Repository layout
| Path | Responsibility |
|---|---|
apps/landing | Public protocol website and live market summary. |
apps/web | Wallet, deposit, withdrawal, performance, and agent UI. |
apps/api | Market reads, policy runtime, keeper, executor, and operator routes. |
apps/indexer | Ponder event indexing and GraphQL. |
apps/docs | Mintlify product and developer documentation. |
contracts | Foundry contracts, scripts, and tests. |
packages/shared | Mantle addresses and shared TypeScript contracts. |
Trust boundaries
- The model returns a proposal; it cannot directly call contracts or exchanges.
- Policy code constrains actions and target notional.
- Vault writes require the authorized onchain keeper.
- Exchange writes require explicit trading enablement and venue checks.
- Operator endpoints require
X-Molq-Operator-Key. - Decision evidence is committed to the logger and indexed independently.