{ "generated_at": "2026-04-28T19:14:57.851Z", "system": { "id": "topolo-p2p", "name": "TopoloP2P", "slug": "topolo-p2p", "kind": "application", "summary": "Cross-organization capability network for agent-mediated business actions, approvals, immutable micro-ledgering, and TopoloPay-managed settlement.", "aliases": [], "lifecycle": "internal", "last_verified": "2026-04-28", "owners": [ "platform", "commerce-platform", "ai-platform" ], "repo_paths": [ "PlatformApplications/TopoloP2P", "PlatformApplications/TopoloDocs" ], "service_ids": [ "srv_topolo_p2p" ], "visibility": "public", "api_contract": { "type": "curated", "source": "PlatformApplications/TopoloDocs/src/content/internal/apps/topolo-p2p.mdx", "notes": "TopoloP2P owns the cross-organization action rail, connection policy, immutable value ledger, holds, settlement batches, and audit state. Capability publishing remains in Topolo Developers, identity and grants remain in Auth, agent execution enters through Topolo Agent, Stripe settlement is submitted to TopoloPay, and human approvals surface in TopoloOne Actions." }, "primary_hosts": [ "https://p2p.topolo.app" ], "doc_paths": [ "applications/topolo-p2p", "internal/apps/topolo-p2p", "internal/platform/p2p-protocol", "internal/platform/p2p-ledger-and-settlement" ], "security_assurance": { "risk_tier": "critical", "auth_boundary": "Topolo Auth validation for every protected route using service id srv_topolo_p2p. P2P derives organization context from credentials, never from client-supplied org hints, and fails closed when Auth validation is unavailable.", "tenant_isolation": "mixed", "external_inputs": [ "browser", "api", "ai_agent_action", "webhook", "scheduled_task" ], "sensitive_data": [ "identity", "org_data", "payment", "customer_content", "telemetry" ], "last_security_review": "2026-04-28", "security_review_status": "not_started", "pentest_status": "not_started", "evidence_doc": "internal/apps/topolo-p2p" }, "dependencies": [ "topolo-auth", "topolo-developers", "topolo-agent", "topolo-pay", "topolo-notify", "topolo-one", "applications-packages" ], "public_hub_url": "/systems/topolo-p2p", "internal_hub_url": null, "application_api_url": "/reference/apps/topolo-p2p", "generated_openapi_url": null, "machine_urls": { "system": "/machine/systems/topolo-p2p.json", "application": "/machine/applications/topolo-p2p.json" } }, "docs": { "public": [ { "id": "applications/topolo-p2p.mdx", "title": "TopoloP2P", "summary": "Public overview of Topolo's cross-organization capability network for agent-mediated business actions and settlement.", "audience": "public", "tags": [ "p2p", "agents", "network", "payments" ], "url": "/applications/topolo-p2p.mdx", "last_verified": "2026-04-28" } ], "internal": [], "runbooks": [] }, "authority": { "owners": [ "platform", "commerce-platform", "ai-platform" ], "repo_paths": [ "PlatformApplications/TopoloP2P", "PlatformApplications/TopoloDocs" ], "service_ids": [ "srv_topolo_p2p" ], "dependencies": [ "topolo-auth", "topolo-developers", "topolo-agent", "topolo-pay", "topolo-notify", "topolo-one", "applications-packages" ], "aliases": [] }, "interfaces": { "contract_type": "curated", "contract_source": "PlatformApplications/TopoloDocs/src/content/internal/apps/topolo-p2p.mdx", "contract_source_exists": true, "openapi": null, "readme": { "path": "PlatformApplications/TopoloP2P/README.md", "intro": [ "Generated first-party Topolo platform application scaffold for Topolo.", "Audience: business\nTenancy: organization\nPortfolio: platform", "This scaffold includes CloudControl metadata, TopoloDocs system coverage, and a Topolo app conformance workflow." ], "headings": [ "Topolo P2P", "Development", "Shared Topolo Surface", "Platform Registration" ], "routeHighlights": [ "`@topolo/ui-kit` provides the shared shell, launcher, account menu, command palette, and bug reporter.", "`@topolo/auth-client` owns browser auth, callback exchange, token refresh, and logout.", "Generated first-party browser apps start on the shared landing page at `/`, use the shared login page at `/login`, and complete sign-in on `/auth/callback` before entering the workspace shell.", "`vite.config.ts` includes the standard React plugin plus React runtime dedupe so linked Topolo packages resolve one browser React runtime.", "`@topolo/auth-middleware` validates Worker requests through Topolo Auth." ], "commandHighlights": [] } }, "auth": { "depends_on_topolo_auth": true, "api_key_scopes": [ { "id": "aks_p2p_actions_invoke", "name": "actions.invoke", "description": "Invoke permitted cross-organization TopoloP2P actions", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_actions_request", "name": "actions.request", "description": "Request TopoloP2P actions", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_actions_respond", "name": "actions.respond", "description": "Respond to TopoloP2P actions", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_capabilities_publish", "name": "capabilities.publish", "description": "Publish approved capabilities into TopoloP2P", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_connections_write", "name": "connections.write", "description": "Create or manage TopoloP2P connections", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_directory_read", "name": "directory.read", "description": "Read public TopoloP2P directory capabilities", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_ledger_read", "name": "ledger.read", "description": "Read TopoloP2P ledger entries", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_policy_manage", "name": "policy.manage", "description": "Manage TopoloP2P approval and spend policies", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_policy_read", "name": "policy.read", "description": "Read TopoloP2P policies", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_policy_write", "name": "policy.write", "description": "Write TopoloP2P policies", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_settlements_approve", "name": "settlements.approve", "description": "Approve TopoloP2P settlement creation", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_p2p_settlements_write", "name": "settlements.write", "description": "Create TopoloP2P settlement batches", "resourcePattern": null, "kind": "api_key_scope" } ], "service_permissions": [ { "id": "perm_p2p_actions_invoke", "name": "actions:invoke", "description": "Invoke permitted cross-organization TopoloP2P actions", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_actions_request", "name": "actions:request", "description": "Request TopoloP2P actions", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_actions_respond", "name": "actions:respond", "description": "Respond to TopoloP2P actions", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_capabilities_publish", "name": "capabilities:publish", "description": "Publish approved capabilities into TopoloP2P", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_connections_write", "name": "connections:write", "description": "Create or manage TopoloP2P connections", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_directory_read", "name": "directory:read", "description": "Read public TopoloP2P directory capabilities", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_ledger_read", "name": "ledger:read", "description": "Read TopoloP2P ledger entries", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_policy_manage", "name": "policy:manage", "description": "Manage TopoloP2P approval and spend policies", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_policy_read", "name": "policy:read", "description": "Read TopoloP2P policies", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_policy_write", "name": "policy:write", "description": "Write TopoloP2P policies", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_settlements_approve", "name": "settlements:approve", "description": "Approve TopoloP2P settlement creation", "resourcePattern": null, "kind": "permission" }, { "id": "perm_p2p_settlements_write", "name": "settlements:write", "description": "Create TopoloP2P settlement batches", "resourcePattern": null, "kind": "permission" } ] }, "runtime": { "primary_hosts": [ "https://p2p.topolo.app" ], "repo_entries": [ "PlatformApplications/TopoloP2P/README.md", "PlatformApplications/TopoloP2P/index.html", "PlatformApplications/TopoloP2P/migrations/", "PlatformApplications/TopoloP2P/package-lock.json", "PlatformApplications/TopoloP2P/package.json", "PlatformApplications/TopoloP2P/src/", "PlatformApplications/TopoloP2P/test/", "PlatformApplications/TopoloP2P/topolo.cloudcontrol.json", "PlatformApplications/TopoloP2P/tsconfig.json", "PlatformApplications/TopoloP2P/vite.config.ts", "PlatformApplications/TopoloP2P/wrangler.toml", "PlatformApplications/TopoloDocs/astro.config.mjs", "PlatformApplications/TopoloDocs/functions/", "PlatformApplications/TopoloDocs/package-lock.json", "PlatformApplications/TopoloDocs/package.json", "PlatformApplications/TopoloDocs/public/", "PlatformApplications/TopoloDocs/scripts/", "PlatformApplications/TopoloDocs/src/", "PlatformApplications/TopoloDocs/templates/", "PlatformApplications/TopoloDocs/topolo.cloudcontrol.json" ], "wrangler_surfaces": [ { "path": "PlatformApplications/TopoloP2P/wrangler.toml", "observabilityEnabled": true, "environments": [], "routes": [ "p2p.topolo.app" ], "vars": [ "AUTH_BASE_URL", "SERVICE_ID" ], "bindings": [ { "kind": "d1", "binding": "DB", "sourcePath": "PlatformApplications/TopoloP2P/wrangler.toml", "target": "9f9c6157-f816-4c46-9f26-84aadb76ce4f" } ], "cronTriggers": [], "workerName": "topolo-p2p", "main": "src/worker.ts", "compatibilityDate": "2026-04-23", "assetsDirectory": "dist" } ], "packages": [ { "path": "PlatformApplications/TopoloP2P/package.json", "name": "topolo-p2p", "scripts": [ "dev", "build", "preview", "typecheck", "test", "deploy" ], "scriptCommands": [ { "name": "dev", "command": "vite --host 0.0.0.0" }, { "name": "build", "command": "vite build" }, { "name": "preview", "command": "vite preview --host 0.0.0.0" }, { "name": "typecheck", "command": "tsc --noEmit" }, { "name": "test", "command": "node --test" }, { "name": "deploy", "command": "npm run build && wrangler deploy" } ] }, { "path": "PlatformApplications/TopoloDocs/package.json", "name": "topolo-docs", "description": "Topolo Developer Documentation - docs.topolo.app", "scripts": [ "dev", "build", "build:production", "build:publication", "deploy", "deploy:gated", "security-gate", "security-gate:production", "security-gate:publication", "security-report", "auth-catalog:snapshot", "auth-catalog:check", "validate", "check", "preview", "astro" ], "scriptCommands": [ { "name": "dev", "command": "astro dev" }, { "name": "build", "command": "astro build && node ./scripts/write-manifest.mjs && node ./scripts/write-security-assurance-report.mjs" }, { "name": "build:production", "command": "npm run security-gate:production && npm run build" }, { "name": "build:publication", "command": "npm run security-gate:publication && npm run build" }, { "name": "deploy", "command": "npm run build && node ./scripts/deploy-pages.mjs" }, { "name": "deploy:gated", "command": "npm run build:production && node ./scripts/deploy-pages.mjs" }, { "name": "security-gate", "command": "node ./scripts/check-security-assurance-thresholds.mjs --profile=advisory" }, { "name": "security-gate:production", "command": "node ./scripts/check-security-assurance-thresholds.mjs --profile=production" }, { "name": "security-gate:publication", "command": "node ./scripts/check-security-assurance-thresholds.mjs --profile=publication" }, { "name": "security-report", "command": "node ./scripts/write-security-assurance-report.mjs" }, { "name": "auth-catalog:snapshot", "command": "node ./scripts/write-auth-catalog-snapshot.mjs" }, { "name": "auth-catalog:check", "command": "node ./scripts/write-auth-catalog-snapshot.mjs --check" }, { "name": "validate", "command": "npm run auth-catalog:check && node ./scripts/validate-docs.mjs" }, { "name": "check", "command": "npm run validate && npm run build" }, { "name": "preview", "command": "astro preview" }, { "name": "astro", "command": "astro" } ] } ] }, "data": { "env_vars": [ "AUTH_BASE_URL", "SERVICE_ID" ], "bindings": [ { "kind": "d1", "binding": "DB", "sourcePath": "PlatformApplications/TopoloP2P/wrangler.toml", "target": "9f9c6157-f816-4c46-9f26-84aadb76ce4f" } ], "queue_bindings": [], "storage_kinds": [ "d1" ], "workflow_signals": [] }, "deployment": { "commands": [ { "name": "build", "command": "PlatformApplications/TopoloP2P/package.json :: vite build" }, { "name": "preview", "command": "PlatformApplications/TopoloP2P/package.json :: vite preview --host 0.0.0.0" }, { "name": "deploy", "command": "PlatformApplications/TopoloP2P/package.json :: npm run build && wrangler deploy" }, { "name": "build", "command": "PlatformApplications/TopoloDocs/package.json :: astro build && node ./scripts/write-manifest.mjs && node ./scripts/write-security-assurance-report.mjs" }, { "name": "build:production", "command": "PlatformApplications/TopoloDocs/package.json :: npm run security-gate:production && npm run build" }, { "name": "build:publication", "command": "PlatformApplications/TopoloDocs/package.json :: npm run security-gate:publication && npm run build" }, { "name": "deploy", "command": "PlatformApplications/TopoloDocs/package.json :: npm run build && node ./scripts/deploy-pages.mjs" }, { "name": "deploy:gated", "command": "PlatformApplications/TopoloDocs/package.json :: npm run build:production && node ./scripts/deploy-pages.mjs" }, { "name": "preview", "command": "PlatformApplications/TopoloDocs/package.json :: astro preview" } ], "routes": [ "p2p.topolo.app" ], "environments": [], "assets_directories": [ "dist" ], "observability_enabled": true }, "debugging": { "failure_modes": [], "entrypoints": [ "PlatformApplications/TopoloP2P/wrangler.toml", "PlatformApplications/TopoloDocs/src/content/internal/apps/topolo-p2p.mdx", "PlatformApplications/TopoloP2P/README.md", "PlatformApplications/TopoloP2P/package.json", "PlatformApplications/TopoloDocs/package.json" ] } }