v0.1.0
// Forge builder · full stack hosting · DePIN nodes // solana · x402 when you provision via MCP synced

// confidential-oriented hosting · supabase-shaped stack

A secure all-in-one cloud for AI apps and agents.

01 KRAPH 02 SECURE AI CLOUD 03 BUILD HOST PROTECT

Postgres, Auth, Storage, Functions, and IPFS - provisioned per project. Secrets are encrypted at rest, replicas store only encrypted WAL, and eligible mainnet placement can run on AMD SEV-SNP attested nodes. Build with Forge or provision via MCP on the same stack.

build with Forge how Kraph works
network.live

Under the hood: gateway placement, x402 settlement, encrypted replication, and attested nodes when you choose mainnet-tier hosting.

// network health
3
nodes responding · 2 regions
// fastest node rtt
ms
live probe · min of pool
// gateway round-trip
ms
parallel health checks
// attested capacity
1
AMD SEV-SNP node · live
01
what is kraph?
// one platform · four ways in

Kraph is a secure all-in-one cloud for AI apps and agents: you get a real backend (database, auth, APIs, storage, functions, logs, static hosting) with encrypted secrets, optional x402 USDC metering, and a network of independent nodes with hardware-attested capacity for production.

01[f]

Forge

In-browser AI builder: describe what you want, iterate on UI and logic, and ship onto the same hosted stack.

02[k]

Kraph cloud

Postgres, Auth, Realtime, Storage, Edge Functions, Studio, IPFS hooks — the pieces you expect from a modern backend, orchestrated per project.

03[m]

MCP

Agents and developer tools call kraph_provision and related tools to create infrastructure programmatically, with per-call settlement via x402 when applicable.

04[n]

Node network

Independent operators supply compute and storage; the protocol handles placement, payments, encrypted WAL replication, and attestation checks.

// why now

three forces converging

  • AI products need backend state, server logic, and secure secrets - not only UI generation.
  • Classic hosted clouds prioritize human billing accounts and broad control-plane visibility.
  • Kraph combines Forge, MCP, x402, and independent node supply in one stack.
02
everything an AI product needs to ship.
// database · auth · functions · hosting · payments

Concrete outputs, not platform abstractions: Postgres, Auth, Storage, Edge Functions, Realtime, IPFS, and encrypted env vars for third-party keys. Build with Forge or provision from code via MCP.

live 01

memory & state

Postgres + Realtime + Storage for durable agent memory, files, and session state — same @supabase/supabase-js patterns you already use.

live 02

tools & server logic

Deno edge functions next to your data, with encrypted env vars for API keys and connector credentials.

live 03

ship a surface

Pin static frontends to content-addressed storage so each agent can have a shareable URL or embed alongside its API.

live 04

agent-native payments

Optional wallet identity and x402 USDC on Solana meter infrastructure per tool call — no card on file when you deploy via MCP.

live 05

distributed hosting

Independent nodes host workloads with encrypted WAL replication; mainnet-tier placement can use AMD SEV-SNP attested hardware.

team beta 06

agent email

Inbound and outbound mail for auth flows, digests, notifications, and support — live for allowlisted team mailboxes via MCP today; broader self-serve access is planned as packaging matures.

03
Forge: build on Kraph. beta
// browser builder · describe → iterate → ship · same stack underneath

Forge is Kraph’s in-browser builder: describe what you want, iterate on UI and logic, and ship to the same Postgres + APIs + functions + storage + encrypted env surface the network provisions. It is for teams that want a hosted builder instead of wiring everything from an external LLM IDE first.

Built-in assistant works today. Coming soon: choose your model in Forge - Claude, GPT/Codex, Gemini, or compatible endpoints - so you can keep the same build flow while selecting the model you trust.

01

browser builder

Design UI and flow quickly, then deploy without switching stacks.

02

same hosted stack

Build path and MCP path land on the same backend primitives.

03

model choice coming soon

Pick Claude, Codex, Gemini, or compatible endpoints; built-in assistant remains available.

open Forge use MCP instead
04
developers: connect your stack
// mcp server or claude skill · pick key + network

Prefer a hosted builder? Start with Forge. Prefer your own editor and agents? Use MCP here. Today, MCP is the developer path: authenticate with a Solana wallet, call kraph_provision, and connect your app to returned URLs and keys.

  • Works in Claude Code, Cursor, Windsurf, and compatible hosts.
  • Claude skill fallback handles OAuth when /mcp setup is awkward.
  • Paid tool calls settle in USDC via x402.
claude code · local · devnet 
claude mcp add kraph -- npx -y @kraph/mcp-stdio \
  --keypair ~/.config/solana/id.json \
  --network devnet
// your keypair signs every x402 payment locally · nothing leaves your machine except the MCP requests
A authentication

Kraph authenticates via your Solana wallet, not a cloud billing profile. Two modes, both handled automatically:

  1. SIWS — agent signs a challenge message with a local Solana keypair. Three tool calls: kraph_auth_challenge → sign → kraph_auth_verify. Session token valid for 30 minutes.
  2. Privy OAuth — for agents without a local keypair. Sign in with email once, get a Privy server wallet, and avoid card or KYC setup. The gateway can sign x402 payments on behalf of that wallet through the delegation flow.

Paid tool calls settle via x402 on Solana. The gateway returns 402 Payment Required with the tool's price in USDC; your client's x402-fetch wrapper signs and retries automatically. The result is metered infrastructure without a card processor sitting between the agent and the app it is trying to ship.

B compatibility

Kraph runs the unmodified official Supabase Docker stack under the hood — same Postgres 15, same PostgREST, same GoTrue auth, same Realtime, same Storage API, same Edge Runtime (Deno/TypeScript), same JWT format, same Studio dashboard.

That means the full compat surface works out of the box: @supabase/supabase-js, PostgREST clients, supabase-py, supabase-dart, Studio, the supabase CLI, the Supabase Edge Functions runtime, the S3-compatible Storage API, standard ENV-var semantics for functions, pg_dump / pg_restore, and every RLS policy you've already written.

Migrating an existing full-stack app is a few env-var changes:

  1. Call kraph_provision → get a new URL + anon key + service role key
  2. pg_dump source db → pg_restore into the new instance
  3. kraph_deploy_function your edge functions · kraph_set_env for secrets · upload buckets to Storage
  4. Update SUPABASE_URL / SUPABASE_ANON_KEY and redeploy (or kraph_pin_frontend the built static bundle to IPFS)

Kraph is an independent open-source project, not affiliated with or endorsed by Supabase Inc. — but because it orchestrates the same open-source components those projects use, the SDKs work unchanged. For ad-hoc agent use, no migration at all: Kraph just sits alongside your existing infra as another tool.

05
from idea to running product
// four steps · Forge or MCP
  1. 01 describe you

    define what you’re building and who it serves

    Start from an AI app, assistant, or automation you want in production. Use Forge for browser iteration or your own repo/tooling, then define triggers, guardrails, and data boundaries.

  2. 02 connect tools

    wire tools, APIs, and model access

    Connect calendars, email, CRMs, internal APIs, and data stores. Keep provider keys in encrypted env vars with least privilege instead of prompt text.

  3. 03 deploy < 15 s

    provision an isolated backend and go live

    Through MCP, Kraph provisions a full Supabase-compatible stack (Postgres, Auth, Realtime, Storage, Functions, Studio, API gateway) plus IPFS hooks. You get URLs, keys, and runtime without stitching vendors; paid tools settle via x402 on Solana.

    id: agvxmi1rhdsk url: your instance endpoint studio_url: studio dashboard
  4. 04 observe always on

    inspect state, logs, payments, and durability

    Track what changed and what you paid for using Postgres state, function logs, stored artifacts, payment feed updates, and node health. Replication remains encrypted so replica storage carries ciphertext, not raw workload state.

    replicas: ovh-ca · gcp-us (SEV-SNP attested path) integrity: per-segment hash chain · encrypted off-node
06
pick a network
// devnet for iteration · mainnet for production · same MCP flow

When you connect via MCP, you choose devnet (faucet USDC, fast iteration, mock TEE) or mainnet (real USDC, SEV-SNP attested nodes for eligible placement). Forge and your app use the same stack either way; billing and trust assumptions differ.

// developer networks · same protocol

Solana devnet vs mainnet (MCP today)

devnet
$0 / faucet

for hacking

Pay with devnet USDC from the faucet. Any available node. Mock TEE. Ephemeral instances. No card, no KYC, low-risk playground.

  • free devnet USDC (faucet)
  • no credit card · no KYC
  • drop-in for @supabase/supabase-js
  • edge functions · object storage · static hosting · encrypted env
  • encrypted WAL replication
  • x402 paid tool calls
  • mock TEE · no attestation
  • instances paused after 24h
start free
// network solana:devnet
mainnet
$0.10 / provision

for production

Real USDC on Solana mainnet. TEE-verified nodes only — eligible nodes prove they run inside an AMD SEV-SNP enclave before the gateway places production workloads on them.

  • mainnet USDC · real payments
  • wallet account · no card processor
  • drop-in for @supabase/supabase-js
  • edge functions · object storage · static hosting · encrypted env
  • encrypted WAL replication
  • AMD SEV-SNP attestation on qualified nodes
  • measurement verification per placement
go mainnet
// network solana:mainnet-beta
// what you pay for
metered today
kraph_provision $0.10 kraph_extend $0.05 kraph_query $0.001 kraph_set_env $0.005
not metered today
REST Realtime Storage egress Function invocations Static IPFS reads

If pricing changes, we will announce it clearly before it applies. Meter coverage may evolve as the network matures.

// migrate

devnet → mainnet

Three steps, same tooling. Your app, your keys, your data.

  1. pg_dump your devnet instance and bundle storage artifacts
    export database + objects + function source snapshots
  2. Flip KRAPH_SOLANA_NETWORK=solana:mainnet-beta and run kraph_provision
    same client flow, new mainnet instance + keys
  3. pg_restore + kraph_deploy_function + kraph_set_env
    same schema/data, secrets re-applied, attested mainnet path
07
confidential by design
// encrypted secrets · encrypted replication · attested production
01

encrypted secrets

Function env vars are stored as ciphertext on node disk; on SEV-SNP mainnet placement plaintext materializes only during apply in the attested runtime path.

02

encrypted replication

WAL segments leave the primary encrypted, and replica nodes retain ciphertext only, not application plaintext.

03

attested nodes

Eligible mainnet placement can run on AMD SEV-SNP hardware with fresh measurement checks before placement.

// who sees what
  • mainnet node operator: SEV-SNP attested placement reduces host-memory visibility.
  • replica operators: hold encrypted WAL ciphertext, not decrypted database pages.
  • gateway: still in today’s trust boundary for orchestration/auth/payment flows (see whitepaper).

devnet is not confidential - use mainnet and attested nodes for stronger confidentiality goals.

08
network status, transparent
// live gateway · node health · settlements · attestation signals
kraph · live.status
● live --:--:--
nodes live · 3
ovh-ca-a
167.114.159.161
mock TEE
ovh-ca-b
167.114.159.161:3403
mock TEE
gcp-us-c SEV-SNP
34.136.139.100
real AMD SEV-SNP
payment feed live · x402 ring buffer
  • 03:49:26 kraph_provision $0.100 2pjuY6…xsVPM
  • 02:14:12 kraph_query $0.001 e5QVNh…4dJfS
  • 19:38:44 kraph_provision $0.100 3GhaTG…YtVsPM
09
run verified capacity for Kraph
// supply-side · compliance-first framing

Kraph is growing an independent operator network that supplies compute, storage, and bandwidth for customer workloads.

01

what you provide

Verified infrastructure capacity: compute, storage, bandwidth, uptime, region coverage, and optional attested hardware.

02

how payouts work

Approved operators are paid monthly in USDC as vendor payments for delivered services.

03

compliance & next step

Onboarding may require identity checks, tax documentation, and service-level agreements. Share region, hardware profile, and SEV-SNP readiness.

contact · operator inquiries

10
why this matters
// answers to the obvious objections
vs other tools
Q. How is this different from Vercel or Supabase?

Kraph covers the same shipping loop (frontend + backend + auth + data), then adds Forge + MCP, x402 per-call metering, independent operators, and confidentiality controls for production paths. It is an independent project built around compatible open-source components.

Q. What is Forge?

Forge is Kraph’s in-browser AI builder for full-stack apps. You iterate on UI + logic while targeting the same Postgres/Auth/Storage/Functions stack provisioned by the network. Open it at forge.kraph.com/build.

Q. Is Kraph a Supabase competitor?

Kraph is not Supabase, but it is Supabase-compatible by orchestrating the same open-source components many teams already use. The differentiation is the bundle: AI builder + agent provisioning + stablecoin-metered tool calls + encrypted replication + decentralized placement + attested hardware options.

Q. How is this different from AI app builders that only ship frontend?

Kraph combines builder flow with production backend primitives: Postgres, auth, realtime, storage, edge functions, encrypted secrets, optional x402 metering via MCP, encrypted replication, and independent node supply.

security & secrets
Q. Can Kraph or node operators read my API keys and secrets?

Secrets are encrypted at rest on nodes. On mainnet SEV-SNP placement, plaintext is intended to exist only in attested runtime paths during apply; on devnet, assume operators could observe brief decrypt windows. The gateway remains part of today’s trust boundary for orchestration and some auth/payment flows; see the whitepaper.

Q. Which AI model does Forge use? Can I pick my own?

Forge uses a built-in assistant today. Coming soon, you can choose your model (Claude, Codex, Gemini, or compatible endpoints) inside Forge. For backend integrations, keep provider keys in function-scoped secrets via kraph_set_env.

Q. How are API keys and third-party tokens protected?

Store them in function-scoped env vars with kraph_set_env (encrypted at rest). On mainnet attested placement, plaintext exists only briefly in runtime apply paths. Continue least-privilege practices: rotate keys, scope tools, and audit agent access.

Q. Can an existing app or agent use Kraph?

Yes. Kraph is a backend/hosting layer: connect to provisioned URLs + keys. Typical flow is kraph_provision through MCP or Forge-first, then swap env vars/endpoints like any Supabase-shaped project.

Q. How do secrets and env vars get handled?

Env rows are stored encrypted at rest and applied at runtime. Mainnet attested placement reduces host-memory exposure; devnet should be treated as non-confidential. kraph_list_env returns key fingerprints by default; include values only when explicitly requested.

network & payments
Q. Why does this need Solana?

Solana provides wallet identity, low-cost USDC settlement, and programmable registry rails so agents can pay one infrastructure action at a time via x402.

Q. Where does the DePIN part show up?

Infrastructure is supplied by independent nodes. Kraph coordinates placement, payment, encrypted replication, and attestation checks while keeping a familiar Postgres/Supabase-shaped developer surface.

Q. Isn't a distributed database impossible with CAP?

Kraph is not a distributed database. Each workload gets a single primary Postgres instance; decentralization applies to placement, settlement, and encrypted replication/backups.

Q. What if a node dies?

Encrypted WAL segments replicate to multiple nodes. If a primary fails, recovery replays from encrypted backup on reassigned infrastructure.

Q. Is this actually fast?

Provisioning is designed for fast startup versus traditional hosted project bootstraps, and ongoing query latency is whatever the underlying Postgres + API path deliver on selected nodes.

Q. What do you mean by privacy-first hosting?

Access is wallet-authenticated instead of card-account first. Billing identity and workload confidentiality are separate layers; confidentiality depends on encryption + placement tier.

Q. Can the node operator read my data?

On attested mainnet placement, host visibility is reduced by hardware memory encryption plus measurement checks before placement. On devnet, assume operators may inspect runtime state.

Q. Do I need crypto as an end user?

Developers using MCP today use wallets (or Privy) for x402 settlement. End-user product experiences may abstract wallet handling over time.

Q. How do node operators get paid?

Approved operators receive USDC vendor payments for delivered infrastructure under service terms and compliance checks.