Add missing Netlify and GitHub Actions configuration for deployment

.env.example

@@ -0,0 +1,67 @@
+# Shadowgraph Reputation-Gated Airdrop - Environment Configuration
+# Copy this file to .env and fill in your values
+
+# ============================================================================
+# REQUIRED: Web3 & Chain Configuration
+# ============================================================================
+VITE_CHAIN_ID="11155111"           # Chain ID (e.g., 11155111 for Sepolia testnet)
+VITE_RPC_URL="https://rpc.sepolia.org"  # RPC endpoint URL
+VITE_TOKEN_ADDR="0x..."            # ERC20 token contract address being airdropped
+
+# ============================================================================
+# REQUIRED: Airdrop Campaign Configuration
+# ============================================================================
+VITE_CAMPAIGN="0x..."              # 32-byte campaign identifier (64 hex chars)
+VITE_FLOOR_SCORE="600000"          # Minimum reputation score to claim (1e6 scale)
+VITE_CAP_SCORE="1000000"           # Score for maximum payout (1e6 scale)
+VITE_MIN_PAYOUT="100"              # Minimum token payout amount
+VITE_MAX_PAYOUT="1000"             # Maximum token payout amount
+VITE_CURVE="SQRT"                  # Payout curve: "LIN", "SQRT", or "QUAD"
+
+# ============================================================================
+# REQUIRED: Web3-Onboard Project ID
+# ============================================================================
+# Get your project ID from: https://cloud.walletconnect.com/
+VITE_WALLETCONNECT_PROJECT_ID="YOUR_PROJECT_ID"
+
+# ============================================================================
+# OPTIONAL: Backend API (Leave empty for mock mode)
+# ============================================================================
+# Base URL for score/artifact endpoints
+# If not set, the app runs in mock mode with simulated data
+# VITE_API_BASE="https://api.shadowgraph.io/v1"
+
+# ============================================================================
+# OPTIONAL: Contract Addresses (At least one claim path must be enabled)
+# ============================================================================
+# ECDSA Claim Path
+# VITE_AIRDROP_ECDSA_ADDR="0x..."  # ReputationAirdropScaled contract address
+
+# ZK Claim Path
+# VITE_AIRDROP_ZK_ADDR="0x..."     # ReputationAirdropZKScaled contract address
+# VITE_VERIFIER_ADDR="0x..."       # EZKL Verifier contract address
+
+# ============================================================================
+# OPTIONAL: Debug Mode
+# ============================================================================
+# Set to 'true' to enable the /debug route for development
+VITE_DEBUG="true"
+
+# ============================================================================
+# SvelteKit SSR: PUBLIC_ versions (Required for server-side rendering)
+# ============================================================================
+PUBLIC_CHAIN_ID="11155111"
+PUBLIC_RPC_URL="https://rpc.sepolia.org"
+PUBLIC_TOKEN_ADDR="0x..."
+PUBLIC_CAMPAIGN="0x..."
+PUBLIC_WALLETCONNECT_PROJECT_ID="YOUR_PROJECT_ID"
+
+# ============================================================================
+# Notes:
+# ============================================================================
+# 1. Never commit your .env file to version control
+# 2. The .env file is already listed in .gitignore
+# 3. For production deployments (Netlify, Vercel, etc.), set these
+#    environment variables in your hosting platform's dashboard
+# 4. Mock mode is enabled when VITE_API_BASE is not set
+# 5. At least one claim path (ECDSA or ZK) must be configured

.github/ENVIRONMENT_VARIABLES.md

@@ -0,0 +1,163 @@
+# GitHub Actions Environment Variables Configuration
+
+This document lists all the required environment variables that must be configured in GitHub Actions for the deployment workflows to succeed.
+
+## Overview
+
+The GitHub Actions workflow (`.github/workflows/zkml-pipeline.yml`) requires environment-specific variables to be set in the GitHub repository settings. These variables are used during the build process for staging and production deployments.
+
+## How to Configure
+
+1. Go to your GitHub repository
+2. Navigate to **Settings** → **Secrets and variables** → **Actions**
+3. Click on **Variables** tab to add repository variables
+4. Click on **Secrets** tab to add secrets
+
+## Required Secrets
+
+These should be added under **Secrets**:
+
+| Secret Name | Description | Example |
+|-------------|-------------|---------|
+| `WALLETCONNECT_PROJECT_ID` | WalletConnect Cloud Project ID | `abc123def456...` |
+
+## Required Variables for Staging
+
+These should be added under **Variables** with `STAGING_` prefix:
+
+| Variable Name | Description | Example | Required |
+|---------------|-------------|---------|----------|
+| `STAGING_CHAIN_ID` | Blockchain chain ID | `11155111` | ✅ Yes |
+| `STAGING_RPC_URL` | RPC endpoint URL | `https://rpc.sepolia.org` | ✅ Yes |
+| `STAGING_TOKEN_ADDR` | ERC20 token contract address | `0x1234...` (40 hex chars) | ✅ Yes |
+| `STAGING_CAMPAIGN` | Campaign identifier | `0x1234...` (64 hex chars) | ✅ Yes |
+| `STAGING_FLOOR_SCORE` | Minimum reputation score | `600000` | ✅ Yes |
+| `STAGING_CAP_SCORE` | Maximum reputation score | `1000000` | ✅ Yes |
+| `STAGING_MIN_PAYOUT` | Minimum token payout | `100` | ✅ Yes |
+| `STAGING_MAX_PAYOUT` | Maximum token payout | `1000` | ✅ Yes |
+| `STAGING_CURVE` | Payout curve type | `LIN`, `SQRT`, or `QUAD` | ✅ Yes |
+| `STAGING_AIRDROP_ECDSA_ADDR` | ECDSA airdrop contract | `0x1234...` (40 hex chars) | ⚠️ Optional* |
+| `STAGING_AIRDROP_ZK_ADDR` | ZK airdrop contract | `0x1234...` (40 hex chars) | ⚠️ Optional* |
+| `STAGING_VERIFIER_ADDR` | EZKL verifier contract | `0x1234...` (40 hex chars) | ❌ Optional |
+| `STAGING_API_BASE` | Backend API base URL | `https://api.staging.example.com/v1` | ❌ Optional |
+| `STAGING_DEBUG` | Enable debug mode | `true` or `false` | ❌ Optional |
+
+\* **Note**: At least one of `STAGING_AIRDROP_ECDSA_ADDR` or `STAGING_AIRDROP_ZK_ADDR` must be provided.
+
+## Required Variables for Production
+
+These should be added under **Variables** with `PRODUCTION_` prefix:
+
+| Variable Name | Description | Example | Required |
+|---------------|-------------|---------|----------|
+| `PRODUCTION_CHAIN_ID` | Blockchain chain ID | `1` | ✅ Yes |
+| `PRODUCTION_RPC_URL` | RPC endpoint URL | `https://mainnet.infura.io/v3/...` | ✅ Yes |
+| `PRODUCTION_TOKEN_ADDR` | ERC20 token contract address | `0x1234...` (40 hex chars) | ✅ Yes |
+| `PRODUCTION_CAMPAIGN` | Campaign identifier | `0x1234...` (64 hex chars) | ✅ Yes |
+| `PRODUCTION_FLOOR_SCORE` | Minimum reputation score | `600000` | ✅ Yes |
+| `PRODUCTION_CAP_SCORE` | Maximum reputation score | `1000000` | ✅ Yes |
+| `PRODUCTION_MIN_PAYOUT` | Minimum token payout | `100` | ✅ Yes |
+| `PRODUCTION_MAX_PAYOUT` | Maximum token payout | `1000` | ✅ Yes |
+| `PRODUCTION_CURVE` | Payout curve type | `LIN`, `SQRT`, or `QUAD` | ✅ Yes |
+| `PRODUCTION_AIRDROP_ECDSA_ADDR` | ECDSA airdrop contract | `0x1234...` (40 hex chars) | ⚠️ Optional* |
+| `PRODUCTION_AIRDROP_ZK_ADDR` | ZK airdrop contract | `0x1234...` (40 hex chars) | ⚠️ Optional* |
+| `PRODUCTION_VERIFIER_ADDR` | EZKL verifier contract | `0x1234...` (40 hex chars) | ❌ Optional |
+| `PRODUCTION_API_BASE` | Backend API base URL | `https://api.shadowgraph.io/v1` | ❌ Optional |
+| `PRODUCTION_DEBUG` | Enable debug mode | `false` | ❌ Optional |
+
+\* **Note**: At least one of `PRODUCTION_AIRDROP_ECDSA_ADDR` or `PRODUCTION_AIRDROP_ZK_ADDR` must be provided.
+
+## Variable Format Requirements
+
+### Chain ID
+- Must be a positive integer
+- Examples: `1` (Ethereum Mainnet), `11155111` (Sepolia Testnet)
+
+### Addresses (40 hex characters)
+- Must match pattern: `0x[a-fA-F0-9]{40}`
+- Example: `0x1234567890123456789012345678901234567890`
+
+### Campaign (64 hex characters)
+- Must match pattern: `0x[a-fA-F0-9]{64}`
+- Example: `0x1234567890123456789012345678901234567890123456789012345678901234`
+
+### Scores
+- Must be integers between 0 and 1,000,000
+- Scale: 1,000,000 = 100% reputation score
+
+### Payouts
+- Must be positive integers or bigints
+- Represents token amounts (not in wei - the actual token units)
+
+### Curve
+- Must be one of: `LIN` (linear), `SQRT` (square root), `QUAD` (quadratic)
+
+### URLs
+- Must be valid HTTP/HTTPS URLs
+- Should not have trailing slashes
+
+## Validation
+
+The build will fail if:
+1. Required variables are missing
+2. Variable formats are invalid (e.g., invalid address format)
+3. Neither ECDSA nor ZK airdrop address is provided
+4. Scores are outside the valid range (0-1,000,000)
+
+## Testing Configuration
+
+To test your configuration locally before pushing:
+
+```bash
+# Copy .env.example to .env
+cp .env.example .env
+
+# Edit .env with your test values
+nano .env
+
+# Run the build
+npm run build
+```
+
+If the local build succeeds, your configuration is valid.
+
+## Troubleshooting
+
+### Build fails with "Configuration validation error"
+- Check that all required variables are set
+- Verify address formats (40 hex chars for contracts, 64 for campaign)
+- Ensure at least one airdrop contract address is provided
+
+### Build fails with "Cannot find module" or import errors
+- Ensure all `PUBLIC_*` variables are also set (they're used for SSR)
+- The workflow now includes these automatically based on the VITE_ versions
+
+### Environment-specific deployment doesn't run
+- `deploy-staging` only runs on `develop` branch
+- `deploy-production` only runs on `main` branch
+- Ensure your push/PR targets the correct branch
+
+## Changes from Previous Version
+
+This update adds the following previously missing variables:
+
+**Added for both Staging and Production:**
+- `*_CAMPAIGN` - Campaign identifier (required)
+- `*_FLOOR_SCORE` - Minimum reputation score (required)
+- `*_CAP_SCORE` - Maximum reputation score (required)
+- `*_MIN_PAYOUT` - Minimum token payout (required)
+- `*_MAX_PAYOUT` - Maximum token payout (required)
+- `*_CURVE` - Payout curve type (required)
+- `*_VERIFIER_ADDR` - EZKL verifier contract (optional, replaces ZKML_PROVER_ADDR)
+- `*_API_BASE` - Backend API URL (optional)
+- `*_DEBUG` - Debug mode flag (optional)
+- `PUBLIC_*` variants for SSR (required)
+
+**Removed:**
+- `*_ZKML_PROVER_ADDR` (replaced by `*_VERIFIER_ADDR`)
+
+## See Also
+
+- [.env.example](../.env.example) - Template for local development
+- [DEPLOYMENT_CONFIG_REVIEW.md](../DEPLOYMENT_CONFIG_REVIEW.md) - Overall deployment configuration
+- [netlify.toml](../netlify.toml) - Netlify deployment configuration

.github/workflows/zkml-pipeline.yml

@@ -19,10 +19,10 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: ${{ env.NODE_VERSION }}
-          cache: "yarn"
+          cache: "npm"
 
       - name: Install dependencies
-        run: yarn install
+        run: npm ci
 
       - name: Create test environment file
         run: |
@@ -47,19 +47,19 @@ jobs:
           EOF
 
       # - name: Format check
-      #   run: yarn format && git diff --exit-code
+      #   run: npm run format && git diff --exit-code
 
       # - name: Lint check
-      #   run: yarn lint || echo "Linting issues found but not blocking"
+      #   run: npm run lint || echo "Linting issues found but not blocking"
 
       # - name: Type check
       #   run: npx svelte-check --tsconfig ./tsconfig.json
 
       # - name: Unit tests
-      #   run: yarn test:unit || echo "Unit tests failed but not blocking"
+      #   run: npm run test:unit || echo "Unit tests failed but not blocking"
 
       - name: Build application
-        run: yarn build
+        run: npm run build
 
       - name: Upload build artifacts
         uses: actions/upload-artifact@v4
@@ -77,10 +77,10 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: ${{ env.NODE_VERSION }}
-          cache: "yarn"
+          cache: "npm"
 
       - name: Install dependencies
-        run: yarn install
+        run: npm ci
 
       - name: Install Playwright
         run: npx playwright install --with-deps
@@ -108,10 +108,10 @@ jobs:
           EOF
 
       - name: Build application
-        run: yarn build
+        run: npm run build
 
       # - name: Run E2E tests
-      #   run: yarn test:e2e
+      #   run: npm run test:e2e
 
       # - name: Upload test results
       #   uses: actions/upload-artifact@v4
@@ -132,21 +132,34 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: ${{ env.NODE_VERSION }}
-          cache: "yarn"
+          cache: "npm"
 
       - name: Install dependencies
-        run: yarn install
+        run: npm ci
 
       - name: Build for staging
-        run: yarn build
+        run: npm run build
         env:
           VITE_CHAIN_ID: ${{ vars.STAGING_CHAIN_ID }}
           VITE_RPC_URL: ${{ vars.STAGING_RPC_URL }}
           VITE_TOKEN_ADDR: ${{ vars.STAGING_TOKEN_ADDR }}
+          VITE_CAMPAIGN: ${{ vars.STAGING_CAMPAIGN }}
+          VITE_FLOOR_SCORE: ${{ vars.STAGING_FLOOR_SCORE }}
+          VITE_CAP_SCORE: ${{ vars.STAGING_CAP_SCORE }}
+          VITE_MIN_PAYOUT: ${{ vars.STAGING_MIN_PAYOUT }}
+          VITE_MAX_PAYOUT: ${{ vars.STAGING_MAX_PAYOUT }}
+          VITE_CURVE: ${{ vars.STAGING_CURVE }}
           VITE_AIRDROP_ECDSA_ADDR: ${{ vars.STAGING_AIRDROP_ECDSA_ADDR }}
           VITE_AIRDROP_ZK_ADDR: ${{ vars.STAGING_AIRDROP_ZK_ADDR }}
-          VITE_ZKML_PROVER_ADDR: ${{ vars.STAGING_ZKML_PROVER_ADDR }}
+          VITE_VERIFIER_ADDR: ${{ vars.STAGING_VERIFIER_ADDR }}
+          VITE_API_BASE: ${{ vars.STAGING_API_BASE }}
+          VITE_DEBUG: ${{ vars.STAGING_DEBUG }}
           VITE_WALLETCONNECT_PROJECT_ID: ${{ secrets.WALLETCONNECT_PROJECT_ID }}
+          PUBLIC_CHAIN_ID: ${{ vars.STAGING_CHAIN_ID }}
+          PUBLIC_RPC_URL: ${{ vars.STAGING_RPC_URL }}
+          PUBLIC_TOKEN_ADDR: ${{ vars.STAGING_TOKEN_ADDR }}
+          PUBLIC_CAMPAIGN: ${{ vars.STAGING_CAMPAIGN }}
+          PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ secrets.WALLETCONNECT_PROJECT_ID }}
 
       - name: Deploy to staging
         run: |
@@ -166,21 +179,34 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: ${{ env.NODE_VERSION }}
-          cache: "yarn"
+          cache: "npm"
 
       - name: Install dependencies
-        run: yarn install
+        run: npm ci
 
       - name: Build for production
-        run: yarn build
+        run: npm run build
         env:
           VITE_CHAIN_ID: ${{ vars.PRODUCTION_CHAIN_ID }}
           VITE_RPC_URL: ${{ vars.PRODUCTION_RPC_URL }}
           VITE_TOKEN_ADDR: ${{ vars.PRODUCTION_TOKEN_ADDR }}
+          VITE_CAMPAIGN: ${{ vars.PRODUCTION_CAMPAIGN }}
+          VITE_FLOOR_SCORE: ${{ vars.PRODUCTION_FLOOR_SCORE }}
+          VITE_CAP_SCORE: ${{ vars.PRODUCTION_CAP_SCORE }}
+          VITE_MIN_PAYOUT: ${{ vars.PRODUCTION_MIN_PAYOUT }}
+          VITE_MAX_PAYOUT: ${{ vars.PRODUCTION_MAX_PAYOUT }}
+          VITE_CURVE: ${{ vars.PRODUCTION_CURVE }}
           VITE_AIRDROP_ECDSA_ADDR: ${{ vars.PRODUCTION_AIRDROP_ECDSA_ADDR }}
           VITE_AIRDROP_ZK_ADDR: ${{ vars.PRODUCTION_AIRDROP_ZK_ADDR }}
-          VITE_ZKML_PROVER_ADDR: ${{ vars.PRODUCTION_ZKML_PROVER_ADDR }}
+          VITE_VERIFIER_ADDR: ${{ vars.PRODUCTION_VERIFIER_ADDR }}
+          VITE_API_BASE: ${{ vars.PRODUCTION_API_BASE }}
+          VITE_DEBUG: ${{ vars.PRODUCTION_DEBUG }}
           VITE_WALLETCONNECT_PROJECT_ID: ${{ secrets.WALLETCONNECT_PROJECT_ID }}
+          PUBLIC_CHAIN_ID: ${{ vars.PRODUCTION_CHAIN_ID }}
+          PUBLIC_RPC_URL: ${{ vars.PRODUCTION_RPC_URL }}
+          PUBLIC_TOKEN_ADDR: ${{ vars.PRODUCTION_TOKEN_ADDR }}
+          PUBLIC_CAMPAIGN: ${{ vars.PRODUCTION_CAMPAIGN }}
+          PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ secrets.WALLETCONNECT_PROJECT_ID }}
 
       - name: Deploy to production
         run: |