Zero-code, self serve platform to monetize your Web2 APIs using crypto, protect them with authentication and rate limits AND get a bonus dashboard to monitor them.
The use case is simple - you just made a super fancy web API to identify cats in a picture and you want to share it with the world. But, hosting an API like that costs money and you don't want people abusing it. You also do not want to setup and maintain a payment gateway and authentication using API keys. This is where Pay My API comes in. You register your API on the Pay My API dashboard and add pricing plans with rate limits and monthly caps. You then get a unique link to share with anyone who wants to use your API.
You can subscribe to an API by starting a Superfluid stream - you only pay for as long as you want to use the API. You are given a secure API key, generated entirely in your browser, that you can use to authorize your API calls. Every request counts towards your monthly quota while being performant AND being eventually consistent with the blockchain data. Abuse is prevented by enforcing the per second rate limit defined while making the plan.
The setup for an API developer is a simple 3-step process:
The PayMyAPI contract is implemented in Solidity. We decided to store all data on-chain since the data is only text and numbers and having it on the chain provides finality. We have setup a The Graph subgraph to quickly and efficiently query this nested and complex data. Doing the same queries on the chain would be a lot less efficient. This allows the frontend application to be quick and responsive.
Subscribing to a API is done via Superfluid. Tokens are streamed to the API developer instead of an upfront payment. This allows users to try out APIs and stop paying if the service isn't any good. Also prevents the API developer from absconding the with money. With this pricing model, Superfluid seemed like the perfect choice for payments in PayMyAPI.
The proxy service maintains throughput by caching results from the blockchain. Once an API token is approved, it is added to the local cache and subsequent requests are much faster. Similarly, the monthly quota is cached locally on the proxy. A counter is incremented for every request from the user and saved locally. This counter is exposed through an internal endpoint of the proxy. Using a combination of Chainlink API requests (deployed using an Operator + a custom chainlink node) and Chainlink keepers, the local count is synchronized with the blockchain. Every 5 minutes, the Chainlink Keepers execute a method on the contract that looks through active subscriptions, sends requests to the Proxy URLs (through Chainlink) and if there are unsynchronized counters for a user, they are updated on the blockchain.
Covalent is used inside the proxy service to synchronize the latest data from the blockchain into the local cache, in real time.
The webapp is implemented in Angular and the proxy service in Express and TypeScript. We also made use of Alchemy, Hardhat, Polygonscan, Remix and Metamask throughout the project.
Code for The Graph subgraph can be found here: https://github.com/NaikAayush/paymyapi/tree/main/the-graph/paymyapi
The frontend/webapp is here: https://github.com/NaikAayush/paymyapi/tree/main/webapp
The Proxy Service is here: https://github.com/NaikAayush/paymyapi/tree/main/proxy
All of the contract is here: https://github.com/NaikAayush/paymyapi/tree/main/contracts
Job spec for Chainlink API call: https://github.com/NaikAayush/paymyapi/blob/main/contracts/jobspec.toml
Chainlink code: https://github.com/NaikAayush/paymyapi/blob/a1232b31b97510ca42d7ad4d5d637b522bfbe68e/contracts/contracts/PayMyAPI.sol#L262
Superfluid code: https://github.com/NaikAayush/paymyapi/blob/a1232b31b97510ca42d7ad4d5d637b522bfbe68e/contracts/contracts/PayMyAPI.sol#L64