev environment (off by default)

Gated entirely by NEXT_PUBLIC_DEV_MODE — production leaves it unset and none of this renders.

• DEV MODE bar with an identity switcher and impersonation of any soldier/dummy via deterministic stand-in keys (lib/devImpersonation): reads key off the real pubkey while signing stays on the stand-in. The real secret keys are never held.
• Local nostr relay (dev/relay, nostr-rs-relay via Docker) + a NEXT_PUBLIC_NOSTR_RELAYS override so all publish/read traffic can be routed locally.
• Dummy-data generator (lib/devSeed) + dev-only API routes (app/api/dev/*, 404 unless dev mode).
• "Mis hackatones" dashboard page; impersonation-aware dashboard reads.
• pnpm scripts gen:dev-keys, relay:up|down|logs; documented in AGENTS.md + .env.example.

2. Encrypted community voting

• Ballots are NIP-44 encrypted to La Crypta's key and signed by the voter — allocations are unreadable on the relay and tallied server-side only (lib/voting, votingClient, nostrSigner, nip46Client, zap).
• While voting is open, results are hidden; only who voted + their declared count is shown.
• Two-step admin close (preview → confirm): the backend decrypts, re-validates each voter's budget, signs the frozen result with countedBallotIds, and assigns winners. Prize payout stays manual.

3. Hackathon URL slug decoupling

• Keeps the internal id zaps (already-published community events reference it) but serves the public URL at /hackathons/gaming via an optional slug; getHackathon resolves both id and slug.
• All public links, canonicals, sitemap, OG/Twitter images and JSON-LD use the slug; route handlers and data lookups continue keying off the canonical id. Legacy /hackathons/zaps still resolves (200) and canonicalizes to /hackathons/gaming.

Verification

• pnpm build passes; prerender emits /hackathons/gaming (no zaps route).
• Served the build: /hackathons/gaming and legacy /hackathons/zaps both 200, both canonical → gaming; no stray /hackathons/zaps links.
• Encrypted voting validated end-to-end in the dev environment (NIP-44 round-trip opaque on relay; server-side decrypt + tally; over-budget rejected; signed frozen close).

Notes

• No test runner / linter / CI is wired in this repo; verification is pnpm build + manual.
• The local relay's sqlite (dev/relay/data/) is gitignored; only config.toml + docker-compose.yml are committed. No secrets included.

🤖 Generated with Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
lacrypta-dev	Ready	Preview, Comment	Jun 18, 2026 3:26pm

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f51cd495-4e59-4c39-aad6-f89a71e63908

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/dev-environment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}