The most recent home feed on DEV Community. https://dev.to en arun rajkumar Tue, 07 Apr 2026 19:35:42 +0000 https://dev.to/mickyarun/open-banking-was-built-for-the-wrong-future-and-thats-why-its-perfect-for-ai-agents-4oha https://dev.to/mickyarun/open-banking-was-built-for-the-wrong-future-and-thats-why-its-perfect-for-ai-agents-4oha <p>Visa announced infrastructure for AI agents to make payments without asking you first.</p> <p>GoCardless shipped an MCP server in February so developers can talk to their payment platform in natural language.</p> <p>I build open banking payment infrastructure for the UK. I've been watching both of these announcements very closely.</p> <p>And I have a counterintuitive take: <strong>the payment rail everyone called "too complicated for normal users" might be the only one that actually works for AI agents.</strong></p> <h2> The Problem With Cards and AI Agents </h2> <p>When an AI agent needs to make a payment on your behalf, the obvious infrastructure is what already exists. Cards. Stored credentials. The same rails your Netflix subscription uses.</p> <p>Here's the problem.</p> <p>Card authorisation is broad. When you give Stripe a card token, you're essentially giving that token permission to charge whatever you've authorised — subject to 3DS, fraud rules, and limits. But the authorisation scope isn't bound to a specific action.</p> <p>For an AI agent, that's dangerous.</p> <p>You want an agent to book a flight. It has your card token. Nothing technically stops it from booking the wrong flight, adding seat upgrades you didn't ask for, or — if the prompt is maliciously crafted — doing something you absolutely didn't intend.</p> <p>Visa understands this. Their Trusted Agent Protocol exists precisely to solve it: a way for merchants to verify that an agent is legitimate and acting within its authorised scope. It's clever engineering. But it's being bolted onto rails that weren't designed for it.</p> <p>Open banking wasn't designed for AI agents either. But its constraints happen to be exactly the right shape.</p> <h2> What Open Banking Consent Actually Looks Like </h2> <p>When a customer pays via open banking — the way Atoa processes payments — here's what actually happens under the hood:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>1. Merchant creates a payment consent object → amount: £49.99 → merchant: Atoa test merchant → purpose: "Coffee subscription - April" 2. Customer is redirected to their bank → Bank shows: "Atoa wants to take £49.99 from your account" → Customer approves or declines → Bank issues a single-use authorisation code 3. Atoa exchanges the code for the payment → One payment. Specific amount. Specific purpose. → The authorisation is consumed. It cannot be reused. </code></pre> </div> <p>Every payment is its own consent event. Every consent is scoped to a specific amount and purpose. You can't overcharge. You can't quietly add extras. You can't reuse the authorisation.</p> <p>For a human user, this is friction. That's why open banking adoption was slow. Nobody wants to log into their banking app every time they buy something.</p> <p>For an AI agent, this friction is a feature.</p> <h2> Why the Consent Model Fits AI Agents </h2> <p>Think about what you actually want when an AI agent makes a payment on your behalf.</p> <p>You want:</p> <ul> <li>It to charge exactly the amount you authorised</li> <li>The scope to be limited to what you asked it to do</li> <li>The ability to revoke access without cancelling your card</li> <li>A clear audit trail showing what was authorised and when</li> <li>The payment to fail loudly if anything is out of scope — not silently proceed</li> </ul> <p>Open banking gives you all of that by default.</p> <p>Cards give you none of it by default, and you have to engineer it in.</p> <p>The FCA even made it better recently. They removed the 90-day re-authentication requirement that was causing 20-40% customer drop-off for third-party payment providers. Persistent consent — once granted to an agent — can now remain valid without forcing a re-authentication loop.</p> <p>That's a massive unlock for agentic payment flows.</p> <h2> The Real Engineering Challenge: Consent Lifecycle for Agents </h2> <p>Here's where it gets genuinely hard.</p> <p>When a human completes an open banking payment, the flow is synchronous: they go to the bank, they approve, they come back. Done.</p> <p>When an AI agent initiates a payment, the flow might look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>User: "Book the Bangalore to London flight if the price drops below £600" Agent: [Monitors prices for 3 days] Agent: [Price hits £598 on a Wednesday morning] Agent: [Attempts to initiate payment] → But the user's open banking consent was granted for a specific session → That session token expired 6 hours ago → Payment fails Result: Agent missed the window. User wakes up to a "couldn't book your flight" message. Price is now £640. </code></pre> </div> <p>Consent that's synchronous and session-bound doesn't work for agents that act asynchronously.</p> <p>This is the real engineering problem. Not "can AI agents make payments?" — they clearly can. But "what does the consent model look like for an agent that might act hours or days after the user gave permission?"</p> <p>There are a few approaches:</p> <p><strong>Option 1: Pre-authorised payment mandates</strong><br> Open banking supports Variable Recurring Payments (VRPs) — essentially mandates where the user sets a maximum amount and time window, and the payment provider can initiate within those bounds without re-authentication.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Conceptual structure of a VRP mandate for an agent</span> <span class="kr">interface</span> <span class="nx">AgentPaymentMandate</span> <span class="p">{</span> <span class="nl">agentId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">maxAmountPence</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="c1">// Agent cannot exceed this</span> <span class="nl">validUntil</span><span class="p">:</span> <span class="nb">Date</span><span class="p">;</span> <span class="c1">// Time-bounded consent</span> <span class="nl">allowedMerchants</span><span class="p">:</span> <span class="kr">string</span><span class="p">[];</span> <span class="c1">// Scope: only these merchants</span> <span class="nl">purpose</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="c1">// What this mandate is for</span> <span class="nl">requiresConfirmation</span><span class="p">:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="c1">// Some actions still need approval</span> <span class="p">}</span> </code></pre> </div> <p>The agent operates within a pre-defined envelope. The user sets the boundaries once. The agent acts within them.</p> <p><strong>Option 2: Payment intent + human gate</strong><br> Agent identifies a payment opportunity, creates a payment intent, notifies the user. User approves in one tap. Agent executes.</p> <p>This is the pattern we're building toward at Atoa — merchant describes what they need in natural language, agent proposes the payment, human approves in one tap, open banking rails execute it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// What an agent workflow might look like</span> <span class="kd">const</span> <span class="nx">intent</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">paymentAgent</span><span class="p">.</span><span class="nf">proposePayment</span><span class="p">({</span> <span class="na">merchant</span><span class="p">:</span> <span class="dl">'</span><span class="s1">flight-booking-service</span><span class="dl">'</span><span class="p">,</span> <span class="na">amount</span><span class="p">:</span> <span class="mi">59800</span><span class="p">,</span> <span class="c1">// £598.00 in pence</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">'</span><span class="s1">BLR→LHR flight, price hit target of £600</span><span class="dl">'</span><span class="p">,</span> <span class="na">expiresAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">+</span> <span class="mi">30</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">),</span> <span class="c1">// 30 min window</span> <span class="p">});</span> <span class="c1">// User gets notified: "Your agent wants to book your flight for £598. Approve?"</span> <span class="c1">// One tap. Payment executes.</span> </code></pre> </div> <p><strong>Option 3: Programmatic consent with audit trail</strong><br> For fully autonomous agents — the Visa Intelligent Commerce model — the agent holds delegated credentials scoped to specific actions, with every payment logged against the authorisation that permitted it.</p> <p>We're not here yet in open banking. But the architecture exists to get there.</p> <h2> What We're Thinking About at Atoa </h2> <p>We build open banking payment infrastructure. POS terminals, payment links, invoicing, online checkouts. Everything goes through bank payment rails.</p> <p>We're thinking about this differently to most — our payment surfaces each have different agent-readiness, and that's shaped how we're approaching the consent problem. When Visa announced Intelligent Commerce, our first question wasn't "can we compete with this?" It was: "which of our surfaces are ready right now, and which ones need the architecture to change?"</p> <p>Here's our honest assessment:</p> <p><strong>Pay by Link — probably the most agent-ready thing we have.</strong> An agent could generate a payment link, send it to a customer, and monitor completion. The consent event is triggered by the link recipient, not the agent. The agent just facilitates.</p> <p><strong>Payment Pages — also strong.</strong> A merchant's agent could build and publish a payment page with specific parameters. No card infrastructure needed.</p> <p><strong>POS Terminal — hardest.</strong> The consent flow requires physical presence for SCA. An agent isn't physically present. This one needs new thinking.</p> <p><strong>Invoicing — interesting.</strong> An agent managing a merchant's books could issue invoices and track payment status. The open banking payment confirmation is machine-readable. This is real today.</p> <p>The shape of "agentic commerce" looks different for each surface. There's no one-size-fits-all answer.</p> <h2> The Question Every Open Banking Developer Should Be Asking </h2> <p>GoCardless shipping an MCP server tells you something important: <strong>payment infrastructure companies are now thinking about developers' AI workflows as a first-class use case.</strong></p> <p>Not just "can humans use our API?" but "can an AI agent use our API safely?"</p> <p>That's a different design question. An API designed for humans assumes there's a human reading error messages, handling edge cases, making judgment calls. An API designed for agents needs those things to be machine-readable, scoped, and predictable.</p> <p>Open banking has a head start here. The consent model is explicit. The amounts are bounded. The authorisation chain is auditable. Every payment has a "why" attached to it.</p> <p>The engineers who figure out the consent lifecycle problem — how do you grant an agent payment permissions that are time-bounded, amount-bounded, and purpose-bounded, without requiring the human to be present at the moment of execution — will be building the infrastructure that the next decade of agentic commerce runs on.</p> <p>That's the problem I'm thinking about.</p> <p>What's your take — does the card world catch up to open banking here, or does the consent model give open banking a structural advantage in the agent era?</p> <p><em>Arun Rajkumar is CTO &amp; Co-Founder of <a href="https://paywithatoa.co.uk" rel="noopener noreferrer">Atoa</a>, an FCA-authorised open banking payments platform in the UK. He writes about payments, fintech engineering, and building for the UK from India. <a href="https://dev.to/mickyarun">@mickyarun</a></em></p> webdev ai openbanking fintech Erik Novikov Tue, 07 Apr 2026 19:35:39 +0000 https://dev.to/eriknovikov/the-tech-market-is-tough-heres-what-actually-matters-4ekb https://dev.to/eriknovikov/the-tech-market-is-tough-heres-what-actually-matters-4ekb <h2> The situation </h2> <p>Layoffs, an influx of new devs, and AI getting more capable every month. The market is genuinely harder than it was a few years ago — both at entry level and senior. Supply is up, so the average developer's value is down. That's just supply and demand.</p> <p>But the average developer is not you. Here's why it's not as grim as it looks.</p> <h2> Competence still wins </h2> <p>The market isn't homogeneous. Two developers with the same title and years of experience can be worlds apart in actual ability. What separates them:</p> <p><strong>1. Problem-solving over knowledge accumulation</strong></p> <p>The developer who knows three frameworks but can't think through an unfamiliar problem is less valuable than the one with strong fundamentals who can adapt fast. Protocols, concurrency, system design, debugging, fixing and shipping under pressure — these transfer across stacks. Knowing by heart a specific library or framework doesn't.</p> <p>A concrete example: migrating a microservice from Java to Go. A developer who's never touched Java might freeze. A developer with solid fundamentals in how languages handle concurrency and how services communicate will figure it out. Be the second developer.</p> <p><strong>2. AI leverage</strong></p> <p>Use AI to plan, brainstorm, review, and code — but stay in the driver's seat. Vibe-coding your way to a shipped feature might look fast until you spend hours debugging a system you never actually understood. AI is a force multiplier, not a replacement for understanding what you're building.</p> <p><strong>3. Learning rate</strong></p> <p>In tech, what you know today matters less than how fast you can learn something new and apply it. The half-life of any specific skill is shrinking. Your ability to pick things up quickly is the most durable asset you have.</p> <h2> Final word </h2> <p>Don't stress over the market. Get extremely good instead. Strong fundamentals, smart use of AI, and a fast learning rate will put you ahead of most. Focus on those and the rest takes care of itself.</p> Hafiz Khurram Javid Tue, 07 Apr 2026 19:34:43 +0000 https://dev.to/hafiz_khurramjavid_610cf/what-is-browser-fingerprinting-how-websites-track-you-without-cookies-2026-3dfn https://dev.to/hafiz_khurramjavid_610cf/what-is-browser-fingerprinting-how-websites-track-you-without-cookies-2026-3dfn <p>You cleared your cookies. You switched to private browsing. You even tried a VPN. And yet the website still knew it was you.</p> <p>Browser fingerprinting is why - and it works by reading signals from your device that you cannot delete, clear, or turn off.</p> <h2> What Is Browser Fingerprinting? </h2> <p>Browser fingerprinting identifies you by combining technical details about your browser and device into a unique profile. Your <strong>GPU model, installed fonts, screen resolution, audio hardware, timezone, and language settings</strong> are all read silently - no permission prompt, no cookie banner, no storage on your device.</p> <p>Each individual signal is not unique. Millions of people have a 1920×1080 screen. Millions use Chrome on Windows. But when you combine 13 or more signals together, the resulting fingerprint is statistically unique for <strong>83–90% of users</strong>, according to research from AmIUnique.org and the EFF's Panopticlick project.</p> <p>Unlike cookies, fingerprinting leaves no trace on your device. There is nothing to clear, nothing to block with standard privacy settings, and nothing that resets when you close your browser.</p> <h2> Cookies vs. Fingerprinting: The Key Difference </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th></th> <th>Cookies</th> <th>Fingerprinting</th> </tr> </thead> <tbody> <tr> <td>Stored on your device?</td> <td>Yes</td> <td>No</td> </tr> <tr> <td>Can you delete it?</td> <td>Yes</td> <td>No</td> </tr> <tr> <td>Blocked by incognito?</td> <td>Partially</td> <td>No</td> </tr> <tr> <td>Blocked by cookie banners?</td> <td>Yes (if compliant)</td> <td>Rarely</td> </tr> <tr> <td>Requires GDPR consent?</td> <td>Yes</td> <td>Yes - but often ignored</td> </tr> <tr> <td>Survives browser reset?</td> <td>No</td> <td>Yes</td> </tr> </tbody> </table></div> <h2> The 13 Signals That Make Up Your Fingerprint </h2> <p>Here are the main vectors websites use, ranked by how much identifying information each contributes (measured in entropy bits):</p> <h3> 🔖 User Agent String - 10.5 bits (High) </h3> <p>Your browser's identity card. Reports your exact browser name, version, OS, and CPU architecture. A single string that narrows you to a very small group.</p> <h3> 🎨 Canvas Fingerprint - 8.5 bits (High) </h3> <p>The website draws invisible shapes on a hidden canvas element and reads back the pixel data. Your GPU and OS render these slightly differently, creating a hash unique to your hardware.</p> <h3> 🔤 Installed Fonts - 7.5 bits (High) </h3> <p>The exact set of fonts on your system is surprisingly unique. Design tools, games, and work applications all install custom fonts. The combination is often one-of-a-kind.</p> <h3> 🔺 WebGL / GPU Renderer - 7.2 bits (High) </h3> <p>WebGL exposes your exact GPU model and driver version to every website without any permission required. Your graphics card is effectively signing every page you visit.</p> <h3> 🔊 Audio Fingerprint - 5.4 bits (High) </h3> <p>A silent tone is processed through your audio hardware using the Web Audio API. The tiny differences in how your chip handles it create a unique signature - completely invisible and inaudible.</p> <h3> 📐 Screen Resolution - 4.8 bits (Medium) </h3> <p>Your screen width, height, color depth, and device pixel ratio. Multi-monitor and high-DPI configurations are especially distinctive.</p> <h3> 🌍 Browser Language - 4.2 bits (Medium) </h3> <p>The languages your browser is configured to use. Multilingual users with uncommon language pairs can be nearly uniquely identified from this single vector.</p> <h3> ⚙️ Hardware Profile - 3.1 bits (Medium) </h3> <p>CPU core count and RAM. Combined with other signals, this narrows your device to a small group.</p> <h3> 🕐 Timezone - 3.8 bits (Medium) </h3> <p>Your browser reports your real timezone even behind a VPN. A mismatch between your IP geolocation and timezone is a classic VPN detection signal.</p> <h2> How Websites Actually Use Your Fingerprint </h2> <p>The most common uses are <strong>ad tracking</strong>, <strong>fraud detection</strong>, and <strong>paywall enforcement</strong>.</p> <p>Ad networks build profiles of your browsing behavior across thousands of sites and use fingerprinting to link those sessions together even when you clear cookies. Banks use fingerprinting as a fraud signal - a sudden change in fingerprint triggers verification challenges.</p> <p>News sites and streaming platforms use fingerprinting to enforce article limits and free trial periods. Clearing cookies resets the counter; fingerprinting does not.</p> <p>More troublingly, data brokers purchase fingerprint-linked browsing profiles and combine them with offline data. A 2025 investigation found that some brokers could link anonymous browsing sessions to real names and addresses through fingerprint data alone.</p> <h2> Is Browser Fingerprinting Legal? </h2> <p>Under <strong>GDPR</strong>, fingerprinting constitutes processing of personal data because it creates a unique identifier. This means it requires a lawful basis - almost always consent - and must be disclosed. In practice, most websites outside the EU fingerprint without consent.</p> <p>Under <strong>CCPA and CPRA</strong>, browser fingerprints qualify as unique personal identifiers, giving California residents the right to opt out of their sale. Most US state privacy laws passed since 2023 include similar provisions.</p> <p>The EU's ePrivacy Directive specifically covers fingerprinting and requires consent, but enforcement has been inconsistent.</p> <h2> How to Reduce Your Browser Fingerprint </h2> <h3> → Switch to Brave Browser <em>(highest impact)</em> </h3> <p>Brave actively randomizes canvas, WebGL, audio, and font fingerprinting vectors on every page load. The only mainstream browser with built-in fingerprint randomization that changes per session.</p> <h3> → Use the Tor Browser <em>(maximum anonymity)</em> </h3> <p>Tor makes every user appear identical by standardizing all fingerprinting vectors. Trade-off: significantly slower browsing.</p> <h3> → Firefox with Strict Mode <em>(good balance)</em> </h3> <p>Firefox's Enhanced Tracking Protection in strict mode blocks known fingerprinting scripts and restricts font enumeration.</p> <h3> → Install CanvasBlocker <em>(partial)</em> </h3> <p>A Firefox extension that randomizes canvas fingerprinting output. Effective against canvas tracking but leaves WebGL and audio untouched.</p> <h2> The Paradox of Anti-Fingerprinting </h2> <p>There is a cruel irony at the heart of fingerprinting defense: some protective measures can make you <em>more</em> distinctive.</p> <p>Enabling Do Not Track, for example, is set by only about 12% of users - meaning having it on is itself a fingerprinting signal. Using an uncommon browser or heavily customizing privacy settings can make your fingerprint more unique rather than less.</p> <p>The most effective defense is not customization but standardization - using browsers designed to make all users appear identical, like Tor.</p> <h2> Test Your Own Fingerprint </h2> <p>The best way to understand your exposure is to see it directly.</p> <p><strong><a href="https://trustscan.dev/tools/browser-fingerprint-analyzer" rel="noopener noreferrer">TrustScan's Browser Fingerprint Analyzer</a></strong> runs 13 tracking vectors against your browser, calculates your entropy score, and shows exactly which signals are most identifying - with specific reduction steps.</p> <p>It runs entirely in your browser. Nothing is collected or transmitted. Free, no account required.</p> <h2> The Bottom Line </h2> <p>Browser fingerprinting is the tracking technique that works after everything else fails. It does not use cookies. It cannot be cleared by standard browser settings. It is not defeated by a VPN alone. And it is used by thousands of advertising networks and data brokers right now.</p> <p>Understanding what it is - and testing your own exposure - is the first step to making informed decisions about your browser and your privacy.</p> <p><em>Originally published at <a href="https://trustscan.dev/blog/what-is-browser-fingerprinting-2026" rel="noopener noreferrer">trustscan.dev</a>. TrustScan is a free privacy and security toolkit - 100% client-side, no data collected.</em></p> privacy security webdev browsers Juan Torchia Tue, 07 Apr 2026 19:32:37 +0000 https://dev.to/jtorchia/quantum-computing-para-el-dev-web-que-no-estudio-fisica-cuando-preocuparse-en-serio-3ea4 https://dev.to/jtorchia/quantum-computing-para-el-dev-web-que-no-estudio-fisica-cuando-preocuparse-en-serio-3ea4 <p>Hay días que abrís Hacker News y encontrás un post que te hace sentir que sabés muy poco de algo que creías tener medianamente claro. Esta semana fue uno de esos días.</p> <p>Un criptógrafo cuántico posteó un análisis técnico sobre el estado actual del quantum computing aplicado a criptografía. 289 puntos. 340 comentarios. Yo entendí quizás el 30% del hilo. Y eso que llevo más de una hora intentando seguirlo.</p> <p>La pregunta que me quedó dando vueltas no es abstracta: <strong>¿cuándo debería yo — un full-stack developer que deployea en Railway, piensa en milisegundos de response time y la semana pasada optimizó <a href="https://dev.to/blog/optimizacion-performance-nextjs-3s-a-300ms">una app Next.js de 3 segundos a 300ms</a> — empezar a preocuparme en términos prácticos?</strong></p> <p>No sé la respuesta. Pero eso es exactamente por qué vale la pena escribir este post.</p> <p>El quantum computing es básicamente como tener un cerrajero que no intenta cada llave una por una, sino que de alguna manera prueba todas las llaves posibles al mismo tiempo. Y lo que hoy te lleva millones de años romper con fuerza bruta, con esa lógica podría llevar horas.</p> <p>Una vez que lo ves así, entendés por qué los criptógrafos se ponen nerviosos.</p> <h2> El quantum computing timeline para desarrolladores web: el estado real en 2025 </h2> <p>Primer aclaramiento importante: <strong>no estoy hablando de algo que pasa mañana</strong>. El quantum computing que existe hoy es ruidoso, inestable, y no escala bien. Las máquinas de IBM o Google tienen decenas o cientos de qubits "reales" pero con tasas de error que hacen que la mayoría de los algoritmos criptográficamente relevantes sean imposibles de correr.</p> <p>Para romper RSA-2048 — el estándar que protege buena parte de HTTPS hoy — necesitarías aproximadamente 4000 qubits lógicos estables. Los qubits lógicos son distintos de los físicos; necesitás muchos físicos para hacer uno lógico confiable por culpa del error de corrección.</p> <p>Hoy estamos, dependiendo de a quién le preguntés, <strong>entre 10 y 20 años lejos</strong> de tener máquinas con esa capacidad. Algunos dicen 15 años. Otros dicen que nunca llegamos. Otros dicen que ya hay actores estado-nación haciendo cosas que no vemos.</p> <p>Ese rango de incertidumbre es exactamente el problema.</p> <h3> Lo que el post de HN me hizo entender </h3> <p>El hilo que mencioné giraba alrededor de algo que se llama <strong>"harvest now, decrypt later"</strong> (HNDL). La idea es: aunque hoy no podés romper el cifrado, podés interceptar tráfico cifrado <em>ahora</em> y guardarlo para cuando tengas la capacidad cuántica de descifrarlo en el futuro.</p> <p>Eso cambia la ecuación dramáticamente. Si alguien está capturando tu tráfico HTTPS de 2025 para descifrarlo en 2035, el timeline "10 a 20 años" se convierte en <strong>ahora mismo</strong>.</p> <p>¿Quiénes hacen eso? Principalmente actores estado-nación. ¿Le importa eso a mi API de Next.js que muestra recetas de cocina? Probablemente no. ¿Le importa a un sistema de salud, a comunicaciones de defensa, a transacciones financieras de largo plazo? Absolutamente sí.</p> <p>Así que la primera respuesta práctica es: <strong>depende de qué estás construyendo</strong>.</p> <h2> Lo que como developer full-stack debería saber sobre post-quantum cryptography </h2> <p>Aquí está lo que aprendí intentando entender el hilo sin tener un PhD en física:</p> <h3> NIST ya tomó decisiones </h3> <p>En 2024, el <strong>NIST (National Institute of Standards and Technology)</strong> finalizó los primeros estándares de criptografía post-cuántica. Los algoritmos que pasaron son:</p> <ul> <li> <strong>ML-KEM</strong> (antes CRYSTALS-Kyber): para intercambio de claves</li> <li> <strong>ML-DSA</strong> (antes CRYSTALS-Dilithium): para firmas digitales </li> <li> <strong>SLH-DSA</strong> (antes SPHINCS+): para firmas digitales</li> </ul> <p>Esto es importante porque significa que el trabajo de estandarización ya pasó. No estamos esperando que los matemáticos se pongan de acuerdo — ya lo hicieron.</p> <h3> TLS 1.3 ya está preparándose </h3> <p>Chrome, Firefox y algunos servidores ya están experimentando con <strong>hybrid key exchange</strong> — combinan el algoritmo clásico (X25519) con uno post-cuántico (ML-KEM) en el mismo handshake. Si uno falla, el otro sigue funcionando. Si el cuántico resulta tener vulnerabilidades no descubiertas todavía, el clásico te cubre.</p> <p>Como dev web, probablemente esto te llegue transparentemente vía updates de OpenSSL, nginx, o Node.js. No tenés que hacer nada... todavía.</p> <h3> Lo que SÍ tenés que pensar activamente </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Esto es lo que MUCHOS proyectos hacen hoy</span> <span class="c1">// y que puede ser problemático en un horizonte post-cuántico</span> <span class="c1">// ❌ Algoritmos que eventualmente van a ser vulnerables</span> <span class="kd">const</span> <span class="nx">jwt</span> <span class="o">=</span> <span class="nf">sign</span><span class="p">(</span><span class="nx">payload</span><span class="p">,</span> <span class="nx">secret</span><span class="p">,</span> <span class="p">{</span> <span class="na">algorithm</span><span class="p">:</span> <span class="dl">'</span><span class="s1">RS256</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// RSA</span> <span class="kd">const</span> <span class="nx">encrypted</span> <span class="o">=</span> <span class="nx">crypto</span><span class="p">.</span><span class="nf">publicEncrypt</span><span class="p">(</span><span class="nx">rsaPublicKey</span><span class="p">,</span> <span class="nx">data</span><span class="p">)</span> <span class="c1">// RSA</span> <span class="c1">// ✅ Algoritmos simétricos — estos están relativamente bien</span> <span class="c1">// AES-256 sigue siendo seguro en un mundo cuántico</span> <span class="c1">// (Grover's algorithm lo debilita pero no lo rompe — 256 bits -&gt; 128 bits efectivos)</span> <span class="kd">const</span> <span class="nx">hash</span> <span class="o">=</span> <span class="nf">createHash</span><span class="p">(</span><span class="dl">'</span><span class="s1">sha256</span><span class="dl">'</span><span class="p">).</span><span class="nf">update</span><span class="p">(</span><span class="nx">data</span><span class="p">).</span><span class="nf">digest</span><span class="p">(</span><span class="dl">'</span><span class="s1">hex</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// OK por ahora</span> <span class="kd">const</span> <span class="nx">cipher</span> <span class="o">=</span> <span class="nf">createCipheriv</span><span class="p">(</span><span class="dl">'</span><span class="s1">aes-256-gcm</span><span class="dl">'</span><span class="p">,</span> <span class="nx">key</span><span class="p">,</span> <span class="nx">iv</span><span class="p">)</span> <span class="c1">// Más seguro</span> <span class="c1">// 🤔 La pregunta real: ¿tus secrets/tokens tienen que durar décadas?</span> <span class="c1">// Si un JWT expira en 1 hora, el riesgo post-cuántico es casi nulo</span> <span class="c1">// Si estás firmando contratos que tienen que ser válidos en 2040...</span> <span class="c1">// ahí sí hay que pensar distinto</span> </code></pre> </div> <p>La clave práctica que saqué: <strong>el riesgo escala con el tiempo de vida de lo que firmás o cifrás</strong>. Un access token de 15 minutos y un certificado de firma de documentos legales tienen riesgos completamente distintos.</p> <h2> Los errores de framing más comunes cuando leés sobre quantum computing </h2> <p>Acá está lo que me parece que la mayoría de los posts de divulgación hacen mal — incluyendo probablemente este:</p> <h3> Error 1: Confundir "quantum advantage" con "quantum supremacy" con "cryptographically relevant" </h3> <p>Cuando Google o IBM anuncian un hito cuántico, los medios lo presentan como "ya pueden romper el cifrado". Casi nunca es eso. Quantum advantage significa que resolvieron <em>algún problema específico</em> más rápido que una computadora clásica. Ese problema específico suele ser artificioso y diseñado para que la computadora cuántica brille.</p> <p><strong>Cryptographically relevant</strong> quantum computing — el que realmente importa — es una barra mucho más alta.</p> <h3> Error 2: Pensar que bcrypt o Argon2 están muertos </h3> <p>El hashing de passwords como bcrypt, scrypt o Argon2 usa funciones hash simétricas. El algoritmo de Grover (el que aplica computación cuántica a búsqueda) efectivamente reduce su seguridad a la mitad — pero Argon2 con parámetros modernos tiene margen de sobra. <strong>No necesitás cambiar tu sistema de autenticación ahora mismo.</strong></p> <h3> Error 3: Ignorarlo completamente porque "falta mucho" </h3> <p>Este es el error que me parece más peligroso para devs que construyen infraestructura de largo plazo. Si estás construyendo algo que va a manejar datos sensibles por décadas, <strong>el timeline importa</strong>.</p> <p>Pensá en todo lo que construí durante <a href="https://dev.to/blog/de-dos-a-cloud-mi-viaje-33-anos-1775496952619">el pivote a software development en 2020</a> — la infraestructura que elegís hoy puede seguir corriendo en producción en 2035. Cuando elegís un stack de autenticación o cifrado hoy, estás eligiendo para ese horizonte de tiempo también.</p> <h3> Error 4: Pensar que esto es solo un problema del devops o del sysadmin </h3> <p>En el ecosistema de 2025 que describí cuando <a href="https://dev.to/blog/como-construi-juanchi-dev">armé mi stack para juanchi.dev</a>, los developers full-stack tomamos decisiones de arquitectura que antes eran de ops. Eso incluye qué librería de crypto usás, cómo firmás tokens, qué tipo de certificados pedís.</p> <p>No podés delegarlo completamente.</p> <h2> Código: qué revisar en tu proyecto hoy </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Auditoría rápida de superficie de ataque post-cuántica</span> <span class="c1">// Revisá estos patrones en tu codebase</span> <span class="c1">// 1. ALGORITMOS ASIMÉTRICOS — los más vulnerables</span> <span class="c1">// Buscá: RSA, ECDH, ECDSA, DH</span> <span class="c1">// ¿Dónde aparecen?</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">generateKeyPairSync</span><span class="p">,</span> <span class="nx">createSign</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">crypto</span><span class="dl">'</span> <span class="c1">// ❓ RSA — vulnerable a Shor's algorithm</span> <span class="c1">// Si estos datos tienen que ser válidos en 2035+, pensalo</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">privateKey</span><span class="p">,</span> <span class="nx">publicKey</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">generateKeyPairSync</span><span class="p">(</span><span class="dl">'</span><span class="s1">rsa</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">modulusLength</span><span class="p">:</span> <span class="mi">2048</span><span class="p">,</span> <span class="c1">// Esto eventualmente no va a ser suficiente</span> <span class="p">})</span> <span class="c1">// ❓ ECDSA — también vulnerable, aunque más eficiente hoy</span> <span class="kd">const</span> <span class="nx">ecKey</span> <span class="o">=</span> <span class="nf">generateKeyPairSync</span><span class="p">(</span><span class="dl">'</span><span class="s1">ec</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">namedCurve</span><span class="p">:</span> <span class="dl">'</span><span class="s1">prime256v1</span><span class="dl">'</span><span class="p">,</span> <span class="p">})</span> <span class="c1">// 2. ALGORITMOS SIMÉTRICOS — relativamente OK</span> <span class="c1">// AES-256, ChaCha20-Poly1305, SHA-256/384/512</span> <span class="c1">// Estos necesitan el doble de bits para ser vulnerables (Grover)</span> <span class="c1">// pero con 256 bits tenés colchón de sobra</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">randomBytes</span><span class="p">,</span> <span class="nx">createCipheriv</span><span class="p">,</span> <span class="nx">createDecipheriv</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">crypto</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">cifrarDatosLocales</span> <span class="o">=</span> <span class="p">(</span><span class="nx">datos</span><span class="p">:</span> <span class="nx">Buffer</span><span class="p">,</span> <span class="nx">clave</span><span class="p">:</span> <span class="nx">Buffer</span><span class="p">):</span> <span class="nx">Buffer</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// AES-256-GCM — esto sigue siendo seguro post-quantum</span> <span class="kd">const</span> <span class="nx">iv</span> <span class="o">=</span> <span class="nf">randomBytes</span><span class="p">(</span><span class="mi">16</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">cipher</span> <span class="o">=</span> <span class="nf">createCipheriv</span><span class="p">(</span><span class="dl">'</span><span class="s1">aes-256-gcm</span><span class="dl">'</span><span class="p">,</span> <span class="nx">clave</span><span class="p">,</span> <span class="nx">iv</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">cifrado</span> <span class="o">=</span> <span class="nx">Buffer</span><span class="p">.</span><span class="nf">concat</span><span class="p">([</span> <span class="nx">iv</span><span class="p">,</span> <span class="nx">cipher</span><span class="p">.</span><span class="nf">update</span><span class="p">(</span><span class="nx">datos</span><span class="p">),</span> <span class="nx">cipher</span><span class="p">.</span><span class="nf">final</span><span class="p">(),</span> <span class="nx">cipher</span><span class="p">.</span><span class="nf">getAuthTag</span><span class="p">()</span> <span class="c1">// El tag de autenticación es importante</span> <span class="p">])</span> <span class="k">return</span> <span class="nx">cifrado</span> <span class="p">}</span> <span class="c1">// 3. JWT — el caso práctico más común</span> <span class="c1">// La respuesta corta: si expira en horas, no te preocupés</span> <span class="c1">// Si firmás algo permanente con JWT... cuestioná el diseño</span> <span class="kd">const</span> <span class="nx">evaluarRiesgoJWT</span> <span class="o">=</span> <span class="p">(</span><span class="nx">expiresInSeconds</span><span class="p">:</span> <span class="kr">number</span><span class="p">):</span> <span class="kr">string</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">años</span> <span class="o">=</span> <span class="nx">expiresInSeconds</span> <span class="o">/</span> <span class="p">(</span><span class="mi">365</span> <span class="o">*</span> <span class="mi">24</span> <span class="o">*</span> <span class="mi">3600</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="nx">años</span> <span class="o">&lt;</span> <span class="mi">1</span><span class="p">)</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Riesgo post-cuántico prácticamente nulo</span><span class="dl">'</span> <span class="k">if </span><span class="p">(</span><span class="nx">años</span> <span class="o">&lt;</span> <span class="mi">5</span><span class="p">)</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Riesgo bajo, monitoreá el timeline</span><span class="dl">'</span> <span class="k">if </span><span class="p">(</span><span class="nx">años</span> <span class="o">&lt;</span> <span class="mi">15</span><span class="p">)</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Riesgo moderado, considerá migración</span><span class="dl">'</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Riesgo alto — rediseñá este componente</span><span class="dl">'</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nf">evaluarRiesgoJWT</span><span class="p">(</span><span class="mi">3600</span><span class="p">))</span> <span class="c1">// "Riesgo post-cuántico prácticamente nulo"</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nf">evaluarRiesgoJWT</span><span class="p">(</span><span class="mi">10</span> <span class="o">*</span> <span class="mi">365</span> <span class="o">*</span> <span class="mi">24</span> <span class="o">*</span> <span class="mi">3600</span><span class="p">))</span> <span class="c1">// "Riesgo moderado..."</span> </code></pre> </div> <p>La función <code>evaluarRiesgoJWT</code> es una simplificación obvia, pero captura el punto central: <strong>el tiempo de vida de lo que firmás es la variable más importante</strong>.</p> <p>Cuando definís los <a href="https://dev.to/blog/typescript-patrones-avanzados-que-uso">patrones de TypeScript que usás en producción</a>, incluir tipos explícitos para el contexto de seguridad — cuánto tiempo vive un token, qué nivel de sensibilidad tienen los datos — es el tipo de diseño que ayuda cuando tenés que hacer una auditoría de esto en el futuro.</p> <h2> Qué hacer concretamente hoy (sin entrar en pánico) </h2> <p>Esta es mi lista personal, honesta, sin exagerar el riesgo:</p> <p><strong>Ahora mismo (sin importar el tipo de proyecto):</strong></p> <ul> <li>Usá TLS 1.3 — ya implementa algunas mejoras de seguridad y va a recibir actualizaciones post-cuánticas</li> <li>Preferí AES-256 sobre AES-128 para cifrado simétrico</li> <li>Mantenés las dependencias actualizadas — la migración post-cuántica va a llegar vía updates de librerías</li> <li>No implementés crypto propio — en serio, nunca, quantum o no quantum</li> </ul> <p><strong>En los próximos 1-2 años (si manejás datos sensibles de largo plazo):</strong></p> <ul> <li>Inventariá qué en tu sistema usa criptografía asimétrica y cuánto tiempo tienen que vivir esos datos</li> <li>Empezá a leer sobre las librerías que van a adoptar los algoritmos NIST — Open Quantum Safe ya tiene implementaciones</li> <li>Considerá diseñar para "cripto-agilidad": que tu sistema pueda cambiar de algoritmo sin reescribir todo</li> </ul> <p><strong>Para el <a href="https://dev.to/blog/stack-tecnologico-perfecto-2025">stack que elegiría en 2025</a>:</strong><br> Hoy elegiría librerías activamente mantenidas por organizaciones que ya tienen planes de migración post-cuántica documentados. Node.js y OpenSSL están en ese camino. Es un criterio más para sumar a la evaluación.</p> <h2> FAQ: quantum computing y desarrollo web </h2> <p><strong>¿HTTPS va a dejar de ser seguro por el quantum computing?</strong></p> <p>No en el corto plazo, y probablemente no de golpe. TLS ya está siendo actualizado con algoritmos post-cuánticos (hybrid key exchange en TLS 1.3). El browser que usás hoy ya está recibiendo estas actualizaciones gradualmente. Lo que sí es una amenaza real es el ataque "harvest now, decrypt later" para datos muy sensibles — pero eso aplica a actores estado-nación, no al tráfico web promedio.</p> <p><strong>¿Tengo que cambiar el sistema de login/passwords de mi app?</strong></p> <p>No urgentemente. bcrypt, Argon2, y scrypt usan funciones hash simétricas que son mucho más resistentes a quantum computing que los algoritmos asimétricos. Argon2id con parámetros modernos tiene margen de seguridad suficiente. La recomendación es seguir con las mejores prácticas actuales y mantenerte actualizado.</p> <p><strong>¿Los JWTs quedan obsoletos?</strong></p> <p>Depende de cómo los usés. Si firmás access tokens que expiran en 15 minutos o 1 hora, el riesgo es prácticamente nulo — para cuando exista quantum computing relevante, esos tokens llevan años vencidos. Si usás JWTs para firmar algo que tiene que ser válido por años (documentos, contratos), ahí sí hay que empezar a pensar en alternativas.</p> <p><strong>¿Qué es "post-quantum cryptography" y en qué se diferencia de "quantum cryptography"?</strong></p> <p>Post-quantum cryptography (PQC) son algoritmos clásicos — corren en computadoras normales — diseñados para ser resistentes a ataques de computadoras cuánticas. Quantum cryptography (QKD, quantum key distribution) usa principios cuánticos para la comunicación en sí. Como dev web, lo que te importa es PQC — es lo que vas a implementar en tu stack. QKD requiere hardware especializado y es un campo completamente distinto.</p> <p><strong>¿Cuándo debería empezar a usar las librerías post-cuánticas en producción?</strong></p> <p>Para la mayoría de las aplicaciones web: cuando lleguen via updates de tus dependencias actuales, que es probablemente lo que va a pasar. Node.js, OpenSSL y los providers de TLS van a implementar los estándares NIST gradualmente. Si manejás datos críticos de largo plazo, vale la pena explorar Open Quantum Safe hoy y empezar a hacer pruebas. Para el resto, mantenete actualizado y no entres en pánico.</p> <p><strong>¿El quantum computing afecta a blockchain y crypto también?</strong></p> <p>Sí, y bastante. Las criptomonedas usan ECDSA para firmar transacciones — vulnerable a Shor's algorithm. Bitcoin y Ethereum tendrían que migrar sus sistemas de firma antes de que quantum computing sea relevante. Es uno de los debates más activos en esas comunidades. Como dato de color: las wallets activas están más expuestas que las inactivas, porque las activas exponen la clave pública en cada transacción.</p> <h2> Conclusión: la ignorancia honesta como posición válida </h2> <p>Cuando empecé a escribir este post no sabía bien qué iba a concluir. Sigo sin saber si en 10 años estamos re-cifrando todo el internet o si el quantum computing sigue siendo una promesa que no termina de llegar.</p> <p>Lo que sí saqué en limpio:</p> <ol> <li><p><strong>El timeline importa más que el tema</strong>. No es un problema binario de "hay que preocuparse" o "no hay que preocuparse". Es una función del tiempo de vida de tus datos y la sensibilidad de los mismos.</p></li> <li><p><strong>La industria ya se está moviendo</strong>. NIST finalizó estándares. TLS ya está experimentando con algoritmos híbridos. No vas a tener que hacer todo a mano — va a llegar via ecosistema.</p></li> <li><p><strong>La cripto-agilidad es la mejor inversión</strong>. Diseñar tus sistemas para que puedan cambiar de algoritmo sin reescritura total es buena práctica con o sin quantum computing. La historia de la criptografía es la historia de algoritmos que se rompen y se reemplazan.</p></li> <li><p><strong>Para la mayoría de los proyectos: mantenete actualizado y no entres en pánico</strong>. Si tu app maneja credenciales de usuarios que expiran, tokens de sesión normales, y datos que no tienen que ser válidos por décadas — el riesgo hoy es bajo. Aplicá las mejores prácticas actuales.</p></li> </ol> <p>Lo que me queda pendiente es seguir leyendo. El hilo de HN que disparó esto tenía respuestas de gente con décadas de experiencia en criptografía que no se ponía de acuerdo. Eso me dice que la humildad epistémica es la postura correcta.</p> <p>Si sos el tipo de developer que, como yo, viene de diagnosticar redes a las 11pm en un cyber o de tirar un servidor de producción con <code>rm -rf</code> en la primera semana de trabajo — sabés que la mejor preparación para los problemas grandes no es entrar en pánico cuando aparecen, sino construir sistemas que puedan adaptarse.</p> <p>Eso aplica acá también.</p> <p><em>Este artículo fue publicado originalmente en <a href="https://juanchi.dev/blog/quantum-computing-timeline-desarrolladores-web" rel="noopener noreferrer">juanchi.dev</a></em></p> node fullstack quantumcomputing criptografa AdarshGzz... Tue, 07 Apr 2026 19:30:27 +0000 https://dev.to/adarshgzz/what-happens-if-you-build-your-own-trading-bot-i-tried-it-3ho9 https://dev.to/adarshgzz/what-happens-if-you-build-your-own-trading-bot-i-tried-it-3ho9 <p>I Built a Real-Time Paper Trading Bot (To Understand How Trading Systems Work and can i automate it) and it took me 3 weeks.</p> <p>so recently i wanted to understand how trading systems actually work behind the scenes</p> <p>not just charts… but like:<br> • how data comes in<br> • how decisions are made<br> • how trades are executed</p> <p>so i ended up building a paper trading bot for BTC/USDT</p> <p>(no real money involved 😅)</p> <p><strong>what it does</strong></p> <p>it connects to Binance WebSocket and gets live market data</p> <p>then on every 5-minute candle, it decides:<br> • go LONG<br> • go SHORT<br> • or do nothing</p> <p>based on a simple strategy</p> <p>*<em>the strategy *</em>(kept it simple)</p> <p>i didn’t want anything too complex</p> <p>so i used:<br> • EMA (50) → trend<br> • RSI (14) → momentum</p> <p>entry logic:<br> • LONG → price above EMA + RSI &gt; 50 + green candle<br> • SHORT → price below EMA + RSI &lt; 50 + red candle</p> <p>entry happens exactly on candle close</p> <p><strong>risk management</strong> (most important part)</p> <p>this was actually interesting to implement<br> • only 1% risk per trade<br> • stop loss based on structure (swing high/low)<br> • target = 1.5x risk<br> • auto stop trading if:<br> • -3% loss<br> • +5% profit</p> <p>also restricted trading hours to avoid random moves</p> <p><strong>tech i used</strong><br> • Node.js → backend<br> • WebSockets → real-time data<br> • PostgreSQL (Neon) → store trades + candles<br> • React → dashboard</p> <p><strong>what i learned</strong></p> <p>this project was less about trading and more about systems<br> • handling real-time streams is tricky<br> • small delays can affect decisions<br> • syncing backend + frontend in real time is not easy<br> • logic looks simple but edge cases are everywhere</p> <p><strong>live project</strong></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhfyzm8gs8f0clsnqg166.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhfyzm8gs8f0clsnqg166.png" alt=" " width="800" height="418"></a></p> <p>if you want to see it:</p> <p>👉 <a href="https://paper-trader-drab.vercel.app/" rel="noopener noreferrer">https://paper-trader-drab.vercel.app/</a><br> 👉 <a href="https://github.com/AdarshGzz/Paper-Trader" rel="noopener noreferrer">https://github.com/AdarshGzz/Paper-Trader</a></p> <p><strong>final thought</strong></p> <p>it’s still a simple bot and not something for real trading</p> <p>but building it gave me a better idea of:<br> • how trading engines work<br> • how data flows in real-time systems</p> <p>planning to improve it more (maybe better strategies or analytics)</p> <p>if you’ve built something similar or have ideas, would love to hear 👍</p> ai programming opensource cryptocurrency 0xluk3 Tue, 07 Apr 2026 19:29:00 +0000 https://dev.to/0xluk3/hello-noir-part-2-36l7 https://dev.to/0xluk3/hello-noir-part-2-36l7 <blockquote> <p>In <a href="https://dev.to/0xluk3/hello-noir-part-1-4m18">Part 1</a> we wrote a circuit, compiled it with nargo, and got two artifacts: a circuit definition and a witness. Now we will use them to actually perform the cryptographic proof check.</p> </blockquote> <h2> 1. Where we left off </h2> <p>At the end of Part 1, we had two files in <code>target/</code>:</p> <ul> <li> <strong><code>hello_world.json</code></strong> - the compiled circuit (ACIR bytecode)</li> <li> <strong><code>hello_world.gz</code></strong> - the witness (our specific input values that satisfy the constraints)</li> </ul> <p>All nargo told us was "yes, these inputs work." That's not a proof anyone else can verify - it's just a local check. To produce an actual cryptographic proof, we need Barretenberg (<code>bb</code>).</p> <h2> 2. Generating a proof with Barretenberg </h2> <p>With our <code>Prover.toml</code> set to <code>x = "2"</code> and <code>y = "1"</code> (recall: <code>x</code> is private, <code>y</code> is public), we run:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bb prove <span class="nt">-b</span> ./target/hello_world.json <span class="nt">-w</span> ./target/hello_world.gz <span class="se">\</span> <span class="nt">--write_vk</span> <span class="nt">--verifier_target</span> evm <span class="nt">-o</span> ./target </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Scheme is: ultra_honk, num threads: 8 (mem: 8.10 MiB) CircuitProve: Proving key computed in 29 ms (mem: 24.21 MiB) Public inputs saved to "./target/public_inputs" (mem: 28.56 MiB) Proof saved to "./target/proof" (mem: 28.56 MiB) VK saved to "./target/vk" (mem: 28.56 MiB) VK Hash saved to "./target/vk_hash" (mem: 28.56 MiB) </code></pre> </div> <p>Let's break down the flags:</p> <ul> <li> <code>-b</code> - path to the compiled circuit (ACIR bytecode)</li> <li> <code>-w</code> - path to the witness</li> <li> <code>--write_vk</code> - also generate the verification key alongside the proof</li> <li> <code>--verifier_target evm</code> - target the EVM. This does two things: uses Keccak256 (the EVM has a dedicated opcode for it, making verification gas-efficient) and enables the zero-knowledge property (the proof reveals nothing about private inputs)</li> <li> <code>-o</code> - output directory</li> </ul> <p>This produced four files in <code>target/</code>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>Size</th> <th>What it is</th> </tr> </thead> <tbody> <tr> <td><code>proof</code></td> <td>7,488 bytes</td> <td>The cryptographic proof</td> </tr> <tr> <td><code>vk</code></td> <td>1,888 bytes</td> <td>Verification key</td> </tr> <tr> <td><code>vk_hash</code></td> <td>32 bytes</td> <td>Hash of the vk</td> </tr> <tr> <td><code>public_inputs</code></td> <td>32 bytes</td> <td>The public inputs (y = 1)</td> </tr> </tbody> </table></div> <p><strong>What is the verification key?</strong> It's derived from the circuit structure alone - not from your inputs. It encodes the circuit's "shape": how many gates, what type, how they're wired. Anyone can use it to verify proofs for this circuit. Think of it as the circuit's public fingerprint. The same vk works for any valid proof of this circuit, regardless of what specific values of <code>x</code> and <code>y</code> were used.</p> <p>One detail worth noting: <code>bb</code> prepends the public inputs to the proof blob. The verifier contract knows to extract them from there.</p> <h2> 3. Verifying the proof </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bb verify <span class="nt">-p</span> ./target/proof <span class="nt">-k</span> ./target/vk <span class="nt">--verifier_target</span> evm </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Scheme is: ultra_honk, num threads: 8 (mem: 8.11 MiB) Proof verified successfully (mem: 18.36 MiB) </code></pre> </div> <p>Notice what we did NOT pass: the witness. That would defeat the purpose, wouldn't it? The whole point is that the verifier never sees your private inputs. All it needs is the proof and the verification key.</p> <p>The proof says: "someone knows a value <code>x</code> such that <code>x != y</code>, where <code>y = 1</code>." It doesn't say what <code>x</code> is.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmxqxe42seafldb5ypoq5.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmxqxe42seafldb5ypoq5.png" alt="Proving Flow" width="800" height="311"></a></p> <h2> 4. Generating a Solidity verifier </h2> <p>Now we want this verification to happen on-chain. <a href="https://barretenberg.aztec.network/docs/getting_started/" rel="noopener noreferrer"><code>bb</code></a> can generate a Solidity contract that does exactly the same check:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bb write_solidity_verifier <span class="nt">-k</span> ./target/vk <span class="nt">--verifier_target</span> evm <span class="nt">-o</span> ./target/Verifier.sol </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Scheme is: ultra_honk, num threads: 8 (mem: 8.75 MiB) ZK Honk solidity verifier saved to "./target/Verifier.sol" (mem: 9.87 MiB) </code></pre> </div> <p>The result is a 2,449-line Solidity file. What's inside:</p> <ul> <li>A <code>HonkVerifier</code> contract that inherits from <code>BaseZKHonkVerifier</code> </li> <li>The verification key hardcoded as constants (circuit size, elliptic curve points, etc.)</li> <li>Pairing check logic using EVM precompiles (<code>ecAdd</code>, <code>ecMul</code>, <code>ecPairing</code>, <code>modexp</code>)</li> <li>A single entry point: <code>function verify(bytes calldata proof, bytes32[] calldata publicInputs) external returns (bool)</code> </li> </ul> <p>This works on any EVM chain that supports the required precompiles - Ethereum mainnet, most L2s, and testnets.</p> <h2> 5. Deploying with Foundry </h2> <p>Let's deploy the verifier and verify a proof on-chain. First, set up a Foundry project:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>forge init verifier-deploy <span class="nb">cd </span>verifier-deploy </code></pre> </div> <p>Copy the generated verifier:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cp</span> ../hello_world/target/Verifier.sol src/Verifier.sol </code></pre> </div> <p>We also need to allow Foundry to read our proof file. Add this to <code>foundry.toml</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight toml"><code><span class="py">fs_permissions</span> <span class="p">=</span> <span class="p">[</span><span class="err">{</span> <span class="py">access</span> <span class="p">=</span> <span class="s">"read"</span><span class="p">,</span> <span class="py">path</span> <span class="p">=</span> <span class="s">"../hello_world/target"</span> <span class="err">}</span><span class="p">]</span> </code></pre> </div> <h3> Deploy script </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// script/Deploy.s.sol // SPDX-License-Identifier: MIT pragma solidity &gt;=0.8.21; import "forge-std/Script.sol"; import "../src/Verifier.sol"; contract DeployScript is Script { function run() external { vm.startBroadcast(); HonkVerifier verifier = new HonkVerifier(); console.log("HonkVerifier deployed to:", address(verifier)); vm.stopBroadcast(); } } </code></pre> </div> <h3> Verify script </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// script/Verify.s.sol // SPDX-License-Identifier: MIT pragma solidity &gt;=0.8.21; import "forge-std/Script.sol"; import "../src/Verifier.sol"; contract VerifyScript is Script { function run() external { bytes memory proofBytes = vm.readFileBinary("../hello_world/target/proof"); bytes32[] memory publicInputs = new bytes32[](1); publicInputs[0] = bytes32(uint256(1)); // y = 1 vm.startBroadcast(); HonkVerifier verifier = new HonkVerifier(); console.log("HonkVerifier deployed to:", address(verifier)); bool result = verifier.verify(proofBytes, publicInputs); console.log("Proof verified:", result); vm.stopBroadcast(); } } </code></pre> </div> <h3> Running it </h3> <p>Start a local testnet and deploy:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>anvil <span class="nt">--code-size-limit</span> 50000 </code></pre> </div> <p>The <code>--code-size-limit</code> flag is needed because <code>HonkVerifier</code> exceeds the default EIP-170 contract size limit of 24,576 bytes (ours is ~33K). This is fine for local testing. For production, you'd use <code>--optimized</code> when generating the Solidity verifier or split the contract into libraries.</p> <p>In another terminal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>forge script script/Verify.s.sol <span class="se">\</span> <span class="nt">--rpc-url</span> http://127.0.0.1:8545 <span class="se">\</span> <span class="nt">--private-key</span> 0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 <span class="se">\</span> <span class="nt">--broadcast</span> <span class="nt">--code-size-limit</span> 50000 </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Script ran successfully. == Logs == HonkVerifier deployed to: 0xe7f1725E7734CE288F8367e1Bb143E90bb3F0512 Proof verified: true ONCHAIN EXECUTION COMPLETE &amp; SUCCESSFUL. </code></pre> </div> <p>The proof verified on-chain. The same proof that <code>bb</code> verified locally now passes through a Solidity contract running on an EVM.</p> <h2> 6. Trust and threat model </h2> <p>Before you ship anything, consider three attack surfaces.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fifho4y4a9ny1nbpojpan.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fifho4y4a9ny1nbpojpan.png" alt="Trust Model" width="800" height="333"></a></p> <p><strong>Prover honesty.</strong> The circuit enforces constraints, not truth. Nobody can prove that <code>2 != 2</code> - the constraint system rejects it. But nothing stops someone from proving <code>2000 != 18</code> and claiming that proves their age. The circuit guarantees mathematical correctness of the relationship between inputs, not that the inputs themselves are meaningful. External anchoring (signed attestations, on-chain data, oracles) is required to bind proof inputs to real-world facts.</p> <p><strong>The <code>bb</code> binary.</strong> <code>bb</code> is a local executable. If someone swaps it for a modified version, they could generate proofs that pass a compromised verifier. In any system where the prover and verifier are different entities, the verifier must run its own trusted copy of <code>bb</code> (or verify on-chain where the contract is the trust anchor).</p> <p><strong>The verifier contract.</strong> It's source code - editable before deployment. If the same entity generates the proof and deploys the verifier, there's a circular trust problem. For production, the verifier contract should be deployed by a trusted third party, verified on a block explorer, and ideally immutable (no proxy, no upgradeability). Or at the very least, governed by a multisig with a timelock.</p> <p>None of these are flaws in the cryptography. These are system design questions that any production deployment needs to answer.</p> <p>We went from compiled artifacts to a verified on-chain proof. The circuit is trivial, but the pipeline is the same one you'd use for anything more complex - age verification, credential checks, private voting. The hard part isn't the tooling. It's designing the system around it.</p> <h2> Recommended reading </h2> <ul> <li> <a href="https://noir-lang.org/docs/getting_started/hello_noir" rel="noopener noreferrer">Noir docs - Proving backend</a> - official getting started guide</li> <li> <a href="https://barretenberg.aztec.network/docs/getting_started/" rel="noopener noreferrer">Barretenberg</a> proving backend documentation</li> </ul> blockchain security tutorial web3 Ziva Tue, 07 Apr 2026 19:28:24 +0000 https://dev.to/ziva/was-web-entwickler-von-game-engine-architektur-lernen-konnen-le3 https://dev.to/ziva/was-web-entwickler-von-game-engine-architektur-lernen-konnen-le3 <p>Wenn du mit React, Vue oder Angular arbeitest, nutzt du Patterns, die aus der Spieleentwicklung stammen. Nicht inspiriert davon. Direkt übernommen. Der Component Tree, den du jeden Tag baust, wurde in den 1980ern als Scene Graph erfunden, lange bevor JavaScript überhaupt existierte.</p> <p>Hier sind vier Architektur-Patterns aus Game Engines, die dein Web-Development besser machen.</p> <h2> 1. Der Scene Graph: Reacts Urgroßvater </h2> <p>Der Scene Graph ist eine hierarchische Baumstruktur, in der jeder Knoten Transformationen und Eigenschaften an seine Kinder vererbt. PHIGS (Programmer's Hierarchical Interactive Graphics System) wurde 1984 entwickelt und 1988 als ANSI-Standard verabschiedet. Es war die erste kommerzielle Scene-Graph-Spezifikation.</p> <p>Das Prinzip: Du baust eine Szene nicht als flache Liste, sondern als Baum. Ein Raumschiff-Node enthält einen Triebwerk-Node, der enthält einen Partikel-Node. Wenn sich das Raumschiff bewegt, bewegen sich Triebwerk und Partikel automatisch mit. Kaskadierung von Eigenschaften durch die Hierarchie.</p> <p>Kommt dir das bekannt vor? Reacts Component Tree funktioniert identisch. Context propagiert durch den Baum nach unten. CSS-Variablen kaskadieren. State fließt von Eltern zu Kindern. Das ist kein Zufall. Jordan Walke, der Erfinder von React, hat sich explizit von Szenegraphen und funktionaler Programmierung inspirieren lassen.</p> <p>Godot macht das noch konsequenter als React. In Godots Scene Tree ist <em>alles</em> ein Node: UI-Elemente, Spiellogik, Physik, Audio. Kein <code>useEffect</code>, kein Lifecycle-Hook. Du hast <code>_ready()</code> (Mount), <code>_process()</code> (Render-Loop) und <code>_exit_tree()</code> (Unmount). Drei Funktionen statt 15 Hooks.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight gdscript"><code><span class="k">class_name</span> <span class="n">Raumschiff</span> <span class="k">extends</span> <span class="n">CharacterBody2D</span> <span class="k">func</span> <span class="nf">_ready</span><span class="p">():</span> <span class="c1"># Wie componentDidMount / useEffect([], ...)</span> <span class="o">$</span><span class="n">Triebwerk</span><span class="o">.</span><span class="n">starten</span><span class="p">()</span> <span class="k">func</span> <span class="nf">_process</span><span class="p">(</span><span class="n">delta</span><span class="p">):</span> <span class="c1"># Wie requestAnimationFrame, 60x pro Sekunde</span> <span class="n">position</span> <span class="o">+=</span> <span class="n">geschwindigkeit</span> <span class="o">*</span> <span class="n">delta</span> </code></pre> </div> <h2> 2. Composition over Inheritance: Die Spielebranche wusste es zuerst </h2> <p>Das Entity Component System (ECS) hat Composition over Inheritance nicht erfunden, aber es hat bewiesen, dass es skaliert. Thief: The Dark Project nutzte 1998 ein ECS, und der gleiche Ansatz lief später in System Shock 2.</p> <p>Die Idee: Eine Spielfigur ist keine Klasse in einer Vererbungshierarchie. Sie ist eine leere Entity mit angehängten Components. Braucht sie Physik? <code>PhysicsComponent</code> anhängen. Braucht sie Gesundheit? <code>HealthComponent</code> anhängen. Braucht sie beides nicht mehr? Components entfernen.</p> <p>React hat dieses Pattern 2018 mit Hooks übernommen. Statt Klassen-Vererbung (<code>class MyComponent extends React.Component</code>) nutzt du Composition mit <code>useState</code>, <code>useEffect</code> und Custom Hooks. Die Game-Engine-Welt hatte das gleiche Problem 20 Jahre früher gelöst.</p> <p>Unity hat die Performance-Vorteile gemessen: Ihr Data-Oriented Technology Stack (DOTS) mit ECS erreicht 5x bis 50x bessere CPU-Performance als die klassische OOP-Architektur, je nach Parallelisierungsgrad. In der Megacity-Demo von 2018 renderte Unity damit eine Stadt mit 4,5 Millionen Mesh-Renderern.</p> <p>Für Web-Entwickler heißt das: Wenn du merkst, dass deine Klassen-Hierarchie zu tief wird, denk wie ein Game-Engine-Architekt. Zerlege Verhalten in kleine, kombinierbare Einheiten. In React sind das Hooks. In Godot sind das Nodes. Das Prinzip ist dasselbe.</p> <h2> 3. Signals: Observer Pattern ohne den Boilerplate </h2> <p>Godot hat Signals als erstklassiges Sprachfeature. Du deklarierst ein Signal, und andere Nodes verbinden sich damit. Keine Event-Bus-Bibliothek, kein Redux, kein Pub/Sub-Framework.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight gdscript"><code><span class="k">signal</span> <span class="n">leben_verloren</span><span class="p">(</span><span class="n">neues_leben</span><span class="p">:</span> <span class="kt">int</span><span class="p">)</span> <span class="k">func</span> <span class="nf">schaden_nehmen</span><span class="p">(</span><span class="n">menge</span><span class="p">:</span> <span class="kt">int</span><span class="p">):</span> <span class="n">leben</span> <span class="o">-=</span> <span class="n">menge</span> <span class="n">leben_verloren</span><span class="o">.</span><span class="n">emit</span><span class="p">(</span><span class="n">leben</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight gdscript"><code><span class="k">func</span> <span class="nf">_ready</span><span class="p">():</span> <span class="n">spieler</span><span class="o">.</span><span class="n">leben_verloren</span><span class="o">.</span><span class="n">connect</span><span class="p">(</span><span class="n">_bei_leben_verloren</span><span class="p">)</span> <span class="k">func</span> <span class="nf">_bei_leben_verloren</span><span class="p">(</span><span class="n">neues_leben</span><span class="p">:</span> <span class="kt">int</span><span class="p">):</span> <span class="n">label</span><span class="o">.</span><span class="n">text</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">neues_leben</span><span class="p">)</span> </code></pre> </div> <p>Das ist das Observer Pattern in seiner reinsten Form, ohne Middleware-Layer. Die Web-Welt hat Jahre gebraucht, um an einen ähnlichen Punkt zu kommen. Solid.js Signals, Angular Signals (seit v16), Vue 3 Reactivity: Alle lösen das gleiche Problem, das Game Engines seit den 2000ern gelöst haben.</p> <p>Der entscheidende Unterschied: In Game Engines sind Signals <em>architektonisch</em>. Sie definieren, wie Systeme kommunizieren. Im Web werden sie oft nur als State-Management-Optimierung behandelt. Game-Engine-Entwickler denken von Anfang an in entkoppelten Systemen, die über Signals kommunizieren. Web-Entwickler sollten das auch tun.</p> <h2> 4. Object Pooling: Warum Game Engines Garbage Collection hassen </h2> <p>In einem Shooter entstehen pro Sekunde Dutzende Projektile. Jedes Mal <code>new Bullet()</code> und dann den Garbage Collector aufräumen lassen? Unspielbar. Stattdessen nutzen Game Engines Object Pools: Eine fixe Menge an Objekten wird beim Start erstellt. "Verbrauchte" Objekte werden nicht zerstört, sondern zurückgesetzt und wiederverwendet.</p> <p>Web-Entwickler kennen das Prinzip als Connection Pooling bei Datenbanken. Aber es geht weiter: React 18s Concurrent Rendering recycelt Fiber-Nodes intern. Workers in Node.js Thread-Pools werden wiederverwendet. Das Pattern ist überall, nur redet im Web kaum jemand darüber.</p> <p>Wenn du eine Anwendung baust, die viele kurzlebige Objekte erzeugt (Chat-Nachrichten, Tabellen-Zeilen, Animationen), frag dich: Könnte ich die recyceln statt neu zu erstellen? Die Spielebranche beantwortet diese Frage seit 30 Jahren mit Ja.</p> <h2> Die Zahlen hinter Game-Engine-Architektur </h2> <p>Die deutsche Spielebranche hat 2023 mit knapp 1.200 Unternehmen und fast 13.000 Beschäftigten über 3,9 Milliarden Euro Umsatz erwirtschaftet (Quelle: <a href="https://www.game.de/publikationen/jahresreport-2025/" rel="noopener noreferrer">game.de Jahresreport 2025</a>). Das sind keine Hobby-Projekte. Das sind Produktionssysteme, die unter extremen Performance-Anforderungen laufen.</p> <p>Godot, die Open-Source-Engine mit über 108.000 GitHub Stars, hat beim GMTK Game Jam 2025 einen Marktanteil von 39% erreicht, mehr als dreimal so viel wie noch 2021 (13%). Tools wie <a href="https://ziva.sh" rel="noopener noreferrer">Ziva</a> helfen Godot-Entwicklern dabei, effizienter zu arbeiten, aber die Architektur der Engine selbst ist der eigentliche Lernstoff.</p> <h2> Fazit: Lerne von den Leuten, die 60 FPS halten müssen </h2> <p>Web-Entwickler optimieren für Time-to-Interactive. Game-Engine-Entwickler optimieren für 16,67 Millisekunden pro Frame, bei 60 FPS. Diese Einschränkung hat Architektur-Patterns hervorgebracht, die robuster und performanter sind als das, was die meiste Web-Architektur bietet.</p> <p>Das heißt nicht, dass du deine Next.js-App wie eine Game Engine bauen sollst. Es heißt: Wenn du vor einem Architektur-Problem stehst, schau dir an, wie Godot, Unity oder Unreal es lösen. Die Chancen stehen gut, dass sie das Problem vor 10 oder 20 Jahren schon gelöst haben.</p> <p>Drei konkrete Schritte:</p> <ol> <li> <strong>Lies <a href="https://gameprogrammingpatterns.com/" rel="noopener noreferrer">Game Programming Patterns</a></strong> von Robert Nystrom. Es ist kostenlos online und erklärt jedes Pattern mit konkretem Code.</li> <li> <strong>Bau ein kleines Godot-Projekt.</strong> Nicht um Spiele zu entwickeln, sondern um die Architektur zu erleben. Der Scene Tree verändert, wie du über Component-Hierarchien denkst.</li> <li> <strong>Hinterfrage deine Abstraktionen.</strong> Wenn du drei NPM-Pakete brauchst, um ein Problem zu lösen, das eine Game Engine in 10 Zeilen löst, stimmt etwas mit der Abstraktion nicht.</li> </ol> <p>Die beste Architektur entsteht nicht in Frameworks. Sie entsteht dort, wo Performance keine Option, sondern eine harte Grenze ist.</p> german deutsch godot gamedev Matthias Meyer Tue, 07 Apr 2026 19:27:34 +0000 https://dev.to/studiomeyer/studiomeyer-crm-ai-native-contact-management-with-33-mcp-tools-ck6 https://dev.to/studiomeyer/studiomeyer-crm-ai-native-contact-management-with-33-mcp-tools-ck6 <p>Most CRM systems are built for enterprises. Dozens of menus, mandatory fields for things you don't need, and per-seat pricing. For freelancers, small agencies, and solo entrepreneurs, that's overkill.</p> <p>StudioMeyer CRM is an MCP server. No dashboard, no app, no interface -- you talk directly to Claude, and Claude manages your contacts, deals, and pipeline. Everything through natural language.</p> <h2> How does a CRM without an interface work? </h2> <p>Instead of filling out forms, you simply tell Claude what you need:</p> <ul> <li>"Create company Mueller GmbH, industry IT, website mueller-gmbh.de"</li> <li>"New deal: Website Redesign for Mueller, 5,000 EUR, stage proposal"</li> <li>"Show me the pipeline"</li> <li>"Which follow-ups are overdue?"</li> </ul> <p>Claude runs the CRM tools in the background. You see the results directly in the chat -- formatted, sorted, with all relevant details.</p> <h3> 30 Tools for the complete CRM workflow </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Area</th> <th>Tools</th> <th>What you do with it</th> </tr> </thead> <tbody> <tr> <td>Companies</td> <td>3</td> <td>Create, update, delete (cascading)</td> </tr> <tr> <td>Contacts</td> <td>3</td> <td>Manage contact persons, mark decision makers</td> </tr> <tr> <td>Pipeline</td> <td>4</td> <td>Create deals, pipeline overview, forecast</td> </tr> <tr> <td>Communication</td> <td>2</td> <td>Log interactions (email, call, meeting), timeline</td> </tr> <tr> <td>Notes</td> <td>3</td> <td>Add notes to companies or deals</td> </tr> <tr> <td>Analytics</td> <td>5</td> <td>Dashboard, health scores, revenue report, Stripe sync</td> </tr> <tr> <td>Search</td> <td>1</td> <td>Full-text search across all 7 entity types</td> </tr> <tr> <td>Leads</td> <td>2</td> <td>Capture, qualify, convert leads</td> </tr> <tr> <td>Follow-ups</td> <td>2</td> <td>Tasks and reminders with priorities</td> </tr> <tr> <td>Extras</td> <td>5</td> <td>Import/export, audit log, handoff, guide</td> </tr> </tbody> </table></div> <h2> Installation </h2> <h3> Option 1: Hosted (get started immediately) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>https://crm.studiomeyer.io/mcp </code></pre> </div> <p>Paste the URL into Claude Desktop, OAuth login, done. We handle the database and hosting.</p> <h3> Option 2: Self-hosted </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/studiomeyer-io/mcp-crm <span class="nb">cd </span>mcp-crm <span class="o">&amp;&amp;</span> npm <span class="nb">install cp</span> .env.example .env <span class="c"># Add DATABASE_URL</span> npm run db:push <span class="o">&amp;&amp;</span> npm start </code></pre> </div> <p>Claude Desktop configuration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"mcpServers"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"crm"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"node"</span><span class="p">,</span><span class="w"> </span><span class="nl">"args"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"/path/to/mcp-crm/dist/server.js"</span><span class="p">],</span><span class="w"> </span><span class="nl">"env"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"DATABASE_URL"</span><span class="p">:</span><span class="w"> </span><span class="s2">"postgresql://..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"CRM_TENANT"</span><span class="p">:</span><span class="w"> </span><span class="s2">"my-company"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> What you can actually do with it </h2> <h3> Morning routine (2 minutes) </h3> <p>"Give me the daily briefing."</p> <p>Claude shows you: new leads since yesterday, overdue follow-ups (sorted by priority), pipeline overview, and alerts (inactive companies, at-risk health scores). One command instead of ten clicks.</p> <h3> Client management </h3> <p>"Log a call with Mueller GmbH -- discussed timeline, next step is proposal by Friday."</p> <p>Claude creates the interaction, automatically sets a follow-up, and updates the last contact timestamp. The timeline later shows all interactions and notes chronologically.</p> <h3> Pipeline at a glance </h3> <p>"How's the pipeline looking?"</p> <p>Claude delivers an overview of all deals, grouped by stage (Lead, Qualified, Proposal, Negotiation, Won, Lost). With weighted probability per stage and MRR/ARR calculation from your deal values.</p> <h3> Stripe integration </h3> <p>If you use Stripe: One command syncs your active subscriptions. For new Stripe customers, a company, contact, and deal are automatically created.</p> <p>"Sync Stripe."</p> <p>After that, the revenue report shows: MRR, ARR, growth, and breakdown by customer.</p> <h2> The intelligent search </h2> <p>Search works in three phases:</p> <ol> <li> <strong>German full-text search</strong> -- Finds "consulting" even when "consult" is stored (stemming)</li> <li> <strong>Fuzzy matching</strong> -- Handles typos: "Meuller" finds "Mueller". Umlauts are automatically resolved</li> <li> <strong>Prefix search</strong> -- Finds partial terms as a final fallback</li> </ol> <p>The search covers all seven entity types simultaneously: companies, contacts, deals, interactions, notes, leads, and tags.</p> <h2> Health Scores: Which clients need attention? </h2> <p>Every company automatically gets a health score from 0 to 100. The score is based on:</p> <ul> <li>Last interaction (when was the last contact?)</li> <li>Active deals (are there ongoing business relationships?)</li> <li>Follow-up discipline (are tasks being completed?)</li> <li>Communication frequency (how regular is the contact?)</li> </ul> <p>Companies below 40 points get a warning in the dashboard. So you never forget a client.</p> <h2> Import and export </h2> <h3> Import </h3> <ul> <li> <strong>CSV or JSON</strong> -- Automatic column recognition for German and English headers</li> <li> <strong>HubSpot import</strong> -- 15 column mappings (First+Last Name, Job Title, Company Domain, etc.)</li> <li> <strong>Pipedrive import</strong> -- 7 column mappings</li> <li> <strong>Dry-run mode</strong> -- Preview without actually importing</li> <li> <strong>Duplicate detection</strong> -- Prevents double entries</li> </ul> <h3> Export </h3> <p>Export contacts, companies, deals, or leads as CSV or JSON. Maximum 10,000 rows per export.</p> <h2> The built-in guide </h2> <p>On first start, simply type: "Show me the CRM guide."</p> <p>Claude explains 12 topics interactively: from the first five minutes (create company, contact, deal, dashboard, follow-up) to advanced features like Stripe sync, health scores, and pipeline forecast.</p> <h2> Tips for productive use </h2> <ol> <li><p><strong>Start with five companies.</strong> Add your most important clients, each with a contact person and an active deal. Takes five minutes and you have a working pipeline immediately.</p></li> <li><p><strong>Log every interaction.</strong> A brief sentence is enough: "Call with Mueller, feedback on design was positive." Over time, a complete timeline emerges.</p></li> <li><p><strong>Use follow-ups as your task list.</strong> Instead of a separate to-do app: "Create follow-up: call Mueller, priority high, by Friday."</p></li> <li><p><strong>Automate leads.</strong> Through the webhook endpoint, leads can flow automatically from your website form or newsletter into the CRM.</p></li> <li><p><strong>Export monthly.</strong> A CSV export of your contacts as a backup and for analysis in Excel or Google Sheets.</p></li> </ol> <h2> Pricing </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Tier</th> <th>Price</th> <th>Companies</th> <th>Contacts</th> <th>Deals</th> </tr> </thead> <tbody> <tr> <td><strong>Free</strong></td> <td>$0</td> <td>50</td> <td>200</td> <td>100</td> </tr> <tr> <td><strong>Pro</strong></td> <td>$29/mo</td> <td>500</td> <td>5,000</td> <td>1,000</td> </tr> <tr> <td><strong>Team</strong></td> <td>$49/mo</td> <td>Unlimited</td> <td>Unlimited</td> <td>Unlimited</td> </tr> </tbody> </table></div> <p>All 30 tools are available in every tier. The differences are in data volume and API rate.</p> <h2> Privacy </h2> <ul> <li> <strong>EU hosting:</strong> Supabase, Frankfurt (Germany)</li> <li> <strong>Tenant isolation:</strong> Each user has separate, isolated data (Row Level Security)</li> <li> <strong>Self-hosting possible:</strong> Docker + your own PostgreSQL database</li> <li> <strong>Audit log:</strong> Complete tracking of who changed what and when</li> </ul> <p>StudioMeyer CRM is built for business owners who don't need a complex CRM system -- but a fast one. No onboarding, no training, no interface to learn. You talk to Claude, Claude manages your clients. If you'd like to try it: The free version is enough to get started, and the built-in guide explains everything step by step.</p> <p><a href="https://crm.studiomeyer.io" rel="noopener noreferrer">crm.studiomeyer.io</a></p> mcp ai crm typescript John Munn Tue, 07 Apr 2026 19:26:34 +0000 https://dev.to/tawe/htcpcp-iykyk-i-built-a-browser-extension-that-lets-dinosaurs-eat-the-internet-30a5 https://dev.to/tawe/htcpcp-iykyk-i-built-a-browser-extension-that-lets-dinosaurs-eat-the-internet-30a5 <p><em>This is a submission for the <a href="https://dev.to/challenges/aprilfools-2026">DEV April Fools Challenge</a></em></p> <h2> What I Built </h2> <p>I built <strong>Dinosaur Eats</strong>, a Chrome extension that sends a tiny pixel dinosaur onto any webpage and lets it eat the visible text line by line.</p> <p>Not paragraphs.</p> <p>Not sections.</p> <p>Rendered lines.</p> <p>It solves nothing. If anything, it introduces a new class of browser instability: <strong>active prehistoric content loss</strong>.</p> <p>Click the toolbar icon and the extension scans the page for readable text. A dinosaur walks in, lines up the shot, and starts chewing through the page one visible line at a time until the whole thing looks like it got caught in a small but highly motivated extinction event.</p> <p>Sometimes it’s one dinosaur.</p> <p>Sometimes it escalates into a full stampede.</p> <p>And because the challenge is <strong>HTCPCP IYKYK</strong>, I added a hidden protocol joke.</p> <p>If the extension is active and you type <strong>418</strong>, the dinosaurs mutate into <strong>teapotsaurs</strong>.</p> <p>Type <strong>814</strong> and they switch back.</p> <p>That was the moment I knew the project had crossed from “browser prank” into “deeply respectful nonsense.”</p> <h3> One-line pitch </h3> <blockquote> <p>A tiny dinosaur enters your browser and eats the visible text, but typing <code>418</code> mutates it into a teapotsaur because RFCs deserve whimsy too.</p> </blockquote> <h2> Demo </h2> <ul> <li>Demo video: <a href="https://youtu.be/mSmW5a-bhgo" rel="noopener noreferrer">https://youtu.be/mSmW5a-bhgo</a> </li> </ul> <h2> Code </h2> <p>Source code: <a href="https://github.com/Tawe/dinosaur-eats" rel="noopener noreferrer">https://github.com/Tawe/dinosaur-eats</a></p> <p>Built as a <strong>Manifest V3 Chrome extension</strong> with:</p> <ul> <li>JavaScript</li> <li>background service worker</li> <li>content scripts</li> <li>Chrome <code>activeTab</code>, <code>storage</code>, and <code>scripting</code> </li> <li>CSS sprite animation</li> <li>custom dinosaur + teapotsaur sprite sheets</li> <li>looping chomp audio</li> <li>optional herd behavior</li> <li>hidden <code>418</code> / <code>814</code> mutation triggers</li> <li> <strong>Gemini</strong> for iteration during development</li> </ul> <p>The part I got most carried away with was making the dinosaur eat <strong>rendered lines instead of DOM blocks</strong>.</p> <p>Deleting paragraphs would have been easy.</p> <p>Instead I wanted the page to disappear in the exact shape the user sees it, which meant wrapping text, measuring where the browser actually breaks lines, grouping spans into visible rows, randomizing destruction order, and syncing the bite animation so the line disappears on the exact chomp frame.</p> <p>A completely unreasonable amount of engineering for a joke.</p> <p>Which is probably why it worked.</p> <h2> How I Built It </h2> <p>At a high level, the extension:</p> <ol> <li>waits for toolbar activation</li> <li>scans the current page for visible readable text</li> <li>wraps characters to detect true rendered line breaks</li> <li>groups them into visible lines</li> <li>randomizes the destruction order</li> <li>sends in the dinosaur</li> <li>removes the line on the bite frame</li> <li>mutates into teapotsaur mode on <code>418</code> </li> <li>reverts back on <code>814</code> </li> </ol> <p>The strangest technical problem was that browsers don’t really expose <strong>“visible lines of text”</strong> as a concept.</p> <p>That layer had to be invented.</p> <p>So the joke ended up requiring a lot of layout measurement, span grouping, sprite timing, and DOM mutation choreography just to make the page feel like it was literally being eaten.</p> <p>The premise is silly.</p> <p>The implementation got weirdly serious.</p> <h2> Best Google AI Usage </h2> <p>I used <strong>Gemini</strong> throughout development as a fast implementation partner.</p> <p>It was especially useful for:</p> <ul> <li>working through Manifest V3 structure</li> <li>refining content-script injection flow</li> <li>thinking through line grouping logic</li> <li>improving sprite timing</li> <li>helping shape the 418 teapotsaur mutation idea into something that actually reads on screen</li> </ul> <p>The final result is proudly useless.</p> <p>Gemini helped me make it more useless, faster.</p> <h2> Ode to Larry Masinter </h2> <p>The hidden <code>418</code> mode is my favorite part.</p> <p>Typing <code>418</code> while the extension is active mutates every dinosaur into a tiny walking <strong>teapotsaur</strong>.</p> <p>They still eat the page.</p> <p>They just do it with much stronger protocol energy.</p> <p>Typing <code>814</code> reverses the mutation, which is objectively not how protocols work, but it felt spiritually correct.</p> devchallenge 418challenge showdev javascript victoria nyamai Tue, 07 Apr 2026 19:26:22 +0000 https://dev.to/victoria_nyamai_eb584016d/my-journey-contributing-to-django-simple-deploy-improving-the-pythonanywhere-plugin-for-beginners-3e1i https://dev.to/victoria_nyamai_eb584016d/my-journey-contributing-to-django-simple-deploy-improving-the-pythonanywhere-plugin-for-beginners-3e1i <p>I’ve recently started contributing to <em>django-simple-deploy</em>, a tool that makes it easier to deploy Django projects with a single command. After watching Eric’s <a href="https://www.youtube.com/watch?v=o895qyw-p4I" rel="noopener noreferrer">DjangoCon talk</a> and hearing how many beginners struggle with deployment, I decided to focus on improving the PythonAnywhere plugin, especially for people on the free tier. Since PythonAnywhere is where many first-time Django developers go, I want to help make that experience smoother and less confusing. I also want this work to reach <a href="https://djangogirls.org/en/" rel="noopener noreferrer">Django Girls</a>, because helping more women get into tech is something I really care about.</p> <h1> So what is django-simple-deploy? </h1> <p>Django-simple-deploy is a tool that automates the steps needed to deploy a Django app. Instead of manually setting environment variables, configuring WSGI, or running multiple commands, the tool handles these tasks using platform-specific plugins. You run one command, and it prepares your project for platforms like <a href="https://www.pythonanywhere.com/" rel="noopener noreferrer">PythonAnywhere</a>, <a href="https://fly.io/" rel="noopener noreferrer">Fly.io</a>, or <a href="https://scalingo.com/" rel="noopener noreferrer">Scalingo</a>. </p> <p>There are also community-built plugins, like one that lets you deploy to any <a href="https://github.com/janraasch/dsd-vps-kamal" rel="noopener noreferrer">VPS with Kamal</a>, showing that the tool is open for anyone to extend.</p> <h1> My very simple todo list </h1> <p>Some of the tasks I’ll be tackling include testing deployments on different project types, checking how the WSGI file is handled, documenting free-tier restrictions, and exploring how an “update” command could work. I’ll also work on smaller fixes, like improving error messages and clarifying instructions, to make the plugin more beginner-friendly.</p> <h1> Wanna get involved? </h1> <p>If you’re interested in trying <em>django-simple-deploy</em> or want to help improve the PythonAnywhere plugin, you’re welcome to join in. Testing deployments, giving feedback, or picking up small issues in the repo are great ways to get started. Even just sharing your experience helps us understand where beginners struggle.</p> django opensource beginners KhaledSalem Tue, 07 Apr 2026 19:24:35 +0000 https://dev.to/khaledmsalem/ionify-vs-vite-what-actually-happens-inside-your-build-tool-2end https://dev.to/khaledmsalem/ionify-vs-vite-what-actually-happens-inside-your-build-tool-2end <p>Most developers use Vite and trust it. It's fast, well-designed, and gets out of the way.</p> <p>But there's a fundamental assumption baked into Vite's architecture — and every other major build tool — that we decided to challenge when building Ionify.</p> <p><strong>The assumption: every build starts from zero.</strong></p> <p>This post is a deep look at what that means in practice, what we built instead, and the architectural tradeoffs we made along the way.</p> <h2> The Stateless Build Problem </h2> <p>When you run <code>vite build</code>, here's roughly what happens:</p> <ol> <li>Vite spins up esbuild/Rollup (now powered by Rolldown + Oxc instead of pure Rollup/Babel in many cases)</li> <li>Each file goes through its plugin chain independently</li> <li> <code>main.tsx</code> → TS plugin → JSX plugin → output</li> <li> <code>utils.ts</code> → TS plugin → output</li> <li> <code>index.css</code> → CSS plugin → output</li> <li>Everything gets bundled</li> </ol> <p>The next time you run it? Same thing. <strong>All of it.</strong></p> <p>There's no memory of what already ran. The TS plugin doesn't know the JSX plugin already processed a file. The bundler doesn't know which files actually changed since last time. The entire pipeline is stateless by design.</p> <p>This isn't a bug — it's a deliberate architectural choice that keeps the tool simple and predictable. But it has a real cost at scale.</p> <h2> How Ionify Thinks About This Differently </h2> <p>Instead of transforming files, <strong>Ionify addresses them.</strong></p> <p>Every module gets a content hash:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>SHA-256(source content + config version) → CAS key </code></pre> </div> <p>The result lives in a Content-Addressable Store (CAS):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>.ionify/ cas/ &lt;configHash&gt;/ &lt;moduleHash&gt;/ transformed.js transformed.js.map </code></pre> </div> <p>Same content + same config = same hash = skip the transform entirely.</p> <p>Not faster transforms. <strong>No transforms at all</strong> — for everything that hasn't changed.</p> <h2> The Persistent Graph </h2> <p>The other half of the equation is the dependency graph.</p> <p>Vite reconstructs its module graph on every dev server start. Ionify persists it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>.ionify/ graph.db ← sled-backed embedded KV store (Rust) </code></pre> </div> <p>When a file changes, Ionify runs a BFS over the reverse dependency index to find exactly which modules are affected:</p> <p>This means on a 500-module project, changing one utility file might only invalidate 12 modules — not all 500.</p> <h2> Version Isolation: Config Changes Invalidate Everything </h2> <p>One subtle problem with persistent caches: what if your config changes?</p> <p>Ionify solves this with a deterministic version hash computed from the config:</p> <h2> The Four-Tier CAS Architecture </h2> <p>As the system evolved, we ended up with four distinct caching layers, each solving a different problem:</p> <h3> Tier 1 — Module Transform Cache </h3> <h3> Tier 2 — Deps Artifact Store </h3> <h3> Tier 3 — Compression CAS </h3> <p>Pre-compressed build outputs. Brotli-11 + gzip-9 computed once, served forever.</p> <h3> Tier 4 — Chunk-Output CAS </h3> <h2> Real Config: Migrating from Vite </h2> <p>Here's an actual <code>ionify.config.ts</code> from a production project that migrated from Vite:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">defineConfig</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">ionify</span><span class="dl">'</span> <span class="k">export</span> <span class="k">default</span> <span class="nf">defineConfig</span><span class="p">({</span> <span class="na">entry</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/src/main.tsx</span><span class="dl">'</span><span class="p">,</span> <span class="na">server</span><span class="p">:</span> <span class="p">{</span> <span class="na">https</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">resolve</span><span class="p">:</span> <span class="p">{</span> <span class="c1">// Same aliases as tsconfig — Ionify reads these natively</span> <span class="c1">// Note: if your tsconfig.json is JSONC (comments/trailing commas),</span> <span class="c1">// auto-alias parsing currently fails — specify manually here</span> <span class="na">alias</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">@@</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">@@/Core</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/Core/src</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">@</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/src</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">extensions</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">.mjs</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.js</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.mts</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.ts</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.jsx</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.tsx</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.json</span><span class="dl">'</span><span class="p">],</span> <span class="na">conditions</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">import</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">module</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">browser</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">default</span><span class="dl">'</span><span class="p">],</span> <span class="na">mainFields</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">module</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">jsnext:main</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">jsnext</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">main</span><span class="dl">'</span><span class="p">],</span> <span class="p">},</span> <span class="na">optimizeDeps</span><span class="p">:</span> <span class="p">{</span> <span class="na">include</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">moment-hijri</span><span class="dl">'</span><span class="p">],</span> <span class="c1">// pre-warm known-problem deps</span> <span class="na">sharedChunks</span><span class="p">:</span> <span class="dl">'</span><span class="s1">auto</span><span class="dl">'</span><span class="p">,</span> <span class="na">packSlimming</span><span class="p">:</span> <span class="dl">'</span><span class="s1">auto</span><span class="dl">'</span><span class="p">,</span> <span class="na">vendorPacks</span><span class="p">:</span> <span class="dl">'</span><span class="s1">auto</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">build</span><span class="p">:</span> <span class="p">{</span> <span class="na">target</span><span class="p">:</span> <span class="dl">'</span><span class="s1">esnext</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <h2> This project has more than +10K module and the results of build time at vite roll-down was 3.7 seconds every time after migrating to Ionify. The time was reduced to 2.2 seconds on warm build, and 3.2 seconds for cold build </h2> <h2> The Fundamental Difference </h2> <p>Vite is built around the assumption that each build is independent.</p> <p>Ionify is built around the assumption that <strong>most of the work you did last time is still valid.</strong></p> <p>Both assumptions are reasonable. Vite's leads to a simpler, more predictable system. Ours leads to a system where the second build, the tenth build, and the CI build all benefit from everything that happened before.</p> <p>The "With Ionify" side of the transform diagram is mostly empty. Not because we're hiding complexity — but because most of the transforms simply don't run.</p> <p><em>Ionify is currently in production use. → <a href="https://ionify.cloud" rel="noopener noreferrer">ionify.cloud</a></em></p> <p><iframe height="600" src="https://codepen.io/khaledM-salem/embed/PwGdqgx?height=600&amp;default-tab=result&amp;embed-version=2"> </iframe> </p> javascript webdev tooling webpack Olamide Olaniyan Tue, 07 Apr 2026 19:24:00 +0000 https://dev.to/olams/build-a-searchable-creator-database-with-postgresql-and-nodejs-54mn https://dev.to/olams/build-a-searchable-creator-database-with-postgresql-and-nodejs-54mn <p>Every influencer marketing platform charges $300+/month. The core feature? A searchable database of creators.</p> <p>But here's their secret: it's just a PostgreSQL table with a good search index. The data comes from public APIs. The "AI-powered discovery" is a <code>WHERE</code> clause with some filters.</p> <p>Let's build the same thing.</p> <h2> What We're Building </h2> <p>A creator database that:</p> <ol> <li>Ingests creator profiles from Instagram and TikTok</li> <li>Stores them in PostgreSQL with full-text search</li> <li>Lets you search by niche, follower range, engagement rate, location, and keywords</li> <li>Auto-enriches new profiles when they're looked up</li> <li>Exposes a simple REST API for querying</li> </ol> <p>This is the backend that powers tools like Modash, Heepsy, and Upfluence. You'll have a working version by the end of this article.</p> <h2> The Stack </h2> <ul> <li> <strong>Node.js + Express</strong> – API server</li> <li> <strong>PostgreSQL</strong> – storage + full-text search</li> <li> <strong>Prisma</strong> – database ORM</li> <li> <strong>SociaVault API</strong> – fetch creator profiles and posts</li> <li> <strong>node-cron</strong> – background enrichment jobs</li> </ul> <h2> Database Schema </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// schema.prisma generator client { provider = "prisma-client-js" } datasource db { provider = "postgresql" url = env("DATABASE_URL") } model Creator { id String @id @default(cuid()) platform String // instagram, tiktok username String displayName String? bio String? followers Int @default(0) following Int @default(0) postsCount Int @default(0) avgLikes Int @default(0) avgComments Int @default(0) engagementRate Float @default(0) profilePicUrl String? isVerified Boolean @default(false) category String? // detected niche country String? language String? lastUpdated DateTime @default(now()) createdAt DateTime @default(now()) @@unique([platform, username]) @@index([platform, followers]) @@index([category]) @@index([engagementRate]) } </code></pre> </div> <p>Run the migration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx prisma migrate dev <span class="nt">--name</span> init </code></pre> </div> <h2> The Key Trick: Full-Text Search </h2> <p>PostgreSQL has built-in full-text search. No Elasticsearch needed.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="c1">-- Add a generated tsvector column for search</span> <span class="k">ALTER</span> <span class="k">TABLE</span> <span class="nv">"Creator"</span> <span class="k">ADD</span> <span class="k">COLUMN</span> <span class="n">search_vector</span> <span class="n">tsvector</span> <span class="k">GENERATED</span> <span class="n">ALWAYS</span> <span class="k">AS</span> <span class="p">(</span> <span class="n">setweight</span><span class="p">(</span><span class="n">to_tsvector</span><span class="p">(</span><span class="s1">'english'</span><span class="p">,</span> <span class="n">coalesce</span><span class="p">(</span><span class="n">username</span><span class="p">,</span> <span class="s1">''</span><span class="p">)),</span> <span class="s1">'A'</span><span class="p">)</span> <span class="o">||</span> <span class="n">setweight</span><span class="p">(</span><span class="n">to_tsvector</span><span class="p">(</span><span class="s1">'english'</span><span class="p">,</span> <span class="n">coalesce</span><span class="p">(</span><span class="nv">"displayName"</span><span class="p">,</span> <span class="s1">''</span><span class="p">)),</span> <span class="s1">'A'</span><span class="p">)</span> <span class="o">||</span> <span class="n">setweight</span><span class="p">(</span><span class="n">to_tsvector</span><span class="p">(</span><span class="s1">'english'</span><span class="p">,</span> <span class="n">coalesce</span><span class="p">(</span><span class="n">bio</span><span class="p">,</span> <span class="s1">''</span><span class="p">)),</span> <span class="s1">'B'</span><span class="p">)</span> <span class="o">||</span> <span class="n">setweight</span><span class="p">(</span><span class="n">to_tsvector</span><span class="p">(</span><span class="s1">'english'</span><span class="p">,</span> <span class="n">coalesce</span><span class="p">(</span><span class="n">category</span><span class="p">,</span> <span class="s1">''</span><span class="p">)),</span> <span class="s1">'C'</span><span class="p">)</span> <span class="p">)</span> <span class="n">STORED</span><span class="p">;</span> <span class="c1">-- Index it</span> <span class="k">CREATE</span> <span class="k">INDEX</span> <span class="n">creator_search_idx</span> <span class="k">ON</span> <span class="nv">"Creator"</span> <span class="k">USING</span> <span class="n">GIN</span> <span class="p">(</span><span class="n">search_vector</span><span class="p">);</span> </code></pre> </div> <p>Username and display name get weight A (highest priority). Bio gets B. Category gets C. When you search "fitness coach LA", it'll match creators whose username contains "fitness", bio mentions "coach", and location includes "LA" — ranked by relevance.</p> <h2> Step 1: The Ingestion Pipeline </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// ingest.js</span> <span class="kd">const</span> <span class="nx">axios</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">axios</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">PrismaClient</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">@prisma/client</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">prisma</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">PrismaClient</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">api</span> <span class="o">=</span> <span class="nx">axios</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="na">baseURL</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://api.sociavault.com/v1/scrape</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">x-api-key</span><span class="dl">'</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">SOCIAVAULT_API_KEY</span> <span class="p">},</span> <span class="p">});</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">ingestCreator</span><span class="p">(</span><span class="nx">platform</span><span class="p">,</span> <span class="nx">username</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Check if we already have fresh data (&lt; 7 days old)</span> <span class="kd">const</span> <span class="nx">existing</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">creator</span><span class="p">.</span><span class="nf">findUnique</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="na">platform_username</span><span class="p">:</span> <span class="p">{</span> <span class="nx">platform</span><span class="p">,</span> <span class="nx">username</span> <span class="p">}</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">existing</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">daysSinceUpdate</span> <span class="o">=</span> <span class="p">(</span><span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">-</span> <span class="nx">existing</span><span class="p">.</span><span class="nx">lastUpdated</span><span class="p">.</span><span class="nf">getTime</span><span class="p">())</span> <span class="o">/</span> <span class="mi">86400000</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="nx">daysSinceUpdate</span> <span class="o">&lt;</span> <span class="mi">7</span><span class="p">)</span> <span class="k">return</span> <span class="nx">existing</span><span class="p">;</span> <span class="c1">// Still fresh</span> <span class="p">}</span> <span class="c1">// Fetch profile</span> <span class="kd">const</span> <span class="nx">profileEndpoint</span> <span class="o">=</span> <span class="nx">platform</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">instagram</span><span class="dl">'</span> <span class="p">?</span> <span class="s2">`/instagram/profile?username=</span><span class="p">${</span><span class="nx">username</span><span class="p">}</span><span class="s2">`</span> <span class="p">:</span> <span class="s2">`/tiktok/profile?username=</span><span class="p">${</span><span class="nx">username</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="nx">profileRes</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">api</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">profileEndpoint</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">profile</span> <span class="o">=</span> <span class="nx">profileRes</span><span class="p">.</span><span class="nx">data</span> <span class="o">||</span> <span class="nx">profileRes</span><span class="p">;</span> <span class="c1">// Fetch recent posts for engagement calculation</span> <span class="kd">const</span> <span class="nx">postsEndpoint</span> <span class="o">=</span> <span class="nx">platform</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">instagram</span><span class="dl">'</span> <span class="p">?</span> <span class="s2">`/instagram/posts?username=</span><span class="p">${</span><span class="nx">username</span><span class="p">}</span><span class="s2">&amp;limit=12`</span> <span class="p">:</span> <span class="s2">`/tiktok/profile-videos?username=</span><span class="p">${</span><span class="nx">username</span><span class="p">}</span><span class="s2">&amp;limit=12`</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="nx">postsRes</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">api</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">postsEndpoint</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">posts</span> <span class="o">=</span> <span class="nx">postsRes</span><span class="p">.</span><span class="nx">data</span> <span class="o">||</span> <span class="nx">postsRes</span><span class="p">.</span><span class="nx">posts</span> <span class="o">||</span> <span class="p">[];</span> <span class="c1">// Calculate engagement metrics</span> <span class="kd">const</span> <span class="nx">totalLikes</span> <span class="o">=</span> <span class="nx">posts</span><span class="p">.</span><span class="nf">reduce</span><span class="p">((</span><span class="nx">s</span><span class="p">,</span> <span class="nx">p</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">s</span> <span class="o">+</span> <span class="p">(</span><span class="nx">p</span><span class="p">.</span><span class="nx">likesCount</span> <span class="o">||</span> <span class="nx">p</span><span class="p">.</span><span class="nx">diggCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">),</span> <span class="mi">0</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">totalComments</span> <span class="o">=</span> <span class="nx">posts</span><span class="p">.</span><span class="nf">reduce</span><span class="p">((</span><span class="nx">s</span><span class="p">,</span> <span class="nx">p</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">s</span> <span class="o">+</span> <span class="p">(</span><span class="nx">p</span><span class="p">.</span><span class="nx">commentsCount</span> <span class="o">||</span> <span class="nx">p</span><span class="p">.</span><span class="nx">commentCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">),</span> <span class="mi">0</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">avgLikes</span> <span class="o">=</span> <span class="nx">posts</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="p">?</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">round</span><span class="p">(</span><span class="nx">totalLikes</span> <span class="o">/</span> <span class="nx">posts</span><span class="p">.</span><span class="nx">length</span><span class="p">)</span> <span class="p">:</span> <span class="mi">0</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">avgComments</span> <span class="o">=</span> <span class="nx">posts</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="p">?</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">round</span><span class="p">(</span><span class="nx">totalComments</span> <span class="o">/</span> <span class="nx">posts</span><span class="p">.</span><span class="nx">length</span><span class="p">)</span> <span class="p">:</span> <span class="mi">0</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">followers</span> <span class="o">=</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">followersCount</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">followerCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">engagementRate</span> <span class="o">=</span> <span class="nx">followers</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="p">?</span> <span class="nf">parseFloat</span><span class="p">((((</span><span class="nx">avgLikes</span> <span class="o">+</span> <span class="nx">avgComments</span><span class="p">)</span> <span class="o">/</span> <span class="nx">followers</span><span class="p">)</span> <span class="o">*</span> <span class="mi">100</span><span class="p">).</span><span class="nf">toFixed</span><span class="p">(</span><span class="mi">2</span><span class="p">))</span> <span class="p">:</span> <span class="mi">0</span><span class="p">;</span> <span class="c1">// Detect category from bio (simple keyword matching)</span> <span class="kd">const</span> <span class="nx">category</span> <span class="o">=</span> <span class="nf">detectCategory</span><span class="p">(</span><span class="nx">profile</span><span class="p">.</span><span class="nx">bio</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">signature</span> <span class="o">||</span> <span class="dl">''</span><span class="p">);</span> <span class="c1">// Upsert into database</span> <span class="k">return</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">creator</span><span class="p">.</span><span class="nf">upsert</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="na">platform_username</span><span class="p">:</span> <span class="p">{</span> <span class="nx">platform</span><span class="p">,</span> <span class="nx">username</span> <span class="p">}</span> <span class="p">},</span> <span class="na">create</span><span class="p">:</span> <span class="p">{</span> <span class="nx">platform</span><span class="p">,</span> <span class="nx">username</span><span class="p">,</span> <span class="na">displayName</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">fullName</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">nickname</span> <span class="o">||</span> <span class="nx">username</span><span class="p">,</span> <span class="na">bio</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">bio</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">signature</span> <span class="o">||</span> <span class="dl">''</span><span class="p">,</span> <span class="nx">followers</span><span class="p">,</span> <span class="na">following</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">followingCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">,</span> <span class="na">postsCount</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">postsCount</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">videoCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">,</span> <span class="nx">avgLikes</span><span class="p">,</span> <span class="nx">avgComments</span><span class="p">,</span> <span class="nx">engagementRate</span><span class="p">,</span> <span class="na">profilePicUrl</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">profilePicUrl</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">avatarUrl</span> <span class="o">||</span> <span class="kc">null</span><span class="p">,</span> <span class="na">isVerified</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">isVerified</span> <span class="o">||</span> <span class="kc">false</span><span class="p">,</span> <span class="nx">category</span><span class="p">,</span> <span class="p">},</span> <span class="na">update</span><span class="p">:</span> <span class="p">{</span> <span class="na">displayName</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">fullName</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">nickname</span> <span class="o">||</span> <span class="nx">username</span><span class="p">,</span> <span class="na">bio</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">bio</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">signature</span> <span class="o">||</span> <span class="dl">''</span><span class="p">,</span> <span class="nx">followers</span><span class="p">,</span> <span class="na">following</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">followingCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">,</span> <span class="na">postsCount</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">postsCount</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">videoCount</span> <span class="o">||</span> <span class="mi">0</span><span class="p">,</span> <span class="nx">avgLikes</span><span class="p">,</span> <span class="nx">avgComments</span><span class="p">,</span> <span class="nx">engagementRate</span><span class="p">,</span> <span class="na">profilePicUrl</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">profilePicUrl</span> <span class="o">||</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">avatarUrl</span> <span class="o">||</span> <span class="kc">null</span><span class="p">,</span> <span class="na">isVerified</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">isVerified</span> <span class="o">||</span> <span class="kc">false</span><span class="p">,</span> <span class="nx">category</span><span class="p">,</span> <span class="na">lastUpdated</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(),</span> <span class="p">},</span> <span class="p">});</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">detectCategory</span><span class="p">(</span><span class="nx">bio</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">lower</span> <span class="o">=</span> <span class="nx">bio</span><span class="p">.</span><span class="nf">toLowerCase</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">categories</span> <span class="o">=</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">fitness</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">fitness</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">gym</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">workout</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">personal trainer</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">health coach</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">beauty</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">beauty</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">makeup</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">skincare</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">cosmetics</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">hair</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">food</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">food</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">recipe</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">cooking</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">chef</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">restaurant</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">baking</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">travel</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">travel</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">wanderlust</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">adventure</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">explore</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">backpack</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">tech</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">tech</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">developer</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">coding</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">software</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">startup</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">saas</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">fashion</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">fashion</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">style</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">outfit</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">clothing</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">designer</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">gaming</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">gaming</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">gamer</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">twitch</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">esports</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">streamer</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">music</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">music</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">musician</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">singer</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">producer</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">dj</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">education</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">teacher</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">education</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">learn</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">tutor</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">professor</span><span class="dl">'</span><span class="p">],</span> <span class="dl">'</span><span class="s1">business</span><span class="dl">'</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">entrepreneur</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">ceo</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">founder</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">business</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">marketing</span><span class="dl">'</span><span class="p">],</span> <span class="p">};</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="p">[</span><span class="nx">category</span><span class="p">,</span> <span class="nx">keywords</span><span class="p">]</span> <span class="k">of</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">entries</span><span class="p">(</span><span class="nx">categories</span><span class="p">))</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">keywords</span><span class="p">.</span><span class="nf">some</span><span class="p">(</span><span class="nx">kw</span> <span class="o">=&gt;</span> <span class="nx">lower</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="nx">kw</span><span class="p">)))</span> <span class="k">return</span> <span class="nx">category</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">other</span><span class="dl">'</span><span class="p">;</span> <span class="p">}</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">ingestCreator</span> <span class="p">};</span> </code></pre> </div> <h2> Step 2: The Search API </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// server.js</span> <span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">PrismaClient</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">@prisma/client</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">ingestCreator</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">./ingest</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">prisma</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">PrismaClient</span><span class="p">();</span> <span class="c1">// Search creators</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/creators/search</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">q</span><span class="p">,</span> <span class="c1">// text search query</span> <span class="nx">platform</span><span class="p">,</span> <span class="c1">// instagram or tiktok</span> <span class="nx">category</span><span class="p">,</span> <span class="c1">// fitness, beauty, tech, etc.</span> <span class="nx">minFollowers</span><span class="p">,</span> <span class="nx">maxFollowers</span><span class="p">,</span> <span class="nx">minEngagement</span><span class="p">,</span> <span class="nx">sort</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">followers</span><span class="dl">'</span><span class="p">,</span> <span class="nx">order</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">desc</span><span class="dl">'</span><span class="p">,</span> <span class="nx">page</span> <span class="o">=</span> <span class="mi">1</span><span class="p">,</span> <span class="nx">limit</span> <span class="o">=</span> <span class="mi">20</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">where</span> <span class="o">=</span> <span class="p">{};</span> <span class="kd">const</span> <span class="nx">AND</span> <span class="o">=</span> <span class="p">[];</span> <span class="k">if </span><span class="p">(</span><span class="nx">platform</span><span class="p">)</span> <span class="nx">AND</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="nx">platform</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">category</span><span class="p">)</span> <span class="nx">AND</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="nx">category</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">minFollowers</span><span class="p">)</span> <span class="nx">AND</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="na">followers</span><span class="p">:</span> <span class="p">{</span> <span class="na">gte</span><span class="p">:</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">minFollowers</span><span class="p">)</span> <span class="p">}</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">maxFollowers</span><span class="p">)</span> <span class="nx">AND</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="na">followers</span><span class="p">:</span> <span class="p">{</span> <span class="na">lte</span><span class="p">:</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">maxFollowers</span><span class="p">)</span> <span class="p">}</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">minEngagement</span><span class="p">)</span> <span class="nx">AND</span><span class="p">.</span><span class="nf">push</span><span class="p">({</span> <span class="na">engagementRate</span><span class="p">:</span> <span class="p">{</span> <span class="na">gte</span><span class="p">:</span> <span class="nf">parseFloat</span><span class="p">(</span><span class="nx">minEngagement</span><span class="p">)</span> <span class="p">}</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">AND</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="nx">where</span><span class="p">.</span><span class="nx">AND</span> <span class="o">=</span> <span class="nx">AND</span><span class="p">;</span> <span class="c1">// Full-text search using raw SQL for the tsvector</span> <span class="kd">let</span> <span class="nx">creators</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">offset</span> <span class="o">=</span> <span class="p">(</span><span class="nf">parseInt</span><span class="p">(</span><span class="nx">page</span><span class="p">)</span> <span class="o">-</span> <span class="mi">1</span><span class="p">)</span> <span class="o">*</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">limit</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">q</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Use PostgreSQL full-text search</span> <span class="kd">const</span> <span class="nx">searchQuery</span> <span class="o">=</span> <span class="nx">q</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="dl">'</span><span class="s1"> </span><span class="dl">'</span><span class="p">).</span><span class="nf">join</span><span class="p">(</span><span class="dl">'</span><span class="s1"> &amp; </span><span class="dl">'</span><span class="p">);</span> <span class="c1">// AND between terms</span> <span class="nx">creators</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">` SELECT *, ts_rank(search_vector, to_tsquery('english', </span><span class="p">${</span><span class="nx">searchQuery</span><span class="p">}</span><span class="s2">)) as rank FROM "Creator" WHERE search_vector @@ to_tsquery('english', </span><span class="p">${</span><span class="nx">searchQuery</span><span class="p">}</span><span class="s2">) </span><span class="p">${</span><span class="nx">platform</span> <span class="p">?</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">`AND platform = </span><span class="p">${</span><span class="nx">platform</span><span class="p">}</span><span class="s2">`</span> <span class="p">:</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">``</span><span class="p">}</span><span class="s2"> </span><span class="p">${</span><span class="nx">category</span> <span class="p">?</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">`AND category = </span><span class="p">${</span><span class="nx">category</span><span class="p">}</span><span class="s2">`</span> <span class="p">:</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">``</span><span class="p">}</span><span class="s2"> </span><span class="p">${</span><span class="nx">minFollowers</span> <span class="p">?</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">`AND followers &gt;= </span><span class="p">${</span><span class="nf">parseInt</span><span class="p">(</span><span class="nx">minFollowers</span><span class="p">)}</span><span class="s2">`</span> <span class="p">:</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">``</span><span class="p">}</span><span class="s2"> </span><span class="p">${</span><span class="nx">maxFollowers</span> <span class="p">?</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">`AND followers &lt;= </span><span class="p">${</span><span class="nf">parseInt</span><span class="p">(</span><span class="nx">maxFollowers</span><span class="p">)}</span><span class="s2">`</span> <span class="p">:</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">$queryRaw</span><span class="s2">``</span><span class="p">}</span><span class="s2"> ORDER BY rank DESC LIMIT </span><span class="p">${</span><span class="nf">parseInt</span><span class="p">(</span><span class="nx">limit</span><span class="p">)}</span><span class="s2"> OFFSET </span><span class="p">${</span><span class="nx">offset</span><span class="p">}</span><span class="s2"> `</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">creators</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">creator</span><span class="p">.</span><span class="nf">findMany</span><span class="p">({</span> <span class="nx">where</span><span class="p">,</span> <span class="na">orderBy</span><span class="p">:</span> <span class="p">{</span> <span class="p">[</span><span class="nx">sort</span><span class="p">]:</span> <span class="nx">order</span> <span class="p">},</span> <span class="na">skip</span><span class="p">:</span> <span class="nx">offset</span><span class="p">,</span> <span class="na">take</span><span class="p">:</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">limit</span><span class="p">),</span> <span class="p">});</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">total</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">prisma</span><span class="p">.</span><span class="nx">creator</span><span class="p">.</span><span class="nf">count</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="nx">q</span> <span class="p">?</span> <span class="kc">undefined</span> <span class="p">:</span> <span class="nx">where</span> <span class="p">});</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="nx">creators</span><span class="p">,</span> <span class="na">pagination</span><span class="p">:</span> <span class="p">{</span> <span class="na">page</span><span class="p">:</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">page</span><span class="p">),</span> <span class="na">limit</span><span class="p">:</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">limit</span><span class="p">),</span> <span class="nx">total</span><span class="p">,</span> <span class="na">pages</span><span class="p">:</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">ceil</span><span class="p">(</span><span class="nx">total</span> <span class="o">/</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">limit</span><span class="p">)),</span> <span class="p">},</span> <span class="p">});</span> <span class="p">});</span> <span class="c1">// Lookup + auto-ingest a specific creator</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/creators/:platform/:username</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">platform</span><span class="p">,</span> <span class="nx">username</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">creator</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">ingestCreator</span><span class="p">(</span><span class="nx">platform</span><span class="p">,</span> <span class="nx">username</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nx">creator</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="nx">err</span><span class="p">.</span><span class="nx">message</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3000</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Creator DB API running on :3000</span><span class="dl">'</span><span class="p">));</span> </code></pre> </div> <h2> Step 3: Seed the Database </h2> <p>You need initial data. Here's a script that ingests a list of known creators:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// seed.js</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">ingestCreator</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">./ingest</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">SEED_CREATORS</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span> <span class="na">platform</span><span class="p">:</span> <span class="dl">'</span><span class="s1">instagram</span><span class="dl">'</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="dl">'</span><span class="s1">therock</span><span class="dl">'</span> <span class="p">},</span> <span class="p">{</span> <span class="na">platform</span><span class="p">:</span> <span class="dl">'</span><span class="s1">instagram</span><span class="dl">'</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="dl">'</span><span class="s1">cristiano</span><span class="dl">'</span> <span class="p">},</span> <span class="p">{</span> <span class="na">platform</span><span class="p">:</span> <span class="dl">'</span><span class="s1">tiktok</span><span class="dl">'</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="dl">'</span><span class="s1">charlidamelio</span><span class="dl">'</span> <span class="p">},</span> <span class="p">{</span> <span class="na">platform</span><span class="p">:</span> <span class="dl">'</span><span class="s1">tiktok</span><span class="dl">'</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="dl">'</span><span class="s1">khaby.lame</span><span class="dl">'</span> <span class="p">},</span> <span class="c1">// Add more from your niche...</span> <span class="p">];</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">seed</span><span class="p">()</span> <span class="p">{</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="nx">creator</span> <span class="k">of</span> <span class="nx">SEED_CREATORS</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Ingesting </span><span class="p">${</span><span class="nx">creator</span><span class="p">.</span><span class="nx">platform</span><span class="p">}</span><span class="s2">/@</span><span class="p">${</span><span class="nx">creator</span><span class="p">.</span><span class="nx">username</span><span class="p">}</span><span class="s2">...`</span><span class="p">);</span> <span class="k">await</span> <span class="nf">ingestCreator</span><span class="p">(</span><span class="nx">creator</span><span class="p">.</span><span class="nx">platform</span><span class="p">,</span> <span class="nx">creator</span><span class="p">.</span><span class="nx">username</span><span class="p">);</span> <span class="k">await</span> <span class="k">new</span> <span class="nc">Promise</span><span class="p">(</span><span class="nx">r</span> <span class="o">=&gt;</span> <span class="nf">setTimeout</span><span class="p">(</span><span class="nx">r</span><span class="p">,</span> <span class="mi">1000</span><span class="p">));</span> <span class="c1">// Rate limit</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="s2">`Failed: </span><span class="p">${</span><span class="nx">creator</span><span class="p">.</span><span class="nx">username</span><span class="p">}</span><span class="s2"> — </span><span class="p">${</span><span class="nx">err</span><span class="p">.</span><span class="nx">message</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Seeding complete.</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="nf">seed</span><span class="p">();</span> </code></pre> </div> <h2> Usage Examples </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Search for fitness creators on Instagram with 10K-100K followers</span> curl <span class="s2">"localhost:3000/api/creators/search?q=fitness&amp;platform=instagram&amp;minFollowers=10000&amp;maxFollowers=100000"</span> <span class="c"># Find beauty creators with 3%+ engagement rate</span> curl <span class="s2">"localhost:3000/api/creators/search?category=beauty&amp;minEngagement=3&amp;sort=engagementRate"</span> <span class="c"># Look up a specific creator (auto-fetches if not in DB)</span> curl <span class="s2">"localhost:3000/api/creators/instagram/some_creator"</span> </code></pre> </div> <h2> Why This Beats Spreadsheets </h2> <p>The moment you have 500+ creators in the database, spreadsheets become useless. You can't full-text search a CSV. You can't filter by engagement rate AND follower count AND niche in Google Sheets without losing your mind.</p> <p>With this setup, queries like "find me fitness creators on TikTok with 50K-200K followers and 4%+ engagement" take 3 milliseconds.</p> <h2> What I'd Add Next </h2> <ul> <li> <strong>Background refresh job</strong> — cron that re-fetches the oldest profiles daily</li> <li> <strong>Duplicate detection</strong> — same creator on Instagram and TikTok, link them</li> <li> <strong>Export to CSV</strong> — for people who still need spreadsheets</li> <li> <strong>Simple frontend</strong> — a search bar + filter sidebar + results grid</li> </ul> <h2> Read the Full Guide </h2> <p><strong><a href="https://sociavault.com/blog/build-searchable-creator-database" rel="noopener noreferrer">Build a Creator Database → SociaVault Blog</a></strong></p> <p><em>Build influencer databases with <a href="https://sociavault.com" rel="noopener noreferrer">SociaVault</a> — one API for profiles, posts, and engagement data across TikTok, Instagram, YouTube, and 10+ platforms.</em></p> <h2> Discussion </h2> <p>If you've built a creator/influencer database before, what was your biggest pain point? Schema design? Keeping data fresh? Handling duplicates across platforms?</p> <h1> javascript #postgresql #api #webdev #database </h1> ai programming webdev tutorial