1. Overview
<aside>
DevAsign is an AI platform that automates bounty payouts via smart merge & escrow smart contract, enabling OSS maintainers focus on building rather than admin overhead.
</aside>
- Core services communicate through a RESTful ExpressJS API Gateway, enabling seamless integration between web interfaces, AI modules, and decentralized chat.
- At the moment, all blockchain operations run on Stellar’s high-throughput, low-fee network using the Stellar TypeScript SDK.
- Smart contracts for escrow and task-based compensation are developed in Rust using the Soroban CLI, tested locally, and deployed to Stellar via WASM and XDR transactions.
https://www.figma.com/board/XMe9YomhxgNqBZJZcyXomI/devasign-|-user-flow--MVP-?node-id=0-1&t=RT8R15QduYeFOSMz-1
DevAsign uses a fine-tuned Anthropic Opus-4 with a LangChain-based RAG pipeline. On each PR, it fetches context, runs checks, and scores merge confidence (0–100). It only recommends by default — auto-merge is opt-in and guarded by repo rules and safety modes specified by the maintainers.
2. AI System Architecture
| Layer |
What we use |
Implementation Notes |
| Base model |
Anthropic Opus-4 |
Fine-tuned |
| Retrieval index |
Vector database storing embeddings of: • Entire repo at HEAD • Last 12 months of closed issues and their corresponding pull requests • Current YAML/JSON rule file |
|
| RAG assembler |
Pipeline that: • Accepts the incoming PR difference • Retrieves top-K relevant code chunks, past PRs, and the project’s rules |
Built with LangChain |
| Rule engine |
Plain YAML/JSON schema |
|
What the AI bot actually does
-
On every pull request it:
- Gets the code change, queries the vector database and fetches the most relevant data and the live rule file.
- Feeds that bundle along with a custom prompt to the fine-tuned Opus-4 ****→ gets a merge-confidence score (0-100) and any inline review comments.
-
Posts a summary as a PR review:
- “Confidence 84 — looks mergeable once naming style fixed in
payments.ts:42”
- Adds the rule engine verdict (tests pass? approvals met? violations?) and generates contributor feedback if needed.
-
Acts according to the repo’s safety mode (set in settings):
| Mode |
Who clicks “Merge”? |
Default for new repos |
| Observe-only |
Maintainer |
— |
| Suggest |
Maintainer (bot can label “merge-ready”) |
✅ |
| Auto (guard-rail) |
Bot, if confidence ≥ threshold and all rules green |
— |
- As recommended, we’ll keep a human in the loop early on so maintainers can see the bot’s reasoning line-by-line.
- Once the false-positive rate drops (we aim for <1 in 50 reviewed PRs), maintainers can toggle “Auto” for low-risk folders or rule-based subsets (e.g., docs, config bumps).
3. API Layer
- API Gateway (ExpressJS)
- Exposes REST endpoints for internal services
- Implements authentication using Firebase Auth
- Performs rate limiting and request validation
4. Core Microservices
4.1 PR Merge Service (Node.js + TypeScript)