✨ Attach post and message to AI

✨ Add billing
✨ Proposal
2025-10-27 01:09:08 +08:00 · 2025-10-26 21:42:53 +08:00 · 2025-10-26 21:08:38 +08:00 · 2025-10-26 18:47:42 +08:00 · 2025-10-26 17:51:08 +08:00 · 2025-10-26 12:37:52 +08:00
406 changed files with 38719 additions and 41862 deletions
--- a/.aspire/settings.json
+++ b/.aspire/settings.json
@@ -1,3 +1,4 @@
 {
  "appHostPath": "../DysonNetwork.Control/DysonNetwork.Control.csproj"
-}
+}
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,5 @@
 root = true
 [*]
 indent_style = space
 indent_size = 4
--- a/.env
+++ b/.env
@@ -33,3 +33,6 @@ SPHERE_IMAGE=sphere:latest
 # Container image name for develop
 DEVELOP_IMAGE=develop:latest
 # Container image name for gateway
 GATEWAY_IMAGE=gateway:latest
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -1,4 +1,4 @@
-name: Aspire Publish Workflow
+name: Build and Push Microservices
 on:
  push:
@@ -7,11 +7,70 @@ on:
  workflow_dispatch:
 jobs:
-  publish:
+  determine-changes:
    runs-on: ubuntu-latest
    outputs:
      matrix: ${{ steps.changes.outputs.matrix }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Get changed files
        id: changed-files
        run: |
          echo "files=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | xargs)" >> $GITHUB_OUTPUT
      - name: Determine changed services
        id: changes
        run: |
          files="${{ steps.changed-files.outputs.files }}"
          matrix="{\"include\":[]}"
          services=("Sphere" "Pass" "Ring" "Drive" "Develop" "Gateway" "Insight")
          images=("sphere" "pass" "ring" "drive" "develop" "gateway" "insight")
          changed_services=()
          for file in $files; do
            if [[ "$file" == DysonNetwork.Shared/* ]]; then
              changed_services=("${services[@]}")
              break
            fi
            for i in "${!services[@]}"; do
              if [[ "$file" == DysonNetwork.${services[$i]}/* ]]; then
                # check if service is already in changed_services
                if [[ ! " ${changed_services[@]} " =~ " ${services[$i]} " ]]; then
                  changed_services+=("${services[$i]}")
                fi
              fi
            done
          done
          if [ ${#changed_services[@]} -gt 0 ]; then
            json_objects=""
            for service in "${changed_services[@]}"; do
              for i in "${!services[@]}"; do
                if [[ "${services[$i]}" == "$service" ]]; then
                  image="${images[$i]}"
                  break
                fi
              done
              json_objects+="{\"service\":\"$service\",\"image\":\"$image\"},"
            done
            matrix="{\"include\":[${json_objects%,}]}"
          fi
          echo "matrix=$matrix" >> $GITHUB_OUTPUT
  build-and-push:
    needs: determine-changes
    if: ${{ needs.determine-changes.outputs.matrix != '{"include":[]}' }}
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    strategy:
      matrix: ${{ fromJson(needs.determine-changes.outputs.matrix) }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
@@ -22,10 +81,8 @@ jobs:
        uses: dotnet/nbgv@master
        id: nbgv
-      - name: Setup .NET
+      - name: Set up Docker Buildx
-        uses: actions/setup-dotnet@v5
+        uses: docker/setup-buildx-action@v3
        with:
          dotnet-version: "9.0.x"
      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
@@ -34,33 +91,13 @@ jobs:
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Install Aspire CLI
+      - name: Build and push Docker image for ${{ matrix.service }}
-        run: dotnet tool install -g Aspire.Cli --prerelease
+        uses: docker/build-push-action@v6
      - name: Build and Publish Aspire Application
        run: aspire publish --project ./DysonNetwork.Control/DysonNetwork.Control.csproj --output publish
      - name: Tag and Push Images
        run: |
          IMAGES=( "sphere" "pass" "ring" "drive" "develop" )
          for image in "${IMAGES[@]}"; do
            IMAGE_NAME="ghcr.io/${{ vars.PACKAGE_OWNER }}/dyson-$image:alpha"
            SOURCE_IMAGE_NAME="$image:latest" # Aspire's default local image name
            echo "Tagging and pushing $SOURCE_IMAGE_NAME to $IMAGE_NAME..."
            docker tag $SOURCE_IMAGE_NAME $IMAGE_NAME
            docker push $IMAGE_NAME
          done
      - name: Upload Aspire Publish Directory
        uses: actions/upload-artifact@v4
        with:
-          name: aspire-publish-output
+          context: .
-          path: ./publish/
+          file: DysonNetwork.${{ matrix.service }}/Dockerfile
-
+          push: true
-      - name: Upload Docker Compose file
+          tags: |
-        uses: actions/upload-artifact@v4
+            ghcr.io/${{ vars.PACKAGE_OWNER }}/dyson-${{ matrix.image }}:${{ steps.nbgv.outputs.SimpleVersion }}
-        with:
+            ghcr.io/${{ vars.PACKAGE_OWNER }}/dyson-${{ matrix.image }}:latest
-          name: docker-compose-output
+          platforms: linux/amd64
          path: ./publish/docker-compose.yml
--- a/API_WALLET_FUNDS.md
+++ b/API_WALLET_FUNDS.md
@@ -0,0 +1,613 @@
 # Wallet Funds API Documentation
 ## Overview
 The Wallet Funds API provides red packet functionality for the DysonNetwork platform, allowing users to create and distribute funds among multiple recipients with expiration and claiming mechanisms.
 ## Authentication
 All endpoints require Bearer token authentication:
 ```
 Authorization: Bearer {jwt_token}
 ```
 ## Data Types
 ### Enums
 #### FundSplitType
 ```typescript
 enum FundSplitType {
  Even = 0,    // Equal distribution
  Random = 1   // Lucky draw distribution
 }
 ```
 #### FundStatus
 ```typescript
 enum FundStatus {
  Created = 0,           // Fund created, waiting for claims
  PartiallyReceived = 1, // Some recipients claimed
  FullyReceived = 2,     // All recipients claimed
  Expired = 3,           // Fund expired, unclaimed amounts refunded
  Refunded = 4           // Legacy status
 }
 ```
 ### Request/Response Models
 #### CreateFundRequest
 ```typescript
 interface CreateFundRequest {
  recipientAccountIds: string[];  // UUIDs of recipients
  currency: string;               // e.g., "points", "golds"
  totalAmount: number;            // Total amount to distribute
  splitType: FundSplitType;       // Even or Random
  message?: string;               // Optional message
  expirationHours?: number;       // Optional: hours until expiration (default: 24)
  pinCode: string;                // Required: 6-digit PIN code for security
 }
 ```
 #### SnWalletFund
 ```typescript
 interface SnWalletFund {
  id: string;                     // UUID
  currency: string;
  totalAmount: number;
  splitType: FundSplitType;
  status: FundStatus;
  message?: string;
  creatorAccountId: string;       // UUID
  creatorAccount: SnAccount;      // Creator account details (includes profile)
  recipients: SnWalletFundRecipient[];
  expiredAt: string;              // ISO 8601 timestamp
  createdAt: string;              // ISO 8601 timestamp
  updatedAt: string;              // ISO 8601 timestamp
 }
 ```
 #### SnWalletFundRecipient
 ```typescript
 interface SnWalletFundRecipient {
  id: string;                     // UUID
  fundId: string;                 // UUID
  recipientAccountId: string;     // UUID
  recipientAccount: SnAccount;    // Recipient account details (includes profile)
  amount: number;                 // Allocated amount
  isReceived: boolean;
  receivedAt?: string;            // ISO 8601 timestamp (if claimed)
  createdAt: string;              // ISO 8601 timestamp
  updatedAt: string;              // ISO 8601 timestamp
 }
 ```
 #### SnWalletTransaction
 ```typescript
 interface SnWalletTransaction {
  id: string;                     // UUID
  payerWalletId?: string;         // UUID (null for system transfers)
  payeeWalletId?: string;         // UUID (null for system transfers)
  currency: string;
  amount: number;
  remarks?: string;
  type: TransactionType;
  createdAt: string;              // ISO 8601 timestamp
  updatedAt: string;              // ISO 8601 timestamp
 }
 ```
 #### Error Response
 ```typescript
 interface ErrorResponse {
  type: string;                   // Error type
  title: string;                  // Error title
  status: number;                 // HTTP status code
  detail: string;                 // Error details
  instance?: string;              // Request instance
 }
 ```
 ## API Endpoints
 ### 1. Create Fund
 Creates a new fund (red packet) for distribution among recipients.
 **Endpoint:** `POST /api/wallets/funds`
 **Request Body:** `CreateFundRequest`
 **Response:** `SnWalletFund` (201 Created)
 **Example Request:**
 ```bash
 curl -X POST "/api/wallets/funds" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "recipientAccountIds": [
      "550e8400-e29b-41d4-a716-446655440000",
      "550e8400-e29b-41d4-a716-446655440001",
      "550e8400-e29b-41d4-a716-446655440002"
    ],
    "currency": "points",
    "totalAmount": 100.00,
    "splitType": "Even",
    "message": "Happy New Year! 🎉",
    "expirationHours": 48,
    "pinCode": "123456"
  }'
 ```
 **Example Response:**
 ```json
 {
  "id": "550e8400-e29b-41d4-a716-446655440003",
  "currency": "points",
  "totalAmount": 100.00,
  "splitType": 0,
  "status": 0,
  "message": "Happy New Year! 🎉",
  "creatorAccountId": "550e8400-e29b-41d4-a716-446655440004",
  "creatorAccount": {
    "id": "550e8400-e29b-41d4-a716-446655440004",
    "username": "creator_user"
  },
  "recipients": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440005",
      "fundId": "550e8400-e29b-41d4-a716-446655440003",
      "recipientAccountId": "550e8400-e29b-41d4-a716-446655440000",
      "amount": 33.34,
      "isReceived": false,
      "createdAt": "2025-10-03T22:00:00Z",
      "updatedAt": "2025-10-03T22:00:00Z"
    },
    {
      "id": "550e8400-e29b-41d4-a716-446655440006",
      "fundId": "550e8400-e29b-41d4-a716-446655440003",
      "recipientAccountId": "550e8400-e29b-41d4-a716-446655440001",
      "amount": 33.33,
      "isReceived": false,
      "createdAt": "2025-10-03T22:00:00Z",
      "updatedAt": "2025-10-03T22:00:00Z"
    },
    {
      "id": "550e8400-e29b-41d4-a716-446655440007",
      "fundId": "550e8400-e29b-41d4-a716-446655440003",
      "recipientAccountId": "550e8400-e29b-41d4-a716-446655440002",
      "amount": 33.33,
      "isReceived": false,
      "createdAt": "2025-10-03T22:00:00Z",
      "updatedAt": "2025-10-03T22:00:00Z"
    }
  ],
  "expiredAt": "2025-10-05T22:00:00Z",
  "createdAt": "2025-10-03T22:00:00Z",
  "updatedAt": "2025-10-03T22:00:00Z"
 }
 ```
 **Error Responses:**
 - `400 Bad Request`: Invalid parameters, insufficient funds, invalid recipients
 - `401 Unauthorized`: Missing or invalid authentication
 - `403 Forbidden`: Invalid PIN code
 - `422 Unprocessable Entity`: Business logic violations
 ---
 ### 2. Get Funds
 Retrieves funds that the authenticated user is involved in (as creator or recipient).
 **Endpoint:** `GET /api/wallets/funds`
 **Query Parameters:**
 - `offset` (number, optional): Pagination offset (default: 0)
 - `take` (number, optional): Number of items to return (default: 20, max: 100)
 - `status` (FundStatus, optional): Filter by fund status
 **Response:** `SnWalletFund[]` (200 OK)
 **Headers:**
 - `X-Total`: Total number of funds matching the criteria
 **Example Request:**
 ```bash
 curl -X GET "/api/wallets/funds?offset=0&take=10&status=0" \
  -H "Authorization: Bearer {token}"
 ```
 **Example Response:**
 ```json
 [
  {
    "id": "550e8400-e29b-41d4-a716-446655440003",
    "currency": "points",
    "totalAmount": 100.00,
    "splitType": 0,
    "status": 0,
    "message": "Happy New Year! 🎉",
    "creatorAccountId": "550e8400-e29b-41d4-a716-446655440004",
    "creatorAccount": {
      "id": "550e8400-e29b-41d4-a716-446655440004",
      "username": "creator_user"
    },
    "recipients": [
      {
        "id": "550e8400-e29b-41d4-a716-446655440005",
        "fundId": "550e8400-e29b-41d4-a716-446655440003",
        "recipientAccountId": "550e8400-e29b-41d4-a716-446655440000",
        "amount": 33.34,
        "isReceived": false
      }
    ],
    "expiredAt": "2025-10-05T22:00:00Z",
    "createdAt": "2025-10-03T22:00:00Z",
    "updatedAt": "2025-10-03T22:00:00Z"
  }
 ]
 ```
 **Error Responses:**
 - `401 Unauthorized`: Missing or invalid authentication
 ---
 ### 3. Get Fund
 Retrieves details of a specific fund.
 **Endpoint:** `GET /api/wallets/funds/{id}`
 **Path Parameters:**
 - `id` (string): Fund UUID
 **Response:** `SnWalletFund` (200 OK)
 **Example Request:**
 ```bash
 curl -X GET "/api/wallets/funds/550e8400-e29b-41d4-a716-446655440003" \
  -H "Authorization: Bearer {token}"
 ```
 **Example Response:** (Same as create fund response)
 **Error Responses:**
 - `401 Unauthorized`: Missing or invalid authentication
 - `403 Forbidden`: User doesn't have permission to view this fund
 - `404 Not Found`: Fund not found
 ---
 ### 4. Receive Fund
 Claims the authenticated user's portion of a fund.
 **Endpoint:** `POST /api/wallets/funds/{id}/receive`
 **Path Parameters:**
 - `id` (string): Fund UUID
 **Response:** `SnWalletTransaction` (200 OK)
 **Example Request:**
 ```bash
 curl -X POST "/api/wallets/funds/550e8400-e29b-41d4-a716-446655440003/receive" \
  -H "Authorization: Bearer {token}"
 ```
 **Example Response:**
 ```json
 {
  "id": "550e8400-e29b-41d4-a716-446655440008",
  "payerWalletId": null,
  "payeeWalletId": "550e8400-e29b-41d4-a716-446655440009",
  "currency": "points",
  "amount": 33.34,
  "remarks": "Received fund portion from 550e8400-e29b-41d4-a716-446655440004",
  "type": 1,
  "createdAt": "2025-10-03T22:05:00Z",
  "updatedAt": "2025-10-03T22:05:00Z"
 }
 ```
 **Error Responses:**
 - `400 Bad Request`: Fund expired, already claimed, not a recipient
 - `401 Unauthorized`: Missing or invalid authentication
 - `404 Not Found`: Fund not found
 ---
 ### 5. Get Wallet Overview
 Retrieves a summarized overview of wallet transactions grouped by type for graphing/charting purposes.
 **Endpoint:** `GET /api/wallets/overview`
 **Query Parameters:**
 - `startDate` (string, optional): Start date in ISO 8601 format (e.g., "2025-01-01T00:00:00Z")
 - `endDate` (string, optional): End date in ISO 8601 format (e.g., "2025-12-31T23:59:59Z")
 **Response:** `WalletOverview` (200 OK)
 **Example Request:**
 ```bash
 curl -X GET "/api/wallets/overview?startDate=2025-01-01T00:00:00Z&endDate=2025-12-31T23:59:59Z" \
  -H "Authorization: Bearer {token}"
 ```
 **Example Response:**
 ```json
 {
  "accountId": "550e8400-e29b-41d4-a716-446655440000",
  "startDate": "2025-01-01T00:00:00.0000000Z",
  "endDate": "2025-12-31T23:59:59.0000000Z",
  "summary": {
    "System": {
      "type": "System",
      "currencies": {
        "points": {
          "currency": "points",
          "income": 150.00,
          "spending": 0.00,
          "net": 150.00
        }
      }
    },
    "Transfer": {
      "type": "Transfer",
      "currencies": {
        "points": {
          "currency": "points",
          "income": 25.00,
          "spending": 75.00,
          "net": -50.00
        },
        "golds": {
          "currency": "golds",
          "income": 0.00,
          "spending": 10.00,
          "net": -10.00
        }
      }
    },
    "Order": {
      "type": "Order",
      "currencies": {
        "points": {
          "currency": "points",
          "income": 0.00,
          "spending": 200.00,
          "net": -200.00
        }
      }
    }
  },
  "totalIncome": 175.00,
  "totalSpending": 285.00,
  "netTotal": -110.00
 }
 ```
 **Response Fields:**
 - `accountId`: User's account UUID
 - `startDate`/`endDate`: Date range applied (ISO 8601 format)
 - `summary`: Object keyed by transaction type
  - `type`: Transaction type name
  - `currencies`: Object keyed by currency code
    - `currency`: Currency name
    - `income`: Total money received
    - `spending`: Total money spent
    - `net`: Income minus spending
 - `totalIncome`: Sum of all income across all types/currencies
 - `totalSpending`: Sum of all spending across all types/currencies
 - `netTotal`: Overall net (totalIncome - totalSpending)
 **Error Responses:**
 - `401 Unauthorized`: Missing or invalid authentication
 ## Error Codes
 ### Common Error Types
 #### Validation Errors
 ```json
 {
  "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
  "title": "Bad Request",
  "status": 400,
  "detail": "At least one recipient is required",
  "instance": "/api/wallets/funds"
 }
 ```
 #### Insufficient Funds
 ```json
 {
  "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
  "title": "Bad Request",
  "status": 400,
  "detail": "Insufficient funds",
  "instance": "/api/wallets/funds"
 }
 ```
 #### Fund Not Available
 ```json
 {
  "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
  "title": "Bad Request",
  "status": 400,
  "detail": "Fund is no longer available",
  "instance": "/api/wallets/funds/550e8400-e29b-41d4-a716-446655440003/receive"
 }
 ```
 #### Already Claimed
 ```json
 {
  "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
  "title": "Bad Request",
  "status": 400,
  "detail": "You have already received this fund",
  "instance": "/api/wallets/funds/550e8400-e29b-41d4-a716-446655440003/receive"
 }
 ```
 ## Rate Limiting
 - **Create Fund**: 10 requests per minute per user
 - **Get Funds**: 60 requests per minute per user
 - **Get Fund**: 60 requests per minute per user
 - **Receive Fund**: 30 requests per minute per user
 ## Webhooks/Notifications
 The system integrates with the platform's notification system:
 - **Fund Created**: Creator receives confirmation
 - **Fund Claimed**: Creator receives notification when someone claims
 - **Fund Expired**: Creator receives refund notification
 ## SDK Examples
 ### JavaScript/TypeScript
 ```typescript
 // Create a fund
 const createFund = async (fundData: CreateFundRequest): Promise<SnWalletFund> => {
  const response = await fetch('/api/wallets/funds', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${token}`,
      'Content-Type': 'application/json'
    },
    body: JSON.stringify(fundData)
  });
  if (!response.ok) {
    throw new Error(`HTTP error! status: ${response.status}`);
  }
  return response.json();
 };
 // Get user's funds
 const getFunds = async (params?: {
  offset?: number;
  take?: number;
  status?: FundStatus;
 }): Promise<SnWalletFund[]> => {
  const queryParams = new URLSearchParams();
  if (params?.offset) queryParams.set('offset', params.offset.toString());
  if (params?.take) queryParams.set('take', params.take.toString());
  if (params?.status !== undefined) queryParams.set('status', params.status.toString());
  const response = await fetch(`/api/wallets/funds?${queryParams}`, {
    headers: {
      'Authorization': `Bearer ${token}`
    }
  });
  if (!response.ok) {
    throw new Error(`HTTP error! status: ${response.status}`);
  }
  return response.json();
 };
 // Claim a fund
 const receiveFund = async (fundId: string): Promise<SnWalletTransaction> => {
  const response = await fetch(`/api/wallets/funds/${fundId}/receive`, {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${token}`
    }
  });
  if (!response.ok) {
    throw new Error(`HTTP error! status: ${response.status}`);
  }
  return response.json();
 };
 ```
 ### Python
 ```python
 import requests
 from typing import List, Optional
 from enum import Enum
 class FundSplitType(Enum):
    EVEN = 0
    RANDOM = 1
 class FundStatus(Enum):
    CREATED = 0
    PARTIALLY_RECEIVED = 1
    FULLY_RECEIVED = 2
    EXPIRED = 3
    REFUNDED = 4
 def create_fund(token: str, fund_data: dict) -> dict:
    """Create a new fund"""
    response = requests.post(
        '/api/wallets/funds',
        json=fund_data,
        headers={
            'Authorization': f'Bearer {token}',
            'Content-Type': 'application/json'
        }
    )
    response.raise_for_status()
    return response.json()
 def get_funds(
    token: str,
    offset: int = 0,
    take: int = 20,
    status: Optional[FundStatus] = None
 ) -> List[dict]:
    """Get user's funds"""
    params = {'offset': offset, 'take': take}
    if status is not None:
        params['status'] = status.value
    response = requests.get(
        '/api/wallets/funds',
        params=params,
        headers={'Authorization': f'Bearer {token}'}
    )
    response.raise_for_status()
    return response.json()
 def receive_fund(token: str, fund_id: str) -> dict:
    """Claim a fund portion"""
    response = requests.post(
        f'/api/wallets/funds/{fund_id}/receive',
        headers={'Authorization': f'Bearer {token}'}
    )
    response.raise_for_status()
    return response.json()
 ```
 ## Changelog
 ### Version 1.0.0
 - Initial release with basic red packet functionality
 - Support for even and random split types
 - 24-hour expiration with automatic refunds
 - RESTful API endpoints
 - Comprehensive error handling
 ## Support
 For API support or questions:
 - Check the main documentation at `README_WALLET_FUNDS.md`
 - Review error messages for specific guidance
 - Contact the development team for technical issues
--- a/DysonNetwork.Control/AppHost.cs
+++ b/DysonNetwork.Control/AppHost.cs
@@ -1,76 +1,70 @@
-using Aspire.Hosting.Yarp.Transforms;
+using Microsoft.Extensions.Hosting;
 var builder = DistributedApplication.CreateBuilder(args);
-// Database was configured separately in each service.
+var isDev = builder.Environment.IsDevelopment();
 // var database = builder.AddPostgres("database");
 var cache = builder.AddRedis("cache");
 var queue = builder.AddNats("queue").WithJetStream();
-var ringService = builder.AddProject<Projects.DysonNetwork_Ring>("ring")
+var ringService = builder.AddProject<Projects.DysonNetwork_Ring>("ring");
    .WithReference(queue)
    .WithHttpHealthCheck()
    .WithEndpoint(5001, 5001, "https", name: "grpc");
 var passService = builder.AddProject<Projects.DysonNetwork_Pass>("pass")
-    .WithReference(cache)
+    .WithReference(ringService);
    .WithReference(queue)
    .WithReference(ringService)
    .WithHttpHealthCheck()
    .WithEndpoint(5001, 5001, "https", name: "grpc");
 var driveService = builder.AddProject<Projects.DysonNetwork_Drive>("drive")
    .WithReference(cache)
    .WithReference(queue)
    .WithReference(passService)
-    .WithReference(ringService)
+    .WithReference(ringService);
    .WithHttpHealthCheck()
    .WithEndpoint(5001, 5001, "https", name: "grpc");
 var sphereService = builder.AddProject<Projects.DysonNetwork_Sphere>("sphere")
    .WithReference(cache)
    .WithReference(queue)
    .WithReference(passService)
    .WithReference(ringService)
-    .WithHttpHealthCheck()
+    .WithReference(driveService);
    .WithEndpoint(5001, 5001, "https", name: "grpc");
 var developService = builder.AddProject<Projects.DysonNetwork_Develop>("develop")
    .WithReference(cache)
    .WithReference(passService)
    .WithReference(ringService)
-    .WithHttpHealthCheck()
+    .WithReference(sphereService);
-    .WithEndpoint(5001, 5001, "https", name: "grpc");
+var insightService = builder.AddProject<Projects.DysonNetwork_Insight>("insight")
    .WithReference(passService)
    .WithReference(ringService)
    .WithReference(sphereService)
    .WithReference(developService);
 passService.WithReference(developService).WithReference(driveService);
 List<IResourceBuilder<ProjectResource>> services =
    [ringService, passService, driveService, sphereService, developService, insightService];
 for (var idx = 0; idx < services.Count; idx++)
 {
    var service = services[idx];
    service.WithReference(cache).WithReference(queue);
    var grpcPort = 7002 + idx;
    if (isDev)
    {
        service.WithEnvironment("GRPC_PORT", grpcPort.ToString());
        var httpPort = 8001 + idx;
        service.WithEnvironment("HTTP_PORTS", httpPort.ToString());
        service.WithHttpEndpoint(httpPort, targetPort: null, isProxied: false, name: "http");
    }
    else
    {
        service.WithHttpEndpoint(8080, targetPort: null, isProxied: false, name: "http");
    }
    service.WithEndpoint(isDev ? grpcPort : 7001, isDev ? null : 7001, "https", name: "grpc", isProxied: false);
 }
 // Extra double-ended references
 ringService.WithReference(passService);
-builder.AddYarp("gateway")
+var gateway = builder.AddProject<Projects.DysonNetwork_Gateway>("gateway")
-    .WithHostPort(5000)
+    .WithEnvironment("HTTP_PORTS", "5001")
-    .WithConfiguration(yarp =>
+    .WithHttpEndpoint(port: 5001, targetPort: null, isProxied: false, name: "http");
-    {
+
-        var ringCluster = yarp.AddCluster(ringService.GetEndpoint("http"));
+foreach (var service in services)
-        yarp.AddRoute("/ws", ringCluster);
+    gateway.WithReference(service);
        yarp.AddRoute("/ring/{**catch-all}", ringCluster)
            .WithTransformPathRemovePrefix("/ring")
            .WithTransformPathPrefix("/api");
        var passCluster = yarp.AddCluster(passService.GetEndpoint("http"));
        yarp.AddRoute("/.well-known/openid-configuration", passCluster);
        yarp.AddRoute("/.well-known/jwks", passCluster);
        yarp.AddRoute("/id/{**catch-all}", passCluster)
            .WithTransformPathRemovePrefix("/id")
            .WithTransformPathPrefix("/api");
        var driveCluster = yarp.AddCluster(driveService.GetEndpoint("http"));
        yarp.AddRoute("/api/tus", driveCluster);
        yarp.AddRoute("/drive/{**catch-all}", driveCluster)
            .WithTransformPathRemovePrefix("/drive")
            .WithTransformPathPrefix("/api");
        var sphereCluster = yarp.AddCluster(sphereService.GetEndpoint("http"));
        yarp.AddRoute("/sphere/{**catch-all}", sphereCluster)
            .WithTransformPathRemovePrefix("/sphere")
            .WithTransformPathPrefix("/api");
        var developCluster = yarp.AddCluster(developService.GetEndpoint("http"));
        yarp.AddRoute("/develop/{**catch-all}", developCluster)
            .WithTransformPathRemovePrefix("/develop")
            .WithTransformPathPrefix("/api");
    });
 builder.AddDockerComposeEnvironment("docker-compose");
--- a/DysonNetwork.Control/DysonNetwork.Control.csproj
+++ b/DysonNetwork.Control/DysonNetwork.Control.csproj
@@ -1,30 +1,28 @@
 <Project Sdk="Microsoft.NET.Sdk">
-
+  <Sdk Name="Aspire.AppHost.Sdk" Version="9.5.2" />
-    <Sdk Name="Aspire.AppHost.Sdk" Version="9.4.2"/>
+    
-
+  <PropertyGroup>
-    <PropertyGroup>
+    <OutputType>Exe</OutputType>
-        <OutputType>Exe</OutputType>
+    <TargetFramework>net9.0</TargetFramework>
-        <TargetFramework>net9.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
-        <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
-        <Nullable>enable</Nullable>
+    <UserSecretsId>a68b3195-a00d-40c2-b5ed-d675356b7cde</UserSecretsId>
-        <UserSecretsId>a68b3195-a00d-40c2-b5ed-d675356b7cde</UserSecretsId>
+    <RootNamespace>DysonNetwork.Control</RootNamespace>
-        <RootNamespace>DysonNetwork.Control</RootNamespace>
+  </PropertyGroup>
-    </PropertyGroup>
+    
-
+  <ItemGroup>
-    <ItemGroup>
+    <PackageReference Include="Aspire.Hosting.AppHost" Version="9.5.2" />
-        <PackageReference Include="Aspire.Hosting.AppHost" Version="9.4.2"/>
+    <PackageReference Include="Aspire.Hosting.Docker" Version="9.4.2-preview.1.25428.12" />
-        <PackageReference Include="Aspire.Hosting.Docker" Version="9.4.2-preview.1.25428.12" />
+    <PackageReference Include="Aspire.Hosting.Nats" Version="9.5.2" />
-        <PackageReference Include="Aspire.Hosting.Nats" Version="9.4.2" />
+    <PackageReference Include="Aspire.Hosting.Redis" Version="9.5.2" />
-        <PackageReference Include="Aspire.Hosting.Redis" Version="9.4.2" />
+  </ItemGroup>
-        <PackageReference Include="Aspire.Hosting.Yarp" Version="9.4.2-preview.1.25428.12" />
+  <ItemGroup>
-    </ItemGroup>
+    <ProjectReference Include="..\DysonNetwork.Develop\DysonNetwork.Develop.csproj" />
-
+    <ProjectReference Include="..\DysonNetwork.Drive\DysonNetwork.Drive.csproj" />
-    <ItemGroup>
+    <ProjectReference Include="..\DysonNetwork.Pass\DysonNetwork.Pass.csproj" />
-      <ProjectReference Include="..\DysonNetwork.Develop\DysonNetwork.Develop.csproj" />
+    <ProjectReference Include="..\DysonNetwork.Ring\DysonNetwork.Ring.csproj" />
-      <ProjectReference Include="..\DysonNetwork.Drive\DysonNetwork.Drive.csproj" />
+    <ProjectReference Include="..\DysonNetwork.Sphere\DysonNetwork.Sphere.csproj" />
-      <ProjectReference Include="..\DysonNetwork.Pass\DysonNetwork.Pass.csproj" />
+    <ProjectReference Include="..\DysonNetwork.Gateway\DysonNetwork.Gateway.csproj" />
-      <ProjectReference Include="..\DysonNetwork.Ring\DysonNetwork.Ring.csproj" />
+    <ProjectReference Include="..\DysonNetwork.Insight\DysonNetwork.Insight.csproj" />
-      <ProjectReference Include="..\DysonNetwork.Sphere\DysonNetwork.Sphere.csproj" />
+  </ItemGroup>
-    </ItemGroup>
+</Project>
 </Project>
--- a/DysonNetwork.Control/Properties/launchSettings.json
+++ b/DysonNetwork.Control/Properties/launchSettings.json
@@ -10,7 +10,9 @@
        "ASPNETCORE_ENVIRONMENT": "Development",
        "DOTNET_ENVIRONMENT": "Development",
        "ASPIRE_DASHBOARD_OTLP_ENDPOINT_URL": "https://localhost:21175",
-        "ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "https://localhost:22189"
+        "ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "https://localhost:22189",
        "DOTNET_DASHBOARD_OTLP_ENDPOINT_URL": "https://localhost:21260",
        "DOTNET_RESOURCE_SERVICE_ENDPOINT_URL": "https://localhost:22052"
      }
    },
    "http": {
@@ -22,8 +24,9 @@
        "ASPNETCORE_ENVIRONMENT": "Development",
        "DOTNET_ENVIRONMENT": "Development",
        "ASPIRE_DASHBOARD_OTLP_ENDPOINT_URL": "http://localhost:19163",
-        "ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "http://localhost:20185"
+        "ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "http://localhost:20185",
        "DOTNET_RESOURCE_SERVICE_ENDPOINT_URL": "http://localhost:22108"
      }
    }
  }
-}
+}
--- a/DysonNetwork.Develop/AppDatabase.cs
+++ b/DysonNetwork.Develop/AppDatabase.cs
@@ -1,8 +1,7 @@
-using System.Text.Json;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Develop.Identity;
 using DysonNetwork.Develop.Project;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Design;
 using NodaTime;
 namespace DysonNetwork.Develop;
@@ -11,13 +10,13 @@ public class AppDatabase(
    IConfiguration configuration
 ) : DbContext(options)
 {
-    public DbSet<Developer> Developers { get; set; } = null!;
+    public DbSet<SnDeveloper> Developers { get; set; } = null!;
-    public DbSet<DevProject> DevProjects { get; set; } = null!;
+    public DbSet<SnDevProject> DevProjects { get; set; } = null!;
-    public DbSet<CustomApp> CustomApps { get; set; } = null!;
+    public DbSet<SnCustomApp> CustomApps { get; set; } = null!;
-    public DbSet<CustomAppSecret> CustomAppSecrets { get; set; } = null!;
+    public DbSet<SnCustomAppSecret> CustomAppSecrets { get; set; } = null!;
-    public DbSet<BotAccount> BotAccounts { get; set; } = null!;
+    public DbSet<SnBotAccount> BotAccounts { get; set; } = null!;
    protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
    {
@@ -31,6 +30,35 @@ public class AppDatabase(
        base.OnConfiguring(optionsBuilder);
    }
    public override async Task<int> SaveChangesAsync(CancellationToken cancellationToken = default)
    {
        var now = SystemClock.Instance.GetCurrentInstant();
        foreach (var entry in ChangeTracker.Entries<ModelBase>())
        {
            switch (entry.State)
            {
                case EntityState.Added:
                    entry.Entity.CreatedAt = now;
                    entry.Entity.UpdatedAt = now;
                    break;
                case EntityState.Modified:
                    entry.Entity.UpdatedAt = now;
                    break;
                case EntityState.Deleted:
                    entry.State = EntityState.Modified;
                    entry.Entity.DeletedAt = now;
                    break;
                case EntityState.Detached:
                case EntityState.Unchanged:
                default:
                    break;
            }
        }
        return await base.SaveChangesAsync(cancellationToken);
    }
    protected override void OnModelCreating(ModelBuilder modelBuilder)
    {
--- a/DysonNetwork.Develop/DysonNetwork.Develop.csproj
+++ b/DysonNetwork.Develop/DysonNetwork.Develop.csproj
@@ -9,16 +9,15 @@
    <ItemGroup>
        <PackageReference Include="EFCore.NamingConventions" Version="9.0.0" />
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.7"/>
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.10" />
-        <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.7">
+        <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.10">
            <PrivateAssets>all</PrivateAssets>
            <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
        </PackageReference>
        <PackageReference Include="NodaTime.Serialization.Protobuf" Version="2.0.2" />
        <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="9.0.4"/>
        <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL.NodaTime" Version="9.0.4" />
-        <PackageReference Include="prometheus-net.AspNetCore" Version="8.2.1"/>
+        <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.6" />
        <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.3"/>
        <PackageReference Include="NodaTime" Version="3.2.2"/>
        <PackageReference Include="NodaTime.Serialization.SystemTextJson" Version="1.3.0"/>
        <PackageReference Include="Grpc.AspNetCore.Server" Version="2.71.0"/>
@@ -31,7 +30,6 @@
    </ItemGroup>
  <ItemGroup>
    <ProjectReference Include="..\DysonNetwork.ServiceDefaults\DysonNetwork.ServiceDefaults.csproj" />
    <ProjectReference Include="..\DysonNetwork.Shared\DysonNetwork.Shared.csproj" />
  </ItemGroup>
--- a/DysonNetwork.Develop/Identity/BotAccountController.cs
+++ b/DysonNetwork.Develop/Identity/BotAccountController.cs
@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 using DysonNetwork.Develop.Project;
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using DysonNetwork.Shared.Registry;
 using Grpc.Core;
@@ -16,10 +16,10 @@ namespace DysonNetwork.Develop.Identity;
 [Authorize]
 public class BotAccountController(
    BotAccountService botService,
-    DeveloperService developerService,
+    DeveloperService ds,
    DevProjectService projectService,
    ILogger<BotAccountController> logger,
-    AccountClientHelper accounts,
+    RemoteAccountService remoteAccounts,
    BotAccountReceiverService.BotAccountReceiverServiceClient accountsReceiver
 )
    : ControllerBase
@@ -50,9 +50,9 @@ public class BotAccountController(
        ]
        public string Name { get; set; } = string.Empty;
-        [Required] [MaxLength(256)] public string Nick { get; set; } = string.Empty;
+        [Required][MaxLength(256)] public string Nick { get; set; } = string.Empty;
-        [Required] [MaxLength(1024)] public string Slug { get; set; } = string.Empty;
+        [Required][MaxLength(1024)] public string Slug { get; set; } = string.Empty;
        [MaxLength(128)] public string Language { get; set; } = "en-us";
    }
@@ -68,7 +68,7 @@ public class BotAccountController(
        [MaxLength(256)] public string? Nick { get; set; } = string.Empty;
-        [Required] [MaxLength(1024)] public string? Slug { get; set; } = string.Empty;
+        [Required][MaxLength(1024)] public string? Slug { get; set; } = string.Empty;
        [MaxLength(128)] public string? Language { get; set; }
@@ -83,12 +83,12 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var developer = await developerService.GetDeveloperByName(pubName);
+        var developer = await ds.GetDeveloperByName(pubName);
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await developerService.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
-                PublisherMemberRole.Viewer))
+                Shared.Proto.PublisherMemberRole.Viewer))
            return StatusCode(403, "You must be an viewer of the developer to list bots");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -108,12 +108,12 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var developer = await developerService.GetDeveloperByName(pubName);
+        var developer = await ds.GetDeveloperByName(pubName);
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await developerService.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
-                PublisherMemberRole.Viewer))
+                Shared.Proto.PublisherMemberRole.Viewer))
            return StatusCode(403, "You must be an viewer of the developer to view bot details");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -137,12 +137,12 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var developer = await developerService.GetDeveloperByName(pubName);
+        var developer = await ds.GetDeveloperByName(pubName);
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await developerService.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
-                PublisherMemberRole.Editor))
+                Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to create a bot");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -206,12 +206,12 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var developer = await developerService.GetDeveloperByName(pubName);
+        var developer = await ds.GetDeveloperByName(pubName);
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await developerService.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
-                PublisherMemberRole.Editor))
+                Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to update a bot");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -222,7 +222,7 @@ public class BotAccountController(
        if (bot is null || bot.ProjectId != projectId)
            return NotFound("Bot not found");
-        var botAccount = await accounts.GetBotAccount(bot.Id);
+        var botAccount = await remoteAccounts.GetBotAccount(bot.Id);
        if (request.Name is not null) botAccount.Name = request.Name;
        if (request.Nick is not null) botAccount.Nick = request.Nick;
@@ -267,12 +267,12 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var developer = await developerService.GetDeveloperByName(pubName);
+        var developer = await ds.GetDeveloperByName(pubName);
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await developerService.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id),
-                PublisherMemberRole.Editor))
+                Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to delete a bot");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -296,7 +296,7 @@ public class BotAccountController(
    }
    [HttpGet("{botId:guid}/keys")]
-    public async Task<ActionResult<List<ApiKeyReference>>> ListBotKeys(
+    public async Task<ActionResult<List<SnApiKey>>> ListBotKeys(
        [FromRoute] string pubName,
        [FromRoute] Guid projectId,
        [FromRoute] Guid botId
@@ -305,7 +305,7 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, PublisherMemberRole.Viewer);
+        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, Shared.Proto.PublisherMemberRole.Viewer);
        if (developer == null) return NotFound("Developer not found");
        if (project == null) return NotFound("Project not found or you don't have access");
        if (bot == null) return NotFound("Bot not found");
@@ -314,13 +314,13 @@ public class BotAccountController(
        {
            AutomatedId = bot.Id.ToString()
        });
-        var data = keys.Data.Select(ApiKeyReference.FromProtoValue).ToList();
+        var data = keys.Data.Select(SnApiKey.FromProtoValue).ToList();
        return Ok(data);
    }
    [HttpGet("{botId:guid}/keys/{keyId:guid}")]
-    public async Task<ActionResult<ApiKeyReference>> GetBotKey(
+    public async Task<ActionResult<SnApiKey>> GetBotKey(
        [FromRoute] string pubName,
        [FromRoute] Guid projectId,
        [FromRoute] Guid botId,
@@ -329,7 +329,7 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, PublisherMemberRole.Viewer);
+        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, Shared.Proto.PublisherMemberRole.Viewer);
        if (developer == null) return NotFound("Developer not found");
        if (project == null) return NotFound("Project not found or you don't have access");
        if (bot == null) return NotFound("Bot not found");
@@ -338,7 +338,7 @@ public class BotAccountController(
        {
            var key = await accountsReceiver.GetApiKeyAsync(new GetApiKeyRequest { Id = keyId.ToString() });
            if (key == null) return NotFound("API key not found");
-            return Ok(ApiKeyReference.FromProtoValue(key));
+            return Ok(SnApiKey.FromProtoValue(key));
        }
        catch (RpcException ex) when (ex.StatusCode == Grpc.Core.StatusCode.NotFound)
        {
@@ -353,7 +353,7 @@ public class BotAccountController(
    }
    [HttpPost("{botId:guid}/keys")]
-    public async Task<ActionResult<ApiKeyReference>> CreateBotKey(
+    public async Task<ActionResult<SnApiKey>> CreateBotKey(
        [FromRoute] string pubName,
        [FromRoute] Guid projectId,
        [FromRoute] Guid botId,
@@ -362,7 +362,7 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, PublisherMemberRole.Editor);
+        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, Shared.Proto.PublisherMemberRole.Editor);
        if (developer == null) return NotFound("Developer not found");
        if (project == null) return NotFound("Project not found or you don't have access");
        if (bot == null) return NotFound("Bot not found");
@@ -374,9 +374,9 @@ public class BotAccountController(
                AccountId = bot.Id.ToString(),
                Label = request.Label
            };
-            
+
            var createdKey = await accountsReceiver.CreateApiKeyAsync(newKey);
-            return Ok(ApiKeyReference.FromProtoValue(createdKey));
+            return Ok(SnApiKey.FromProtoValue(createdKey));
        }
        catch (RpcException ex) when (ex.StatusCode == Grpc.Core.StatusCode.InvalidArgument)
        {
@@ -385,7 +385,7 @@ public class BotAccountController(
    }
    [HttpPost("{botId:guid}/keys/{keyId:guid}/rotate")]
-    public async Task<ActionResult<ApiKeyReference>> RotateBotKey(
+    public async Task<ActionResult<SnApiKey>> RotateBotKey(
        [FromRoute] string pubName,
        [FromRoute] Guid projectId,
        [FromRoute] Guid botId,
@@ -394,7 +394,7 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, PublisherMemberRole.Editor);
+        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, Shared.Proto.PublisherMemberRole.Editor);
        if (developer == null) return NotFound("Developer not found");
        if (project == null) return NotFound("Project not found or you don't have access");
        if (bot == null) return NotFound("Bot not found");
@@ -402,7 +402,7 @@ public class BotAccountController(
        try
        {
            var rotatedKey = await accountsReceiver.RotateApiKeyAsync(new GetApiKeyRequest { Id = keyId.ToString() });
-            return Ok(ApiKeyReference.FromProtoValue(rotatedKey));
+            return Ok(SnApiKey.FromProtoValue(rotatedKey));
        }
        catch (RpcException ex) when (ex.StatusCode == Grpc.Core.StatusCode.NotFound)
        {
@@ -420,7 +420,7 @@ public class BotAccountController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
            return Unauthorized();
-        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, PublisherMemberRole.Editor);
+        var (developer, project, bot) = await ValidateBotAccess(pubName, projectId, botId, currentUser, Shared.Proto.PublisherMemberRole.Editor);
        if (developer == null) return NotFound("Developer not found");
        if (project == null) return NotFound("Project not found or you don't have access");
        if (bot == null) return NotFound("Bot not found");
@@ -436,17 +436,17 @@ public class BotAccountController(
        }
    }
-    private async Task<(Developer?, DevProject?, BotAccount?)> ValidateBotAccess(
+    private async Task<(SnDeveloper?, SnDevProject?, SnBotAccount?)> ValidateBotAccess(
        string pubName,
        Guid projectId,
        Guid botId,
        Account currentUser,
-        PublisherMemberRole requiredRole)
+        Shared.Proto.PublisherMemberRole requiredRole)
    {
-        var developer = await developerService.GetDeveloperByName(pubName);
+        var developer = await ds.GetDeveloperByName(pubName);
        if (developer == null) return (null, null, null);
-        if (!await developerService.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), requiredRole))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), requiredRole))
            return (null, null, null);
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -457,4 +457,4 @@ public class BotAccountController(
        return (developer, project, bot);
    }
-}
+}
--- a/DysonNetwork.Develop/Identity/BotAccountPublicController.cs
+++ b/DysonNetwork.Develop/Identity/BotAccountPublicController.cs
@@ -1,3 +1,4 @@
 using DysonNetwork.Shared.Models;
 using Microsoft.AspNetCore.Mvc;
 namespace DysonNetwork.Develop.Identity;
@@ -7,7 +8,7 @@ namespace DysonNetwork.Develop.Identity;
 public class BotAccountPublicController(BotAccountService botService, DeveloperService developerService) : ControllerBase
 {
    [HttpGet("{botId:guid}")]
-    public async Task<ActionResult<BotAccount>> GetBotTransparentInfo([FromRoute] Guid botId)
+    public async Task<ActionResult<SnBotAccount>> GetBotTransparentInfo([FromRoute] Guid botId)
    {
        var bot = await botService.GetBotByIdAsync(botId);
        if (bot is null) return NotFound("Bot not found");
@@ -21,7 +22,7 @@ public class BotAccountPublicController(BotAccountService botService, DeveloperS
    }
    [HttpGet("{botId:guid}/developer")]
-    public async Task<ActionResult<Developer>> GetBotDeveloper([FromRoute] Guid botId)
+    public async Task<ActionResult<SnDeveloper>> GetBotDeveloper([FromRoute] Guid botId)
    {
        var bot = await botService.GetBotByIdAsync(botId);
        if (bot is null) return NotFound("Bot not found");
--- a/DysonNetwork.Develop/Identity/BotAccountService.cs
+++ b/DysonNetwork.Develop/Identity/BotAccountService.cs
@@ -1,5 +1,4 @@
-using DysonNetwork.Develop.Project;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using DysonNetwork.Shared.Proto;
 using DysonNetwork.Shared.Registry;
 using Grpc.Core;
@@ -11,25 +10,25 @@ namespace DysonNetwork.Develop.Identity;
 public class BotAccountService(
    AppDatabase db,
    BotAccountReceiverService.BotAccountReceiverServiceClient accountReceiver,
-    AccountClientHelper accounts
+    RemoteAccountService remoteAccounts
 )
 {
-    public async Task<BotAccount?> GetBotByIdAsync(Guid id)
+    public async Task<SnBotAccount?> GetBotByIdAsync(Guid id)
    {
        return await db.BotAccounts
            .Include(b => b.Project)
            .FirstOrDefaultAsync(b => b.Id == id);
    }
-    public async Task<IEnumerable<BotAccount>> GetBotsByProjectAsync(Guid projectId)
+    public async Task<List<SnBotAccount>> GetBotsByProjectAsync(Guid projectId)
    {
        return await db.BotAccounts
            .Where(b => b.ProjectId == projectId)
            .ToListAsync();
    }
-    public async Task<BotAccount> CreateBotAsync(
+    public async Task<SnBotAccount> CreateBotAsync(
-        DevProject project,
+        SnDevProject project,
        string slug,
        Account account,
        string? pictureId,
@@ -58,7 +57,7 @@ public class BotAccountService(
            var botAccount = createResponse.Bot;
            // Then create the local bot account
-            var bot = new BotAccount
+            var bot = new SnBotAccount
            {
                Id = automatedId,
                Slug = slug,
@@ -89,8 +88,8 @@ public class BotAccountService(
        }
    }
-    public async Task<BotAccount> UpdateBotAsync(
+    public async Task<SnBotAccount> UpdateBotAsync(
-        BotAccount bot,
+        SnBotAccount bot,
        Account account,
        string? pictureId,
        string? backgroundId
@@ -98,7 +97,7 @@ public class BotAccountService(
    {
        db.Update(bot);
        await db.SaveChangesAsync();
-        
+
        try
        {
            // Update the bot account in the Pass service
@@ -130,7 +129,7 @@ public class BotAccountService(
        return bot;
    }
-    public async Task DeleteBotAsync(BotAccount bot)
+    public async Task DeleteBotAsync(SnBotAccount bot)
    {
        try
        {
@@ -153,22 +152,21 @@ public class BotAccountService(
        await db.SaveChangesAsync();
    }
-    public async Task<BotAccount?> LoadBotAccountAsync(BotAccount bot) =>
+    public async Task<SnBotAccount?> LoadBotAccountAsync(SnBotAccount bot) =>
        (await LoadBotsAccountAsync([bot])).FirstOrDefault();
-    public async Task<List<BotAccount>> LoadBotsAccountAsync(IEnumerable<BotAccount> bots)
+    public async Task<List<SnBotAccount>> LoadBotsAccountAsync(List<SnBotAccount> bots)
    {
        bots = bots.ToList();
        var automatedIds = bots.Select(b => b.Id).ToList();
-        var data = await accounts.GetBotAccountBatch(automatedIds);
+        var data = await remoteAccounts.GetBotAccountBatch(automatedIds);
        foreach (var bot in bots)
        {
            bot.Account = data
-                .Select(AccountReference.FromProtoValue)
+                .Select(SnAccount.FromProtoValue)
                .FirstOrDefault(e => e.AutomatedId == bot.Id);
        }
-        return bots as List<BotAccount> ?? [];
+        return bots;
    }
-}
+}
--- a/DysonNetwork.Develop/Identity/CustomAppController.cs
+++ b/DysonNetwork.Develop/Identity/CustomAppController.cs
@@ -1,5 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 using DysonNetwork.Develop.Project;
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -18,9 +19,9 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        [MaxLength(4096)] string? Description,
        string? PictureId,
        string? BackgroundId,
-        CustomAppStatus? Status,
+        Shared.Models.CustomAppStatus? Status,
-        CustomAppLinks? Links,
+        SnCustomAppLinks? Links,
-        CustomAppOauthConfig? OauthConfig
+        SnCustomAppOauthConfig? OauthConfig
    );
    public record CreateSecretRequest(
@@ -50,7 +51,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null) return NotFound();
        var accountId = Guid.Parse(currentUser.Id);
-        if (!await ds.IsMemberWithRole(developer.PublisherId, accountId, PublisherMemberRole.Viewer))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, accountId, Shared.Proto.PublisherMemberRole.Viewer))
            return StatusCode(403, "You must be a viewer of the developer to list custom apps");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -72,7 +73,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null) return NotFound();
        var accountId = Guid.Parse(currentUser.Id);
-        if (!await ds.IsMemberWithRole(developer.PublisherId, accountId, PublisherMemberRole.Viewer))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, accountId, Shared.Proto.PublisherMemberRole.Viewer))
            return StatusCode(403, "You must be a viewer of the developer to list custom apps");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -99,7 +100,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to create a custom app");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -143,7 +144,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to update a custom app");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -180,7 +181,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to delete a custom app");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -212,7 +213,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to view app secrets");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -250,7 +251,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to create app secrets");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -263,7 +264,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        try
        {
-            var secret = await customApps.CreateAppSecretAsync(new CustomAppSecret
+            var secret = await customApps.CreateAppSecretAsync(new SnCustomAppSecret
            {
                AppId = appId,
                Description = request.Description,
@@ -309,7 +310,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to view app secrets");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -350,7 +351,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to delete app secrets");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -388,7 +389,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        if (developer is null)
            return NotFound("Developer not found");
-        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), PublisherMemberRole.Editor))
+        if (!await ds.IsMemberWithRole(developer.PublisherId, Guid.Parse(currentUser.Id), Shared.Proto.PublisherMemberRole.Editor))
            return StatusCode(403, "You must be an editor of the developer to rotate app secrets");
        var project = await projectService.GetProjectAsync(projectId, developer.Id);
@@ -401,7 +402,7 @@ public class CustomAppController(CustomAppService customApps, DeveloperService d
        try
        {
-            var secret = await customApps.RotateAppSecretAsync(new CustomAppSecret
+            var secret = await customApps.RotateAppSecretAsync(new SnCustomAppSecret
            {
                Id = secretId,
                AppId = appId,
--- a/DysonNetwork.Develop/Identity/CustomAppService.cs
+++ b/DysonNetwork.Develop/Identity/CustomAppService.cs
@@ -1,5 +1,4 @@
-using DysonNetwork.Develop.Project;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using DysonNetwork.Shared.Proto;
 using Microsoft.EntityFrameworkCore;
 using System.Security.Cryptography;
@@ -13,7 +12,7 @@ public class CustomAppService(
    FileService.FileServiceClient files
 )
 {
-    public async Task<CustomApp?> CreateAppAsync(
+    public async Task<SnCustomApp?> CreateAppAsync(
        Guid projectId,
        CustomAppController.CustomAppRequest request
    )
@@ -25,12 +24,12 @@ public class CustomAppService(
        if (project == null)
            return null;
-        var app = new CustomApp
+        var app = new SnCustomApp
        {
            Slug = request.Slug!,
            Name = request.Name!,
            Description = request.Description,
-            Status = request.Status ?? CustomAppStatus.Developing,
+            Status = request.Status ?? Shared.Models.CustomAppStatus.Developing,
            Links = request.Links,
            OauthConfig = request.OauthConfig,
            ProjectId = projectId
@@ -46,7 +45,7 @@ public class CustomAppService(
            );
            if (picture is null)
                throw new InvalidOperationException("Invalid picture id, unable to find the file on cloud.");
-            app.Picture = CloudFileReferenceObject.FromProtoValue(picture);
+            app.Picture = SnCloudFileReferenceObject.FromProtoValue(picture);
            // Create a new reference
            await fileRefs.CreateReferenceAsync(
@@ -65,7 +64,7 @@ public class CustomAppService(
            );
            if (background is null)
                throw new InvalidOperationException("Invalid picture id, unable to find the file on cloud.");
-            app.Background = CloudFileReferenceObject.FromProtoValue(background);
+            app.Background = SnCloudFileReferenceObject.FromProtoValue(background);
            // Create a new reference
            await fileRefs.CreateReferenceAsync(
@@ -84,7 +83,7 @@ public class CustomAppService(
        return app;
    }
-    public async Task<CustomApp?> GetAppAsync(Guid id, Guid? projectId = null)
+    public async Task<SnCustomApp?> GetAppAsync(Guid id, Guid? projectId = null)
    {
        var query = db.CustomApps.AsQueryable();
@@ -96,7 +95,7 @@ public class CustomAppService(
        return await query.FirstOrDefaultAsync(a => a.Id == id);
    }
-    public async Task<List<CustomAppSecret>> GetAppSecretsAsync(Guid appId)
+    public async Task<List<SnCustomAppSecret>> GetAppSecretsAsync(Guid appId)
    {
        return await db.CustomAppSecrets
            .Where(s => s.AppId == appId)
@@ -104,13 +103,13 @@ public class CustomAppService(
            .ToListAsync();
    }
-    public async Task<CustomAppSecret?> GetAppSecretAsync(Guid secretId, Guid appId)
+    public async Task<SnCustomAppSecret?> GetAppSecretAsync(Guid secretId, Guid appId)
    {
        return await db.CustomAppSecrets
            .FirstOrDefaultAsync(s => s.Id == secretId && s.AppId == appId);
    }
-    public async Task<CustomAppSecret> CreateAppSecretAsync(CustomAppSecret secret)
+    public async Task<SnCustomAppSecret> CreateAppSecretAsync(SnCustomAppSecret secret)
    {
        if (string.IsNullOrWhiteSpace(secret.Secret))
        {
@@ -141,7 +140,7 @@ public class CustomAppService(
        return true;
    }
-    public async Task<CustomAppSecret> RotateAppSecretAsync(CustomAppSecret secretUpdate)
+    public async Task<SnCustomAppSecret> RotateAppSecretAsync(SnCustomAppSecret secretUpdate)
    {
        var existingSecret = await db.CustomAppSecrets
            .FirstOrDefaultAsync(s => s.Id == secretUpdate.Id && s.AppId == secretUpdate.AppId);
@@ -177,14 +176,14 @@ public class CustomAppService(
        return res.ToString();
    }
-    public async Task<List<CustomApp>> GetAppsByProjectAsync(Guid projectId)
+    public async Task<List<SnCustomApp>> GetAppsByProjectAsync(Guid projectId)
    {
        return await db.CustomApps
            .Where(a => a.ProjectId == projectId)
            .ToListAsync();
    }
-    public async Task<CustomApp?> UpdateAppAsync(CustomApp app, CustomAppController.CustomAppRequest request)
+    public async Task<SnCustomApp?> UpdateAppAsync(SnCustomApp app, CustomAppController.CustomAppRequest request)
    {
        if (request.Slug is not null)
            app.Slug = request.Slug;
@@ -209,7 +208,7 @@ public class CustomAppService(
            );
            if (picture is null)
                throw new InvalidOperationException("Invalid picture id, unable to find the file on cloud.");
-            app.Picture = CloudFileReferenceObject.FromProtoValue(picture);
+            app.Picture = SnCloudFileReferenceObject.FromProtoValue(picture);
            // Create a new reference
            await fileRefs.CreateReferenceAsync(
@@ -228,7 +227,7 @@ public class CustomAppService(
            );
            if (background is null)
                throw new InvalidOperationException("Invalid picture id, unable to find the file on cloud.");
-            app.Background = CloudFileReferenceObject.FromProtoValue(background);
+            app.Background = SnCloudFileReferenceObject.FromProtoValue(background);
            // Create a new reference
            await fileRefs.CreateReferenceAsync(
--- a/DysonNetwork.Develop/Identity/CustomAppServiceGrpc.cs
+++ b/DysonNetwork.Develop/Identity/CustomAppServiceGrpc.cs
@@ -1,3 +1,4 @@
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Grpc.Core;
 using Microsoft.EntityFrameworkCore;
@@ -37,7 +38,7 @@ public class CustomAppServiceGrpc(AppDatabase db) : Shared.Proto.CustomAppServic
        if (string.IsNullOrEmpty(request.Secret))
            throw new RpcException(new Status(StatusCode.InvalidArgument, "secret required"));
-        IQueryable<CustomAppSecret> q = db.CustomAppSecrets;
+        IQueryable<SnCustomAppSecret> q = db.CustomAppSecrets;
        switch (request.SecretIdentifierCase)
        {
            case CheckCustomAppSecretRequest.SecretIdentifierOneofCase.SecretId:
--- a/DysonNetwork.Develop/Identity/Developer.cs
+++ b/DysonNetwork.Develop/Identity/Developer.cs
@@ -1,79 +0,0 @@
 using System.ComponentModel.DataAnnotations.Schema;
 using System.Text.Json.Serialization;
 using DysonNetwork.Develop.Project;
 using DysonNetwork.Shared.Proto;
 using DysonNetwork.Shared.Data;
 using VerificationMark = DysonNetwork.Shared.Data.VerificationMark;
 namespace DysonNetwork.Develop.Identity;
 public class Developer
 {
    public Guid Id { get; set; } = Guid.NewGuid();
    public Guid PublisherId { get; set; }
    [JsonIgnore] public List<DevProject> Projects { get; set; } = [];
    [NotMapped] public PublisherInfo? Publisher { get; set; }
 }
 public class PublisherInfo
 {
    public Guid Id { get; set; }
    public PublisherType Type { get; set; }
    public string Name { get; set; } = string.Empty;
    public string Nick { get; set; } = string.Empty;
    public string? Bio { get; set; }
    public CloudFileReferenceObject? Picture { get; set; }
    public CloudFileReferenceObject? Background { get; set; }
    public VerificationMark? Verification { get; set; }
    public Guid? AccountId { get; set; }
    public Guid? RealmId { get; set; }
    public static PublisherInfo FromProto(Publisher proto)
    {
        var info = new PublisherInfo
        {
            Id = Guid.Parse(proto.Id),
            Type = proto.Type == PublisherType.PubIndividual
                ? PublisherType.PubIndividual
                : PublisherType.PubOrganizational,
            Name = proto.Name,
            Nick = proto.Nick,
            Bio = string.IsNullOrEmpty(proto.Bio) ? null : proto.Bio,
            Verification = proto.VerificationMark is not null
                ? VerificationMark.FromProtoValue(proto.VerificationMark)
                : null,
            AccountId = string.IsNullOrEmpty(proto.AccountId) ? null : Guid.Parse(proto.AccountId),
            RealmId = string.IsNullOrEmpty(proto.RealmId) ? null : Guid.Parse(proto.RealmId)
        };
        if (proto.Picture != null)
        {
            info.Picture = new CloudFileReferenceObject
            {
                Id = proto.Picture.Id,
                Name = proto.Picture.Name,
                MimeType = proto.Picture.MimeType,
                Hash = proto.Picture.Hash,
                Size = proto.Picture.Size
            };
        }
        if (proto.Background != null)
        {
            info.Background = new CloudFileReferenceObject
            {
                Id = proto.Background.Id,
                Name = proto.Background.Name,
                MimeType = proto.Background.MimeType,
                Hash = proto.Background.Hash,
                Size = (long)proto.Background.Size
            };
        }
        return info;
    }
 }
--- a/DysonNetwork.Develop/Identity/DeveloperController.cs
+++ b/DysonNetwork.Develop/Identity/DeveloperController.cs
@@ -1,4 +1,5 @@
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Grpc.Core;
 using Microsoft.AspNetCore.Authorization;
@@ -18,7 +19,7 @@ public class DeveloperController(
    : ControllerBase
 {
    [HttpGet("{name}")]
-    public async Task<ActionResult<Developer>> GetDeveloper(string name)
+    public async Task<ActionResult<SnDeveloper>> GetDeveloper(string name)
    {
        var developer = await ds.GetDeveloperByName(name);
        if (developer is null) return NotFound();
@@ -47,10 +48,9 @@ public class DeveloperController(
    [HttpGet]
    [Authorize]
-    public async Task<ActionResult<List<Developer>>> ListJoinedDevelopers()
+    public async Task<ActionResult<List<SnDeveloper>>> ListJoinedDevelopers()
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
        var pubResponse = await ps.ListPublishersAsync(new ListPublishersRequest { AccountId = currentUser.Id });
        var pubIds = pubResponse.Publishers.Select(p => p.Id).Select(Guid.Parse).ToList();
@@ -70,16 +70,16 @@ public class DeveloperController(
    [HttpPost("{name}/enroll")]
    [Authorize]
    [RequiredPermission("global", "developers.create")]
-    public async Task<ActionResult<Developer>> EnrollDeveloperProgram(string name)
+    public async Task<ActionResult<SnDeveloper>> EnrollDeveloperProgram(string name)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
-        PublisherInfo? pub;
+        SnPublisher? pub;
        try
        {
            var pubResponse = await ps.GetPublisherAsync(new GetPublisherRequest { Name = name });
-            pub = PublisherInfo.FromProto(pubResponse.Publisher);
+            pub = SnPublisher.FromProtoValue(pubResponse.Publisher);
        } catch (RpcException ex)
        {
            return NotFound(ex.Status.Detail);
@@ -90,14 +90,14 @@ public class DeveloperController(
        {
            PublisherId = pub.Id.ToString(),
            AccountId = currentUser.Id,
-            Role = PublisherMemberRole.Owner
+            Role = Shared.Proto.PublisherMemberRole.Owner
        });
        if (!permResponse.Valid) return StatusCode(403, "You must be the owner of the publisher to join the developer program");
        var hasDeveloper = await db.Developers.AnyAsync(d => d.PublisherId == pub.Id);
        if (hasDeveloper) return BadRequest("Publisher is already in the developer program");
-        var developer = new Developer
+        var developer = new SnDeveloper
        {
            Id = Guid.NewGuid(),
            PublisherId = pub.Id
--- a/DysonNetwork.Develop/Identity/DeveloperService.cs
+++ b/DysonNetwork.Develop/Identity/DeveloperService.cs
@@ -1,3 +1,4 @@
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Grpc.Core;
 using Microsoft.EntityFrameworkCore;
@@ -9,22 +10,22 @@ public class DeveloperService(
    PublisherService.PublisherServiceClient ps,
    ILogger<DeveloperService> logger)
 {
-    public async Task<Developer> LoadDeveloperPublisher(Developer developer)
+    public async Task<SnDeveloper> LoadDeveloperPublisher(SnDeveloper developer)
    {
        var pubResponse = await ps.GetPublisherAsync(new GetPublisherRequest { Id = developer.PublisherId.ToString() });
-        developer.Publisher = PublisherInfo.FromProto(pubResponse.Publisher);
+        developer.Publisher = SnPublisher.FromProtoValue(pubResponse.Publisher);
        return developer;
    }
-    public async Task<IEnumerable<Developer>> LoadDeveloperPublisher(IEnumerable<Developer> developers)
+    public async Task<IEnumerable<SnDeveloper>> LoadDeveloperPublisher(IEnumerable<SnDeveloper> developers)
    {
        var enumerable = developers.ToList();
        var pubIds = enumerable.Select(d => d.PublisherId).ToList();
        var pubRequest = new GetPublisherBatchRequest();
        pubIds.ForEach(x => pubRequest.Ids.Add(x.ToString()));
        var pubResponse = await ps.GetPublisherBatchAsync(pubRequest);
-        var pubs = pubResponse.Publishers.ToDictionary(p => Guid.Parse(p.Id), PublisherInfo.FromProto);
+        var pubs = pubResponse.Publishers.ToDictionary(p => Guid.Parse(p.Id), SnPublisher.FromProtoValue);
        return enumerable.Select(d =>
        {
@@ -33,7 +34,7 @@ public class DeveloperService(
        });
    }
-    public async Task<Developer?> GetDeveloperByName(string name)
+    public async Task<SnDeveloper?> GetDeveloperByName(string name)
    {
        try
        {
@@ -50,12 +51,12 @@ public class DeveloperService(
        }
    }
-    public async Task<Developer?> GetDeveloperById(Guid id)
+    public async Task<SnDeveloper?> GetDeveloperById(Guid id)
    {
        return await db.Developers.FirstOrDefaultAsync(d => d.Id == id);
    }
-    public async Task<bool> IsMemberWithRole(Guid pubId, Guid accountId, PublisherMemberRole role)
+    public async Task<bool> IsMemberWithRole(Guid pubId, Guid accountId, Shared.Proto.PublisherMemberRole role)
    {
        try
        {
--- a/DysonNetwork.Develop/Migrations/20250807133702_InitialMigration.Designer.cs
+++ b/DysonNetwork.Develop/Migrations/20250807133702_InitialMigration.Designer.cs
@@ -1,8 +1,7 @@
 // <auto-generated />
 using System;
 using DysonNetwork.Develop;
-using DysonNetwork.Develop.Identity;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
@@ -35,7 +34,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("uuid")
                        .HasColumnName("id");
-                    b.Property<CloudFileReferenceObject>("Background")
+                    b.Property<SnCloudFileReferenceObject>("Background")
                        .HasColumnType("jsonb")
                        .HasColumnName("background");
@@ -56,7 +55,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("uuid")
                        .HasColumnName("developer_id");
-                    b.Property<CustomAppLinks>("Links")
+                    b.Property<SnCustomAppLinks>("Links")
                        .HasColumnType("jsonb")
                        .HasColumnName("links");
@@ -66,11 +65,11 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(1024)")
                        .HasColumnName("name");
-                    b.Property<CustomAppOauthConfig>("OauthConfig")
+                    b.Property<SnCustomAppOauthConfig>("OauthConfig")
                        .HasColumnType("jsonb")
                        .HasColumnName("oauth_config");
-                    b.Property<CloudFileReferenceObject>("Picture")
+                    b.Property<SnCloudFileReferenceObject>("Picture")
                        .HasColumnType("jsonb")
                        .HasColumnName("picture");
@@ -88,7 +87,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
-                    b.Property<VerificationMark>("Verification")
+                    b.Property<SnVerificationMark>("Verification")
                        .HasColumnType("jsonb")
                        .HasColumnName("verification");
--- a/DysonNetwork.Develop/Migrations/20250807133702_InitialMigration.cs
+++ b/DysonNetwork.Develop/Migrations/20250807133702_InitialMigration.cs
@@ -1,6 +1,4 @@
-using System;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Develop.Identity;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
@@ -35,11 +33,11 @@ namespace DysonNetwork.Develop.Migrations
                    name = table.Column<string>(type: "character varying(1024)", maxLength: 1024, nullable: false),
                    description = table.Column<string>(type: "character varying(4096)", maxLength: 4096, nullable: true),
                    status = table.Column<int>(type: "integer", nullable: false),
-                    picture = table.Column<CloudFileReferenceObject>(type: "jsonb", nullable: true),
+                    picture = table.Column<SnCloudFileReferenceObject>(type: "jsonb", nullable: true),
-                    background = table.Column<CloudFileReferenceObject>(type: "jsonb", nullable: true),
+                    background = table.Column<SnCloudFileReferenceObject>(type: "jsonb", nullable: true),
-                    verification = table.Column<VerificationMark>(type: "jsonb", nullable: true),
+                    verification = table.Column<SnVerificationMark>(type: "jsonb", nullable: true),
-                    oauth_config = table.Column<CustomAppOauthConfig>(type: "jsonb", nullable: true),
+                    oauth_config = table.Column<SnCustomAppOauthConfig>(type: "jsonb", nullable: true),
-                    links = table.Column<CustomAppLinks>(type: "jsonb", nullable: true),
+                    links = table.Column<SnCustomAppLinks>(type: "jsonb", nullable: true),
                    developer_id = table.Column<Guid>(type: "uuid", nullable: false),
                    created_at = table.Column<Instant>(type: "timestamp with time zone", nullable: false),
                    updated_at = table.Column<Instant>(type: "timestamp with time zone", nullable: false),
--- a/DysonNetwork.Develop/Migrations/20250818124844_AddDevProject.Designer.cs
+++ b/DysonNetwork.Develop/Migrations/20250818124844_AddDevProject.Designer.cs
@@ -1,8 +1,7 @@
 // <auto-generated />
 using System;
 using DysonNetwork.Develop;
-using DysonNetwork.Develop.Identity;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
@@ -35,7 +34,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("uuid")
                        .HasColumnName("id");
-                    b.Property<CloudFileReferenceObject>("Background")
+                    b.Property<SnCloudFileReferenceObject>("Background")
                        .HasColumnType("jsonb")
                        .HasColumnName("background");
@@ -52,7 +51,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("description");
-                    b.Property<CustomAppLinks>("Links")
+                    b.Property<SnCustomAppLinks>("Links")
                        .HasColumnType("jsonb")
                        .HasColumnName("links");
@@ -62,11 +61,11 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(1024)")
                        .HasColumnName("name");
-                    b.Property<CustomAppOauthConfig>("OauthConfig")
+                    b.Property<SnCustomAppOauthConfig>("OauthConfig")
                        .HasColumnType("jsonb")
                        .HasColumnName("oauth_config");
-                    b.Property<CloudFileReferenceObject>("Picture")
+                    b.Property<SnCloudFileReferenceObject>("Picture")
                        .HasColumnType("jsonb")
                        .HasColumnName("picture");
@@ -88,7 +87,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
-                    b.Property<VerificationMark>("Verification")
+                    b.Property<SnVerificationMark>("Verification")
                        .HasColumnType("jsonb")
                        .HasColumnName("verification");
--- a/DysonNetwork.Develop/Migrations/20250818124844_AddDevProject.cs
+++ b/DysonNetwork.Develop/Migrations/20250818124844_AddDevProject.cs
@@ -1,5 +1,4 @@
-using System;
+using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
 #nullable disable
--- a/DysonNetwork.Develop/Migrations/20250819163227_AddBotAccount.Designer.cs
+++ b/DysonNetwork.Develop/Migrations/20250819163227_AddBotAccount.Designer.cs
@@ -1,8 +1,7 @@
 // <auto-generated />
 using System;
 using DysonNetwork.Develop;
-using DysonNetwork.Develop.Identity;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
@@ -77,7 +76,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("uuid")
                        .HasColumnName("id");
-                    b.Property<CloudFileReferenceObject>("Background")
+                    b.Property<SnCloudFileReferenceObject>("Background")
                        .HasColumnType("jsonb")
                        .HasColumnName("background");
@@ -94,7 +93,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("description");
-                    b.Property<CustomAppLinks>("Links")
+                    b.Property<SnCustomAppLinks>("Links")
                        .HasColumnType("jsonb")
                        .HasColumnName("links");
@@ -104,11 +103,11 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(1024)")
                        .HasColumnName("name");
-                    b.Property<CustomAppOauthConfig>("OauthConfig")
+                    b.Property<SnCustomAppOauthConfig>("OauthConfig")
                        .HasColumnType("jsonb")
                        .HasColumnName("oauth_config");
-                    b.Property<CloudFileReferenceObject>("Picture")
+                    b.Property<SnCloudFileReferenceObject>("Picture")
                        .HasColumnType("jsonb")
                        .HasColumnName("picture");
@@ -130,7 +129,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
-                    b.Property<VerificationMark>("Verification")
+                    b.Property<SnVerificationMark>("Verification")
                        .HasColumnType("jsonb")
                        .HasColumnName("verification");
--- a/DysonNetwork.Develop/Migrations/20250819163227_AddBotAccount.cs
+++ b/DysonNetwork.Develop/Migrations/20250819163227_AddBotAccount.cs
@@ -1,5 +1,4 @@
-using System;
+using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
 #nullable disable
--- a/DysonNetwork.Develop/Migrations/AppDatabaseModelSnapshot.cs
+++ b/DysonNetwork.Develop/Migrations/AppDatabaseModelSnapshot.cs
@@ -1,8 +1,7 @@
 // <auto-generated />
 using System;
 using DysonNetwork.Develop;
-using DysonNetwork.Develop.Identity;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
@@ -74,7 +73,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("uuid")
                        .HasColumnName("id");
-                    b.Property<CloudFileReferenceObject>("Background")
+                    b.Property<SnCloudFileReferenceObject>("Background")
                        .HasColumnType("jsonb")
                        .HasColumnName("background");
@@ -91,7 +90,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("description");
-                    b.Property<CustomAppLinks>("Links")
+                    b.Property<SnCustomAppLinks>("Links")
                        .HasColumnType("jsonb")
                        .HasColumnName("links");
@@ -101,11 +100,11 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("character varying(1024)")
                        .HasColumnName("name");
-                    b.Property<CustomAppOauthConfig>("OauthConfig")
+                    b.Property<SnCustomAppOauthConfig>("OauthConfig")
                        .HasColumnType("jsonb")
                        .HasColumnName("oauth_config");
-                    b.Property<CloudFileReferenceObject>("Picture")
+                    b.Property<SnCloudFileReferenceObject>("Picture")
                        .HasColumnType("jsonb")
                        .HasColumnName("picture");
@@ -127,7 +126,7 @@ namespace DysonNetwork.Develop.Migrations
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
-                    b.Property<VerificationMark>("Verification")
+                    b.Property<SnVerificationMark>("Verification")
                        .HasColumnType("jsonb")
                        .HasColumnName("verification");
--- a/DysonNetwork.Develop/Program.cs
+++ b/DysonNetwork.Develop/Program.cs
@@ -13,12 +13,16 @@ builder.ConfigureAppKestrel(builder.Configuration);
 builder.Services.AddAppServices(builder.Configuration);
 builder.Services.AddAppAuthentication();
 builder.Services.AddAppSwagger();
 builder.Services.AddDysonAuth();
-builder.Services.AddPublisherService();
+builder.Services.AddSphereService();
 builder.Services.AddAccountService();
 builder.Services.AddDriveService();
 builder.AddSwaggerManifest(
    "DysonNetwork.Develop",
    "The developer portal in the Solar Network."
 );
 var app = builder.Build();
 app.MapDefaultEndpoints();
@@ -31,4 +35,6 @@ using (var scope = app.Services.CreateScope())
 app.ConfigureAppMiddleware(builder.Configuration);
 app.UseSwaggerManifest("DysonNetwork.Develop");
 app.Run();
--- a/DysonNetwork.Develop/Project/DevProjectService.cs
+++ b/DysonNetwork.Develop/Project/DevProjectService.cs
@@ -1,21 +1,17 @@
 using DysonNetwork.Develop.Identity;
 using Microsoft.EntityFrameworkCore;
 using DysonNetwork.Shared.Proto;
 using DysonNetwork.Shared.Models;
 namespace DysonNetwork.Develop.Project;
-public class DevProjectService(
+public class DevProjectService(AppDatabase db )
    AppDatabase db,
    FileReferenceService.FileReferenceServiceClient fileRefs,
    FileService.FileServiceClient files
 )
 {
-    public async Task<DevProject> CreateProjectAsync(
+    public async Task<SnDevProject> CreateProjectAsync(
-        Developer developer,
+        SnDeveloper developer,
        DevProjectController.DevProjectRequest request
    )
    {
-        var project = new DevProject
+        var project = new SnDevProject
        {
            Slug = request.Slug!,
            Name = request.Name!,
@@ -25,14 +21,14 @@ public class DevProjectService(
        db.DevProjects.Add(project);
        await db.SaveChangesAsync();
-        
+
        return project;
    }
-    public async Task<DevProject?> GetProjectAsync(Guid id, Guid? developerId = null)
+    public async Task<SnDevProject?> GetProjectAsync(Guid id, Guid? developerId = null)
    {
        var query = db.DevProjects.AsQueryable();
-        
+
        if (developerId.HasValue)
        {
            query = query.Where(p => p.DeveloperId == developerId.Value);
@@ -41,14 +37,14 @@ public class DevProjectService(
        return await query.FirstOrDefaultAsync(p => p.Id == id);
    }
-    public async Task<List<DevProject>> GetProjectsByDeveloperAsync(Guid developerId)
+    public async Task<List<SnDevProject>> GetProjectsByDeveloperAsync(Guid developerId)
    {
        return await db.DevProjects
            .Where(p => p.DeveloperId == developerId)
            .ToListAsync();
    }
-    public async Task<DevProject?> UpdateProjectAsync(
+    public async Task<SnDevProject?> UpdateProjectAsync(
        Guid id,
        Guid developerId,
        DevProjectController.DevProjectRequest request
@@ -74,4 +70,4 @@ public class DevProjectService(
        await db.SaveChangesAsync();
        return true;
    }
-}
+}
--- a/DysonNetwork.Develop/Properties/launchSettings.json
+++ b/DysonNetwork.Develop/Properties/launchSettings.json
@@ -5,7 +5,6 @@
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "applicationUrl": "http://localhost:5156",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
@@ -14,7 +13,6 @@
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "applicationUrl": "https://localhost:7192;http://localhost:5156",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
--- a/DysonNetwork.Develop/Startup/ApplicationConfiguration.cs
+++ b/DysonNetwork.Develop/Startup/ApplicationConfiguration.cs
@@ -1,9 +1,6 @@
 using System.Net;
 using DysonNetwork.Develop.Identity;
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Http;
 using Microsoft.AspNetCore.HttpOverrides;
 using Prometheus;
 namespace DysonNetwork.Develop.Startup;
@@ -11,12 +8,8 @@ public static class ApplicationConfiguration
 {
    public static WebApplication ConfigureAppMiddleware(this WebApplication app, IConfiguration configuration)
    {
        app.MapMetrics();
        app.MapOpenApi();
        app.UseSwagger();
        app.UseSwaggerUI();
        app.UseRequestLocalization();
        app.ConfigureForwardedHeaders(configuration);
@@ -28,6 +21,7 @@ public static class ApplicationConfiguration
        app.MapControllers();
        app.MapGrpcService<CustomAppServiceGrpc>();
        app.MapGrpcReflectionService();
        return app;
    }
--- a/DysonNetwork.Develop/Startup/ServiceCollectionExtensions.cs
+++ b/DysonNetwork.Develop/Startup/ServiceCollectionExtensions.cs
@@ -1,5 +1,4 @@
 using System.Globalization;
 using Microsoft.OpenApi.Models;
 using NodaTime;
 using NodaTime.Serialization.SystemTextJson;
 using System.Text.Json;
@@ -7,7 +6,6 @@ using System.Text.Json.Serialization;
 using DysonNetwork.Develop.Identity;
 using DysonNetwork.Develop.Project;
 using DysonNetwork.Shared.Cache;
 using StackExchange.Redis;
 namespace DysonNetwork.Develop.Startup;
@@ -34,6 +32,7 @@ public static class ServiceCollectionExtensions
        });
        services.AddGrpc(options => { options.EnableDetailedErrors = true; });
        services.AddGrpcReflection();
        services.Configure<RequestLocalizationOptions>(options =>
        {
@@ -57,23 +56,7 @@ public static class ServiceCollectionExtensions
    public static IServiceCollection AddAppAuthentication(this IServiceCollection services)
    {
        services.AddCors();
        services.AddAuthorization();
        return services;
    }
    public static IServiceCollection AddAppSwagger(this IServiceCollection services)
    {
        services.AddEndpointsApiExplorer();
        services.AddSwaggerGen(options =>
        {
            options.SwaggerDoc("v1", new OpenApiInfo
            {
                Version = "v1",
                Title = "Develop API",
            });
        });
        services.AddOpenApi();
        return services;
    }
 }
--- a/DysonNetwork.Develop/appsettings.json
+++ b/DysonNetwork.Develop/appsettings.json
@@ -10,17 +10,13 @@
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
-    "App": "Host=localhost;Port=5432;Database=dyson_network_dev;Username=postgres;Password=postgres;Include Error Detail=True;Maximum Pool Size=20;Connection Idle Lifetime=60"
+    "App": "Host=localhost;Port=5432;Database=dyson_develop;Username=postgres;Password=postgres;Include Error Detail=True;Maximum Pool Size=20;Connection Idle Lifetime=60"
  },
  "KnownProxies": ["127.0.0.1", "::1"],
  "Swagger": {
    "PublicBasePath": "/develop"
  },
  "KnownProxies": [
    "127.0.0.1",
    "::1"
  ],
  "Etcd": {
    "Insecure": true
  },
  "Service": {
    "Name": "DysonNetwork.Develop",
    "Url": "https://localhost:7192"
  }
 }
--- a/DysonNetwork.Drive/AppDatabase.cs
+++ b/DysonNetwork.Drive/AppDatabase.cs
@@ -1,8 +1,7 @@
 using System.Linq.Expressions;
 using System.Reflection;
 using DysonNetwork.Drive.Billing;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Design;
 using Microsoft.EntityFrameworkCore.Query;
@@ -17,11 +16,11 @@ public class AppDatabase(
 ) : DbContext(options)
 {
    public DbSet<FilePool> Pools { get; set; } = null!;
-    public DbSet<FileBundle> Bundles { get; set; } = null!;
+    public DbSet<SnFileBundle> Bundles { get; set; } = null!;
    public DbSet<QuotaRecord> QuotaRecords { get; set; } = null!;
-    public DbSet<CloudFile> Files { get; set; } = null!;
+    public DbSet<SnCloudFile> Files { get; set; } = null!;
    public DbSet<CloudFileReference> FileReferences { get; set; } = null!;
    protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
--- a/DysonNetwork.Drive/Billing/Quota.cs
+++ b/DysonNetwork.Drive/Billing/Quota.cs
@@ -1,4 +1,4 @@
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Models;
 using NodaTime;
 namespace DysonNetwork.Drive.Billing;
--- a/DysonNetwork.Drive/DysonNetwork.Drive.csproj
+++ b/DysonNetwork.Drive/DysonNetwork.Drive.csproj
@@ -10,25 +10,27 @@
    <ItemGroup>
        <PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
        <PackageReference Include="BlurHashSharp.SkiaSharp" Version="1.3.4" />
-        <PackageReference Include="FFMpegCore" Version="5.2.0" />
+        <PackageReference Include="FFMpegCore" Version="5.3.0" />
        <PackageReference Include="Grpc.AspNetCore.Server" Version="2.71.0" />
-        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.7" />
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.10" />
-        <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.7">
+        <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.10">
          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
          <PrivateAssets>all</PrivateAssets>
        </PackageReference>
        <PackageReference Include="MimeKit" Version="4.14.0" />
        <PackageReference Include="MimeTypes" Version="2.5.2">
          <PrivateAssets>all</PrivateAssets>
          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
        </PackageReference>
        <PackageReference Include="Minio" Version="6.0.5" />
-        <PackageReference Include="Nerdbank.GitVersioning" Version="3.7.115">
+        <PackageReference Include="Nanoid" Version="3.1.0" />
        <PackageReference Include="Nerdbank.GitVersioning" Version="3.8.118">
          <PrivateAssets>all</PrivateAssets>
          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
        </PackageReference>
        <PackageReference Include="NetVips" Version="3.1.0" />
-        <PackageReference Include="NetVips.Native.linux-x64" Version="8.17.1" />
+        <PackageReference Include="NetVips.Native.linux-x64" Version="8.17.2" />
-        <PackageReference Include="NetVips.Native.osx-arm64" Version="8.17.1" />
+        <PackageReference Include="NetVips.Native.osx-arm64" Version="8.17.2" />
        <PackageReference Include="NodaTime" Version="3.2.2" />
        <PackageReference Include="NodaTime.Serialization.JsonNet" Version="3.2.0" />
        <PackageReference Include="NodaTime.Serialization.Protobuf" Version="2.0.2" />
@@ -36,27 +38,21 @@
        <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="9.0.4" />
        <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL.Design" Version="1.1.0" />
        <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL.NodaTime" Version="9.0.4" />
-        <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.12.0" />
+        <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.13.1" />
-        <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.12.0" />
+        <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.13.1" />
-        <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.12.0" />
+        <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.13.0" />
-        <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.12.0" />
+        <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.13.0" />
-        <PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.12.0" />
+        <PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.13.0" />
-        <PackageReference Include="prometheus-net.AspNetCore" Version="8.2.1" />
+        <PackageReference Include="Quartz" Version="3.15.0" />
-        <PackageReference Include="prometheus-net.AspNetCore.HealthChecks" Version="8.2.1" />
+        <PackageReference Include="Quartz.AspNetCore" Version="3.15.0" />
-        <PackageReference Include="prometheus-net.DotNetRuntime" Version="4.4.1" />
+        <PackageReference Include="Quartz.Extensions.Hosting" Version="3.15.0" />
-        <PackageReference Include="prometheus-net.EntityFramework" Version="0.9.5" />
+        <PackageReference Include="EFCore.BulkExtensions" Version="9.0.2" />
-        <PackageReference Include="prometheus-net.SystemMetrics" Version="3.1.0" />
+        <PackageReference Include="EFCore.BulkExtensions.PostgreSql" Version="9.0.2" />
        <PackageReference Include="Quartz" Version="3.14.0" />
        <PackageReference Include="Quartz.AspNetCore" Version="3.14.0" />
        <PackageReference Include="Quartz.Extensions.Hosting" Version="3.14.0" />
        <PackageReference Include="EFCore.BulkExtensions" Version="9.0.1" />
        <PackageReference Include="EFCore.BulkExtensions.PostgreSql" Version="9.0.1" />
        <PackageReference Include="EFCore.NamingConventions" Version="9.0.0" />
-        <PackageReference Include="SkiaSharp.NativeAssets.Linux" Version="2.88.9" />
+        <PackageReference Include="SkiaSharp.NativeAssets.Linux" Version="3.119.1" />
-        <PackageReference Include="SkiaSharp.NativeAssets.Linux.NoDependencies" Version="2.88.9" />
+        <PackageReference Include="SkiaSharp.NativeAssets.Linux.NoDependencies" Version="3.119.1" />
-        <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.3" />
+        <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.6" />
-        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="9.0.3" />
+        <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="9.0.6" />
        <PackageReference Include="tusdotnet" Version="2.10.0" />
    </ItemGroup>
    <ItemGroup>
@@ -66,51 +62,6 @@
    </ItemGroup>
    <ItemGroup>
      <ProjectReference Include="..\DysonNetwork.ServiceDefaults\DysonNetwork.ServiceDefaults.csproj" />
      <ProjectReference Include="..\DysonNetwork.Shared\DysonNetwork.Shared.csproj" />
    </ItemGroup>
    <ItemGroup>
      <_ContentIncludedByDefault Remove="Pages\Emails\AccountDeletionEmail.razor" />
      <_ContentIncludedByDefault Remove="Pages\Emails\ContactVerificationEmail.razor" />
      <_ContentIncludedByDefault Remove="Pages\Emails\EmailLayout.razor" />
      <_ContentIncludedByDefault Remove="Pages\Emails\LandingEmail.razor" />
      <_ContentIncludedByDefault Remove="Pages\Emails\PasswordResetEmail.razor" />
      <_ContentIncludedByDefault Remove="Pages\Emails\VerificationEmail.razor" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\index.css" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\index.js" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\nunito-cyrillic-ext-wght-normal.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\nunito-cyrillic-wght-normal.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\nunito-latin-ext-wght-normal.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\nunito-latin-wght-normal.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\nunito-vietnamese-wght-normal.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\views.css" />
      <_ContentIncludedByDefault Remove="wwwroot\assets\views.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\dashboard-CKyaQQmB.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\FilePoolSelect-D8ZAn71O.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\files-2Q0pwjx0.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\files-CHYcO-Km.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\format-C50AaNwU.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\get-slot-BHg77tAu.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\index-8hxmE58t.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\index-C_waKLDa.css" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\not-found-BdXg6kdA.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\nunito-cyrillic-ext-wght-normal-D4X5GqEv.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\nunito-cyrillic-wght-normal-FdJpG9jw.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\nunito-latin-ext-wght-normal-ClTydo4B.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\nunito-latin-wght-normal-DYSs2pW_.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\nunito-vietnamese-wght-normal-U01xdrZh.woff2" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\Progress-B8ihGGrN.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\Result-DgdY1Zai.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\Spin-D4Bv4qt0.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\src-CwPqR5Jy.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\Tooltip-DobXE5MY.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\usage-BWFxWi2s.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\usage-DX5JiEks.css" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\use-locale-8xpNnStl.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\assets\views-DAvwxRhD.js" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\favicon.png" />
      <_ContentIncludedByDefault Remove="wwwroot\dist\index.html" />
      <_ContentIncludedByDefault Remove="wwwroot\index.html" />
    </ItemGroup>
 </Project>
--- a/DysonNetwork.Drive/Migrations/20250713121317_InitialMigration.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250713121317_InitialMigration.Designer.cs
@@ -3,7 +3,7 @@ using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
 using DysonNetwork.Drive.Storage;
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250713121317_InitialMigration.cs
+++ b/DysonNetwork.Drive/Migrations/20250713121317_InitialMigration.cs
@@ -1,7 +1,4 @@
-using System;
+using DysonNetwork.Shared.Models;
 using System.Collections.Generic;
 using DysonNetwork.Drive.Storage;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
--- a/DysonNetwork.Drive/Migrations/20250715080004_ReinitalMigration.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250715080004_ReinitalMigration.Designer.cs
@@ -2,7 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250715080004_ReinitalMigration.cs
+++ b/DysonNetwork.Drive/Migrations/20250715080004_ReinitalMigration.cs
@@ -1,5 +1,4 @@
-using System.Collections.Generic;
+using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Migrations;
 #nullable disable
--- a/DysonNetwork.Drive/Migrations/20250726103203_AddCloudFilePool.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250726103203_AddCloudFilePool.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250726103203_AddCloudFilePool.cs
+++ b/DysonNetwork.Drive/Migrations/20250726103203_AddCloudFilePool.cs
@@ -1,6 +1,4 @@
-using System;
+using DysonNetwork.Shared.Models;
 using System.Collections.Generic;
 using DysonNetwork.Drive.Storage;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
--- a/DysonNetwork.Drive/Migrations/20250726120323_AddFilePoolDescription.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250726120323_AddFilePoolDescription.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250726172039_AddCloudFileExpiration.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250726172039_AddCloudFileExpiration.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250727092028_AddQuotaRecord.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250727092028_AddQuotaRecord.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250727092028_AddQuotaRecord.cs
+++ b/DysonNetwork.Drive/Migrations/20250727092028_AddQuotaRecord.cs
@@ -1,5 +1,4 @@
-using System;
+using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
 #nullable disable
--- a/DysonNetwork.Drive/Migrations/20250727130951_AddFileBundle.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250727130951_AddFileBundle.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250727130951_AddFileBundle.cs
+++ b/DysonNetwork.Drive/Migrations/20250727130951_AddFileBundle.cs
@@ -1,5 +1,4 @@
-using System;
+using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
 #nullable disable
--- a/DysonNetwork.Drive/Migrations/20250808170904_AddHiddenPool.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250808170904_AddHiddenPool.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250819164302_RemoveUploadedTo.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250819164302_RemoveUploadedTo.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/20250907070034_RemoveNetTopo.Designer.cs
+++ b/DysonNetwork.Drive/Migrations/20250907070034_RemoveNetTopo.Designer.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
--- a/DysonNetwork.Drive/Migrations/AppDatabaseModelSnapshot.cs
+++ b/DysonNetwork.Drive/Migrations/AppDatabaseModelSnapshot.cs
@@ -2,8 +2,7 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Drive;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
--- a/DysonNetwork.Drive/Program.cs
+++ b/DysonNetwork.Drive/Program.cs
@@ -4,7 +4,6 @@ using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Http;
 using DysonNetwork.Shared.Registry;
 using Microsoft.EntityFrameworkCore;
 using tusdotnet.Stores;
 var builder = WebApplication.CreateBuilder(args);
@@ -16,23 +15,19 @@ builder.ConfigureAppKestrel(builder.Configuration, maxRequestBodySize: long.MaxV
 // Add application services
 builder.Services.AddAppServices(builder.Configuration);
 builder.Services.AddAppRateLimiting();
 builder.Services.AddAppAuthentication();
 builder.Services.AddAppSwagger();
 builder.Services.AddDysonAuth();
 builder.Services.AddAccountService();
 builder.Services.AddAppFileStorage(builder.Configuration);
 // Add flush handlers and websocket handlers
 builder.Services.AddAppFlushHandlers();
 // Add business services
 builder.Services.AddAppBusinessServices();
 // Add scheduled jobs
 builder.Services.AddAppScheduledJobs();
 builder.AddSwaggerManifest(
    "DysonNetwork.Drive",
    "The file upload and storage service in the Solar Network."
 );
 var app = builder.Build();
 app.MapDefaultEndpoints();
@@ -44,7 +39,11 @@ using (var scope = app.Services.CreateScope())
    await db.Database.MigrateAsync();
 }
 app.ConfigureAppMiddleware();
 // Configure gRPC
 app.ConfigureGrpcServices();
-app.Run();
+app.UseSwaggerManifest("DysonNetwork.Drive");
 app.Run();
--- a/DysonNetwork.Drive/Properties/launchSettings.json
+++ b/DysonNetwork.Drive/Properties/launchSettings.json
@@ -5,7 +5,6 @@
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "applicationUrl": "http://localhost:5090",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
@@ -14,7 +13,6 @@
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "applicationUrl": "https://localhost:7092;http://localhost:5090",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
--- a/DysonNetwork.Drive/Startup/ApplicationBuilderExtensions.cs
+++ b/DysonNetwork.Drive/Startup/ApplicationBuilderExtensions.cs
@@ -1,34 +1,13 @@
 using DysonNetwork.Drive.Storage;
 using Microsoft.Extensions.FileProviders;
 using tusdotnet;
 using tusdotnet.Interfaces;
 namespace DysonNetwork.Drive.Startup;
 public static class ApplicationBuilderExtensions
 {
-    public static WebApplication ConfigureAppMiddleware(this WebApplication app, ITusStore tusStore)
+    public static WebApplication ConfigureAppMiddleware(this WebApplication app)
    {
        // Configure the HTTP request pipeline.
        if (app.Environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseSwaggerUI();
        }
        app.UseAuthorization();
        app.MapControllers();
        app.UseCors(opts =>
            opts.SetIsOriginAllowed(_ => true)
                .WithExposedHeaders("*")
                .WithHeaders("*")
                .AllowCredentials()
                .AllowAnyHeader()
                .AllowAnyMethod()
        );
        app.MapTus("/api/tus", _ => Task.FromResult(TusService.BuildConfiguration(tusStore, app.Configuration)));
        return app;
    }
@@ -38,6 +17,7 @@ public static class ApplicationBuilderExtensions
        // Map your gRPC services here
        app.MapGrpcService<FileServiceGrpc>();
        app.MapGrpcService<FileReferenceServiceGrpc>();
        app.MapGrpcReflectionService();
        return app;
    }
--- a/DysonNetwork.Drive/Startup/BroadcastEventHandler.cs
+++ b/DysonNetwork.Drive/Startup/BroadcastEventHandler.cs
@@ -1,10 +1,16 @@
 using System.Text.Json;
-using DysonNetwork.Drive.Storage;
+using DysonNetwork.Drive.Storage.Model;
 using DysonNetwork.Shared.Proto;
 using DysonNetwork.Shared.Stream;
 using FFMpegCore;
 using Microsoft.EntityFrameworkCore;
 using NATS.Client.Core;
 using NATS.Client.JetStream;
 using NATS.Client.JetStream.Models;
 using NATS.Net;
 using NetVips;
 using NodaTime;
 using FileService = DysonNetwork.Drive.Storage.FileService;
 namespace DysonNetwork.Drive.Startup;
@@ -14,20 +20,74 @@ public class BroadcastEventHandler(
    IServiceProvider serviceProvider
 ) : BackgroundService
 {
    private const string TempFileSuffix = "dypart";
    private static readonly string[] AnimatedImageTypes =
        ["image/gif", "image/apng", "image/avif"];
    private static readonly string[] AnimatedImageExtensions =
        [".gif", ".apng", ".avif"];
    protected override async Task ExecuteAsync(CancellationToken stoppingToken)
    {
        var js = nats.CreateJetStreamContext();
        await js.EnsureStreamCreated("account_events", [AccountDeletedEvent.Type]);
-        var consumer = await js.CreateOrUpdateConsumerAsync("account_events",
+        var accountEventConsumer = await js.CreateOrUpdateConsumerAsync("account_events",
            new ConsumerConfig("drive_account_deleted_handler"), cancellationToken: stoppingToken);
        await js.EnsureStreamCreated("file_events", [FileUploadedEvent.Type]);
        var fileUploadedConsumer = await js.CreateOrUpdateConsumerAsync("file_events",
            new ConsumerConfig("drive_file_uploaded_handler") { MaxDeliver = 3 }, cancellationToken: stoppingToken);
        var accountDeletedTask = HandleAccountDeleted(accountEventConsumer, stoppingToken);
        var fileUploadedTask = HandleFileUploaded(fileUploadedConsumer, stoppingToken);
        await Task.WhenAll(accountDeletedTask, fileUploadedTask);
    }
    private async Task HandleFileUploaded(INatsJSConsumer consumer, CancellationToken stoppingToken)
    {
        await foreach (var msg in consumer.ConsumeAsync<byte[]>(cancellationToken: stoppingToken))
        {
            var payload = JsonSerializer.Deserialize<FileUploadedEventPayload>(msg.Data, GrpcTypeHelper.SerializerOptions);
            if (payload == null)
            {
                await msg.AckAsync(cancellationToken: stoppingToken);
                continue;
            }
            try
            {
                await ProcessAndUploadInBackgroundAsync(
                    payload.FileId,
                    payload.RemoteId,
                    payload.StorageId,
                    payload.ContentType,
                    payload.ProcessingFilePath,
                    payload.IsTempFile
                );
                await msg.AckAsync(cancellationToken: stoppingToken);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error processing FileUploadedEvent for file {FileId}", payload.FileId);
                await msg.NakAsync(cancellationToken: stoppingToken, delay: TimeSpan.FromSeconds(60));
            }
        }
    }
    private async Task HandleAccountDeleted(INatsJSConsumer consumer, CancellationToken stoppingToken)
    {
        await foreach (var msg in consumer.ConsumeAsync<byte[]>(cancellationToken: stoppingToken))
        {
            try
            {
-                var evt = JsonSerializer.Deserialize<AccountDeletedEvent>(msg.Data);
+                var evt = JsonSerializer.Deserialize<AccountDeletedEvent>(msg.Data, GrpcTypeHelper.SerializerOptions);
                if (evt == null)
                {
                    await msg.AckAsync(cancellationToken: stoppingToken);
@@ -69,4 +129,169 @@ public class BroadcastEventHandler(
            }
        }
    }
-}
+    
     private async Task ProcessAndUploadInBackgroundAsync(
        string fileId,
        Guid remoteId,
        string storageId,
        string contentType,
        string processingFilePath,
        bool isTempFile
    )
    {
        using var scope = serviceProvider.CreateScope();
        var fs = scope.ServiceProvider.GetRequiredService<FileService>();
        var scopedDb = scope.ServiceProvider.GetRequiredService<AppDatabase>();
        var pool = await fs.GetPoolAsync(remoteId);
        if (pool is null) return;
        var uploads = new List<(string FilePath, string Suffix, string ContentType, bool SelfDestruct)>();
        var newMimeType = contentType;
        var hasCompression = false;
        var hasThumbnail = false;
        logger.LogInformation("Processing file {FileId} in background...", fileId);
        var fileToUpdate = await scopedDb.Files.AsNoTracking().FirstAsync(f => f.Id == fileId);
        if (fileToUpdate.IsEncrypted)
        {
            uploads.Add((processingFilePath, string.Empty, contentType, false));
        }
        else if (!pool.PolicyConfig.NoOptimization)
        {
            var fileExtension = Path.GetExtension(processingFilePath);
            switch (contentType.Split('/')[0])
            {
                case "image":
                    if (AnimatedImageTypes.Contains(contentType) || AnimatedImageExtensions.Contains(fileExtension))
                    {
                        logger.LogInformation("Skip optimize file {FileId} due to it is animated...", fileId);
                        uploads.Add((processingFilePath, string.Empty, contentType, false));
                        break;
                    }
                    try
                    {
                        newMimeType = "image/webp";
                        using var vipsImage = Image.NewFromFile(processingFilePath);
                        var imageToWrite = vipsImage;
                        if (vipsImage.Interpretation is Enums.Interpretation.Scrgb or Enums.Interpretation.Xyz)
                        {
                            imageToWrite = vipsImage.Colourspace(Enums.Interpretation.Srgb);
                        }
                        var webpPath = Path.Join(Path.GetTempPath(), $"{fileId}.{TempFileSuffix}.webp");
                        imageToWrite.Autorot().WriteToFile(webpPath,
                            new VOption { { "lossless", true }, { "strip", true } });
                        uploads.Add((webpPath, string.Empty, newMimeType, true));
                        if (imageToWrite.Width * imageToWrite.Height >= 1024 * 1024)
                        {
                            var scale = 1024.0 / Math.Max(imageToWrite.Width, imageToWrite.Height);
                            var compressedPath =
                                Path.Join(Path.GetTempPath(), $"{fileId}.{TempFileSuffix}.compressed.webp");
                            using var compressedImage = imageToWrite.Resize(scale);
                            compressedImage.Autorot().WriteToFile(compressedPath,
                                new VOption { { "Q", 80 }, { "strip", true } });
                            uploads.Add((compressedPath, ".compressed", newMimeType, true));
                            hasCompression = true;
                        }
                        if (!ReferenceEquals(imageToWrite, vipsImage))
                        {
                            imageToWrite.Dispose();
                        }
                    }
                    catch (Exception ex)
                    {
                        logger.LogError(ex, "Failed to optimize image {FileId}, uploading original", fileId);
                        uploads.Add((processingFilePath, string.Empty, contentType, false));
                        newMimeType = contentType;
                    }
                    break;
                case "video":
                    uploads.Add((processingFilePath, string.Empty, contentType, false));
                    var thumbnailPath = Path.Join(Path.GetTempPath(), $"{fileId}.{TempFileSuffix}.thumbnail.jpg");
                    try
                    {
                        await FFMpegArguments
                            .FromFileInput(processingFilePath, verifyExists: true)
                            .OutputToFile(thumbnailPath, overwrite: true, options => options
                                .Seek(TimeSpan.FromSeconds(0))
                                .WithFrameOutputCount(1)
                                .WithCustomArgument("-q:v 2")
                            )
                            .NotifyOnOutput(line => logger.LogInformation("[FFmpeg] {Line}", line))
                            .NotifyOnError(line => logger.LogWarning("[FFmpeg] {Line}", line))
                            .ProcessAsynchronously();
                        if (File.Exists(thumbnailPath))
                        {
                            uploads.Add((thumbnailPath, ".thumbnail", "image/jpeg", true));
                            hasThumbnail = true;
                        }
                        else
                        {
                            logger.LogWarning("FFMpeg did not produce thumbnail for video {FileId}", fileId);
                        }
                    }
                    catch (Exception ex)
                    {
                        logger.LogError(ex, "Failed to generate thumbnail for video {FileId}", fileId);
                    }
                    break;
                default:
                    uploads.Add((processingFilePath, string.Empty, contentType, false));
                    break;
            }
        }
        else
        {
            uploads.Add((processingFilePath, string.Empty, contentType, false));
        }
        logger.LogInformation("Optimized file {FileId}, now uploading...", fileId);
        if (uploads.Count > 0)
        {
            var destPool = remoteId;
            var uploadTasks = uploads.Select(item =>
                fs.UploadFileToRemoteAsync(
                    storageId,
                    destPool,
                    item.FilePath,
                    item.Suffix,
                    item.ContentType,
                    item.SelfDestruct
                )
            ).ToList();
            await Task.WhenAll(uploadTasks);
            logger.LogInformation("Uploaded file {FileId} done!", fileId);
            var now = SystemClock.Instance.GetCurrentInstant();
            await scopedDb.Files.Where(f => f.Id == fileId).ExecuteUpdateAsync(setter => setter
                .SetProperty(f => f.UploadedAt, now)
                .SetProperty(f => f.PoolId, destPool)
                .SetProperty(f => f.MimeType, newMimeType)
                .SetProperty(f => f.HasCompression, hasCompression)
                .SetProperty(f => f.HasThumbnail, hasThumbnail)
            );
            // Only delete temp file after successful upload and db update
            if (isTempFile)
                File.Delete(processingFilePath);
        }
        await fs._PurgeCacheAsync(fileId);
    }
 }
--- a/DysonNetwork.Drive/Startup/ServiceCollectionExtensions.cs
+++ b/DysonNetwork.Drive/Startup/ServiceCollectionExtensions.cs
@@ -1,14 +1,8 @@
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Threading.RateLimiting;
 using DysonNetwork.Shared.Cache;
 using Microsoft.AspNetCore.RateLimiting;
 using Microsoft.OpenApi.Models;
 using NodaTime;
 using NodaTime.Serialization.SystemTextJson;
 using StackExchange.Redis;
 using DysonNetwork.Shared.Proto;
 using tusdotnet.Stores;
 namespace DysonNetwork.Drive.Startup;
@@ -30,9 +24,7 @@ public static class ServiceCollectionExtensions
            options.MaxReceiveMessageSize = 16 * 1024 * 1024; // 16MB
            options.MaxSendMessageSize = 16 * 1024 * 1024; // 16MB
        });
-
+        services.AddGrpcReflection();
        // Register gRPC reflection for service discovery
        services.AddGrpc();
        services.AddControllers().AddJsonOptions(options =>
        {
@@ -46,24 +38,9 @@ public static class ServiceCollectionExtensions
        return services;
    }
    public static IServiceCollection AddAppRateLimiting(this IServiceCollection services)
    {
        services.AddRateLimiter(o => o.AddFixedWindowLimiter(policyName: "fixed", opts =>
        {
            opts.Window = TimeSpan.FromMinutes(1);
            opts.PermitLimit = 120;
            opts.QueueLimit = 2;
            opts.QueueProcessingOrder = QueueProcessingOrder.OldestFirst;
        }));
        return services;
    }
    public static IServiceCollection AddAppAuthentication(this IServiceCollection services)
    {
        services.AddCors();
        services.AddAuthorization();
        return services;
    }
@@ -74,63 +51,6 @@ public static class ServiceCollectionExtensions
        return services;
    }
    public static IServiceCollection AddAppSwagger(this IServiceCollection services)
    {
        services.AddEndpointsApiExplorer();
        services.AddSwaggerGen(options =>
        {
            options.SwaggerDoc("v1", new OpenApiInfo
            {
                Version = "v1",
                Title = "Dyson Drive",
                Description =
                    "The file service of the Dyson Network. Mainly handling file storage and sharing. Also provide image processing and media analysis. Powered the Solar Network Drive as well.",
                TermsOfService = new Uri("https://solsynth.dev/terms"), // Update with actual terms
                License = new OpenApiLicense
                {
                    Name = "APGLv3", // Update with actual license
                    Url = new Uri("https://www.gnu.org/licenses/agpl-3.0.html")
                }
            });
            options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
            {
                In = ParameterLocation.Header,
                Description = "Please enter a valid token",
                Name = "Authorization",
                Type = SecuritySchemeType.Http,
                BearerFormat = "JWT",
                Scheme = "Bearer"
            });
            options.AddSecurityRequirement(new OpenApiSecurityRequirement
            {
                {
                    new OpenApiSecurityScheme
                    {
                        Reference = new OpenApiReference
                        {
                            Type = ReferenceType.SecurityScheme,
                            Id = "Bearer"
                        }
                    },
                    []
                }
            });
        });
        return services;
    }
    public static IServiceCollection AddAppFileStorage(this IServiceCollection services, IConfiguration configuration)
    {
        var tusStorePath = configuration.GetSection("Tus").GetValue<string>("StorePath")!;
        Directory.CreateDirectory(tusStorePath);
        var tusDiskStore = new TusDiskStore(tusStorePath);
        services.AddSingleton(tusDiskStore);
        return services;
    }
    public static IServiceCollection AddAppBusinessServices(this IServiceCollection services)
    {
        services.AddScoped<Storage.FileService>();
--- a/DysonNetwork.Drive/Storage/BundleController.cs
+++ b/DysonNetwork.Drive/Storage/BundleController.cs
@@ -1,4 +1,5 @@
 using System.ComponentModel.DataAnnotations;
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -22,7 +23,7 @@ public class BundleController(AppDatabase db) : ControllerBase
    }
    [HttpGet("{id:guid}")]
-    public async Task<ActionResult<FileBundle>> GetBundle([FromRoute] Guid id, [FromQuery] string? passcode)
+    public async Task<ActionResult<SnFileBundle>> GetBundle([FromRoute] Guid id, [FromQuery] string? passcode)
    {
        var bundle = await db.Bundles
            .Where(e => e.Id == id)
@@ -36,7 +37,7 @@ public class BundleController(AppDatabase db) : ControllerBase
    [HttpGet("me")]
    [Authorize]
-    public async Task<ActionResult<List<FileBundle>>> ListBundles(
+    public async Task<ActionResult<List<SnFileBundle>>> ListBundles(
        [FromQuery] string? term,
        [FromQuery] int offset = 0,
        [FromQuery] int take = 20
@@ -65,7 +66,7 @@ public class BundleController(AppDatabase db) : ControllerBase
    [HttpPost]
    [Authorize]
-    public async Task<ActionResult<FileBundle>> CreateBundle([FromBody] BundleRequest request)
+    public async Task<ActionResult<SnFileBundle>> CreateBundle([FromBody] BundleRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
@@ -77,7 +78,7 @@ public class BundleController(AppDatabase db) : ControllerBase
        if (string.IsNullOrEmpty(request.Name))
            request.Name = "Unnamed Bundle";
-        var bundle = new FileBundle
+        var bundle = new SnFileBundle
        {
            Slug = request.Slug,
            Name = request.Name,
@@ -95,7 +96,7 @@ public class BundleController(AppDatabase db) : ControllerBase
    [HttpPut("{id:guid}")]
    [Authorize]
-    public async Task<ActionResult<FileBundle>> UpdateBundle([FromRoute] Guid id, [FromBody] BundleRequest request)
+    public async Task<ActionResult<SnFileBundle>> UpdateBundle([FromRoute] Guid id, [FromBody] BundleRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
--- a/DysonNetwork.Drive/Storage/FileController.cs
+++ b/DysonNetwork.Drive/Storage/FileController.cs
@@ -1,6 +1,6 @@
 using DysonNetwork.Drive.Billing;
 using DysonNetwork.Shared.Auth;
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -39,22 +39,43 @@ public class FileController(
        }
        var file = await fs.GetFileAsync(id);
-        if (file is null) return NotFound();
+        if (file is null) return NotFound("File not found.");
        if (file.IsMarkedRecycle) return StatusCode(StatusCodes.Status410Gone, "The file has been recycled.");
        if (file.Bundle is not null && !file.Bundle.VerifyPasscode(passcode))
            return StatusCode(StatusCodes.Status403Forbidden, "The passcode is incorrect.");
        if (!string.IsNullOrWhiteSpace(file.StorageUrl)) return Redirect(file.StorageUrl);
-        if (!file.PoolId.HasValue)
+        if (file.UploadedAt is null)
        {
-            var tusStorePath = configuration.GetValue<string>("Tus:StorePath")!;
+            // File is not yet uploaded to remote storage. Try to serve from local temp storage.
-            var filePath = Path.Combine(env.ContentRootPath, tusStorePath, file.Id);
+            var tempFilePath = Path.Combine(Path.GetTempPath(), file.Id);
-            if (!System.IO.File.Exists(filePath)) return new NotFoundResult();
+            if (System.IO.File.Exists(tempFilePath))
-            return PhysicalFile(filePath, file.MimeType ?? "application/octet-stream", file.Name);
+            {
                if (file.IsEncrypted)
                {
                    return StatusCode(StatusCodes.Status403Forbidden, "Encrypted files cannot be accessed before they are processed and stored.");
                }
                return PhysicalFile(tempFilePath, file.MimeType ?? "application/octet-stream", file.Name, enableRangeProcessing: true);
            }
            // Fallback for tus uploads that are not processed yet.
            var tusStorePath = configuration.GetValue<string>("Tus:StorePath");
            if (!string.IsNullOrEmpty(tusStorePath))
            {
                var tusFilePath = Path.Combine(env.ContentRootPath, tusStorePath, file.Id);
                if (System.IO.File.Exists(tusFilePath))
                {
                    return PhysicalFile(tusFilePath, file.MimeType ?? "application/octet-stream", file.Name, enableRangeProcessing: true);
                }
            }
            return StatusCode(StatusCodes.Status400BadRequest, "File is being processed. Please try again later.");
        }
        if (!file.PoolId.HasValue)
            return StatusCode(StatusCodes.Status500InternalServerError, "File is in an inconsistent state: uploaded but no pool ID.");
        var pool = await fs.GetPoolAsync(file.PoolId.Value);
        if (pool is null)
            return StatusCode(StatusCodes.Status410Gone, "The pool of the file no longer exists or not accessible.");
@@ -75,7 +96,7 @@ public class FileController(
            case true when !file.HasThumbnail:
                return NotFound();
        }
-        
+
        if (!original && file.HasCompression)
            fileName += ".compressed";
@@ -142,17 +163,17 @@ public class FileController(
    }
    [HttpGet("{id}/info")]
-    public async Task<ActionResult<CloudFile>> GetFileInfo(string id)
+    public async Task<ActionResult<SnCloudFile>> GetFileInfo(string id)
    {
        var file = await fs.GetFileAsync(id);
-        if (file is null) return NotFound();
+        if (file is null) return NotFound("File not found.");
        return file;
    }
    [Authorize]
    [HttpPatch("{id}/name")]
-    public async Task<ActionResult<CloudFile>> UpdateFileName(string id, [FromBody] string name)
+    public async Task<ActionResult<SnCloudFile>> UpdateFileName(string id, [FromBody] string name)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
@@ -166,12 +187,12 @@ public class FileController(
    public class MarkFileRequest
    {
-        public List<ContentSensitiveMark>? SensitiveMarks { get; set; }
+        public List<Shared.Models.ContentSensitiveMark>? SensitiveMarks { get; set; }
    }
    [Authorize]
    [HttpPut("{id}/marks")]
-    public async Task<ActionResult<CloudFile>> MarkFile(string id, [FromBody] MarkFileRequest request)
+    public async Task<ActionResult<SnCloudFile>> MarkFile(string id, [FromBody] MarkFileRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
@@ -185,7 +206,7 @@ public class FileController(
    [Authorize]
    [HttpPut("{id}/meta")]
-    public async Task<ActionResult<CloudFile>> UpdateFileMeta(string id, [FromBody] Dictionary<string, object?> meta)
+    public async Task<ActionResult<SnCloudFile>> UpdateFileMeta(string id, [FromBody] Dictionary<string, object?> meta)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
@@ -199,7 +220,7 @@ public class FileController(
    [Authorize]
    [HttpGet("me")]
-    public async Task<ActionResult<List<CloudFile>>> GetMyFiles(
+    public async Task<ActionResult<List<SnCloudFile>>> GetMyFiles(
        [FromQuery] Guid? pool,
        [FromQuery] bool recycled = false,
        [FromQuery] int offset = 0,
@@ -277,14 +298,14 @@ public class FileController(
        public string? Description { get; set; }
        public Dictionary<string, object?>? UserMeta { get; set; }
        public Dictionary<string, object?>? FileMeta { get; set; }
-        public List<ContentSensitiveMark>? SensitiveMarks { get; set; }
+        public List<Shared.Models.ContentSensitiveMark>? SensitiveMarks { get; set; }
        public Guid PoolId { get; set; }
    }
    [Authorize]
    [HttpPost("fast")]
    [RequiredPermission("global", "files.create")]
-    public async Task<ActionResult<CloudFile>> CreateFastFile([FromBody] CreateFastFileRequest request)
+    public async Task<ActionResult<SnCloudFile>> CreateFastFile([FromBody] CreateFastFileRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
@@ -293,13 +314,13 @@ public class FileController(
        if (pool is null) return BadRequest();
        if (!currentUser.IsSuperuser && pool.AccountId != accountId)
            return StatusCode(403, "You don't have permission to create files in this pool.");
-        
+
        if (!pool.PolicyConfig.EnableFastUpload)
            return StatusCode(
                403,
                "This pool does not allow fast upload"
            );
-        
+
        if (pool.PolicyConfig.RequirePrivilege > 0)
        {
            if (currentUser.PerkSubscription is null)
@@ -320,7 +341,7 @@ public class FileController(
                );
            }
        }
-        
+
        if (request.Size > pool.PolicyConfig.MaxFileSize)
        {
            return StatusCode(
@@ -328,7 +349,7 @@ public class FileController(
                $"File size {request.Size} is larger than the pool's maximum file size {pool.PolicyConfig.MaxFileSize}"
            );
        }
-        
+
        var (ok, billableUnit, quota) = await qs.IsFileAcceptable(
            accountId,
            pool.BillingConfig.CostMultiplier ?? 1.0,
@@ -345,7 +366,7 @@ public class FileController(
        await using var transaction = await db.Database.BeginTransactionAsync();
        try
        {
-            var file = new CloudFile
+            var file = new SnCloudFile
            {
                Name = request.Name,
                Size = request.Size,
@@ -373,4 +394,4 @@ public class FileController(
            throw;
        }
    }
-}
+}
--- a/DysonNetwork.Drive/Storage/FilePoolController.cs
+++ b/DysonNetwork.Drive/Storage/FilePoolController.cs
@@ -1,3 +1,4 @@
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -19,6 +20,7 @@ public class FilePoolController(AppDatabase db, FileService fs) : ControllerBase
        var pools = await db.Pools
            .Where(p => p.PolicyConfig.PublicUsable || p.AccountId == accountId)
            .Where(p => !p.IsHidden || p.AccountId == accountId)
            .OrderBy(p => p.CreatedAt)
            .ToListAsync();
        pools = pools.Select(p =>
        {
@@ -29,14 +31,14 @@ public class FilePoolController(AppDatabase db, FileService fs) : ControllerBase
        return Ok(pools);
    }
-    
+
    [Authorize]
    [HttpDelete("{id:guid}/recycle")]
    public async Task<ActionResult> DeleteFilePoolRecycledFiles(Guid id)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
-        
+
        var pool = await fs.GetPoolAsync(id);
        if (pool is null) return NotFound();
        if (!currentUser.IsSuperuser && pool.AccountId != accountId) return Unauthorized();
@@ -44,4 +46,4 @@ public class FilePoolController(AppDatabase db, FileService fs) : ControllerBase
        var count = await fs.DeletePoolRecycledFilesAsync(id);
        return Ok(new { Count = count });
    }
-}
+}
--- a/DysonNetwork.Drive/Storage/FileReferenceService.cs
+++ b/DysonNetwork.Drive/Storage/FileReferenceService.cs
@@ -1,4 +1,5 @@
 using DysonNetwork.Shared.Cache;
 using DysonNetwork.Shared.Models;
 using EFCore.BulkExtensions;
 using Microsoft.EntityFrameworkCore;
 using NodaTime;
@@ -347,7 +348,7 @@ public class FileReferenceService(AppDatabase db, FileService fileService, ICach
    /// <param name="resourceId">The ID of the resource</param>
    /// <param name="usage">Optional filter by usage context</param>
    /// <returns>A list of files referenced by the resource</returns>
-    public async Task<List<CloudFile>> GetResourceFilesAsync(string resourceId, string? usage = null)
+    public async Task<List<SnCloudFile>> GetResourceFilesAsync(string resourceId, string? usage = null)
    {
        var query = db.FileReferences.Where(r => r.ResourceId == resourceId);
--- a/DysonNetwork.Drive/Storage/FileReferenceServiceGrpc.cs
+++ b/DysonNetwork.Drive/Storage/FileReferenceServiceGrpc.cs
@@ -3,173 +3,172 @@ using Grpc.Core;
 using NodaTime;
 using Duration = NodaTime.Duration;
-namespace DysonNetwork.Drive.Storage
+namespace DysonNetwork.Drive.Storage;
 public class FileReferenceServiceGrpc(FileReferenceService fileReferenceService)
    : Shared.Proto.FileReferenceService.FileReferenceServiceBase
 {
-    public class FileReferenceServiceGrpc(FileReferenceService fileReferenceService)
+    public override async Task<Shared.Proto.CloudFileReference> CreateReference(CreateReferenceRequest request,
-        : Shared.Proto.FileReferenceService.FileReferenceServiceBase
+        ServerCallContext context)
    {
-        public override async Task<Shared.Proto.CloudFileReference> CreateReference(CreateReferenceRequest request,
+        Instant? expiredAt = null;
-            ServerCallContext context)
+        if (request.ExpiredAt != null)
-        {
+            expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
-            Instant? expiredAt = null;
+        else if (request.Duration != null)
-            if (request.ExpiredAt != null)
+            expiredAt = SystemClock.Instance.GetCurrentInstant() +
-                expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
+                        Duration.FromTimeSpan(request.Duration.ToTimeSpan());
            else if (request.Duration != null)
                expiredAt = SystemClock.Instance.GetCurrentInstant() +
                            Duration.FromTimeSpan(request.Duration.ToTimeSpan());
-            var reference = await fileReferenceService.CreateReferenceAsync(
+        var reference = await fileReferenceService.CreateReferenceAsync(
-                request.FileId,
+            request.FileId,
-                request.Usage,
+            request.Usage,
-                request.ResourceId,
+            request.ResourceId,
-                expiredAt
+            expiredAt
-            );
+        );
-            return reference.ToProtoValue();
+        return reference.ToProtoValue();
-        }
+    }
-        public override async Task<CreateReferenceBatchResponse> CreateReferenceBatch(CreateReferenceBatchRequest request,
+    public override async Task<CreateReferenceBatchResponse> CreateReferenceBatch(CreateReferenceBatchRequest request,
-            ServerCallContext context)
+        ServerCallContext context)
-        {
+    {
-            Instant? expiredAt = null;
+        Instant? expiredAt = null;
-            if (request.ExpiredAt != null)
+        if (request.ExpiredAt != null)
-                expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
+            expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
-            else if (request.Duration != null)
+        else if (request.Duration != null)
-                expiredAt = SystemClock.Instance.GetCurrentInstant() +
+            expiredAt = SystemClock.Instance.GetCurrentInstant() +
-                            Duration.FromTimeSpan(request.Duration.ToTimeSpan());
+                        Duration.FromTimeSpan(request.Duration.ToTimeSpan());
-            var references = await fileReferenceService.CreateReferencesAsync(
+        var references = await fileReferenceService.CreateReferencesAsync(
-                request.FilesId.ToList(),
+            request.FilesId.ToList(),
-                request.Usage,
+            request.Usage,
-                request.ResourceId,
+            request.ResourceId,
-                expiredAt
+            expiredAt
-            );
+        );
-            var response = new CreateReferenceBatchResponse();
+        var response = new CreateReferenceBatchResponse();
-            response.References.AddRange(references.Select(r => r.ToProtoValue()));
+        response.References.AddRange(references.Select(r => r.ToProtoValue()));
-            return response;
+        return response;
-        }
+    }
-        public override async Task<GetReferencesResponse> GetReferences(GetReferencesRequest request,
+    public override async Task<GetReferencesResponse> GetReferences(GetReferencesRequest request,
-            ServerCallContext context)
+        ServerCallContext context)
-        {
+    {
-            var references = await fileReferenceService.GetReferencesAsync(request.FileId);
+        var references = await fileReferenceService.GetReferencesAsync(request.FileId);
-            var response = new GetReferencesResponse();
+        var response = new GetReferencesResponse();
-            response.References.AddRange(references.Select(r => r.ToProtoValue()));
+        response.References.AddRange(references.Select(r => r.ToProtoValue()));
-            return response;
+        return response;
-        }
+    }
-        public override async Task<GetReferenceCountResponse> GetReferenceCount(GetReferenceCountRequest request,
+    public override async Task<GetReferenceCountResponse> GetReferenceCount(GetReferenceCountRequest request,
-            ServerCallContext context)
+        ServerCallContext context)
-        {
+    {
-            var count = await fileReferenceService.GetReferenceCountAsync(request.FileId);
+        var count = await fileReferenceService.GetReferenceCountAsync(request.FileId);
-            return new GetReferenceCountResponse { Count = count };
+        return new GetReferenceCountResponse { Count = count };
-        }
+    }
-        public override async Task<GetReferencesResponse> GetResourceReferences(GetResourceReferencesRequest request,
+    public override async Task<GetReferencesResponse> GetResourceReferences(GetResourceReferencesRequest request,
-            ServerCallContext context)
+        ServerCallContext context)
-        {
+    {
-            var references = await fileReferenceService.GetResourceReferencesAsync(request.ResourceId, request.Usage);
+        var references = await fileReferenceService.GetResourceReferencesAsync(request.ResourceId, request.Usage);
-            var response = new GetReferencesResponse();
+        var response = new GetReferencesResponse();
-            response.References.AddRange(references.Select(r => r.ToProtoValue()));
+        response.References.AddRange(references.Select(r => r.ToProtoValue()));
-            return response;
+        return response;
-        }
+    }
-        public override async Task<GetResourceFilesResponse> GetResourceFiles(GetResourceFilesRequest request,
+    public override async Task<GetResourceFilesResponse> GetResourceFiles(GetResourceFilesRequest request,
-            ServerCallContext context)
+        ServerCallContext context)
-        {
+    {
-            var files = await fileReferenceService.GetResourceFilesAsync(request.ResourceId, request.Usage);
+        var files = await fileReferenceService.GetResourceFilesAsync(request.ResourceId, request.Usage);
-            var response = new GetResourceFilesResponse();
+        var response = new GetResourceFilesResponse();
-            response.Files.AddRange(files.Select(f => f.ToProtoValue()));
+        response.Files.AddRange(files.Select(f => f.ToProtoValue()));
-            return response;
+        return response;
-        }
+    }
-        public override async Task<DeleteResourceReferencesResponse> DeleteResourceReferences(
+    public override async Task<DeleteResourceReferencesResponse> DeleteResourceReferences(
-            DeleteResourceReferencesRequest request, ServerCallContext context)
+        DeleteResourceReferencesRequest request, ServerCallContext context)
-        {
+    {
-            int deletedCount;
+        int deletedCount;
-            if (request.Usage is null)
+        if (request.Usage is null)
-                deletedCount = await fileReferenceService.DeleteResourceReferencesAsync(request.ResourceId);
+            deletedCount = await fileReferenceService.DeleteResourceReferencesAsync(request.ResourceId);
-            else
+        else
-                deletedCount =
+            deletedCount =
-                    await fileReferenceService.DeleteResourceReferencesAsync(request.ResourceId, request.Usage!);
+                await fileReferenceService.DeleteResourceReferencesAsync(request.ResourceId, request.Usage!);
-            return new DeleteResourceReferencesResponse { DeletedCount = deletedCount };
+        return new DeleteResourceReferencesResponse { DeletedCount = deletedCount };
-        }
+    }
-        public override async Task<DeleteResourceReferencesResponse> DeleteResourceReferencesBatch(DeleteResourceReferencesBatchRequest request, ServerCallContext context)
+    public override async Task<DeleteResourceReferencesResponse> DeleteResourceReferencesBatch(DeleteResourceReferencesBatchRequest request, ServerCallContext context)
    {
        var resourceIds = request.ResourceIds.ToList();
        int deletedCount;
        if (request.Usage is null)
            deletedCount = await fileReferenceService.DeleteResourceReferencesBatchAsync(resourceIds);
        else
            deletedCount =
                await fileReferenceService.DeleteResourceReferencesBatchAsync(resourceIds, request.Usage!);
        return new DeleteResourceReferencesResponse { DeletedCount = deletedCount };
    }
    public override async Task<DeleteReferenceResponse> DeleteReference(DeleteReferenceRequest request,
        ServerCallContext context)
    {
        var success = await fileReferenceService.DeleteReferenceAsync(Guid.Parse(request.ReferenceId));
        return new DeleteReferenceResponse { Success = success };
    }
    public override async Task<UpdateResourceFilesResponse> UpdateResourceFiles(UpdateResourceFilesRequest request,
        ServerCallContext context)
    {
        Instant? expiredAt = null;
        if (request.ExpiredAt != null)
        {
-            var resourceIds = request.ResourceIds.ToList();
+            expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
-            int deletedCount;
+        }
-            if (request.Usage is null)
+        else if (request.Duration != null)
-                deletedCount = await fileReferenceService.DeleteResourceReferencesBatchAsync(resourceIds);
+        {
-            else
+            expiredAt = SystemClock.Instance.GetCurrentInstant() +
-                deletedCount =
+                        Duration.FromTimeSpan(request.Duration.ToTimeSpan());
                    await fileReferenceService.DeleteResourceReferencesBatchAsync(resourceIds, request.Usage!);
            return new DeleteResourceReferencesResponse { DeletedCount = deletedCount };
        }
-        public override async Task<DeleteReferenceResponse> DeleteReference(DeleteReferenceRequest request,
+        var references = await fileReferenceService.UpdateResourceFilesAsync(
-            ServerCallContext context)
+            request.ResourceId,
            request.FileIds,
            request.Usage,
            expiredAt
        );
        var response = new UpdateResourceFilesResponse();
        response.References.AddRange(references.Select(r => r.ToProtoValue()));
        return response;
    }
    public override async Task<SetReferenceExpirationResponse> SetReferenceExpiration(
        SetReferenceExpirationRequest request, ServerCallContext context)
    {
        Instant? expiredAt = null;
        if (request.ExpiredAt != null)
        {
-            var success = await fileReferenceService.DeleteReferenceAsync(Guid.Parse(request.ReferenceId));
+            expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
-            return new DeleteReferenceResponse { Success = success };
+        }
        else if (request.Duration != null)
        {
            expiredAt = SystemClock.Instance.GetCurrentInstant() +
                        Duration.FromTimeSpan(request.Duration.ToTimeSpan());
        }
-        public override async Task<UpdateResourceFilesResponse> UpdateResourceFiles(UpdateResourceFilesRequest request,
+        var success =
-            ServerCallContext context)
+            await fileReferenceService.SetReferenceExpirationAsync(Guid.Parse(request.ReferenceId), expiredAt);
-        {
+        return new SetReferenceExpirationResponse { Success = success };
-            Instant? expiredAt = null;
+    }
            if (request.ExpiredAt != null)
            {
                expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
            }
            else if (request.Duration != null)
            {
                expiredAt = SystemClock.Instance.GetCurrentInstant() +
                            Duration.FromTimeSpan(request.Duration.ToTimeSpan());
            }
-            var references = await fileReferenceService.UpdateResourceFilesAsync(
+    public override async Task<SetFileReferencesExpirationResponse> SetFileReferencesExpiration(
-                request.ResourceId,
+        SetFileReferencesExpirationRequest request, ServerCallContext context)
-                request.FileIds,
+    {
-                request.Usage,
+        var expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
-                expiredAt
+        var updatedCount = await fileReferenceService.SetFileReferencesExpirationAsync(request.FileId, expiredAt);
-            );
+        return new SetFileReferencesExpirationResponse { UpdatedCount = updatedCount };
-            var response = new UpdateResourceFilesResponse();
+    }
            response.References.AddRange(references.Select(r => r.ToProtoValue()));
            return response;
        }
-        public override async Task<SetReferenceExpirationResponse> SetReferenceExpiration(
+    public override async Task<HasFileReferencesResponse> HasFileReferences(HasFileReferencesRequest request,
-            SetReferenceExpirationRequest request, ServerCallContext context)
+        ServerCallContext context)
-        {
+    {
-            Instant? expiredAt = null;
+        var hasReferences = await fileReferenceService.HasFileReferencesAsync(request.FileId);
-            if (request.ExpiredAt != null)
+        return new HasFileReferencesResponse { HasReferences = hasReferences };
            {
                expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
            }
            else if (request.Duration != null)
            {
                expiredAt = SystemClock.Instance.GetCurrentInstant() +
                            Duration.FromTimeSpan(request.Duration.ToTimeSpan());
            }
            var success =
                await fileReferenceService.SetReferenceExpirationAsync(Guid.Parse(request.ReferenceId), expiredAt);
            return new SetReferenceExpirationResponse { Success = success };
        }
        public override async Task<SetFileReferencesExpirationResponse> SetFileReferencesExpiration(
            SetFileReferencesExpirationRequest request, ServerCallContext context)
        {
            var expiredAt = Instant.FromUnixTimeSeconds(request.ExpiredAt.Seconds);
            var updatedCount = await fileReferenceService.SetFileReferencesExpirationAsync(request.FileId, expiredAt);
            return new SetFileReferencesExpirationResponse { UpdatedCount = updatedCount };
        }
        public override async Task<HasFileReferencesResponse> HasFileReferences(HasFileReferencesRequest request,
            ServerCallContext context)
        {
            var hasReferences = await fileReferenceService.HasFileReferencesAsync(request.FileId);
            return new HasFileReferencesResponse { HasReferences = hasReferences };
        }
    }
 }
--- a/DysonNetwork.Drive/Storage/FileService.cs
+++ b/DysonNetwork.Drive/Storage/FileService.cs
@@ -1,46 +1,38 @@
 using System.Drawing;
 using System.Globalization;
 using FFMpegCore;
 using System.Security.Cryptography;
 using DysonNetwork.Drive.Storage.Model;
 using DysonNetwork.Shared.Cache;
 using DysonNetwork.Shared.Proto;
 using Google.Protobuf.WellKnownTypes;
 using Microsoft.EntityFrameworkCore;
 using Minio;
 using Minio.DataModel.Args;
 using NATS.Client.Core;
 using NetVips;
 using NodaTime;
 using tusdotnet.Stores;
 using System.Linq.Expressions;
 using DysonNetwork.Shared.Data;
 using Microsoft.EntityFrameworkCore.Query;
 using NATS.Net;
 using DysonNetwork.Shared.Models;
 namespace DysonNetwork.Drive.Storage;
 public class FileService(
    AppDatabase db,
    IConfiguration configuration,
    ILogger<FileService> logger,
-    IServiceScopeFactory scopeFactory,
+    ICacheService cache,
-    ICacheService cache
+    INatsConnection nats
 )
 {
    private const string CacheKeyPrefix = "file:";
    private static readonly TimeSpan CacheDuration = TimeSpan.FromMinutes(15);
-    /// <summary>
+    public async Task<SnCloudFile?> GetFileAsync(string fileId)
    /// The api for getting file meta with cache,
    /// the best use case is for accessing the file data.
    ///
    /// <b>This function won't load uploader's information, only keep minimal file meta</b>
    /// </summary>
    /// <param name="fileId">The id of the cloud file requested</param>
    /// <returns>The minimal file meta</returns>
    public async Task<CloudFile?> GetFileAsync(string fileId)
    {
        var cacheKey = $"{CacheKeyPrefix}{fileId}";
-        var cachedFile = await cache.GetAsync<CloudFile>(cacheKey);
+        var cachedFile = await cache.GetAsync<SnCloudFile>(cacheKey);
        if (cachedFile is not null)
            return cachedFile;
@@ -56,16 +48,15 @@ public class FileService(
        return file;
    }
-    public async Task<List<CloudFile>> GetFilesAsync(List<string> fileIds)
+    public async Task<List<SnCloudFile>> GetFilesAsync(List<string> fileIds)
    {
-        var cachedFiles = new Dictionary<string, CloudFile>();
+        var cachedFiles = new Dictionary<string, SnCloudFile>();
        var uncachedIds = new List<string>();
        // Check cache first
        foreach (var fileId in fileIds)
        {
            var cacheKey = $"{CacheKeyPrefix}{fileId}";
-            var cachedFile = await cache.GetAsync<CloudFile>(cacheKey);
+            var cachedFile = await cache.GetAsync<SnCloudFile>(cacheKey);
            if (cachedFile != null)
                cachedFiles[fileId] = cachedFile;
@@ -73,7 +64,6 @@ public class FileService(
                uncachedIds.Add(fileId);
        }
        // Load uncached files from database
        if (uncachedIds.Count > 0)
        {
            var dbFiles = await db.Files
@@ -81,7 +71,6 @@ public class FileService(
                .Include(f => f.Pool)
                .ToListAsync();
            // Add to cache
            foreach (var file in dbFiles)
            {
                var cacheKey = $"{CacheKeyPrefix}{file.Id}";
@@ -90,28 +79,19 @@ public class FileService(
            }
        }
        // Preserve original order
        return fileIds
            .Select(f => cachedFiles.GetValueOrDefault(f))
            .Where(f => f != null)
-            .Cast<CloudFile>()
+            .Cast<SnCloudFile>()
            .ToList();
    }
-    private const string TempFilePrefix = "dyn-cloudfile";
+    public async Task<SnCloudFile> ProcessNewFileAsync(
    private static readonly string[] AnimatedImageTypes =
        ["image/gif", "image/apng", "image/avif"];
    private static readonly string[] AnimatedImageExtensions =
        [".gif", ".apng", ".avif"];
    public async Task<CloudFile> ProcessNewFileAsync(
        Account account,
        string fileId,
        string filePool,
        string? fileBundleId,
-        Stream stream,
+        string filePath,
        string fileName,
        string? contentType,
        string? encryptPassword,
@@ -143,57 +123,74 @@ public class FileService(
        if (bundle?.ExpiredAt != null)
            expiredAt = bundle.ExpiredAt.Value;
-        var ogFilePath = Path.GetFullPath(Path.Join(configuration.GetValue<string>("Tus:StorePath"), fileId));
+        var managedTempPath = Path.Combine(Path.GetTempPath(), fileId);
-        var fileSize = stream.Length;
+        File.Copy(filePath, managedTempPath, true);
-        contentType ??= !fileName.Contains('.') ? "application/octet-stream" : MimeTypes.GetMimeType(fileName);
+
        var fileInfo = new FileInfo(managedTempPath);
        var fileSize = fileInfo.Length;
        var finalContentType = contentType ??
                               (!fileName.Contains('.') ? "application/octet-stream" : MimeTypes.GetMimeType(fileName));
        var file = new SnCloudFile
        {
            Id = fileId,
            Name = fileName,
            MimeType = finalContentType,
            Size = fileSize,
            ExpiredAt = expiredAt,
            BundleId = bundle?.Id,
            AccountId = Guid.Parse(account.Id),
        };
        if (!pool.PolicyConfig.NoMetadata)
        {
            await ExtractMetadataAsync(file, managedTempPath);
        }
        string processingPath = managedTempPath;
        bool isTempFile = true;
        if (!string.IsNullOrWhiteSpace(encryptPassword))
        {
            if (!pool.PolicyConfig.AllowEncryption)
                throw new InvalidOperationException("Encryption is not allowed in this pool");
            var encryptedPath = Path.Combine(Path.GetTempPath(), $"{fileId}.encrypted");
-            FileEncryptor.EncryptFile(ogFilePath, encryptedPath, encryptPassword);
+            FileEncryptor.EncryptFile(managedTempPath, encryptedPath, encryptPassword);
-            File.Delete(ogFilePath); // Delete original unencrypted
+
-            File.Move(encryptedPath, ogFilePath); // Replace the original one with encrypted
+            File.Delete(managedTempPath);
-            contentType = "application/octet-stream";
+
            processingPath = encryptedPath;
            file.IsEncrypted = true;
            file.MimeType = "application/octet-stream";
            file.Size = new FileInfo(processingPath).Length;
        }
-        var hash = await HashFileAsync(ogFilePath);
+        file.Hash = await HashFileAsync(processingPath);
        var file = new CloudFile
        {
            Id = fileId,
            Name = fileName,
            MimeType = contentType,
            Size = fileSize,
            Hash = hash,
            ExpiredAt = expiredAt,
            BundleId = bundle?.Id,
            AccountId = Guid.Parse(account.Id),
            IsEncrypted = !string.IsNullOrWhiteSpace(encryptPassword) && pool.PolicyConfig.AllowEncryption
        };
        // Extract metadata on the current thread for a faster initial response
        if (!pool.PolicyConfig.NoMetadata)
            await ExtractMetadataAsync(file, ogFilePath, stream);
        db.Files.Add(file);
        await db.SaveChangesAsync();
        file.StorageId ??= file.Id;
-        // Offload optimization (image conversion, thumbnailing) and uploading to a background task
+        var js = nats.CreateJetStreamContext();
-        _ = Task.Run(() =>
+        await js.PublishAsync(
-            ProcessAndUploadInBackgroundAsync(file.Id, filePool, file.StorageId, contentType, ogFilePath, stream));
+            FileUploadedEvent.Type,
            GrpcTypeHelper.ConvertObjectToByteString(new FileUploadedEventPayload(
                file.Id,
                pool.Id,
                file.StorageId,
                file.MimeType,
                processingPath,
                isTempFile)
            ).ToByteArray()
        );
        return file;
    }
-    /// <summary>
+    private async Task ExtractMetadataAsync(SnCloudFile file, string filePath)
    /// Extracts metadata from the file based on its content type.
    /// This runs synchronously to ensure the initial database record has basic metadata.
    /// </summary>
    private async Task ExtractMetadataAsync(CloudFile file, string filePath, Stream stream)
    {
        switch (file.MimeType?.Split('/')[0])
        {
@@ -201,6 +198,7 @@ public class FileService(
                try
                {
                    var blurhash = BlurHashSharp.SkiaSharp.BlurHashEncoder.Encode(3, 3, filePath);
                    await using var stream = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
                    stream.Position = 0;
                    using var vipsImage = Image.NewFromStream(stream);
@@ -265,7 +263,6 @@ public class FileService(
                        ["bit_rate"] = mediaInfo.Format.BitRate.ToString(CultureInfo.InvariantCulture),
                        ["tags"] = mediaInfo.Format.Tags ?? new Dictionary<string, string>(),
                        ["chapters"] = mediaInfo.Chapters,
                        // Add detailed stream information
                        ["video_streams"] = mediaInfo.VideoStreams.Select(s => new
                        {
                            s.AvgFrameRate,
@@ -303,166 +300,6 @@ public class FileService(
        }
    }
    /// <summary>
    /// Handles file optimization (image compression, video thumbnail) and uploads to remote storage in the background.
    /// </summary>
    private async Task ProcessAndUploadInBackgroundAsync(
        string fileId,
        string remoteId,
        string storageId,
        string contentType,
        string originalFilePath,
        Stream stream
    )
    {
        var pool = await GetPoolAsync(Guid.Parse(remoteId));
        if (pool is null) return;
        await using var bgStream = stream; // Ensure stream is disposed at the end of this task
        using var scope = scopeFactory.CreateScope();
        var nfs = scope.ServiceProvider.GetRequiredService<FileService>();
        var scopedDb = scope.ServiceProvider.GetRequiredService<AppDatabase>();
        var uploads = new List<(string FilePath, string Suffix, string ContentType, bool SelfDestruct)>();
        var newMimeType = contentType;
        var hasCompression = false;
        var hasThumbnail = false;
        try
        {
            logger.LogInformation("Processing file {FileId} in background...", fileId);
            var fileExtension = Path.GetExtension(originalFilePath);
            if (!pool.PolicyConfig.NoOptimization)
                switch (contentType.Split('/')[0])
                {
                    case "image":
                        if (AnimatedImageTypes.Contains(contentType) || AnimatedImageExtensions.Contains(fileExtension))
                        {
                            logger.LogInformation("Skip optimize file {FileId} due to it is animated...", fileId);
                            uploads.Add((originalFilePath, string.Empty, contentType, false));
                            break;
                        }
                        newMimeType = "image/webp";
                        using (var vipsImage = Image.NewFromFile(originalFilePath))
                        {
                            var imageToWrite = vipsImage;
                            if (vipsImage.Interpretation is Enums.Interpretation.Scrgb or Enums.Interpretation.Xyz)
                            {
                                imageToWrite = vipsImage.Colourspace(Enums.Interpretation.Srgb);
                            }
                            var webpPath = Path.Join(Path.GetTempPath(), $"{TempFilePrefix}#{fileId}.webp");
                            imageToWrite.Autorot().WriteToFile(webpPath,
                                new VOption { { "lossless", true }, { "strip", true } });
                            uploads.Add((webpPath, string.Empty, newMimeType, true));
                            if (imageToWrite.Width * imageToWrite.Height >= 1024 * 1024)
                            {
                                var scale = 1024.0 / Math.Max(imageToWrite.Width, imageToWrite.Height);
                                var compressedPath =
                                    Path.Join(Path.GetTempPath(), $"{TempFilePrefix}#{fileId}-compressed.webp");
                                using var compressedImage = imageToWrite.Resize(scale);
                                compressedImage.Autorot().WriteToFile(compressedPath,
                                    new VOption { { "Q", 80 }, { "strip", true } });
                                uploads.Add((compressedPath, ".compressed", newMimeType, true));
                                hasCompression = true;
                            }
                            if (!ReferenceEquals(imageToWrite, vipsImage))
                            {
                                imageToWrite.Dispose(); // Clean up manually created colourspace-converted image
                            }
                        }
                        break;
                    case "video":
                        uploads.Add((originalFilePath, string.Empty, contentType, false));
                        var thumbnailPath = Path.Join(Path.GetTempPath(), $"{TempFilePrefix}#{fileId}.thumbnail.jpg");
                        try
                        {
                            await FFMpegArguments
                                .FromFileInput(originalFilePath, verifyExists: true)
                                .OutputToFile(thumbnailPath, overwrite: true, options => options
                                    .Seek(TimeSpan.FromSeconds(0))
                                    .WithFrameOutputCount(1)
                                    .WithCustomArgument("-q:v 2")
                                )
                                .NotifyOnOutput(line => logger.LogInformation("[FFmpeg] {Line}", line))
                                .NotifyOnError(line => logger.LogWarning("[FFmpeg] {Line}", line))
                                .ProcessAsynchronously();
                            if (File.Exists(thumbnailPath))
                            {
                                uploads.Add((thumbnailPath, ".thumbnail", "image/jpeg", true));
                                hasThumbnail = true;
                            }
                            else
                            {
                                logger.LogWarning("FFMpeg did not produce thumbnail for video {FileId}", fileId);
                            }
                        }
                        catch (Exception ex)
                        {
                            logger.LogError(ex, "Failed to generate thumbnail for video {FileId}", fileId);
                        }
                        break;
                    default:
                        uploads.Add((originalFilePath, string.Empty, contentType, false));
                        break;
                }
            else uploads.Add((originalFilePath, string.Empty, contentType, false));
            logger.LogInformation("Optimized file {FileId}, now uploading...", fileId);
            if (uploads.Count > 0)
            {
                var destPool = Guid.Parse(remoteId!);
                var uploadTasks = uploads.Select(item =>
                    nfs.UploadFileToRemoteAsync(
                        storageId,
                        destPool,
                        item.FilePath,
                        item.Suffix,
                        item.ContentType,
                        item.SelfDestruct
                    )
                ).ToList();
                await Task.WhenAll(uploadTasks);
                logger.LogInformation("Uploaded file {FileId} done!", fileId);
                var fileToUpdate = await scopedDb.Files.FirstAsync(f => f.Id == fileId);
                if (hasThumbnail) fileToUpdate.HasThumbnail = true;
                var now = SystemClock.Instance.GetCurrentInstant();
                await scopedDb.Files.Where(f => f.Id == fileId).ExecuteUpdateAsync(setter => setter
                    .SetProperty(f => f.UploadedAt, now)
                    .SetProperty(f => f.PoolId, destPool)
                    .SetProperty(f => f.MimeType, newMimeType)
                    .SetProperty(f => f.HasCompression, hasCompression)
                    .SetProperty(f => f.HasThumbnail, hasThumbnail)
                );
            }
        }
        catch (Exception err)
        {
            logger.LogError(err, "Failed to process and upload {FileId}", fileId);
        }
        finally
        {
            await nfs._PurgeCacheAsync(fileId);
        }
    }
    private static async Task<string> HashFileAsync(string filePath, int chunkSize = 1024 * 1024)
    {
        var fileInfo = new FileInfo(filePath);
@@ -491,11 +328,11 @@ public class FileService(
        }
        var hash = MD5.HashData(buffer.AsSpan(0, bytesRead));
-        stream.Position = 0; // Reset stream position
+        stream.Position = 0;
        return Convert.ToHexString(hash).ToLowerInvariant();
    }
-    private async Task UploadFileToRemoteAsync(
+    public async Task UploadFileToRemoteAsync(
        string storageId,
        Guid targetRemote,
        string filePath,
@@ -536,7 +373,7 @@ public class FileService(
        );
    }
-    public async Task<CloudFile> UpdateFileAsync(CloudFile file, FieldMask updateMask)
+    public async Task<SnCloudFile> UpdateFileAsync(SnCloudFile file, FieldMask updateMask)
    {
        var existingFile = await db.Files.FirstOrDefaultAsync(f => f.Id == file.Id);
        if (existingFile == null)
@@ -574,11 +411,10 @@ public class FileService(
        await db.Files.Where(f => f.Id == file.Id).ExecuteUpdateAsync(updatable.ToSetPropertyCalls());
        await _PurgeCacheAsync(file.Id);
        // Re-fetch the file to return the updated state
        return await db.Files.AsNoTracking().FirstAsync(f => f.Id == file.Id);
    }
-    public async Task DeleteFileAsync(CloudFile file)
+    public async Task DeleteFileAsync(SnCloudFile file)
    {
        db.Remove(file);
        await db.SaveChangesAsync();
@@ -587,24 +423,21 @@ public class FileService(
        await DeleteFileDataAsync(file);
    }
-    public async Task DeleteFileDataAsync(CloudFile file, bool force = false)
+    public async Task DeleteFileDataAsync(SnCloudFile file, bool force = false)
    {
        if (!file.PoolId.HasValue) return;
        if (!force)
        {
            // Check if any other file with the same storage ID is referenced
            var sameOriginFiles = await db.Files
                .Where(f => f.StorageId == file.StorageId && f.Id != file.Id)
                .Select(f => f.Id)
                .ToListAsync();
            // Check if any of these files are referenced
            if (sameOriginFiles.Count != 0)
                return;
        }
        // If any other file with the same storage ID is referenced, don't delete the actual file data
        var dest = await GetRemoteStorageConfig(file.PoolId.Value);
        if (dest is null) throw new InvalidOperationException($"No remote storage configured for pool {file.PoolId}");
        var client = CreateMinioClient(dest);
@@ -614,7 +447,7 @@ public class FileService(
            );
        var bucket = dest.Bucket;
-        var objectId = file.StorageId ?? file.Id; // Use StorageId if available, otherwise fall back to Id
+        var objectId = file.StorageId ?? file.Id;
        await client.RemoveObjectAsync(
            new RemoveObjectArgs().WithBucket(bucket).WithObject(objectId)
@@ -630,7 +463,6 @@ public class FileService(
            }
            catch
            {
                // Ignore errors when deleting compressed version
                logger.LogWarning("Failed to delete compressed version of file {fileId}", file.Id);
            }
        }
@@ -645,25 +477,17 @@ public class FileService(
            }
            catch
            {
                // Ignore errors when deleting thumbnail
                logger.LogWarning("Failed to delete thumbnail of file {fileId}", file.Id);
            }
        }
    }
-    /// <summary>
+    public async Task DeleteFileDataBatchAsync(List<SnCloudFile> files)
    /// The most efficent way to delete file data (stored files) in batch.
    /// But this DO NOT check the storage id, so use with caution!
    /// </summary>
    /// <param name="files">Files to delete</param>
    /// <exception cref="InvalidOperationException">Something went wrong</exception>
    public async Task DeleteFileDataBatchAsync(List<CloudFile> files)
    {
        files = files.Where(f => f.PoolId.HasValue).ToList();
        foreach (var fileGroup in files.GroupBy(f => f.PoolId!.Value))
        {
            // If any other file with the same storage ID is referenced, don't delete the actual file data
            var dest = await GetRemoteStorageConfig(fileGroup.Key);
            if (dest is null)
                throw new InvalidOperationException($"No remote storage configured for pool {fileGroup.Key}");
@@ -688,7 +512,7 @@ public class FileService(
        }
    }
-    private async Task<FileBundle?> GetBundleAsync(Guid id, Guid accountId)
+    private async Task<SnFileBundle?> GetBundleAsync(Guid id, Guid accountId)
    {
        var bundle = await db.Bundles
            .Where(e => e.Id == id)
@@ -733,31 +557,27 @@ public class FileService(
        return client.Build();
    }
    // Helper method to purge the cache for a specific file
    // Made internal to allow FileReferenceService to use it
    internal async Task _PurgeCacheAsync(string fileId)
    {
        var cacheKey = $"{CacheKeyPrefix}{fileId}";
        await cache.RemoveAsync(cacheKey);
    }
    // Helper method to purge cache for multiple files
    internal async Task _PurgeCacheRangeAsync(IEnumerable<string> fileIds)
    {
        var tasks = fileIds.Select(_PurgeCacheAsync);
        await Task.WhenAll(tasks);
    }
-    public async Task<List<CloudFile?>> LoadFromReference(List<CloudFileReferenceObject> references)
+    public async Task<List<SnCloudFile?>> LoadFromReference(List<SnCloudFileReferenceObject> references)
    {
-        var cachedFiles = new Dictionary<string, CloudFile>();
+        var cachedFiles = new Dictionary<string, SnCloudFile>();
        var uncachedIds = new List<string>();
        // Check cache first
        foreach (var reference in references)
        {
            var cacheKey = $"{CacheKeyPrefix}{reference.Id}";
-            var cachedFile = await cache.GetAsync<CloudFile>(cacheKey);
+            var cachedFile = await cache.GetAsync<SnCloudFile>(cacheKey);
            if (cachedFile != null)
            {
@@ -769,14 +589,12 @@ public class FileService(
            }
        }
        // Load uncached files from database
        if (uncachedIds.Count > 0)
        {
            var dbFiles = await db.Files
                .Where(f => uncachedIds.Contains(f.Id))
                .ToListAsync();
            // Add to cache
            foreach (var file in dbFiles)
            {
                var cacheKey = $"{CacheKeyPrefix}{file.Id}";
@@ -785,18 +603,11 @@ public class FileService(
            }
        }
-        // Preserve original order
+        return [.. references
        return references
            .Select(r => cachedFiles.GetValueOrDefault(r.Id))
-            .Where(f => f != null)
+            .Where(f => f != null)];
            .ToList();
    }
    /// <summary>
    /// Gets the number of references to a file based on CloudFileReference records
    /// </summary>
    /// <param name="fileId">The ID of the file</param>
    /// <returns>The number of references to the file</returns>
    public async Task<int> GetReferenceCountAsync(string fileId)
    {
        return await db.FileReferences
@@ -804,11 +615,6 @@ public class FileService(
            .CountAsync();
    }
    /// <summary>
    /// Checks if a file is referenced by any resource
    /// </summary>
    /// <param name="fileId">The ID of the file to check</param>
    /// <returns>True if the file is referenced, false otherwise</returns>
    public async Task<bool> IsReferencedAsync(string fileId)
    {
        return await db.FileReferences
@@ -816,12 +622,8 @@ public class FileService(
            .AnyAsync();
    }
    /// <summary>
    /// Checks if an EXIF field should be ignored (e.g., GPS data).
    /// </summary>
    private static bool IsIgnoredField(string fieldName)
    {
        // Common GPS EXIF field names
        var gpsFields = new[]
        {
            "gps-latitude", "gps-longitude", "gps-altitude", "gps-latitude-ref", "gps-longitude-ref",
@@ -882,7 +684,7 @@ public class FileService(
        return count;
    }
-    public async Task<string> CreateFastUploadLinkAsync(CloudFile file)
+    public async Task<string> CreateFastUploadLinkAsync(SnCloudFile file)
    {
        if (file.PoolId is null) throw new InvalidOperationException("Pool ID is null");
@@ -904,10 +706,7 @@ public class FileService(
    }
 }
-/// <summary>
+file class UpdatableCloudFile(SnCloudFile file)
 /// A helper class to build an ExecuteUpdateAsync call for CloudFile.
 /// </summary>
 file class UpdatableCloudFile(CloudFile file)
 {
    public string Name { get; set; } = file.Name;
    public string? Description { get; set; } = file.Description;
@@ -915,14 +714,14 @@ file class UpdatableCloudFile(CloudFile file)
    public Dictionary<string, object?>? UserMeta { get; set; } = file.UserMeta;
    public bool IsMarkedRecycle { get; set; } = file.IsMarkedRecycle;
-    public Expression<Func<SetPropertyCalls<CloudFile>, SetPropertyCalls<CloudFile>>> ToSetPropertyCalls()
+    public Expression<Func<SetPropertyCalls<SnCloudFile>, SetPropertyCalls<SnCloudFile>>> ToSetPropertyCalls()
    {
-        var userMeta = UserMeta ?? new Dictionary<string, object?>();
+        var userMeta = UserMeta ?? [];
        return setter => setter
            .SetProperty(f => f.Name, Name)
            .SetProperty(f => f.Description, Description)
            .SetProperty(f => f.FileMeta, FileMeta)
-            .SetProperty(f => f.UserMeta, userMeta!)
+            .SetProperty(f => f.UserMeta, userMeta)
            .SetProperty(f => f.IsMarkedRecycle, IsMarkedRecycle);
    }
 }
--- a/DysonNetwork.Drive/Storage/FileServiceGrpc.cs
+++ b/DysonNetwork.Drive/Storage/FileServiceGrpc.cs
@@ -1,4 +1,4 @@
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Google.Protobuf.WellKnownTypes;
 using Grpc.Core;
@@ -48,7 +48,7 @@ namespace DysonNetwork.Drive.Storage
        {
            // Assuming CloudFileReferenceObject is a simple class/struct that holds an ID
            // You might need to define this or adjust the LoadFromReference method in FileService
-            var references = request.ReferenceIds.Select(id => new CloudFileReferenceObject { Id = id }).ToList();
+            var references = request.ReferenceIds.Select(id => new SnCloudFileReferenceObject { Id = id }).ToList();
            var files = await fileService.LoadFromReference(references);
            var response = new LoadFromReferenceResponse();
            response.Files.AddRange(files.Where(f => f != null).Select(f => f!.ToProtoValue()));
--- a/DysonNetwork.Drive/Storage/FileUploadController.cs
+++ b/DysonNetwork.Drive/Storage/FileUploadController.cs
@@ -0,0 +1,278 @@
 using System.ComponentModel.DataAnnotations;
 using System.Text.Json;
 using DysonNetwork.Drive.Billing;
 using DysonNetwork.Drive.Storage.Model;
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Http;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using NanoidDotNet;
 namespace DysonNetwork.Drive.Storage;
 [ApiController]
 [Route("/api/files/upload")]
 [Authorize]
 public class FileUploadController(
    IConfiguration configuration,
    FileService fileService,
    AppDatabase db,
    PermissionService.PermissionServiceClient permission,
    QuotaService quotaService
 )
    : ControllerBase
 {
    private readonly string _tempPath =
        configuration.GetValue<string>("Storage:Uploads") ?? Path.Combine(Path.GetTempPath(), "multipart-uploads");
    private const long DefaultChunkSize = 1024 * 1024 * 5; // 5MB
    [HttpPost("create")]
    public async Task<IActionResult> CreateUploadTask([FromBody] CreateUploadTaskRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
        {
            return new ObjectResult(ApiError.Unauthorized()) { StatusCode = 401 };
        }
        if (!currentUser.IsSuperuser)
        {
            var allowed = await permission.HasPermissionAsync(new HasPermissionRequest
            { Actor = $"user:{currentUser.Id}", Area = "global", Key = "files.create" });
            if (!allowed.HasPermission)
            {
                return new ObjectResult(ApiError.Unauthorized(forbidden: true)) { StatusCode = 403 };
            }
        }
        request.PoolId ??= Guid.Parse(configuration["Storage:PreferredRemote"]!);
        var pool = await fileService.GetPoolAsync(request.PoolId.Value);
        if (pool is null)
        {
            return new ObjectResult(ApiError.NotFound("Pool")) { StatusCode = 404 };
        }
        if (pool.PolicyConfig.RequirePrivilege is > 0)
        {
            var privilege =
                currentUser.PerkSubscription is null ? 0 :
                PerkSubscriptionPrivilege.GetPrivilegeFromIdentifier(currentUser.PerkSubscription.Identifier);
            if (privilege < pool.PolicyConfig.RequirePrivilege)
            {
                return new ObjectResult(ApiError.Unauthorized(
                    $"You need Stellar Program tier {pool.PolicyConfig.RequirePrivilege} to use pool {pool.Name}, you are tier {privilege}",
                    forbidden: true))
                {
                    StatusCode = 403
                };
            }
        }
        var policy = pool.PolicyConfig;
        if (!policy.AllowEncryption && !string.IsNullOrEmpty(request.EncryptPassword))
        {
            return new ObjectResult(ApiError.Unauthorized("File encryption is not allowed in this pool", true))
            { StatusCode = 403 };
        }
        if (policy.AcceptTypes is { Count: > 0 })
        {
            if (string.IsNullOrEmpty(request.ContentType))
            {
                return new ObjectResult(ApiError.Validation(new Dictionary<string, string[]>
                {
                    { "contentType", new[] { "Content type is required by the pool's policy" } }
                }))
                { StatusCode = 400 };
            }
            var foundMatch = policy.AcceptTypes.Any(acceptType =>
            {
                if (acceptType.EndsWith("/*", StringComparison.OrdinalIgnoreCase))
                {
                    var type = acceptType[..^2];
                    return request.ContentType.StartsWith($"{type}/", StringComparison.OrdinalIgnoreCase);
                }
                return acceptType.Equals(request.ContentType, StringComparison.OrdinalIgnoreCase);
            });
            if (!foundMatch)
            {
                return new ObjectResult(
                    ApiError.Unauthorized($"Content type {request.ContentType} is not allowed by the pool's policy",
                        true))
                { StatusCode = 403 };
            }
        }
        if (policy.MaxFileSize is not null && request.FileSize > policy.MaxFileSize)
        {
            return new ObjectResult(ApiError.Unauthorized(
                $"File size {request.FileSize} is larger than the pool's maximum file size {policy.MaxFileSize}",
                true))
            {
                StatusCode = 403
            };
        }
        var (ok, billableUnit, quota) = await quotaService.IsFileAcceptable(
            Guid.Parse(currentUser.Id),
            pool.BillingConfig.CostMultiplier ?? 1.0,
            request.FileSize
        );
        if (!ok)
        {
            return new ObjectResult(
                ApiError.Unauthorized($"File size {billableUnit} MiB is exceeded the user's quota {quota} MiB",
                    true))
            { StatusCode = 403 };
        }
        if (!Directory.Exists(_tempPath))
        {
            Directory.CreateDirectory(_tempPath);
        }
        // Check if a file with the same hash already exists
        var existingFile = await db.Files.FirstOrDefaultAsync(f => f.Hash == request.Hash);
        if (existingFile != null)
        {
            return Ok(new CreateUploadTaskResponse
            {
                FileExists = true,
                File = existingFile
            });
        }
        var taskId = await Nanoid.GenerateAsync();
        var taskPath = Path.Combine(_tempPath, taskId);
        Directory.CreateDirectory(taskPath);
        var chunkSize = request.ChunkSize ?? DefaultChunkSize;
        var chunksCount = (int)Math.Ceiling((double)request.FileSize / chunkSize);
        var task = new UploadTask
        {
            TaskId = taskId,
            FileName = request.FileName,
            FileSize = request.FileSize,
            ContentType = request.ContentType,
            ChunkSize = chunkSize,
            ChunksCount = chunksCount,
            PoolId = request.PoolId.Value,
            BundleId = request.BundleId,
            EncryptPassword = request.EncryptPassword,
            ExpiredAt = request.ExpiredAt,
            Hash = request.Hash,
        };
        await System.IO.File.WriteAllTextAsync(Path.Combine(taskPath, "task.json"), JsonSerializer.Serialize(task));
        return Ok(new CreateUploadTaskResponse
        {
            FileExists = false,
            TaskId = taskId,
            ChunkSize = chunkSize,
            ChunksCount = chunksCount
        });
    }
    public class UploadChunkRequest
    {
        [Required]
        public IFormFile Chunk { get; set; } = null!;
    }
    [HttpPost("chunk/{taskId}/{chunkIndex}")]
    [RequestSizeLimit(DefaultChunkSize + 1024 * 1024)] // 6MB to be safe
    [RequestFormLimits(MultipartBodyLengthLimit = DefaultChunkSize + 1024 * 1024)]
    public async Task<IActionResult> UploadChunk(string taskId, int chunkIndex, [FromForm] UploadChunkRequest request)
    {
        var chunk = request.Chunk;
        var taskPath = Path.Combine(_tempPath, taskId);
        if (!Directory.Exists(taskPath))
        {
            return new ObjectResult(ApiError.NotFound("Upload task")) { StatusCode = 404 };
        }
        var chunkPath = Path.Combine(taskPath, $"{chunkIndex}.chunk");
        await using var stream = new FileStream(chunkPath, FileMode.Create);
        await chunk.CopyToAsync(stream);
        return Ok();
    }
    [HttpPost("complete/{taskId}")]
    public async Task<IActionResult> CompleteUpload(string taskId)
    {
        var taskPath = Path.Combine(_tempPath, taskId);
        if (!Directory.Exists(taskPath))
        {
            return new ObjectResult(ApiError.NotFound("Upload task")) { StatusCode = 404 };
        }
        var taskJsonPath = Path.Combine(taskPath, "task.json");
        if (!System.IO.File.Exists(taskJsonPath))
        {
            return new ObjectResult(ApiError.NotFound("Upload task metadata")) { StatusCode = 404 };
        }
        var task = JsonSerializer.Deserialize<UploadTask>(await System.IO.File.ReadAllTextAsync(taskJsonPath));
        if (task == null)
        {
            return new ObjectResult(new ApiError { Code = "BAD_REQUEST", Message = "Invalid task metadata.", Status = 400 })
            { StatusCode = 400 };
        }
        var mergedFilePath = Path.Combine(_tempPath, taskId + ".tmp");
        await using (var mergedStream = new FileStream(mergedFilePath, FileMode.Create))
        {
            for (var i = 0; i < task.ChunksCount; i++)
            {
                var chunkPath = Path.Combine(taskPath, $"{i}.chunk");
                if (!System.IO.File.Exists(chunkPath))
                {
                    // Clean up partially uploaded file
                    mergedStream.Close();
                    System.IO.File.Delete(mergedFilePath);
                    Directory.Delete(taskPath, true);
                    return new ObjectResult(new ApiError
                    { Code = "CHUNK_MISSING", Message = $"Chunk {i} is missing.", Status = 400 })
                    { StatusCode = 400 };
                }
                await using var chunkStream = new FileStream(chunkPath, FileMode.Open);
                await chunkStream.CopyToAsync(mergedStream);
            }
        }
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
        {
            return new ObjectResult(ApiError.Unauthorized()) { StatusCode = 401 };
        }
        var fileId = await Nanoid.GenerateAsync();
        var cloudFile = await fileService.ProcessNewFileAsync(
            currentUser,
            fileId,
            task.PoolId.ToString(),
            task.BundleId?.ToString(),
            mergedFilePath,
            task.FileName,
            task.ContentType,
            task.EncryptPassword,
            task.ExpiredAt
        );
        // Clean up
        Directory.Delete(taskPath, true);
        System.IO.File.Delete(mergedFilePath);
        return Ok(cloudFile);
    }
 }
--- a/DysonNetwork.Drive/Storage/Model/Events.cs
+++ b/DysonNetwork.Drive/Storage/Model/Events.cs
@@ -0,0 +1,15 @@
 namespace DysonNetwork.Drive.Storage.Model;
 public static class FileUploadedEvent
 {
    public const string Type = "file_uploaded";
 }
 public record FileUploadedEventPayload(
    string FileId,
    Guid RemoteId,
    string StorageId,
    string ContentType,
    string ProcessingFilePath,
    bool IsTempFile
 );
--- a/DysonNetwork.Drive/Storage/Model/FileUploadModels.cs
+++ b/DysonNetwork.Drive/Storage/Model/FileUploadModels.cs
@@ -0,0 +1,42 @@
 using DysonNetwork.Shared.Models;
 using NodaTime;
 namespace DysonNetwork.Drive.Storage.Model
 {
    public class CreateUploadTaskRequest
    {
        public string Hash { get; set; } = null!;
        public string FileName { get; set; } = null!;
        public long FileSize { get; set; }
        public string ContentType { get; set; } = null!;
        public Guid? PoolId { get; set; } = null!;
        public Guid? BundleId { get; set; }
        public string? EncryptPassword { get; set; }
        public Instant? ExpiredAt { get; set; }
        public long? ChunkSize { get; set; }
    }
    public class CreateUploadTaskResponse
    {
        public bool FileExists { get; set; }
        public SnCloudFile? File { get; set; }
        public string? TaskId { get; set; }
        public long? ChunkSize { get; set; }
        public int? ChunksCount { get; set; }
    }
    internal class UploadTask
    {
        public string TaskId { get; set; } = null!;
        public string FileName { get; set; } = null!;
        public long FileSize { get; set; }
        public string ContentType { get; set; } = null!;
        public long ChunkSize { get; set; }
        public int ChunksCount { get; set; }
        public Guid PoolId { get; set; }
        public Guid? BundleId { get; set; }
        public string? EncryptPassword { get; set; }
        public Instant? ExpiredAt { get; set; }
        public string Hash { get; set; } = null!;
    }
 }
--- a/DysonNetwork.Drive/Storage/README.md
+++ b/DysonNetwork.Drive/Storage/README.md
@@ -0,0 +1,94 @@
 # Multi-part File Upload API
 This document outlines the process for uploading large files in chunks using the multi-part upload API.
 ## 1. Create an Upload Task
 To begin a file upload, you first need to create an upload task. This is done by sending a `POST` request to the `/api/files/upload/create` endpoint.
 **Endpoint:** `POST /api/files/upload/create`
 **Request Body:**
 ```json
 {
  "hash": "string (file hash, e.g., MD5 or SHA256)",
  "file_name": "string",
  "file_size": "long (in bytes)",
  "content_type": "string (e.g., 'image/jpeg')",
  "pool_id": "string (GUID, optional)",
  "bundle_id": "string (GUID, optional)",
  "encrypt_password": "string (optional)",
  "expired_at": "string (ISO 8601 format, optional)",
  "chunk_size": "long (in bytes, optional, defaults to 5MB)"
 }
 ```
 **Response:**
 If a file with the same hash already exists, the server will return a `200 OK` with the following body:
 ```json
 {
  "file_exists": true,
  "file": { ... (CloudFile object in snake_case) ... }
 }
 ```
 If the file does not exist, the server will return a `200 OK` with a task ID and chunk information:
 ```json
 {
  "file_exists": false,
  "task_id": "string",
  "chunk_size": "long",
  "chunks_count": "int"
 }
 ```
 You will need the `task_id`, `chunk_size`, and `chunks_count` for the next steps.
 ## 2. Upload File Chunks
 Once you have a `task_id`, you can start uploading the file in chunks. Each chunk is sent as a `POST` request with `multipart/form-data`.
 **Endpoint:** `POST /api/files/upload/chunk/{taskId}/{chunkIndex}`
 -   `taskId`: The ID of the upload task from the previous step.
 -   `chunkIndex`: The 0-based index of the chunk you are uploading.
 **Request Body:**
 The body of the request should be `multipart/form-data` with a single form field named `chunk` containing the binary data for that chunk.
 The size of each chunk should be equal to the `chunk_size` returned in the "Create Upload Task" step, except for the last chunk, which may be smaller.
 **Response:**
 A successful chunk upload will return a `200 OK` with an empty body.
 You should upload all chunks from `0` to `chunks_count - 1`.
 ## 3. Complete the Upload
 After all chunks have been successfully uploaded, you must send a final request to complete the upload process. This will merge all the chunks into a single file and process it.
 **Endpoint:** `POST /api/files/upload/complete/{taskId}`
 -   `taskId`: The ID of the upload task.
 **Request Body:**
 The request body should be empty.
 **Response:**
 A successful request will return a `200 OK` with the `CloudFile` object for the newly uploaded file.
 ```json
 {
  ... (CloudFile object) ...
 }
 ```
 If any chunks are missing or an error occurs during the merge process, the server will return a `400 Bad Request` with an error message.
--- a/DysonNetwork.Drive/Storage/TusService.cs
+++ b/DysonNetwork.Drive/Storage/TusService.cs
@@ -1,306 +0,0 @@
 using System.Net;
 using System.Text;
 using System.Text.Json;
 using DysonNetwork.Drive.Billing;
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
 using NodaTime;
 using tusdotnet.Interfaces;
 using tusdotnet.Models;
 using tusdotnet.Models.Configuration;
 namespace DysonNetwork.Drive.Storage;
 public abstract class TusService
 {
    public static DefaultTusConfiguration BuildConfiguration(
        ITusStore store,
        IConfiguration configuration
    ) => new()
    {
        Store = store,
        Events = new Events
        {
            OnAuthorizeAsync = async eventContext =>
            {
                if (eventContext.Intent == IntentType.DeleteFile)
                {
                    eventContext.FailRequest(
                        HttpStatusCode.BadRequest,
                        "Deleting files from this endpoint was disabled, please refer to the Dyson Network File API."
                    );
                    return;
                }
                var httpContext = eventContext.HttpContext;
                if (httpContext.Items["CurrentUser"] is not Account currentUser)
                {
                    eventContext.FailRequest(HttpStatusCode.Unauthorized);
                    return;
                }
                if (eventContext.Intent != IntentType.CreateFile) return;
                using var scope = httpContext.RequestServices.CreateScope();
                if (!currentUser.IsSuperuser)
                {
                    var pm = scope.ServiceProvider.GetRequiredService<PermissionService.PermissionServiceClient>();
                    var allowed = await pm.HasPermissionAsync(new HasPermissionRequest
                        { Actor = $"user:{currentUser.Id}", Area = "global", Key = "files.create" });
                    if (!allowed.HasPermission)
                        eventContext.FailRequest(HttpStatusCode.Forbidden);
                }
                var filePool = httpContext.Request.Headers["X-FilePool"].FirstOrDefault();
                if (string.IsNullOrEmpty(filePool)) filePool = configuration["Storage:PreferredRemote"];
                if (!Guid.TryParse(filePool, out _))
                {
                    eventContext.FailRequest(HttpStatusCode.BadRequest, "Invalid file pool id");
                    return;
                }
                var fs = scope.ServiceProvider.GetRequiredService<FileService>();
                var pool = await fs.GetPoolAsync(Guid.Parse(filePool!));
                if (pool is null)
                {
                    eventContext.FailRequest(HttpStatusCode.BadRequest, "Pool not found");
                    return;
                }
                if (pool.PolicyConfig.RequirePrivilege > 0)
                {
                    if (currentUser.PerkSubscription is null)
                    {
                        eventContext.FailRequest(
                            HttpStatusCode.Forbidden,
                            $"You need to have join the Stellar Program to use this pool"
                        );
                        return;
                    }
                    var privilege =
                        PerkSubscriptionPrivilege.GetPrivilegeFromIdentifier(currentUser.PerkSubscription.Identifier);
                    if (privilege < pool.PolicyConfig.RequirePrivilege)
                    {
                        eventContext.FailRequest(
                            HttpStatusCode.Forbidden,
                            $"You need Stellar Program tier {pool.PolicyConfig.RequirePrivilege} to use this pool, you are tier {privilege}"
                        );
                    }
                }
                var bundleId = eventContext.HttpContext.Request.Headers["X-FileBundle"].FirstOrDefault();
                if (!string.IsNullOrEmpty(bundleId) && !Guid.TryParse(bundleId, out _))
                {
                    eventContext.FailRequest(HttpStatusCode.BadRequest, "Invalid file bundle id");
                }
            },
            OnFileCompleteAsync = async eventContext =>
            {
                using var scope = eventContext.HttpContext.RequestServices.CreateScope();
                var services = scope.ServiceProvider;
                var httpContext = eventContext.HttpContext;
                if (httpContext.Items["CurrentUser"] is not Account user) return;
                var file = await eventContext.GetFileAsync();
                var metadata = await file.GetMetadataAsync(eventContext.CancellationToken);
                var fileName = metadata.TryGetValue("filename", out var fn)
                    ? fn.GetString(Encoding.UTF8)
                    : "uploaded_file";
                var contentType = metadata.TryGetValue("content-type", out var ct) ? ct.GetString(Encoding.UTF8) : null;
                var fileStream = await file.GetContentAsync(eventContext.CancellationToken);
                var filePool = httpContext.Request.Headers["X-FilePool"].FirstOrDefault();
                var bundleId = eventContext.HttpContext.Request.Headers["X-FileBundle"].FirstOrDefault();
                var encryptPassword = httpContext.Request.Headers["X-FilePass"].FirstOrDefault();
                if (string.IsNullOrEmpty(filePool))
                    filePool = configuration["Storage:PreferredRemote"];
                Instant? expiredAt = null;
                var expiredString = httpContext.Request.Headers["X-FileExpire"].FirstOrDefault();
                if (!string.IsNullOrEmpty(expiredString) && int.TryParse(expiredString, out var expired))
                    expiredAt = Instant.FromUnixTimeSeconds(expired);
                try
                {
                    var fileService = services.GetRequiredService<FileService>();
                    var info = await fileService.ProcessNewFileAsync(
                        user,
                        file.Id,
                        filePool!,
                        bundleId,
                        fileStream,
                        fileName,
                        contentType,
                        encryptPassword,
                        expiredAt
                    );
                    using var finalScope = eventContext.HttpContext.RequestServices.CreateScope();
                    var jsonOptions = finalScope.ServiceProvider.GetRequiredService<IOptions<JsonOptions>>().Value
                        .JsonSerializerOptions;
                    var infoJson = JsonSerializer.Serialize(info, jsonOptions);
                    eventContext.HttpContext.Response.Headers.Append("X-FileInfo", infoJson);
                }
                catch (Exception ex)
                {
                    var logger = services.GetRequiredService<ILogger<TusService>>();
                    eventContext.HttpContext.Response.StatusCode = StatusCodes.Status400BadRequest;
                    await eventContext.HttpContext.Response.WriteAsync(ex.Message);
                    logger.LogError(ex, "Error handling file upload...");
                }
                finally
                {
                    // Dispose the stream after all processing is complete
                    await fileStream.DisposeAsync();
                }
            },
            OnBeforeCreateAsync = async eventContext =>
            {
                var httpContext = eventContext.HttpContext;
                if (httpContext.Items["CurrentUser"] is not Account currentUser)
                {
                    eventContext.FailRequest(HttpStatusCode.Unauthorized);
                    return;
                }
                var accountId = Guid.Parse(currentUser.Id);
                var poolId = eventContext.HttpContext.Request.Headers["X-FilePool"].FirstOrDefault();
                if (string.IsNullOrEmpty(poolId)) poolId = configuration["Storage:PreferredRemote"];
                if (!Guid.TryParse(poolId, out _))
                {
                    eventContext.FailRequest(HttpStatusCode.BadRequest, "Invalid file pool id");
                    return;
                }
                var bundleId = eventContext.HttpContext.Request.Headers["X-FileBundle"].FirstOrDefault();
                if (!string.IsNullOrEmpty(bundleId) && !Guid.TryParse(bundleId, out _))
                {
                    eventContext.FailRequest(HttpStatusCode.BadRequest, "Invalid file bundle id");
                    return;
                }
                var metadata = eventContext.Metadata;
                var contentType = metadata.TryGetValue("content-type", out var ct) ? ct.GetString(Encoding.UTF8) : null;
                var scope = eventContext.HttpContext.RequestServices.CreateScope();
                var rejected = false;
                var fs = scope.ServiceProvider.GetRequiredService<FileService>();
                var pool = await fs.GetPoolAsync(Guid.Parse(poolId!));
                if (pool is null)
                {
                    eventContext.FailRequest(HttpStatusCode.BadRequest, "Pool not found");
                    rejected = true;
                }
                var logger = scope.ServiceProvider.GetRequiredService<ILogger<TusService>>();
                // Do the policy check
                var policy = pool!.PolicyConfig;
                if (!rejected && !pool.PolicyConfig.AllowEncryption)
                {
                    var encryptPassword = eventContext.HttpContext.Request.Headers["X-FilePass"].FirstOrDefault();
                    if (!string.IsNullOrEmpty(encryptPassword))
                    {
                        eventContext.FailRequest(
                            HttpStatusCode.Forbidden,
                            "File encryption is not allowed in this pool"
                        );
                        rejected = true;
                    }
                }
                if (!rejected && policy.AcceptTypes is not null)
                {
                    if (string.IsNullOrEmpty(contentType))
                    {
                        eventContext.FailRequest(
                            HttpStatusCode.BadRequest,
                            "Content type is required by the pool's policy"
                        );
                        rejected = true;
                    }
                    else
                    {
                        var foundMatch = false;
                        foreach (var acceptType in policy.AcceptTypes)
                        {
                            if (acceptType.EndsWith("/*", StringComparison.OrdinalIgnoreCase))
                            {
                                var type = acceptType[..^2];
                                if (!contentType.StartsWith($"{type}/", StringComparison.OrdinalIgnoreCase)) continue;
                                foundMatch = true;
                                break;
                            }
                            else if (acceptType.Equals(contentType, StringComparison.OrdinalIgnoreCase))
                            {
                                foundMatch = true;
                                break;
                            }
                        }
                        if (!foundMatch)
                        {
                            eventContext.FailRequest(
                                HttpStatusCode.Forbidden,
                                $"Content type {contentType} is not allowed by the pool's policy"
                            );
                            rejected = true;
                        }
                    }
                }
                if (!rejected && policy.MaxFileSize is not null)
                {
                    if (eventContext.UploadLength > policy.MaxFileSize)
                    {
                        eventContext.FailRequest(
                            HttpStatusCode.Forbidden,
                            $"File size {eventContext.UploadLength} is larger than the pool's maximum file size {policy.MaxFileSize}"
                        );
                        rejected = true;
                    }
                }
                if (!rejected)
                {
                    var quotaService = scope.ServiceProvider.GetRequiredService<QuotaService>();
                    var (ok, billableUnit, quota) = await quotaService.IsFileAcceptable(
                        accountId,
                        pool.BillingConfig.CostMultiplier ?? 1.0,
                        eventContext.UploadLength
                    );
                    if (!ok)
                    {
                        eventContext.FailRequest(
                            HttpStatusCode.Forbidden,
                            $"File size {billableUnit} MiB is exceeded the user's quota {quota} MiB"
                        );
                        rejected = true;
                    }
                }
                if (rejected)
                    logger.LogInformation("File rejected #{FileId}", eventContext.FileId);
            },
            OnCreateCompleteAsync = eventContext =>
            {
                var directUpload = eventContext.HttpContext.Request.Headers["X-DirectUpload"].FirstOrDefault();
                if (!string.IsNullOrEmpty(directUpload)) return Task.CompletedTask;
                var gatewayUrl = configuration["GatewayUrl"];
                if (gatewayUrl is not null)
                    eventContext.SetUploadUrl(new Uri(gatewayUrl + "/drive/tus/" + eventContext.FileId));
                return Task.CompletedTask;
            },
        }
    };
 }
--- a/DysonNetwork.Drive/appsettings.json
+++ b/DysonNetwork.Drive/appsettings.json
@@ -27,19 +27,11 @@
    "PublicKeyPath": "Keys/PublicKey.pem",
    "PrivateKeyPath": "Keys/PrivateKey.pem"
  },
  "OidcProvider": {
    "IssuerUri": "https://nt.solian.app",
    "PublicKeyPath": "Keys/PublicKey.pem",
    "PrivateKeyPath": "Keys/PrivateKey.pem",
    "AccessTokenLifetime": "01:00:00",
    "RefreshTokenLifetime": "30.00:00:00",
    "AuthorizationCodeLifetime": "00:30:00",
    "RequireHttpsMetadata": true
  },
  "Tus": {
    "StorePath": "Uploads"
  },
  "Storage": {
    "Uploads": "Uploads",
    "PreferredRemote": "2adceae3-981a-4564-9b8d-5d71a211c873",
    "Remote": [
      {
@@ -125,9 +117,5 @@
  "KnownProxies": [
    "127.0.0.1",
    "::1"
-  ],
+  ]
  "Service": {
    "Name": "DysonNetwork.Drive",
    "Url": "https://localhost:7092"
  }
 }
--- a/DysonNetwork.Drive/bun.lock
+++ b/DysonNetwork.Drive/bun.lock
@@ -1,13 +0,0 @@
 {
  "lockfileVersion": 1,
  "workspaces": {
    "": {
      "dependencies": {
        "highlight.js": "^11.11.1",
      },
    },
  },
  "packages": {
    "highlight.js": ["highlight.js@11.11.1", "", {}, "sha512-Xwwo44whKBVCYoliBQwaPvtd/2tYFkRQtXDWj1nackaV2JPXx3L0+Jvd8/qCJ2p+ML0/XVkJ2q+Mr+UVdpJK5w=="],
  }
 }
--- a/DysonNetwork.Gateway/Configuration/ConfigurationController.cs
+++ b/DysonNetwork.Gateway/Configuration/ConfigurationController.cs
@@ -0,0 +1,12 @@
 using Microsoft.AspNetCore.Mvc;
 [ApiController]
 [Route("config")]
 public class ConfigurationController(IConfiguration configuration) : ControllerBase
 {
    [HttpGet]
    public IActionResult Get() => Ok(configuration.GetSection("Client").Get<Dictionary<string, object>>());
    [HttpGet("site")]
    public IActionResult GetSiteUrl() => Ok(configuration["SiteUrl"]);
 }
--- a/DysonNetwork.Gateway/Dockerfile
+++ b/DysonNetwork.Gateway/Dockerfile
@@ -0,0 +1,23 @@
 FROM mcr.microsoft.com/dotnet/aspnet:9.0 AS base
 USER $APP_UID
 WORKDIR /app
 EXPOSE 8080
 EXPOSE 8081
 FROM mcr.microsoft.com/dotnet/sdk:9.0 AS build
 ARG BUILD_CONFIGURATION=Release
 WORKDIR /src
 COPY ["DysonNetwork.Gateway/DysonNetwork.Gateway.csproj", "DysonNetwork.Gateway/"]
 RUN dotnet restore "DysonNetwork.Gateway/DysonNetwork.Gateway.csproj"
 COPY . .
 WORKDIR "/src/DysonNetwork.Gateway"
 RUN dotnet build "./DysonNetwork.Gateway.csproj" -c $BUILD_CONFIGURATION -o /app/build
 FROM build AS publish
 ARG BUILD_CONFIGURATION=Release
 RUN dotnet publish "./DysonNetwork.Gateway.csproj" -c $BUILD_CONFIGURATION -o /app/publish /p:UseAppHost=false
 FROM base AS final
 WORKDIR /app
 COPY --from=publish /app/publish .
 ENTRYPOINT ["dotnet", "DysonNetwork.Gateway.dll"]
--- a/DysonNetwork.Gateway/DysonNetwork.Gateway.csproj
+++ b/DysonNetwork.Gateway/DysonNetwork.Gateway.csproj
@@ -0,0 +1,18 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
  <PropertyGroup>
    <TargetFramework>net9.0</TargetFramework>
    <Nullable>enable</Nullable>
    <ImplicitUsings>enable</ImplicitUsings>
  </PropertyGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.Extensions.ServiceDiscovery.Yarp" Version="9.5.2" />
    <PackageReference Include="Yarp.ReverseProxy" Version="2.3.0" />
  </ItemGroup>
  <ItemGroup>
      <ProjectReference Include="..\DysonNetwork.Shared\DysonNetwork.Shared.csproj" />
  </ItemGroup>
 </Project>
--- a/DysonNetwork.Gateway/Program.cs
+++ b/DysonNetwork.Gateway/Program.cs
@@ -0,0 +1,168 @@
 using System.Threading.RateLimiting;
 using DysonNetwork.Shared.Http;
 using Yarp.ReverseProxy.Configuration;
 using Microsoft.AspNetCore.HttpOverrides;
 var builder = WebApplication.CreateBuilder(args);
 builder.AddServiceDefaults();
 builder.ConfigureAppKestrel(builder.Configuration, maxRequestBodySize: long.MaxValue, enableGrpc: false);
 builder.Services.AddCors(options =>
 {
    options.AddDefaultPolicy(
        policy =>
        {
            policy.SetIsOriginAllowed(origin => true)
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials()
                .WithExposedHeaders("X-Total");
        });
 });
 builder.Services.AddRateLimiter(options =>
 {
    options.AddPolicy("fixed", context =>
    {
        var ip = context.Connection.RemoteIpAddress?.ToString() ?? "unknown";
        return RateLimitPartition.GetFixedWindowLimiter(
            partitionKey: ip,
            factory: _ => new FixedWindowRateLimiterOptions
            {
                PermitLimit = 120, // 120 requests...
                Window = TimeSpan.FromMinutes(1), // ...per minute per IP
                QueueProcessingOrder = QueueProcessingOrder.OldestFirst,
                QueueLimit = 10 // allow short bursts instead of instant 503s
            });
    });
    options.OnRejected = async (context, token) =>
        {
            // Log the rejected IP
            var logger = context.HttpContext.RequestServices
                .GetRequiredService<ILoggerFactory>()
                .CreateLogger("RateLimiter");
            var ip = context.HttpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown";
            logger.LogWarning("Rate limit exceeded for IP: {IP}", ip);
            // Respond to the client
            context.HttpContext.Response.StatusCode = StatusCodes.Status429TooManyRequests;
            await context.HttpContext.Response.WriteAsync(
                "Rate limit exceeded. Try again later.", token);
        };
 });
 var serviceNames = new[] { "ring", "pass", "drive", "sphere", "develop", "insight" };
 var specialRoutes = new[]
 {
    new RouteConfig
    {
        RouteId = "ring-ws",
        ClusterId = "ring",
        Match = new RouteMatch { Path = "/ws" }
    },
    new RouteConfig
    {
        RouteId = "pass-openid",
        ClusterId = "pass",
        Match = new RouteMatch { Path = "/.well-known/openid-configuration" }
    },
    new RouteConfig
    {
        RouteId = "pass-jwks",
        ClusterId = "pass",
        Match = new RouteMatch { Path = "/.well-known/jwks" }
    },
    new RouteConfig
    {
        RouteId = "drive-tus",
        ClusterId = "drive",
        Match = new RouteMatch { Path = "/api/tus" }
    }
 };
 var apiRoutes = serviceNames.Select(serviceName =>
 {
    var apiPath = serviceName switch
    {
        _ => $"/{serviceName}"
    };
    return new RouteConfig
    {
        RouteId = $"{serviceName}-api",
        ClusterId = serviceName,
        Match = new RouteMatch { Path = $"{apiPath}/{{**catch-all}}" },
        Transforms =
        [
            new Dictionary<string, string> { { "PathRemovePrefix", apiPath } },
            new Dictionary<string, string> { { "PathPrefix", "/api" } }
        ]
    };
 });
 var swaggerRoutes = serviceNames.Select(serviceName => new RouteConfig
 {
    RouteId = $"{serviceName}-swagger",
    ClusterId = serviceName,
    Match = new RouteMatch { Path = $"/swagger/{serviceName}/{{**catch-all}}" },
    Transforms =
    [
        new Dictionary<string, string> { { "PathRemovePrefix", $"/swagger/{serviceName}" } },
        new Dictionary<string, string> { { "PathPrefix", "/swagger" } }
    ]
 });
 var routes = specialRoutes.Concat(apiRoutes).Concat(swaggerRoutes).ToArray();
 var clusters = serviceNames.Select(serviceName => new ClusterConfig
 {
    ClusterId = serviceName,
    HealthCheck = new HealthCheckConfig
    {
        Active = new ActiveHealthCheckConfig
        {
            Enabled = true,
            Interval = TimeSpan.FromSeconds(10),
            Timeout = TimeSpan.FromSeconds(5),
            Path = "/health"
        },
        Passive = new()
        {
            Enabled = true
        }
    },
    Destinations = new Dictionary<string, DestinationConfig>
    {
        { "destination1", new DestinationConfig { Address = $"http://{serviceName}" } }
    }
 }).ToArray();
 builder.Services
    .AddReverseProxy()
    .LoadFromMemory(routes, clusters)
    .AddServiceDiscoveryDestinationResolver();
 builder.Services.AddControllers();
 var app = builder.Build();
 var forwardedHeadersOptions = new ForwardedHeadersOptions
 {
    ForwardedHeaders = ForwardedHeaders.All
 };
 forwardedHeadersOptions.KnownNetworks.Clear();
 forwardedHeadersOptions.KnownProxies.Clear();
 app.UseForwardedHeaders(forwardedHeadersOptions);
 app.UseCors();
 app.MapReverseProxy().RequireRateLimiting("fixed");
 app.MapControllers();
 app.Run();
--- a/DysonNetwork.Gateway/Properties/launchSettings.json
+++ b/DysonNetwork.Gateway/Properties/launchSettings.json
@@ -0,0 +1,21 @@
 {
  "$schema": "https://json.schemastore.org/launchsettings.json",
  "profiles": {
    "http": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "https": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
 }
--- a/DysonNetwork.Gateway/appsettings.json
+++ b/DysonNetwork.Gateway/appsettings.json
@@ -0,0 +1,13 @@
 {
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*",
  "SiteUrl": "http://localhost:3000",
  "Client": {
    "SomeSetting": "SomeValue"
  }
 }
--- a/DysonNetwork.Insight/AppDatabase.cs
+++ b/DysonNetwork.Insight/AppDatabase.cs
@@ -0,0 +1,76 @@
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Design;
 using NodaTime;
 namespace DysonNetwork.Insight;
 public class AppDatabase(
    DbContextOptions<AppDatabase> options,
    IConfiguration configuration
 ) : DbContext(options)
 {
    public DbSet<SnThinkingSequence> ThinkingSequences { get; set; }
    public DbSet<SnThinkingThought> ThinkingThoughts { get; set; }
    protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
    {
        optionsBuilder.UseNpgsql(
            configuration.GetConnectionString("App"),
            opt => opt
                .ConfigureDataSource(optSource => optSource.EnableDynamicJson())
                .UseQuerySplittingBehavior(QuerySplittingBehavior.SplitQuery)
                .UseNodaTime()
        ).UseSnakeCaseNamingConvention();
        base.OnConfiguring(optionsBuilder);
    }
    public override async Task<int> SaveChangesAsync(CancellationToken cancellationToken = default)
    {
        var now = SystemClock.Instance.GetCurrentInstant();
        foreach (var entry in ChangeTracker.Entries<ModelBase>())
        {
            switch (entry.State)
            {
                case EntityState.Added:
                    entry.Entity.CreatedAt = now;
                    entry.Entity.UpdatedAt = now;
                    break;
                case EntityState.Modified:
                    entry.Entity.UpdatedAt = now;
                    break;
                case EntityState.Deleted:
                    entry.State = EntityState.Modified;
                    entry.Entity.DeletedAt = now;
                    break;
                case EntityState.Detached:
                case EntityState.Unchanged:
                default:
                    break;
            }
        }
        return await base.SaveChangesAsync(cancellationToken);
    }
    protected override void OnModelCreating(ModelBuilder modelBuilder)
    {
        base.OnModelCreating(modelBuilder);
    }
 }
 public class AppDatabaseFactory : IDesignTimeDbContextFactory<AppDatabase>
 {
    public AppDatabase CreateDbContext(string[] args)
    {
        var configuration = new ConfigurationBuilder()
            .SetBasePath(Directory.GetCurrentDirectory())
            .AddJsonFile("appsettings.json")
            .Build();
        var optionsBuilder = new DbContextOptionsBuilder<AppDatabase>();
        return new AppDatabase(optionsBuilder.Options, configuration);
    }
 }
--- a/DysonNetwork.Insight/Controllers/BillingController.cs
+++ b/DysonNetwork.Insight/Controllers/BillingController.cs
@@ -0,0 +1,21 @@
 using DysonNetwork.Insight.Thought;
 using DysonNetwork.Shared.Auth;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
 namespace DysonNetwork.Insight.Controllers;
 [ApiController]
 [Route("/api/billing")]
 public class BillingController(ThoughtService thoughtService, ILogger<BillingController> logger) : ControllerBase
 {
    [HttpPost("settle")]
    [Authorize]
    [RequiredPermission("maintenance", "insight.billing.settle")]
    public async Task<IActionResult> ProcessTokenBilling()
    {
        await thoughtService.SettleThoughtBills(logger);
        return Ok();
    }
 }
--- a/DysonNetwork.Insight/Dockerfile
+++ b/DysonNetwork.Insight/Dockerfile
@@ -0,0 +1,27 @@
 #See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.
 FROM mcr.microsoft.com/dotnet/aspnet:9.0 AS base
 USER app
 WORKDIR /app
 EXPOSE 8080
 EXPOSE 8081
 FROM mcr.microsoft.com/dotnet/sdk:9.0 AS build
 ARG BUILD_CONFIGURATION=Release
 WORKDIR /src
 COPY ["DysonNetwork.Insight/DysonNetwork.Insight.csproj", "DysonNetwork.Insight/"]
 COPY ["DysonNetwork.Shared/DysonNetwork.Shared.csproj", "DysonNetwork.Shared/"]
 COPY ["DysonNetwork.Develop/DysonNetwork.Develop.csproj", "DysonNetwork.Develop/"]
 RUN dotnet restore "DysonNetwork.Insight/DysonNetwork.Insight.csproj"
 COPY . .
 WORKDIR "/src/DysonNetwork.Insight"
 RUN dotnet build "DysonNetwork.Insight.csproj" -c $BUILD_CONFIGURATION -o /app/build
 FROM build AS publish
 ARG BUILD_CONFIGURATION=Release
 RUN dotnet publish "DysonNetwork.Insight.csproj" -c $BUILD_CONFIGURATION -o /app/publish /p:UseAppHost=false
 FROM base AS final
 WORKDIR /app
 COPY --from=publish /app/publish .
 ENTRYPOINT ["dotnet", "DysonNetwork.Insight.dll"]
--- a/DysonNetwork.Insight/DysonNetwork.Insight.csproj
+++ b/DysonNetwork.Insight/DysonNetwork.Insight.csproj
@@ -0,0 +1,34 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
  <PropertyGroup>
    <TargetFramework>net9.0</TargetFramework>
    <Nullable>enable</Nullable>
    <ImplicitUsings>enable</ImplicitUsings>
  </PropertyGroup>
  <ItemGroup>
    <PackageReference Include="EFCore.NamingConventions" Version="9.0.0" />
    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.10" />
    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.10">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
    <PackageReference Include="Microsoft.SemanticKernel" Version="1.66.0" />
    <PackageReference Include="Microsoft.SemanticKernel.Connectors.Ollama" Version="1.66.0-alpha" />
    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="9.0.4" />
    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL.NodaTime" Version="9.0.4" />
    <PackageReference Include="Microsoft.SemanticKernel.Plugins.Web" Version="1.66.0-alpha" />
    <PackageReference Include="Quartz" Version="3.15.0" />
    <PackageReference Include="Quartz.AspNetCore" Version="3.15.0" />
    <PackageReference Include="Quartz.Extensions.Hosting" Version="3.15.0" />
  </ItemGroup>
  <ItemGroup>
    <ProjectReference Include="..\DysonNetwork.Shared\DysonNetwork.Shared.csproj" />
  </ItemGroup>
  <ItemGroup>
    <Folder Include="Controllers\" />
  </ItemGroup>
 </Project>
--- a/DysonNetwork.Insight/Migrations/20251025115921_AddThinkingThought.Designer.cs
+++ b/DysonNetwork.Insight/Migrations/20251025115921_AddThinkingThought.Designer.cs
@@ -0,0 +1,124 @@
 // <auto-generated />
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Insight;
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
 using NodaTime;
 using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    [DbContext(typeof(AppDatabase))]
    [Migration("20251025115921_AddThinkingThought")]
    partial class AddThinkingThought
    {
        /// <inheritdoc />
        protected override void BuildTargetModel(ModelBuilder modelBuilder)
        {
 #pragma warning disable 612, 618
            modelBuilder
                .HasAnnotation("ProductVersion", "9.0.10")
                .HasAnnotation("Relational:MaxIdentifierLength", 63);
            NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingSequence", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<Guid>("AccountId")
                        .HasColumnType("uuid")
                        .HasColumnName("account_id");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<string>("Topic")
                        .HasMaxLength(4096)
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("topic");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_sequences");
                    b.ToTable("thinking_sequences", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<string>("Content")
                        .HasColumnType("text")
                        .HasColumnName("content");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<List<SnCloudFileReferenceObject>>("Files")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("files");
                    b.Property<int>("Role")
                        .HasColumnType("integer")
                        .HasColumnName("role");
                    b.Property<Guid>("SequenceId")
                        .HasColumnType("uuid")
                        .HasColumnName("sequence_id");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_thoughts");
                    b.HasIndex("SequenceId")
                        .HasDatabaseName("ix_thinking_thoughts_sequence_id");
                    b.ToTable("thinking_thoughts", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.HasOne("DysonNetwork.Shared.Models.SnThinkingSequence", "Sequence")
                        .WithMany()
                        .HasForeignKey("SequenceId")
                        .OnDelete(DeleteBehavior.Cascade)
                        .IsRequired()
                        .HasConstraintName("fk_thinking_thoughts_thinking_sequences_sequence_id");
                    b.Navigation("Sequence");
                });
 #pragma warning restore 612, 618
        }
    }
 }
--- a/DysonNetwork.Insight/Migrations/20251025115921_AddThinkingThought.cs
+++ b/DysonNetwork.Insight/Migrations/20251025115921_AddThinkingThought.cs
@@ -0,0 +1,73 @@
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore.Migrations;
 using NodaTime;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    /// <inheritdoc />
    public partial class AddThinkingThought : Migration
    {
        /// <inheritdoc />
        protected override void Up(MigrationBuilder migrationBuilder)
        {
            migrationBuilder.CreateTable(
                name: "thinking_sequences",
                columns: table => new
                {
                    id = table.Column<Guid>(type: "uuid", nullable: false),
                    topic = table.Column<string>(type: "character varying(4096)", maxLength: 4096, nullable: true),
                    account_id = table.Column<Guid>(type: "uuid", nullable: false),
                    created_at = table.Column<Instant>(type: "timestamp with time zone", nullable: false),
                    updated_at = table.Column<Instant>(type: "timestamp with time zone", nullable: false),
                    deleted_at = table.Column<Instant>(type: "timestamp with time zone", nullable: true)
                },
                constraints: table =>
                {
                    table.PrimaryKey("pk_thinking_sequences", x => x.id);
                });
            migrationBuilder.CreateTable(
                name: "thinking_thoughts",
                columns: table => new
                {
                    id = table.Column<Guid>(type: "uuid", nullable: false),
                    content = table.Column<string>(type: "text", nullable: true),
                    files = table.Column<List<SnCloudFileReferenceObject>>(type: "jsonb", nullable: false),
                    role = table.Column<int>(type: "integer", nullable: false),
                    sequence_id = table.Column<Guid>(type: "uuid", nullable: false),
                    created_at = table.Column<Instant>(type: "timestamp with time zone", nullable: false),
                    updated_at = table.Column<Instant>(type: "timestamp with time zone", nullable: false),
                    deleted_at = table.Column<Instant>(type: "timestamp with time zone", nullable: true)
                },
                constraints: table =>
                {
                    table.PrimaryKey("pk_thinking_thoughts", x => x.id);
                    table.ForeignKey(
                        name: "fk_thinking_thoughts_thinking_sequences_sequence_id",
                        column: x => x.sequence_id,
                        principalTable: "thinking_sequences",
                        principalColumn: "id",
                        onDelete: ReferentialAction.Cascade);
                });
            migrationBuilder.CreateIndex(
                name: "ix_thinking_thoughts_sequence_id",
                table: "thinking_thoughts",
                column: "sequence_id");
        }
        /// <inheritdoc />
        protected override void Down(MigrationBuilder migrationBuilder)
        {
            migrationBuilder.DropTable(
                name: "thinking_thoughts");
            migrationBuilder.DropTable(
                name: "thinking_sequences");
        }
    }
 }
--- a/DysonNetwork.Insight/Migrations/20251026045505_AddThinkingChunk.Designer.cs
+++ b/DysonNetwork.Insight/Migrations/20251026045505_AddThinkingChunk.Designer.cs
@@ -0,0 +1,129 @@
 // <auto-generated />
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Insight;
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
 using NodaTime;
 using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    [DbContext(typeof(AppDatabase))]
    [Migration("20251026045505_AddThinkingChunk")]
    partial class AddThinkingChunk
    {
        /// <inheritdoc />
        protected override void BuildTargetModel(ModelBuilder modelBuilder)
        {
 #pragma warning disable 612, 618
            modelBuilder
                .HasAnnotation("ProductVersion", "9.0.10")
                .HasAnnotation("Relational:MaxIdentifierLength", 63);
            NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingSequence", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<Guid>("AccountId")
                        .HasColumnType("uuid")
                        .HasColumnName("account_id");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<string>("Topic")
                        .HasMaxLength(4096)
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("topic");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_sequences");
                    b.ToTable("thinking_sequences", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<List<SnThinkingChunk>>("Chunks")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("chunks");
                    b.Property<string>("Content")
                        .HasColumnType("text")
                        .HasColumnName("content");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<List<SnCloudFileReferenceObject>>("Files")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("files");
                    b.Property<int>("Role")
                        .HasColumnType("integer")
                        .HasColumnName("role");
                    b.Property<Guid>("SequenceId")
                        .HasColumnType("uuid")
                        .HasColumnName("sequence_id");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_thoughts");
                    b.HasIndex("SequenceId")
                        .HasDatabaseName("ix_thinking_thoughts_sequence_id");
                    b.ToTable("thinking_thoughts", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.HasOne("DysonNetwork.Shared.Models.SnThinkingSequence", "Sequence")
                        .WithMany()
                        .HasForeignKey("SequenceId")
                        .OnDelete(DeleteBehavior.Cascade)
                        .IsRequired()
                        .HasConstraintName("fk_thinking_thoughts_thinking_sequences_sequence_id");
                    b.Navigation("Sequence");
                });
 #pragma warning restore 612, 618
        }
    }
 }
--- a/DysonNetwork.Insight/Migrations/20251026045505_AddThinkingChunk.cs
+++ b/DysonNetwork.Insight/Migrations/20251026045505_AddThinkingChunk.cs
@@ -0,0 +1,32 @@
 using System.Collections.Generic;
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore.Migrations;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    /// <inheritdoc />
    public partial class AddThinkingChunk : Migration
    {
        /// <inheritdoc />
        protected override void Up(MigrationBuilder migrationBuilder)
        {
            migrationBuilder.AddColumn<List<SnThinkingChunk>>(
                name: "chunks",
                table: "thinking_thoughts",
                type: "jsonb",
                nullable: false,
                defaultValue: new List<SnThinkingChunk>()
                );
        }
        /// <inheritdoc />
        protected override void Down(MigrationBuilder migrationBuilder)
        {
            migrationBuilder.DropColumn(
                name: "chunks",
                table: "thinking_thoughts");
        }
    }
 }
--- a/DysonNetwork.Insight/Migrations/20251026134218_AddBilling.Designer.cs
+++ b/DysonNetwork.Insight/Migrations/20251026134218_AddBilling.Designer.cs
@@ -0,0 +1,146 @@
 // <auto-generated />
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Insight;
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Migrations;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
 using NodaTime;
 using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    [DbContext(typeof(AppDatabase))]
    [Migration("20251026134218_AddBilling")]
    partial class AddBilling
    {
        /// <inheritdoc />
        protected override void BuildTargetModel(ModelBuilder modelBuilder)
        {
 #pragma warning disable 612, 618
            modelBuilder
                .HasAnnotation("ProductVersion", "9.0.10")
                .HasAnnotation("Relational:MaxIdentifierLength", 63);
            NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingSequence", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<Guid>("AccountId")
                        .HasColumnType("uuid")
                        .HasColumnName("account_id");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<long>("PaidToken")
                        .HasColumnType("bigint")
                        .HasColumnName("paid_token");
                    b.Property<string>("Topic")
                        .HasMaxLength(4096)
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("topic");
                    b.Property<long>("TotalToken")
                        .HasColumnType("bigint")
                        .HasColumnName("total_token");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_sequences");
                    b.ToTable("thinking_sequences", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<List<SnThinkingChunk>>("Chunks")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("chunks");
                    b.Property<string>("Content")
                        .HasColumnType("text")
                        .HasColumnName("content");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<List<SnCloudFileReferenceObject>>("Files")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("files");
                    b.Property<string>("ModelName")
                        .HasMaxLength(4096)
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("model_name");
                    b.Property<int>("Role")
                        .HasColumnType("integer")
                        .HasColumnName("role");
                    b.Property<Guid>("SequenceId")
                        .HasColumnType("uuid")
                        .HasColumnName("sequence_id");
                    b.Property<long>("TokenCount")
                        .HasColumnType("bigint")
                        .HasColumnName("token_count");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_thoughts");
                    b.HasIndex("SequenceId")
                        .HasDatabaseName("ix_thinking_thoughts_sequence_id");
                    b.ToTable("thinking_thoughts", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.HasOne("DysonNetwork.Shared.Models.SnThinkingSequence", "Sequence")
                        .WithMany()
                        .HasForeignKey("SequenceId")
                        .OnDelete(DeleteBehavior.Cascade)
                        .IsRequired()
                        .HasConstraintName("fk_thinking_thoughts_thinking_sequences_sequence_id");
                    b.Navigation("Sequence");
                });
 #pragma warning restore 612, 618
        }
    }
 }
--- a/DysonNetwork.Insight/Migrations/20251026134218_AddBilling.cs
+++ b/DysonNetwork.Insight/Migrations/20251026134218_AddBilling.cs
@@ -0,0 +1,62 @@
 using Microsoft.EntityFrameworkCore.Migrations;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    /// <inheritdoc />
    public partial class AddBilling : Migration
    {
        /// <inheritdoc />
        protected override void Up(MigrationBuilder migrationBuilder)
        {
            migrationBuilder.AddColumn<string>(
                name: "model_name",
                table: "thinking_thoughts",
                type: "character varying(4096)",
                maxLength: 4096,
                nullable: true);
            migrationBuilder.AddColumn<long>(
                name: "token_count",
                table: "thinking_thoughts",
                type: "bigint",
                nullable: false,
                defaultValue: 0L);
            migrationBuilder.AddColumn<long>(
                name: "paid_token",
                table: "thinking_sequences",
                type: "bigint",
                nullable: false,
                defaultValue: 0L);
            migrationBuilder.AddColumn<long>(
                name: "total_token",
                table: "thinking_sequences",
                type: "bigint",
                nullable: false,
                defaultValue: 0L);
        }
        /// <inheritdoc />
        protected override void Down(MigrationBuilder migrationBuilder)
        {
            migrationBuilder.DropColumn(
                name: "model_name",
                table: "thinking_thoughts");
            migrationBuilder.DropColumn(
                name: "token_count",
                table: "thinking_thoughts");
            migrationBuilder.DropColumn(
                name: "paid_token",
                table: "thinking_sequences");
            migrationBuilder.DropColumn(
                name: "total_token",
                table: "thinking_sequences");
        }
    }
 }
--- a/DysonNetwork.Insight/Migrations/AppDatabaseModelSnapshot.cs
+++ b/DysonNetwork.Insight/Migrations/AppDatabaseModelSnapshot.cs
@@ -0,0 +1,143 @@
 // <auto-generated />
 using System;
 using System.Collections.Generic;
 using DysonNetwork.Insight;
 using DysonNetwork.Shared.Models;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
 using NodaTime;
 using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
 #nullable disable
 namespace DysonNetwork.Insight.Migrations
 {
    [DbContext(typeof(AppDatabase))]
    partial class AppDatabaseModelSnapshot : ModelSnapshot
    {
        protected override void BuildModel(ModelBuilder modelBuilder)
        {
 #pragma warning disable 612, 618
            modelBuilder
                .HasAnnotation("ProductVersion", "9.0.10")
                .HasAnnotation("Relational:MaxIdentifierLength", 63);
            NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingSequence", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<Guid>("AccountId")
                        .HasColumnType("uuid")
                        .HasColumnName("account_id");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<long>("PaidToken")
                        .HasColumnType("bigint")
                        .HasColumnName("paid_token");
                    b.Property<string>("Topic")
                        .HasMaxLength(4096)
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("topic");
                    b.Property<long>("TotalToken")
                        .HasColumnType("bigint")
                        .HasColumnName("total_token");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_sequences");
                    b.ToTable("thinking_sequences", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.Property<Guid>("Id")
                        .ValueGeneratedOnAdd()
                        .HasColumnType("uuid")
                        .HasColumnName("id");
                    b.Property<List<SnThinkingChunk>>("Chunks")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("chunks");
                    b.Property<string>("Content")
                        .HasColumnType("text")
                        .HasColumnName("content");
                    b.Property<Instant>("CreatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("created_at");
                    b.Property<Instant?>("DeletedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("deleted_at");
                    b.Property<List<SnCloudFileReferenceObject>>("Files")
                        .IsRequired()
                        .HasColumnType("jsonb")
                        .HasColumnName("files");
                    b.Property<string>("ModelName")
                        .HasMaxLength(4096)
                        .HasColumnType("character varying(4096)")
                        .HasColumnName("model_name");
                    b.Property<int>("Role")
                        .HasColumnType("integer")
                        .HasColumnName("role");
                    b.Property<Guid>("SequenceId")
                        .HasColumnType("uuid")
                        .HasColumnName("sequence_id");
                    b.Property<long>("TokenCount")
                        .HasColumnType("bigint")
                        .HasColumnName("token_count");
                    b.Property<Instant>("UpdatedAt")
                        .HasColumnType("timestamp with time zone")
                        .HasColumnName("updated_at");
                    b.HasKey("Id")
                        .HasName("pk_thinking_thoughts");
                    b.HasIndex("SequenceId")
                        .HasDatabaseName("ix_thinking_thoughts_sequence_id");
                    b.ToTable("thinking_thoughts", (string)null);
                });
            modelBuilder.Entity("DysonNetwork.Shared.Models.SnThinkingThought", b =>
                {
                    b.HasOne("DysonNetwork.Shared.Models.SnThinkingSequence", "Sequence")
                        .WithMany()
                        .HasForeignKey("SequenceId")
                        .OnDelete(DeleteBehavior.Cascade)
                        .IsRequired()
                        .HasConstraintName("fk_thinking_thoughts_thinking_sequences_sequence_id");
                    b.Navigation("Sequence");
                });
 #pragma warning restore 612, 618
        }
    }
 }
--- a/DysonNetwork.Insight/Program.cs
+++ b/DysonNetwork.Insight/Program.cs
@@ -0,0 +1,45 @@
 using DysonNetwork.Insight;
 using DysonNetwork.Insight.Startup;
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Http;
 using DysonNetwork.Shared.Registry;
 using Microsoft.EntityFrameworkCore;
 var builder = WebApplication.CreateBuilder(args);
 builder.AddServiceDefaults();
 builder.ConfigureAppKestrel(builder.Configuration);
 builder.Services.AddControllers();
 builder.Services.AddAppServices();
 builder.Services.AddAppAuthentication();
 builder.Services.AddAppFlushHandlers();
 builder.Services.AddAppBusinessServices();
 builder.Services.AddAppScheduledJobs();
 builder.Services.AddDysonAuth();
 builder.Services.AddAccountService();
 builder.Services.AddSphereService();
 builder.Services.AddThinkingServices(builder.Configuration);
 builder.AddSwaggerManifest(
    "DysonNetwork.Insight",
    "The insight service in the Solar Network."
 );
 var app = builder.Build();
 app.MapDefaultEndpoints();
 using (var scope = app.Services.CreateScope())
 {
    var db = scope.ServiceProvider.GetRequiredService<AppDatabase>();
    await db.Database.MigrateAsync();
 }
 app.ConfigureAppMiddleware(builder.Configuration);
 app.UseSwaggerManifest("DysonNetwork.Insight");
 app.Run();
--- a/DysonNetwork.Insight/Properties/launchSettings.json
+++ b/DysonNetwork.Insight/Properties/launchSettings.json
@@ -0,0 +1,21 @@
 {
  "$schema": "https://json.schemastore.org/launchsettings.json",
  "profiles": {
    "http": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "https": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": false,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
 }
--- a/DysonNetwork.Insight/Startup/ApplicationConfiguration.cs
+++ b/DysonNetwork.Insight/Startup/ApplicationConfiguration.cs
@@ -0,0 +1,22 @@
 using DysonNetwork.Shared.Http;
 namespace DysonNetwork.Insight.Startup;
 public static class ApplicationConfiguration
 {
    public static WebApplication ConfigureAppMiddleware(this WebApplication app, IConfiguration configuration)
    {
        app.MapOpenApi();
        app.UseRequestLocalization();
        app.ConfigureForwardedHeaders(configuration);
        app.UseAuthentication();
        app.UseAuthorization();
        app.MapControllers();
        return app;
    }
 }
--- a/DysonNetwork.Insight/Startup/ScheduledJobsConfiguration.cs
+++ b/DysonNetwork.Insight/Startup/ScheduledJobsConfiguration.cs
@@ -0,0 +1,25 @@
 using Quartz;
 namespace DysonNetwork.Insight.Startup;
 public static class ScheduledJobsConfiguration
 {
    public static IServiceCollection AddAppScheduledJobs(this IServiceCollection services)
    {
        services.AddQuartz(q =>
        {
            var tokenBillingJob = new JobKey("TokenBilling");
            q.AddJob<TokenBillingJob>(opts => opts.WithIdentity(tokenBillingJob));
            q.AddTrigger(opts => opts
                .ForJob(tokenBillingJob)
                .WithIdentity("TokenBillingTrigger")
                .WithSimpleSchedule(o => o
                    .WithIntervalInMinutes(5)
                    .RepeatForever())
            );
        });
        services.AddQuartzHostedService(q => q.WaitForJobsToComplete = true);
        return services;
    }
 }
--- a/DysonNetwork.Insight/Startup/ServiceCollectionExtensions.cs
+++ b/DysonNetwork.Insight/Startup/ServiceCollectionExtensions.cs
@@ -0,0 +1,79 @@
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using DysonNetwork.Insight.Thought;
 using DysonNetwork.Shared.Cache;
 using Microsoft.SemanticKernel;
 using NodaTime;
 using NodaTime.Serialization.SystemTextJson;
 namespace DysonNetwork.Insight.Startup;
 public static class ServiceCollectionExtensions
 {
    public static IServiceCollection AddAppServices(this IServiceCollection services)
    {
        services.AddDbContext<AppDatabase>();
        services.AddSingleton<IClock>(SystemClock.Instance);
        services.AddHttpContextAccessor();
        services.AddSingleton<ICacheService, CacheServiceRedis>();
        services.AddHttpClient();
        // Register gRPC services
        services.AddGrpc(options =>
        {
            options.EnableDetailedErrors = true; // Will be adjusted in Program.cs
            options.MaxReceiveMessageSize = 16 * 1024 * 1024; // 16MB
            options.MaxSendMessageSize = 16 * 1024 * 1024; // 16MB
        });
        services.AddGrpcReflection();
        // Register gRPC services
        // Register OIDC services
        services.AddControllers().AddJsonOptions(options =>
        {
            options.JsonSerializerOptions.NumberHandling = JsonNumberHandling.AllowNamedFloatingPointLiterals;
            options.JsonSerializerOptions.PropertyNamingPolicy = JsonNamingPolicy.SnakeCaseLower;
            options.JsonSerializerOptions.DictionaryKeyPolicy = JsonNamingPolicy.SnakeCaseLower;
            options.JsonSerializerOptions.ConfigureForNodaTime(DateTimeZoneProviders.Tzdb);
        });
        return services;
    }
    public static IServiceCollection AddAppAuthentication(this IServiceCollection services)
    {
        services.AddAuthorization();
        return services;
    }
    public static IServiceCollection AddAppFlushHandlers(this IServiceCollection services)
    {
        services.AddSingleton<FlushBufferService>();
        return services;
    }
    public static IServiceCollection AddAppBusinessServices(this IServiceCollection services)
    {
        return services;
    }
    public static IServiceCollection AddThinkingServices(this IServiceCollection services, IConfiguration configuration)
    {
        services.AddSingleton<ThoughtProvider>();
        services.AddScoped<ThoughtService>();
        // Add gRPC clients for ThoughtService
        services.AddGrpcClient<Shared.Proto.PaymentService.PaymentServiceClient>(o => o.Address = new Uri("https://_grpc.pass"))
            .ConfigurePrimaryHttpMessageHandler(_ => new HttpClientHandler()
                { ServerCertificateCustomValidationCallback = (_, _, _, _) => true });
        services.AddGrpcClient<Shared.Proto.WalletService.WalletServiceClient>(o => o.Address = new Uri("https://_grpc.pass"))
            .ConfigurePrimaryHttpMessageHandler(_ => new HttpClientHandler()
                { ServerCertificateCustomValidationCallback = (_, _, _, _) => true });
        return services;
    }
 }
--- a/DysonNetwork.Insight/Startup/TokenBillingJob.cs
+++ b/DysonNetwork.Insight/Startup/TokenBillingJob.cs
@@ -0,0 +1,12 @@
 using DysonNetwork.Insight.Thought;
 using Quartz;
 namespace DysonNetwork.Insight.Startup;
 public class TokenBillingJob(ThoughtService thoughtService, ILogger<TokenBillingJob> logger) : IJob
 {
    public async Task Execute(IJobExecutionContext context)
    {
        await thoughtService.SettleThoughtBills(logger);
    }
 }
--- a/DysonNetwork.Insight/Thought/README.md
+++ b/DysonNetwork.Insight/Thought/README.md
@@ -0,0 +1,161 @@
 # DysonNetwork Insight Thought API
 The Thought API provides conversational AI capabilities for users of the Solar Network. It allows users to engage in chat-like conversations with an AI assistant powered by semantic kernel and connected to various tools.
 This service is handled by the Insight, when using with the Gateway, the `/api` should be replaced with `/insight`
 ## Features
 - Streaming chat responses using Server-Sent Events (SSE)
 - Conversation context management with sequences
 - Caching for improved performance
 - Authentication required for all operations
 ## Endpoints
 ### POST /api/thought
 Initiates or continues a chat conversation.
 #### Parameters
 - `UserMessage` (string, required): The message from the user
 - `SequenceId` (Guid, optional): ID of existing conversation sequence. If not provided, a new sequence is created.
 #### Response
 - Content-Type: `text/event-stream`
 - Streaming response with assistant messages
 - Status: 401 if not authenticated
 - Status: 403 if sequence doesn't belong to user
 #### Example Usage
 ```bash
 curl -X POST "http://localhost:5000/api/thought" \
  -H "Content-Type: application/json" \
  -d '{
    "UserMessage": "Hello, how can I help with the Solar Network?",
    "SequenceId": null
  }'
 ```
 ### GET /api/thought/sequences
 Lists all thinking sequences for the authenticated user.
 #### Parameters
 - `offset` (int, default 0): Number of sequences to skip for pagination
 - `take` (int, default 20): Maximum number of sequences to return
 #### Response
 - `200 OK`: Array of `SnThinkingSequence`
 - `401 Unauthorized`: If not authenticated
 - Headers:
  - `X-Total`: Total number of sequences before pagination
 #### Example Usage
 ```bash
 curl -X GET "http://localhost:5000/api/thought/sequences?take=10"
 ```
 ### GET /api/thought/sequences/{sequenceId}
 Retrieves all thoughts (messages) in a specific conversation sequence.
 #### Parameters
 - `sequenceId` (Guid, path): ID of the sequence to retrieve
 #### Response
 - `200 OK`: Array of `SnThinkingThought` ordered by creation date
 - `401 Unauthorized`: If not authenticated
 - `404 Not Found`: If sequence doesn't exist or doesn't belong to user
 #### Example Usage
 ```bash
 curl -X GET "http://localhost:5000/api/thought/sequences/12345678-1234-1234-1234-123456789abc"
 ```
 ## Data Models
 ### StreamThinkingRequest
 ```csharp
 {
  string UserMessage, // Required
  Guid? SequenceId    // Optional
 }
 ```
 ### SnThinkingSequence
 ```csharp
 {
  Guid Id,
  string? Topic,
  Guid AccountId
 }
 ```
 ### SnThinkingThought
 ```csharp
 {
  Guid Id,
  string? Content,
  List<SnCloudFileReferenceObject> Files,
  ThinkingThoughtRole Role,
  Guid SequenceId,
  SnThinkingSequence Sequence
 }
 ```
 ### ThinkingThoughtRole (enum)
 - `Assistant`
 - `User`
 ## Caching
 The API uses Redis-based caching for conversation thoughts:
 - Thoughts are cached for 10 minutes with group-based invalidation
 - Cache is invalidated when new thoughts are added to a sequence
 - Improves performance for accessing conversation history
 ## Authentication
 All endpoints require authentication through the current user session. Sequence access is validated against the authenticated user's account ID.
 ## Error Responses
 - `401 Unauthorized`: Authentication required
 - `403 Forbidden`: Access denied (sequence ownership)
 - `404 Not Found`: Resource not found
 ## Streaming Details
 The POST endpoint returns a stream of assistant responses using Server-Sent Events format. Clients should handle the streaming response and display messages incrementally.
 ### Streaming Message Format
 The streaming response sends several types of JSON messages:
 - **Text messages**: `{"type": "text", "data": "..." }`
 - **Function calls**: `{"type": "function_call", "data": {...} }` (when AI uses tools)
 - **Topic updates**: `{"type": "topic", "data": "..." }` (sent at end if topic was generated)
 - **Thought completion**: `{"type": "thought", "data": {...} }` (sent at end with saved thought details)
 All streaming chunks during generation use the SSE event format:
 ```
 data: {"type": "...", "data": ...}
 ```
 Final messages (topic and thought) use custom event types:
 ```
 topic: {"type": "topic", "data": "..."}
 thought: {"type": "thought", "data": {...}}
 ```
 Clients should parse these JSON messages and handle different types appropriately, such as displaying text in real-time and processing tool calls.
 ## Implementation Notes
 - Built with ASP.NET Core and Semantic Kernel
 - Uses PostgreSQL via Entity Framework Core
 - Integrated with Ollama for AI completion
 - Caching via Redis
--- a/DysonNetwork.Insight/Thought/ThoughtController.cs
+++ b/DysonNetwork.Insight/Thought/ThoughtController.cs
@@ -0,0 +1,275 @@
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Diagnostics.CodeAnalysis;
 using System.IO;
 using System.Text;
 using System.Text.Json;
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.SemanticKernel;
 using Microsoft.SemanticKernel.ChatCompletion;
 using Microsoft.SemanticKernel.Connectors.Ollama;
 namespace DysonNetwork.Insight.Thought;
 [ApiController]
 [Route("/api/thought")]
 public class ThoughtController(ThoughtProvider provider, ThoughtService service) : ControllerBase
 {
    public static readonly List<string> AvailableProposals = ["post_create"];
    public class StreamThinkingRequest
    {
        [Required] public string UserMessage { get; set; } = null!;
        public Guid? SequenceId { get; set; }
        public List<string>? AttachedPosts { get; set; }
        public List<Dictionary<string, dynamic>>? AttachedMessages { get; set; }
        public List<string> AcceptProposals { get; set; } = [];
    }
    [HttpPost]
    [Experimental("SKEXP0110")]
    public async Task<ActionResult> Think([FromBody] StreamThinkingRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
        if (request.AcceptProposals.Any(e => !AvailableProposals.Contains(e)))
            return BadRequest("Request contains unavailable proposal");
        // Generate a topic if creating a new sequence
        string? topic = null;
        if (!request.SequenceId.HasValue)
        {
            // Use AI to summarize a topic from a user message
            var summaryHistory = new ChatHistory(
                "You are a helpful assistant. Summarize the following user message into a concise topic title (max 100 characters).\n" +
                "Direct give the topic you summerized, do not add extra prefix / suffix."
            );
            summaryHistory.AddUserMessage(request.UserMessage);
            var summaryResult = await provider.Kernel
                .GetRequiredService<IChatCompletionService>()
                .GetChatMessageContentAsync(summaryHistory);
            topic = summaryResult.Content?[..Math.Min(summaryResult.Content.Length, 4096)];
        }
        // Handle sequence
        var sequence = await service.GetOrCreateSequenceAsync(accountId, request.SequenceId, topic);
        if (sequence == null) return Forbid(); // or NotFound
        // Save user thought
        await service.SaveThoughtAsync(sequence, request.UserMessage, ThinkingThoughtRole.User);
        // Build chat history
        var chatHistory = new ChatHistory(
            "You're a helpful assistant on the Solar Network, a social network.\n" +
            "Your name is Sn-chan (or SN 酱 in chinese), a cute sweet heart with passion for almost everything.\n" +
            "When you talk to user, you can add some modal particles and emoticons to your response to be cute, but prevent use a lot of emojis." +
            "Your creator is @littlesheep, which is also the creator of the Solar Network, if you met some problems you was unable to solve, trying guide the user to ask (DM) the @littlesheep.\n" +
            "\n" +
            "The ID on the Solar Network is UUID, so mostly hard to read, so do not show ID to user unless user ask to do so or necessary.\n" +
            "\n" +
            "Your aim is to helping solving questions for the users on the Solar Network.\n" +
            "And the Solar Network is the social network platform you live on.\n" +
            "When the user asks questions about the Solar Network (also known as SN and Solian), try use the tools you have to get latest and accurate data."
        );
        chatHistory.AddSystemMessage(
            "You can issue some proposals to user, like creating a post. The proposal syntax is like a xml tag, with an attribute indicates which proposal.\n" +
            "Depends on the proposal type, the payload (content inside the xml tag) might be different.\n" +
            "\n" +
            "Example: <proposal type=\"post_create\">...post content...</proposal>\n" +
            "\n" +
            "Here are some references of the proposals you can issue, but if you want to issue one, make sure the user is accept it.\n" +
            "1. post_create: body takes simple string, create post for user." +
            "\n" +
            $"The user currently accept these proposals: {string.Join(',', request.AcceptProposals)}"
        );
        chatHistory.AddSystemMessage(
            $"The user you're currently talking to is {currentUser.Nick} ({currentUser.Name}), ID is {currentUser.Id}"
        );
        if (request.AttachedPosts is { Count: > 0 })
        {
            chatHistory.AddUserMessage(
                $"Attached post IDs: {string.Join(',', request.AttachedPosts!)}");
        }
        if (request.AttachedMessages is { Count: > 0 })
        {
            chatHistory.AddUserMessage(
                $"Attached chat messages data: {JsonSerializer.Serialize(request.AttachedMessages)}");
        }
        // Add previous thoughts (excluding the current user thought, which is the first one since descending)
        var previousThoughts = await service.GetPreviousThoughtsAsync(sequence);
        var count = previousThoughts.Count;
        for (var i = 1; i < count; i++) // skip first (the newest, current user)
        {
            var thought = previousThoughts[i];
            switch (thought.Role)
            {
                case ThinkingThoughtRole.User:
                    chatHistory.AddUserMessage(thought.Content ?? "");
                    break;
                case ThinkingThoughtRole.Assistant:
                    chatHistory.AddAssistantMessage(thought.Content ?? "");
                    break;
                default:
                    throw new ArgumentOutOfRangeException();
            }
        }
        chatHistory.AddUserMessage(request.UserMessage);
        // Set response for streaming
        Response.Headers.Append("Content-Type", "text/event-stream");
        Response.StatusCode = 200;
        var kernel = provider.Kernel;
        var chatCompletionService = kernel.GetRequiredService<IChatCompletionService>();
        // Kick off streaming generation
        var accumulatedContent = new StringBuilder();
        var thinkingChunks = new List<SnThinkingChunk>();
        await foreach (var chunk in chatCompletionService.GetStreamingChatMessageContentsAsync(
                           chatHistory,
                           provider.CreatePromptExecutionSettings(),
                           kernel: kernel
                       ))
        {
            // Process each item in the chunk for detailed streaming
            foreach (var item in chunk.Items)
            {
                var streamingChunk = item switch
                {
                    StreamingTextContent textContent => new SnThinkingChunk
                        { Type = StreamingContentType.Text, Data = new() { ["text"] = textContent.Text ?? "" } },
                    StreamingReasoningContent reasoningContent => new SnThinkingChunk
                    {
                        Type = StreamingContentType.Reasoning, Data = new() { ["text"] = reasoningContent.Text }
                    },
                    StreamingFunctionCallUpdateContent functionCall => string.IsNullOrEmpty(functionCall.CallId)
                        ? null
                        : new SnThinkingChunk
                        {
                            Type = StreamingContentType.FunctionCall,
                            Data = JsonSerializer.Deserialize<Dictionary<string, object>>(
                                JsonSerializer.Serialize(functionCall)) ?? new Dictionary<string, object>()
                        },
                    _ => new SnThinkingChunk
                    {
                        Type = StreamingContentType.Unknown, Data = new() { ["data"] = JsonSerializer.Serialize(item) }
                    }
                };
                if (streamingChunk == null) continue;
                thinkingChunks.Add(streamingChunk);
                var messageJson = item switch
                {
                    StreamingTextContent textContent =>
                        JsonSerializer.Serialize(new { type = "text", data = textContent.Text ?? "" }),
                    StreamingReasoningContent reasoningContent =>
                        JsonSerializer.Serialize(new { type = "reasoning", data = reasoningContent.Text }),
                    StreamingFunctionCallUpdateContent functionCall =>
                        JsonSerializer.Serialize(new { type = "function_call", data = functionCall }),
                    _ =>
                        JsonSerializer.Serialize(new { type = "unknown", data = item })
                };
                // Write a structured JSON message to the HTTP response as SSE
                var messageBytes = Encoding.UTF8.GetBytes($"data: {messageJson}\n\n");
                await Response.Body.WriteAsync(messageBytes);
                await Response.Body.FlushAsync();
            }
            // Accumulate content for saving (only text content)
            accumulatedContent.Append(chunk.Content ?? "");
        }
        // Save assistant thought
        var savedThought = await service.SaveThoughtAsync(
            sequence,
            accumulatedContent.ToString(),
            ThinkingThoughtRole.Assistant,
            thinkingChunks,
            provider.ModelDefault
        );
        // Write the topic if it was newly set, then the thought object as JSON to the stream
        using (var streamBuilder = new MemoryStream())
        {
            await streamBuilder.WriteAsync("\n\n"u8.ToArray());
            if (topic != null)
            {
                var topicJson = JsonSerializer.Serialize(new { type = "topic", data = sequence.Topic ?? "" });
                await streamBuilder.WriteAsync(Encoding.UTF8.GetBytes($"topic: {topicJson}\n\n"));
                savedThought.Sequence.Topic = topic;
            }
            var thoughtJson = JsonSerializer.Serialize(new { type = "thought", data = savedThought },
                GrpcTypeHelper.SerializerOptions);
            await streamBuilder.WriteAsync(Encoding.UTF8.GetBytes($"thought: {thoughtJson}\n\n"));
            var outputBytes = streamBuilder.ToArray();
            await Response.Body.WriteAsync(outputBytes);
            await Response.Body.FlushAsync();
        }
        // Return empty result since we're streaming
        return new EmptyResult();
    }
    /// <summary>
    /// Retrieves a paginated list of thinking sequences for the authenticated user.
    /// </summary>
    /// <param name="offset">The number of sequences to skip for pagination.</param>
    /// <param name="take">The maximum number of sequences to return (default: 20).</param>
    /// <returns>
    /// Returns an ActionResult containing a list of thinking sequences.
    /// Includes an X-Total header with the total count of sequences before pagination.
    /// </returns>
    [HttpGet("sequences")]
    [ProducesResponseType(StatusCodes.Status200OK)]
    public async Task<ActionResult<List<SnThinkingSequence>>> ListSequences(
        [FromQuery] int offset = 0,
        [FromQuery] int take = 20
    )
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
        var (totalCount, sequences) = await service.ListSequencesAsync(accountId, offset, take);
        Response.Headers["X-Total"] = totalCount.ToString();
        return Ok(sequences);
    }
    /// <summary>
    /// Retrieves the thoughts in a specific thinking sequence.
    /// </summary>
    /// <param name="sequenceId">The ID of the sequence to retrieve thoughts from.</param>
    /// <returns>
    /// Returns an ActionResult containing a list of thoughts in the sequence, ordered by creation date.
    /// </returns>
    [HttpGet("sequences/{sequenceId:guid}")]
    [ProducesResponseType(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status404NotFound)]
    public async Task<ActionResult<List<SnThinkingThought>>> GetSequenceThoughts(Guid sequenceId)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var accountId = Guid.Parse(currentUser.Id);
        var sequence = await service.GetOrCreateSequenceAsync(accountId, sequenceId);
        if (sequence == null) return NotFound();
        var thoughts = await service.GetPreviousThoughtsAsync(sequence);
        return Ok(thoughts);
    }
 }
--- a/DysonNetwork.Insight/Thought/ThoughtProvider.cs
+++ b/DysonNetwork.Insight/Thought/ThoughtProvider.cs
@@ -0,0 +1,198 @@
 using System.ClientModel;
 using System.Diagnostics.CodeAnalysis;
 using System.Text.Json;
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.SemanticKernel;
 using Microsoft.SemanticKernel.Connectors.Ollama;
 using Microsoft.SemanticKernel.Connectors.OpenAI;
 using OpenAI;
 using PostType = DysonNetwork.Shared.Proto.PostType;
 using Microsoft.SemanticKernel.Plugins.Web;
 using Microsoft.SemanticKernel.Plugins.Web.Bing;
 using Microsoft.SemanticKernel.Plugins.Web.Google;
 using NodaTime.Serialization.Protobuf;
 using NodaTime.Text;
 namespace DysonNetwork.Insight.Thought;
 public class ThoughtProvider
 {
    private readonly PostService.PostServiceClient _postClient;
    private readonly AccountService.AccountServiceClient _accountClient;
    private readonly IConfiguration _configuration;
    private readonly ILogger<ThoughtProvider> _logger;
    public Kernel Kernel { get; }
    private string? ModelProviderType { get; set; }
    public string? ModelDefault { get; set; }
    [Experimental("SKEXP0050")]
    public ThoughtProvider(
        IConfiguration configuration,
        PostService.PostServiceClient postServiceClient,
        AccountService.AccountServiceClient accountServiceClient,
        ILogger<ThoughtProvider> logger
    )
    {
        _logger = logger;
        _postClient = postServiceClient;
        _accountClient = accountServiceClient;
        _configuration = configuration;
        Kernel = InitializeThinkingProvider(configuration);
        InitializeHelperFunctions();
    }
    private Kernel InitializeThinkingProvider(IConfiguration configuration)
    {
        var cfg = configuration.GetSection("Thinking");
        ModelProviderType = cfg.GetValue<string>("Provider")?.ToLower();
        ModelDefault = cfg.GetValue<string>("Model");
        var endpoint = cfg.GetValue<string>("Endpoint");
        var apiKey = cfg.GetValue<string>("ApiKey");
        var builder = Kernel.CreateBuilder();
        switch (ModelProviderType)
        {
            case "ollama":
                builder.AddOllamaChatCompletion(ModelDefault!, new Uri(endpoint ?? "http://localhost:11434/api"));
                break;
            case "deepseek":
                var client = new OpenAIClient(
                    new ApiKeyCredential(apiKey!),
                    new OpenAIClientOptions { Endpoint = new Uri(endpoint ?? "https://api.deepseek.com/v1") }
                );
                builder.AddOpenAIChatCompletion(ModelDefault!, client);
                break;
            default:
                throw new IndexOutOfRangeException("Unknown thinking provider: " + ModelProviderType);
        }
        return builder.Build();
    }
    [Experimental("SKEXP0050")]
    private void InitializeHelperFunctions()
    {
        // Add Solar Network tools plugin
        Kernel.ImportPluginFromFunctions("solar_network", [
            KernelFunctionFactory.CreateFromMethod(async (string userId) =>
            {
                var request = new GetAccountRequest { Id = userId };
                var response = await _accountClient.GetAccountAsync(request);
                return JsonSerializer.Serialize(response, GrpcTypeHelper.SerializerOptions);
            }, "get_user", "Get a user profile from the Solar Network."),
            KernelFunctionFactory.CreateFromMethod(async (string postId) =>
            {
                var request = new GetPostRequest { Id = postId };
                var response = await _postClient.GetPostAsync(request);
                return JsonSerializer.Serialize(response, GrpcTypeHelper.SerializerOptions);
            }, "get_post", "Get a single post by ID from the Solar Network."),
            KernelFunctionFactory.CreateFromMethod(async (string query) =>
                {
                    var request = new SearchPostsRequest { Query = query, PageSize = 10 };
                    var response = await _postClient.SearchPostsAsync(request);
                    return JsonSerializer.Serialize(response.Posts, GrpcTypeHelper.SerializerOptions);
                }, "search_posts",
                "Search posts by query from the Solar Network. The input query is will be used to search with title, description and body content"),
            KernelFunctionFactory.CreateFromMethod(async (
                    string? orderBy = null,
                    string? afterIso = null,
                    string? beforeIso = null
                ) =>
                {
                    _logger.LogInformation("Begin building request to list post from sphere...");
                    var request = new ListPostsRequest
                    {
                        PageSize = 20,
                        OrderBy = orderBy,
                    };
                    if (!string.IsNullOrEmpty(afterIso))
                        try
                        {
                            request.After = InstantPattern.General.Parse(afterIso).Value.ToTimestamp();
                        }
                        catch (Exception)
                        {
                            _logger.LogWarning("Invalid afterIso format: {AfterIso}", afterIso);
                        }
                    if (!string.IsNullOrEmpty(beforeIso))
                        try
                        {
                            request.Before = InstantPattern.General.Parse(beforeIso).Value.ToTimestamp();
                        }
                        catch (Exception)
                        {
                            _logger.LogWarning("Invalid beforeIso format: {BeforeIso}", beforeIso);
                        }
                    _logger.LogInformation("Request built, {Request}", request);
                    var response = await _postClient.ListPostsAsync(request);
                    var data = response.Posts.Select(SnPost.FromProtoValue);
                    _logger.LogInformation("Sphere service returned posts: {Posts}", data);
                    return JsonSerializer.Serialize(data, GrpcTypeHelper.SerializerOptions);
                }, "list_posts",
                "Get posts from the Solar Network.\n" +
                "Parameters:\n" +
                "orderBy (optional, string: order by published date, accept asc or desc)\n" +
                "afterIso (optional, string: ISO date for posts after this date)\n" +
                "beforeIso (optional, string: ISO date for posts before this date)"
            )
        ]);
        // Add web search plugins if configured
        var bingApiKey = _configuration.GetValue<string>("Thinking:BingApiKey");
        if (!string.IsNullOrEmpty(bingApiKey))
        {
            var bingConnector = new BingConnector(bingApiKey);
            var bing = new WebSearchEnginePlugin(bingConnector);
            Kernel.ImportPluginFromObject(bing, "bing");
        }
        var googleApiKey = _configuration.GetValue<string>("Thinking:GoogleApiKey");
        var googleCx = _configuration.GetValue<string>("Thinking:GoogleCx");
        if (!string.IsNullOrEmpty(googleApiKey) && !string.IsNullOrEmpty(googleCx))
        {
            var googleConnector = new GoogleConnector(
                apiKey: googleApiKey,
                searchEngineId: googleCx);
            var google = new WebSearchEnginePlugin(googleConnector);
            Kernel.ImportPluginFromObject(google, "google");
        }
    }
    public PromptExecutionSettings CreatePromptExecutionSettings()
    {
        switch (ModelProviderType)
        {
            case "ollama":
                return new OllamaPromptExecutionSettings
                {
                    FunctionChoiceBehavior = FunctionChoiceBehavior.Auto(
                        options: new FunctionChoiceBehaviorOptions
                        {
                            AllowParallelCalls = true,
                            AllowConcurrentInvocation = true
                        })
                };
            case "deepseek":
                return new OpenAIPromptExecutionSettings
                {
                    FunctionChoiceBehavior = FunctionChoiceBehavior.Auto(
                        options: new FunctionChoiceBehaviorOptions
                        {
                            AllowParallelCalls = true,
                            AllowConcurrentInvocation = true
                        })
                };
            default:
                throw new InvalidOperationException("Unknown provider: " + ModelProviderType);
        }
    }
 }
--- a/DysonNetwork.Insight/Thought/ThoughtService.cs
+++ b/DysonNetwork.Insight/Thought/ThoughtService.cs
@@ -0,0 +1,152 @@
 using DysonNetwork.Shared.Cache;
 using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.EntityFrameworkCore;
 using PaymentService = DysonNetwork.Shared.Proto.PaymentService;
 using TransactionType = DysonNetwork.Shared.Proto.TransactionType;
 using WalletService = DysonNetwork.Shared.Proto.WalletService;
 namespace DysonNetwork.Insight.Thought;
 public class ThoughtService(AppDatabase db, ICacheService cache, PaymentService.PaymentServiceClient paymentService, WalletService.WalletServiceClient walletService)
 {
    public async Task<SnThinkingSequence?> GetOrCreateSequenceAsync(Guid accountId, Guid? sequenceId,
        string? topic = null)
    {
        if (sequenceId.HasValue)
        {
            var seq = await db.ThinkingSequences.FindAsync(sequenceId.Value);
            if (seq == null || seq.AccountId != accountId) return null;
            return seq;
        }
        else
        {
            var seq = new SnThinkingSequence { AccountId = accountId, Topic = topic };
            db.ThinkingSequences.Add(seq);
            await db.SaveChangesAsync();
            return seq;
        }
    }
    public async Task<SnThinkingThought> SaveThoughtAsync(
        SnThinkingSequence sequence,
        string content,
        ThinkingThoughtRole role,
        List<SnThinkingChunk>? chunks = null,
        string? model = null
    )
    {
        // Approximate token count (1 token ≈ 4 characters for GPT-like models)
        var tokenCount = content?.Length / 4 ?? 0;
        var thought = new SnThinkingThought
        {
            SequenceId = sequence.Id,
            Content = content,
            Role = role,
            TokenCount = tokenCount,
            ModelName = model,
            Chunks = chunks ?? new List<SnThinkingChunk>()
        };
        db.ThinkingThoughts.Add(thought);
        // Update sequence total tokens only for assistant responses
        if (role == ThinkingThoughtRole.Assistant)
            sequence.TotalToken += tokenCount;
        await db.SaveChangesAsync();
        // Invalidate cache for this sequence's thoughts
        await cache.RemoveGroupAsync($"sequence:{sequence.Id}");
        return thought;
    }
    public async Task<List<SnThinkingThought>> GetPreviousThoughtsAsync(SnThinkingSequence sequence)
    {
        var cacheKey = $"thoughts:{sequence.Id}";
        var (found, cachedThoughts) = await cache.GetAsyncWithStatus<List<SnThinkingThought>>(cacheKey);
        if (found && cachedThoughts != null)
        {
            return cachedThoughts;
        }
        var thoughts = await db.ThinkingThoughts
            .Where(t => t.SequenceId == sequence.Id)
            .OrderByDescending(t => t.CreatedAt)
            .ToListAsync();
        // Cache for 10 minutes
        await cache.SetWithGroupsAsync(cacheKey, thoughts, [$"sequence:{sequence.Id}"], TimeSpan.FromMinutes(10));
        return thoughts;
    }
    public async Task<(int total, List<SnThinkingSequence> sequences)> ListSequencesAsync(Guid accountId, int offset,
        int take)
    {
        var query = db.ThinkingSequences.Where(s => s.AccountId == accountId);
        var totalCount = await query.CountAsync();
        var sequences = await query
            .OrderByDescending(s => s.CreatedAt)
            .Skip(offset)
            .Take(take)
            .ToListAsync();
        return (totalCount, sequences);
    }
    public async Task SettleThoughtBills(ILogger logger)
    {
        var sequences = await db.ThinkingSequences
            .Where(s => s.PaidToken < s.TotalToken)
            .ToListAsync();
        if (sequences.Count == 0)
        {
            logger.LogInformation("No unpaid sequences found.");
            return;
        }
        // Group by account
        var groupedByAccount = sequences.GroupBy(s => s.AccountId);
        foreach (var accountGroup in groupedByAccount)
        {
            var accountId = accountGroup.Key;
            var totalUnpaidTokens = accountGroup.Sum(s => s.TotalToken - s.PaidToken);
            var cost = (long)Math.Ceiling(totalUnpaidTokens / 1000.0);
            if (cost == 0) continue;
            try
            {
                var walletResponse = await walletService.GetWalletAsync(new GetWalletRequest { AccountId = accountId.ToString() });
                var walletId = Guid.Parse(walletResponse.Id);
                var date = DateTime.Now.ToString("yyyy-MM-dd");
                await paymentService.CreateTransactionAsync(new CreateTransactionRequest
                {
                    PayerWalletId = walletId.ToString(),
                    PayeeWalletId = null,
                    Currency = WalletCurrency.SourcePoint,
                    Amount = cost.ToString(),
                    Remarks = $"Wage for SN-chan on {date}",
                    Type = TransactionType.System
                });
                // Mark all sequences for this account as paid
                foreach (var sequence in accountGroup)
                    sequence.PaidToken = sequence.TotalToken;
                logger.LogInformation("Billed {cost} points for account {accountId}", cost, accountId);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error billing for account {accountId}", accountId);
            }
        }
        await db.SaveChangesAsync();
    }
 }
--- a/DysonNetwork.Insight/appsettings.json
+++ b/DysonNetwork.Insight/appsettings.json
@@ -0,0 +1,27 @@
 {
    "Debug": true,
    "BaseUrl": "http://localhost:5071",
    "SiteUrl": "https://solian.app",
    "Logging": {
        "LogLevel": {
            "Default": "Information",
            "Microsoft.AspNetCore": "Warning"
        }
    },
    "AllowedHosts": "*",
    "ConnectionStrings": {
        "App": "Host=localhost;Port=5432;Database=dyson_insight;Username=postgres;Password=postgres;Include Error Detail=True;Maximum Pool Size=20;Connection Idle Lifetime=60"
    },
    "KnownProxies": [
        "127.0.0.1",
        "::1"
    ],
    "Etcd": {
        "Insecure": true
    },
    "Thinking": {
        "Provider": "deepseek",
        "Model": "deepseek-chat",
        "ApiKey": "sk-bd20f6a2e9fa40b98c46899baa0e9f09"
    }
 }
--- a/DysonNetwork.Pass/Account/AccountController.cs
+++ b/DysonNetwork.Pass/Account/AccountController.cs
@@ -2,8 +2,9 @@ using System.ComponentModel.DataAnnotations;
 using DysonNetwork.Pass.Auth;
 using DysonNetwork.Pass.Credit;
 using DysonNetwork.Pass.Wallet;
 using DysonNetwork.Shared.Error;
 using DysonNetwork.Shared.GeoIp;
 using DysonNetwork.Shared.Http;
 using DysonNetwork.Shared.Models;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using NodaTime;
@@ -23,9 +24,9 @@ public class AccountController(
 ) : ControllerBase
 {
    [HttpGet("{name}")]
-    [ProducesResponseType<Account>(StatusCodes.Status200OK)]
+    [ProducesResponseType<SnAccount>(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status404NotFound)]
-    public async Task<ActionResult<Account?>> GetByName(string name)
+    public async Task<ActionResult<SnAccount?>> GetByName(string name)
    {
        var account = await db.Accounts
            .Include(e => e.Badges)
@@ -42,9 +43,9 @@ public class AccountController(
    }
    [HttpGet("{name}/badges")]
-    [ProducesResponseType<List<AccountBadge>>(StatusCodes.Status200OK)]
+    [ProducesResponseType<List<SnAccountBadge>>(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status404NotFound)]
-    public async Task<ActionResult<List<AccountBadge>>> GetBadgesByName(string name)
+    public async Task<ActionResult<List<SnAccountBadge>>> GetBadgesByName(string name)
    {
        var account = await db.Accounts
            .Include(e => e.Badges)
@@ -103,9 +104,9 @@ public class AccountController(
    }
    [HttpPost]
-    [ProducesResponseType<Account>(StatusCodes.Status200OK)]
+    [ProducesResponseType<SnAccount>(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status400BadRequest)]
-    public async Task<ActionResult<Account>> CreateAccount([FromBody] AccountCreateRequest request)
+    public async Task<ActionResult<SnAccount>> CreateAccount([FromBody] AccountCreateRequest request)
    {
        if (!await auth.ValidateCaptcha(request.CaptchaToken))
            return BadRequest(ApiError.Validation(new Dictionary<string, string[]>
@@ -194,11 +195,12 @@ public class AccountController(
        public bool IsAutomated { get; set; } = false;
        [MaxLength(1024)] public string? Label { get; set; }
        [MaxLength(4096)] public string? AppIdentifier { get; set; }
        public Dictionary<string, object>? Meta { get; set; }
        public Instant? ClearedAt { get; set; }
    }
    [HttpGet("{name}/statuses")]
-    public async Task<ActionResult<Status>> GetOtherStatus(string name)
+    public async Task<ActionResult<SnAccountStatus>> GetOtherStatus(string name)
    {
        var account = await db.Accounts.FirstOrDefaultAsync(a => a.Name == name);
        if (account is null)
@@ -253,7 +255,7 @@ public class AccountController(
    }
    [HttpGet("search")]
-    public async Task<List<Account>> Search([FromQuery] string query, [FromQuery] int take = 20)
+    public async Task<List<SnAccount>> Search([FromQuery] string query, [FromQuery] int take = 20)
    {
        if (string.IsNullOrWhiteSpace(query))
            return [];
--- a/DysonNetwork.Pass/Account/AccountCurrentController.cs
+++ b/DysonNetwork.Pass/Account/AccountCurrentController.cs
@@ -1,16 +1,15 @@
 using System.ComponentModel.DataAnnotations;
 using DysonNetwork.Pass.Auth;
 using DysonNetwork.Pass.Permission;
 using DysonNetwork.Pass.Wallet;
-using DysonNetwork.Shared.Data;
+using DysonNetwork.Shared.Http;
-using DysonNetwork.Shared.Error;
+using DysonNetwork.Shared.Models;
 using DysonNetwork.Shared.Proto;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using NodaTime;
 using AuthService = DysonNetwork.Pass.Auth.AuthService;
-using AuthSession = DysonNetwork.Pass.Auth.AuthSession;
+using SnAuthSession = DysonNetwork.Shared.Models.SnAuthSession;
 namespace DysonNetwork.Pass.Account;
@@ -29,11 +28,11 @@ public class AccountCurrentController(
 ) : ControllerBase
 {
    [HttpGet]
-    [ProducesResponseType<Account>(StatusCodes.Status200OK)]
+    [ProducesResponseType<SnAccount>(StatusCodes.Status200OK)]
    [ProducesResponseType<ApiError>(StatusCodes.Status401Unauthorized)]
-    public async Task<ActionResult<Account>> GetCurrentIdentity()
+    public async Task<ActionResult<SnAccount>> GetCurrentIdentity()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var userId = currentUser.Id;
        var account = await db.Accounts
@@ -56,9 +55,9 @@ public class AccountCurrentController(
    }
    [HttpPatch]
-    public async Task<ActionResult<Account>> UpdateBasicInfo([FromBody] BasicInfoRequest request)
+    public async Task<ActionResult<SnAccount>> UpdateBasicInfo([FromBody] BasicInfoRequest request)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var account = await db.Accounts.FirstAsync(a => a.Id == currentUser.Id);
@@ -81,6 +80,7 @@ public class AccountCurrentController(
        [MaxLength(1024)] public string? TimeZone { get; set; }
        [MaxLength(1024)] public string? Location { get; set; }
        [MaxLength(4096)] public string? Bio { get; set; }
        public Shared.Models.UsernameColor? UsernameColor { get; set; }
        public Instant? Birthday { get; set; }
        public List<ProfileLink>? Links { get; set; }
@@ -89,9 +89,9 @@ public class AccountCurrentController(
    }
    [HttpPatch("profile")]
-    public async Task<ActionResult<AccountProfile>> UpdateProfile([FromBody] ProfileRequest request)
+    public async Task<ActionResult<SnAccountProfile>> UpdateProfile([FromBody] ProfileRequest request)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var userId = currentUser.Id;
        var profile = await db.AccountProfiles
@@ -116,6 +116,7 @@ public class AccountCurrentController(
        if (request.Location is not null) profile.Location = request.Location;
        if (request.TimeZone is not null) profile.TimeZone = request.TimeZone;
        if (request.Links is not null) profile.Links = request.Links;
        if (request.UsernameColor is not null) profile.UsernameColor = request.UsernameColor;
        if (request.PictureId is not null)
        {
@@ -132,7 +133,7 @@ public class AccountCurrentController(
                    Usage = "profile.picture"
                }
            );
-            profile.Picture = CloudFileReferenceObject.FromProtoValue(file);
+            profile.Picture = SnCloudFileReferenceObject.FromProtoValue(file);
        }
        if (request.BackgroundId is not null)
@@ -150,7 +151,7 @@ public class AccountCurrentController(
                    Usage = "profile.background"
                }
            );
-            profile.Background = CloudFileReferenceObject.FromProtoValue(file);
+            profile.Background = SnCloudFileReferenceObject.FromProtoValue(file);
        }
        db.Update(profile);
@@ -164,7 +165,7 @@ public class AccountCurrentController(
    [HttpDelete]
    public async Task<ActionResult> RequestDeleteAccount()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        try
        {
@@ -185,18 +186,18 @@ public class AccountCurrentController(
    }
    [HttpGet("statuses")]
-    public async Task<ActionResult<Status>> GetCurrentStatus()
+    public async Task<ActionResult<SnAccountStatus>> GetCurrentStatus()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var status = await events.GetStatus(currentUser.Id);
        return Ok(status);
    }
    [HttpPatch("statuses")]
    [RequiredPermission("global", "accounts.statuses.update")]
-    public async Task<ActionResult<Status>> UpdateStatus([FromBody] AccountController.StatusRequest request)
+    public async Task<ActionResult<SnAccountStatus>> UpdateStatus([FromBody] AccountController.StatusRequest request)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        if (request is { IsAutomated: true, AppIdentifier: not null })
            return BadRequest("Automated status cannot be updated.");
@@ -216,6 +217,7 @@ public class AccountCurrentController(
        status.IsAutomated = request.IsAutomated;
        status.Label = request.Label;
        status.AppIdentifier = request.AppIdentifier;
        status.Meta = request.Meta;
        status.ClearedAt = request.ClearedAt;
        db.Update(status);
@@ -227,9 +229,9 @@ public class AccountCurrentController(
    [HttpPost("statuses")]
    [RequiredPermission("global", "accounts.statuses.create")]
-    public async Task<ActionResult<Status>> CreateStatus([FromBody] AccountController.StatusRequest request)
+    public async Task<ActionResult<SnAccountStatus>> CreateStatus([FromBody] AccountController.StatusRequest request)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        if (request is { IsAutomated: true, AppIdentifier: not null })
        {
@@ -245,6 +247,7 @@ public class AccountCurrentController(
                    existingStatus.Attitude = request.Attitude;
                    existingStatus.IsInvisible = request.IsInvisible;
                    existingStatus.IsNotDisturb = request.IsNotDisturb;
                    existingStatus.Meta = request.Meta;
                    existingStatus.Label = request.Label;
                    db.Update(existingStatus);
                    await db.SaveChangesAsync();
@@ -260,7 +263,7 @@ public class AccountCurrentController(
                return Ok(existingStatus); // Do not override manually set status with automated ones
        }
-        var status = new Status
+        var status = new SnAccountStatus
        {
            AccountId = currentUser.Id,
            Attitude = request.Attitude,
@@ -268,6 +271,7 @@ public class AccountCurrentController(
            IsNotDisturb = request.IsNotDisturb,
            IsAutomated = request.IsAutomated,
            Label = request.Label,
            Meta = request.Meta,
            AppIdentifier = request.AppIdentifier,
            ClearedAt = request.ClearedAt
        };
@@ -278,7 +282,7 @@ public class AccountCurrentController(
    [HttpDelete("statuses")]
    public async Task<ActionResult> DeleteStatus([FromQuery] string? app)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var now = SystemClock.Instance.GetCurrentInstant();
        var queryable = db.AccountStatuses
@@ -287,7 +291,7 @@ public class AccountCurrentController(
            .OrderByDescending(s => s.CreatedAt)
            .AsQueryable();
-        if (string.IsNullOrWhiteSpace(app))
+        if (!string.IsNullOrWhiteSpace(app))
            queryable = queryable.Where(s => s.IsAutomated && s.AppIdentifier == app);
        var status = await queryable
@@ -299,9 +303,9 @@ public class AccountCurrentController(
    }
    [HttpGet("check-in")]
-    public async Task<ActionResult<CheckInResult>> GetCheckInResult()
+    public async Task<ActionResult<SnCheckInResult>> GetCheckInResult()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var userId = currentUser.Id;
        var now = SystemClock.Instance.GetCurrentInstant();
@@ -321,12 +325,12 @@ public class AccountCurrentController(
    }
    [HttpPost("check-in")]
-    public async Task<ActionResult<CheckInResult>> DoCheckIn(
+    public async Task<ActionResult<SnCheckInResult>> DoCheckIn(
        [FromBody] string? captchaToken,
        [FromQuery] Instant? backdated = null
    )
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        if (backdated is null)
        {
@@ -397,7 +401,7 @@ public class AccountCurrentController(
    public async Task<ActionResult<List<DailyEventResponse>>> GetEventCalendar([FromQuery] int? month,
        [FromQuery] int? year)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var currentDate = SystemClock.Instance.GetCurrentInstant().InUtc().Date;
        month ??= currentDate.Month;
@@ -426,7 +430,7 @@ public class AccountCurrentController(
        [FromQuery] int offset = 0
    )
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var query = db.ActionLogs
            .Where(log => log.AccountId == currentUser.Id)
@@ -444,9 +448,9 @@ public class AccountCurrentController(
    }
    [HttpGet("factors")]
-    public async Task<ActionResult<List<AccountAuthFactor>>> GetAuthFactors()
+    public async Task<ActionResult<List<SnAccountAuthFactor>>> GetAuthFactors()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var factors = await db.AccountAuthFactors
            .Include(f => f.Account)
@@ -458,15 +462,15 @@ public class AccountCurrentController(
    public class AuthFactorRequest
    {
-        public AccountAuthFactorType Type { get; set; }
+        public Shared.Models.AccountAuthFactorType Type { get; set; }
        public string? Secret { get; set; }
    }
    [HttpPost("factors")]
    [Authorize]
-    public async Task<ActionResult<AccountAuthFactor>> CreateAuthFactor([FromBody] AuthFactorRequest request)
+    public async Task<ActionResult<SnAccountAuthFactor>> CreateAuthFactor([FromBody] AuthFactorRequest request)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        if (await accounts.CheckAuthFactorExists(currentUser, request.Type))
            return BadRequest(new ApiError
            {
@@ -482,9 +486,9 @@ public class AccountCurrentController(
    [HttpPost("factors/{id:guid}/enable")]
    [Authorize]
-    public async Task<ActionResult<AccountAuthFactor>> EnableAuthFactor(Guid id, [FromBody] string? code)
+    public async Task<ActionResult<SnAccountAuthFactor>> EnableAuthFactor(Guid id, [FromBody] string? code)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var factor = await db.AccountAuthFactors
            .Where(f => f.AccountId == currentUser.Id && f.Id == id)
@@ -511,9 +515,9 @@ public class AccountCurrentController(
    [HttpPost("factors/{id:guid}/disable")]
    [Authorize]
-    public async Task<ActionResult<AccountAuthFactor>> DisableAuthFactor(Guid id)
+    public async Task<ActionResult<SnAccountAuthFactor>> DisableAuthFactor(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var factor = await db.AccountAuthFactors
            .Where(f => f.AccountId == currentUser.Id && f.Id == id)
@@ -533,9 +537,9 @@ public class AccountCurrentController(
    [HttpDelete("factors/{id:guid}")]
    [Authorize]
-    public async Task<ActionResult<AccountAuthFactor>> DeleteAuthFactor(Guid id)
+    public async Task<ActionResult<SnAccountAuthFactor>> DeleteAuthFactor(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var factor = await db.AccountAuthFactors
            .Where(f => f.AccountId == currentUser.Id && f.Id == id)
@@ -555,10 +559,10 @@ public class AccountCurrentController(
    [HttpGet("devices")]
    [Authorize]
-    public async Task<ActionResult<List<AuthClientWithChallenge>>> GetDevices()
+    public async Task<ActionResult<List<SnAuthClientWithChallenge>>> GetDevices()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser ||
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser ||
-            HttpContext.Items["CurrentSession"] is not AuthSession currentSession) return Unauthorized();
+            HttpContext.Items["CurrentSession"] is not SnAuthSession currentSession) return Unauthorized();
        Response.Headers.Append("X-Auth-Session", currentSession.Id.ToString());
@@ -566,7 +570,7 @@ public class AccountCurrentController(
            .Where(device => device.AccountId == currentUser.Id)
            .ToListAsync();
-        var challengeDevices = devices.Select(AuthClientWithChallenge.FromClient).ToList();
+        var challengeDevices = devices.Select(SnAuthClientWithChallenge.FromClient).ToList();
        var deviceIds = challengeDevices.Select(x => x.Id).ToList();
        var authChallenges = await db.AuthChallenges
@@ -582,13 +586,13 @@ public class AccountCurrentController(
    [HttpGet("sessions")]
    [Authorize]
-    public async Task<ActionResult<List<AuthSession>>> GetSessions(
+    public async Task<ActionResult<List<SnAuthSession>>> GetSessions(
        [FromQuery] int take = 20,
        [FromQuery] int offset = 0
    )
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser ||
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser ||
-            HttpContext.Items["CurrentSession"] is not AuthSession currentSession) return Unauthorized();
+            HttpContext.Items["CurrentSession"] is not SnAuthSession currentSession) return Unauthorized();
        var query = db.AuthSessions
            .Include(session => session.Account)
@@ -610,9 +614,9 @@ public class AccountCurrentController(
    [HttpDelete("sessions/{id:guid}")]
    [Authorize]
-    public async Task<ActionResult<AuthSession>> DeleteSession(Guid id)
+    public async Task<ActionResult<SnAuthSession>> DeleteSession(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        try
        {
@@ -627,9 +631,9 @@ public class AccountCurrentController(
    [HttpDelete("devices/{deviceId}")]
    [Authorize]
-    public async Task<ActionResult<AuthSession>> DeleteDevice(string deviceId)
+    public async Task<ActionResult<SnAuthSession>> DeleteDevice(string deviceId)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        try
        {
@@ -644,10 +648,10 @@ public class AccountCurrentController(
    [HttpDelete("sessions/current")]
    [Authorize]
-    public async Task<ActionResult<AuthSession>> DeleteCurrentSession()
+    public async Task<ActionResult<SnAuthSession>> DeleteCurrentSession()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser ||
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser ||
-            HttpContext.Items["CurrentSession"] is not AuthSession currentSession) return Unauthorized();
+            HttpContext.Items["CurrentSession"] is not SnAuthSession currentSession) return Unauthorized();
        try
        {
@@ -662,9 +666,9 @@ public class AccountCurrentController(
    [HttpPatch("devices/{deviceId}/label")]
    [Authorize]
-    public async Task<ActionResult<AuthSession>> UpdateDeviceLabel(string deviceId, [FromBody] string label)
+    public async Task<ActionResult<SnAuthSession>> UpdateDeviceLabel(string deviceId, [FromBody] string label)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        try
        {
@@ -679,10 +683,10 @@ public class AccountCurrentController(
    [HttpPatch("devices/current/label")]
    [Authorize]
-    public async Task<ActionResult<AuthSession>> UpdateCurrentDeviceLabel([FromBody] string label)
+    public async Task<ActionResult<SnAuthSession>> UpdateCurrentDeviceLabel([FromBody] string label)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser ||
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser ||
-            HttpContext.Items["CurrentSession"] is not AuthSession currentSession) return Unauthorized();
+            HttpContext.Items["CurrentSession"] is not SnAuthSession currentSession) return Unauthorized();
        var device = await db.AuthClients.FirstOrDefaultAsync(d => d.Id == currentSession.Challenge.ClientId);
        if (device is null) return NotFound();
@@ -700,9 +704,9 @@ public class AccountCurrentController(
    [HttpGet("contacts")]
    [Authorize]
-    public async Task<ActionResult<List<AccountContact>>> GetContacts()
+    public async Task<ActionResult<List<SnAccountContact>>> GetContacts()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var contacts = await db.AccountContacts
            .Where(c => c.AccountId == currentUser.Id)
@@ -713,15 +717,15 @@ public class AccountCurrentController(
    public class AccountContactRequest
    {
-        [Required] public AccountContactType Type { get; set; }
+        [Required] public Shared.Models.AccountContactType Type { get; set; }
        [Required] public string Content { get; set; } = null!;
    }
    [HttpPost("contacts")]
    [Authorize]
-    public async Task<ActionResult<AccountContact>> CreateContact([FromBody] AccountContactRequest request)
+    public async Task<ActionResult<SnAccountContact>> CreateContact([FromBody] AccountContactRequest request)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        try
        {
@@ -736,9 +740,9 @@ public class AccountCurrentController(
    [HttpPost("contacts/{id:guid}/verify")]
    [Authorize]
-    public async Task<ActionResult<AccountContact>> VerifyContact(Guid id)
+    public async Task<ActionResult<SnAccountContact>> VerifyContact(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var contact = await db.AccountContacts
            .Where(c => c.AccountId == currentUser.Id && c.Id == id)
@@ -758,9 +762,9 @@ public class AccountCurrentController(
    [HttpPost("contacts/{id:guid}/primary")]
    [Authorize]
-    public async Task<ActionResult<AccountContact>> SetPrimaryContact(Guid id)
+    public async Task<ActionResult<SnAccountContact>> SetPrimaryContact(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var contact = await db.AccountContacts
            .Where(c => c.AccountId == currentUser.Id && c.Id == id)
@@ -780,9 +784,9 @@ public class AccountCurrentController(
    [HttpPost("contacts/{id:guid}/public")]
    [Authorize]
-    public async Task<ActionResult<AccountContact>> SetPublicContact(Guid id)
+    public async Task<ActionResult<SnAccountContact>> SetPublicContact(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var contact = await db.AccountContacts
            .Where(c => c.AccountId == currentUser.Id && c.Id == id)
@@ -802,9 +806,9 @@ public class AccountCurrentController(
    [HttpDelete("contacts/{id:guid}/public")]
    [Authorize]
-    public async Task<ActionResult<AccountContact>> UnsetPublicContact(Guid id)
+    public async Task<ActionResult<SnAccountContact>> UnsetPublicContact(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var contact = await db.AccountContacts
            .Where(c => c.AccountId == currentUser.Id && c.Id == id)
@@ -824,9 +828,9 @@ public class AccountCurrentController(
    [HttpDelete("contacts/{id:guid}")]
    [Authorize]
-    public async Task<ActionResult<AccountContact>> DeleteContact(Guid id)
+    public async Task<ActionResult<SnAccountContact>> DeleteContact(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var contact = await db.AccountContacts
            .Where(c => c.AccountId == currentUser.Id && c.Id == id)
@@ -845,11 +849,11 @@ public class AccountCurrentController(
    }
    [HttpGet("badges")]
-    [ProducesResponseType<List<AccountBadge>>(StatusCodes.Status200OK)]
+    [ProducesResponseType<List<SnAccountBadge>>(StatusCodes.Status200OK)]
    [Authorize]
-    public async Task<ActionResult<List<AccountBadge>>> GetBadges()
+    public async Task<ActionResult<List<SnAccountBadge>>> GetBadges()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var badges = await db.Badges
            .Where(b => b.AccountId == currentUser.Id)
@@ -859,9 +863,9 @@ public class AccountCurrentController(
    [HttpPost("badges/{id:guid}/active")]
    [Authorize]
-    public async Task<ActionResult<AccountBadge>> ActivateBadge(Guid id)
+    public async Task<ActionResult<SnAccountBadge>> ActivateBadge(Guid id)
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        try
        {
@@ -876,12 +880,12 @@ public class AccountCurrentController(
    [HttpGet("leveling")]
    [Authorize]
-    public async Task<ActionResult<ExperienceRecord>> GetLevelingHistory(
+    public async Task<ActionResult<SnExperienceRecord>> GetLevelingHistory(
        [FromQuery] int take = 20,
        [FromQuery] int offset = 0
    )
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var queryable = db.ExperienceRecords
            .Where(r => r.AccountId == currentUser.Id)
@@ -901,7 +905,7 @@ public class AccountCurrentController(
    [HttpGet("credits")]
    public async Task<ActionResult<bool>> GetSocialCredit()
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var credit = await creditService.GetSocialCredit(currentUser.Id);
        return Ok(credit);
@@ -913,7 +917,7 @@ public class AccountCurrentController(
        [FromQuery] int offset = 0
    )
    {
-        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+        if (HttpContext.Items["CurrentUser"] is not SnAccount currentUser) return Unauthorized();
        var queryable = db.SocialCreditRecords
            .Where(r => r.AccountId == currentUser.Id)
@@ -929,4 +933,4 @@ public class AccountCurrentController(
            .ToListAsync();
        return Ok(records);
    }
-}
+}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
LittleSheep	8f1047ff5d	✨ Attach post and message to AI	2025-10-27 01:09:08 +08:00
LittleSheep	43e50a00ce	✨ Add billing	2025-10-26 21:42:53 +08:00
LittleSheep	50133684c7	✨ Proposal	2025-10-26 21:08:38 +08:00
LittleSheep	befde25266	💄 Optimize function call records	2025-10-26 18:47:42 +08:00
LittleSheep	437f49fb20	✨ Details thinking chunks	2025-10-26 17:51:08 +08:00
LittleSheep	c3b6358f33	🐛 Bug fixes	2025-10-26 12:37:52 +08:00
LittleSheep	4347281fcd	🐛 Fix some issues in AI agent	2025-10-26 12:24:41 +08:00
LittleSheep	92cd6b5f7e	💄 Optimize the AI agent experience	2025-10-26 12:10:10 +08:00
LittleSheep	cf6e534d02	🐛 Fixes the AI agent get posts ability	2025-10-26 11:51:51 +08:00
LittleSheep	29c5971554	✨ Add grpc reflection	2025-10-26 11:38:18 +08:00
LittleSheep	cdfc3f6571	🐛 Fix post service grpc	2025-10-26 03:41:59 +08:00
LittleSheep	f65a7360e2	🌐 Add missing gift claimed localization	2025-10-26 03:13:16 +08:00
LittleSheep	85e706335a	🔨 Optimize the performance of gha to do increment build	2025-10-26 03:09:49 +08:00
LittleSheep	fe74060df9	🐛 Fix some uncleaned code lead to failing compilation	2025-10-26 02:52:15 +08:00
LittleSheep	e8d5f22395	🗑️ Remove old tus api for file upload	2025-10-26 02:48:47 +08:00
LittleSheep	83fa2568aa	🗑️ Remove the shit simple search vector	2025-10-26 02:45:15 +08:00
LittleSheep	bf1c8e0a85	🗃️ Remove some unused outdated fields	2025-10-26 02:41:30 +08:00
LittleSheep	323fa8ee15	🐛 Bug fixes	2025-10-26 02:41:17 +08:00
LittleSheep	e7a46e96ed	🔨 Republish to generate docker compose	2025-10-26 02:25:25 +08:00
LittleSheep	3a0dee11a6	🚨 Fix warnings in the codebase	2025-10-26 02:20:10 +08:00
LittleSheep	43be47d526	⬆️ Upgrade dependencies	2025-10-26 02:11:50 +08:00
LittleSheep	48067af034	⬆️ Upgrade dependencies	2025-10-26 01:56:35 +08:00
LittleSheep	7e7e90ad24	✨ Support deepseek	2025-10-26 01:42:35 +08:00
LittleSheep	3af4069581	💄 Optimzation	2025-10-26 00:25:38 +08:00
LittleSheep	609b130b4e	✨ Thinking	2025-10-25 23:32:51 +08:00
LittleSheep	93f7dfd379	✨ Provide real user and posts data for the thinking	2025-10-25 17:58:58 +08:00
LittleSheep	40325c6df5	♻️ Replace the LangChain with Semantic Kernel	2025-10-25 17:07:29 +08:00
LittleSheep	bbcaa27ac5	✨ Thinking of the LangChain ver	2025-10-25 16:40:00 +08:00
LittleSheep	19d833a522	✨ Add the DysonNetwork.Insight project	2025-10-25 02:28:08 +08:00
LittleSheep	a94102e136	👔 Change lottery rewards	2025-10-25 00:29:56 +08:00
LittleSheep	fc693793fe	🐛 Fixes of lotteries and enrich features	2025-10-25 00:17:56 +08:00
LittleSheep	8cfdabbae4	♻️ Check in algorithm v2	2025-10-24 21:51:14 +08:00
LittleSheep	985ff41c72	📝 Document the lottery	2025-10-24 21:40:50 +08:00
LittleSheep	a79ea4ac49	🐛 Fix lottery	2025-10-24 21:40:40 +08:00
LittleSheep	7385caff9a	✨ Lotteries	2025-10-24 01:34:18 +08:00
LittleSheep	15954dbfe2	✨ Providing the post featured record in the response	2025-10-24 00:51:30 +08:00
LittleSheep	4ba6206c9d	🛂 Stricter post visibility check	2025-10-24 00:02:27 +08:00
LittleSheep	266b9e36e2	🗃️ Update schema to clean up unused code	2025-10-23 01:01:19 +08:00
LittleSheep	e6aa61b03b	🐛 Bug fixes in the Sphere still referencing the old realm db	2025-10-22 23:31:42 +08:00
LittleSheep	0c09ef25ec	⬆️ Upgrade dependencies in order to prevent CVE-2025-55315	2025-10-22 22:58:52 +08:00
LittleSheep	dd5929c691	💥 Moved the /id to /pass and bug fixes of moved realms	2025-10-22 22:52:09 +08:00
LittleSheep	cf87fdfb49	🗑️ Remove per service rate-limiting due to gateway covered it	2025-10-22 22:10:37 +08:00
LittleSheep	ff03584518	🐛 Fix some issues in moving realm service	2025-10-22 21:56:50 +08:00
LittleSheep	d6c37784e1	♻️ Move the realm service from sphere to the pass	2025-10-21 23:45:36 +08:00
LittleSheep	46ebd92dc1	♻️ Refactored the chat mention logic	2025-10-17 00:46:55 +08:00
LittleSheep	7f8521bb40	👔 Optimize subscriptions logic	2025-10-16 13:13:08 +08:00
LittleSheep	f01226d91a	🐛 Fix post controller return incomplete structure	2025-10-13 23:11:35 +08:00
LittleSheep	6cb6dee6be	🐛 Remove project Sphere dict key snake case convert to fix reaction counts	2025-10-13 01:19:51 +08:00
LittleSheep	0e9caf67ff	🐛 username color hotfix	2025-10-13 01:16:35 +08:00
LittleSheep	ca70bb5487	🐛 Fix missing username color in proto profile	2025-10-13 01:08:48 +08:00
LittleSheep	59ed135f20	✨ Load account info in reaction list API	2025-10-12 21:57:37 +08:00
LittleSheep	6077f91529	✨ Sticker search	2025-10-12 21:46:45 +08:00
LittleSheep	5c485bb1c3	🐛 Fix autocomplete again	2025-10-12 19:30:46 +08:00
LittleSheep	27d979d77b	🐛 Fix sticker auto complete	2025-10-12 19:21:00 +08:00
LittleSheep	15687a0c32	✨ Standalone auto complete	2025-10-12 16:59:26 +08:00
LittleSheep	37ea882ef7	✨ Full featured auto complete	2025-10-12 16:55:32 +08:00
LittleSheep	e624c2bb3e	⬆️ Upgrade aspire	2025-10-12 16:06:39 +08:00
LittleSheep	9631cd3edd	✨ Auto completion in chat	2025-10-12 16:00:32 +08:00
LittleSheep	f4a659fce5	🐛 Fix DM room member loading issue	2025-10-12 15:46:45 +08:00
LittleSheep	1ded811b36	✨ Publisher heatmap	2025-10-12 15:32:49 +08:00
LittleSheep	32977d9580	🐛 Fix post controller does not contains publisher in success created response	2025-10-11 23:55:00 +08:00
LittleSheep	aaf29e7228	🐛 Fix gateway user ip detection	2025-10-09 22:50:26 +08:00
LittleSheep	658ef3bddf	🐛 Fix gateway IP detection issue	2025-10-09 00:10:32 +08:00
LittleSheep	fc0bc936ce	✨ New version of sticker rendering support	2025-10-08 21:28:48 +08:00
LittleSheep	3850ae6a8e	🔊 Rate limiting logs	2025-10-08 18:07:19 +08:00
LittleSheep	21c99567b4	🐛 Fix wrong method to configure rate limiting	2025-10-08 18:05:59 +08:00
LittleSheep	1315c7f4d4	🐛 Fix rate limiter	2025-10-08 18:01:25 +08:00
LittleSheep	630a532d98	🐛 Fix app host	2025-10-08 18:01:21 +08:00
LittleSheep	b9bb180113	✨ Username color	2025-10-08 13:11:30 +08:00
LittleSheep	04d74d0d70	⚡ Trying to optimize the scheduled jobs	2025-10-08 12:59:54 +08:00
LittleSheep	6a8a0ed491	👔 Limit custom reactions	2025-10-08 02:46:56 +08:00
LittleSheep	0f835845bf	♻️ Merge the ServiceDefault and Shared project	2025-10-07 19:44:52 +08:00
LittleSheep	c5d8a8d07f	🔇 Mute ungraceful closed websocket	2025-10-07 17:54:58 +08:00
LittleSheep	95e2ba1136	🐛 Fixes some issues in drive service	2025-10-07 01:07:24 +08:00
LittleSheep	1176fde8b4	🐛 Fix health check	2025-10-07 00:41:26 +08:00
LittleSheep	e634968e00	🐛 Brings health check back to live	2025-10-07 00:34:00 +08:00
LittleSheep	282a1dbddc	🐛 Fix didn't expose X-Total	2025-10-06 23:40:44 +08:00
LittleSheep	c64adace24	💄 Using remote site instead of embed frontend (removed) to handle oidc redirect	2025-10-06 13:05:50 +08:00
LittleSheep	8ac0b28c66	🚚 Move callback to under api	2025-10-06 13:01:15 +08:00
LittleSheep	8f71d7f9e5	🐛 Fix some bugs	2025-10-06 12:46:25 +08:00
LittleSheep	c435e63917	✨ Able to update the custom apps order's status	2025-10-05 22:20:32 +08:00
LittleSheep	243159e4cc	✨ Custom apps create payment orders	2025-10-05 21:59:07 +08:00
LittleSheep	42dad7095a	💄 Optimize the transfer	2025-10-05 16:17:57 +08:00
LittleSheep	d1efcdede8	✨ Transfer fee and pin validate	2025-10-05 15:52:54 +08:00
LittleSheep	47680475b3	🐛 Fix develop service	2025-10-05 00:09:21 +08:00
LittleSheep	6632d43f32	🐛 Trying to fix develop	2025-10-05 00:05:37 +08:00
LittleSheep	29c4dcd71c	✨ Wallet stats	2025-10-05 00:05:31 +08:00
LittleSheep	e7aa887715	🐛 Fix wrong signing algo	2025-10-04 19:55:27 +08:00
LittleSheep	0f05633996	🐛 Fix oidc didn't provides with authorized party	2025-10-04 19:03:57 +08:00
LittleSheep	966af08a33	✨ Wallet stats	2025-10-04 15:38:58 +08:00
LittleSheep	b25b90a074	✨ Wallet funds	2025-10-04 01:17:21 +08:00
LittleSheep	dcbefeaaab	👔 Purchase gift requires minimal level	2025-10-03 17:20:58 +08:00
LittleSheep	eb83a0392a	👔 Update level requirements of purchase Stellar Program	2025-10-03 17:16:53 +08:00
LittleSheep	85fefcf724	🐛 Fix subscription check	2025-10-03 17:16:18 +08:00
LittleSheep	d17c26a228	👔 Skip level check when redeem gift	2025-10-03 17:12:23 +08:00
LittleSheep	2e5ef8ff94	🐛 Fix members related operations	2025-10-03 17:07:57 +08:00
LittleSheep	7a5f410e36	🐛 Trying to fix migration	2025-10-03 16:53:19 +08:00
LittleSheep	0b4e8a9777	🚑 Ignoring migration error for now	2025-10-03 16:44:22 +08:00
LittleSheep	30fd912281	⚡ Optimize queue usage	2025-10-03 16:38:10 +08:00
LittleSheep	5bf58f0194	🐛 Fix subscription gift	2025-10-03 16:38:01 +08:00
LittleSheep	8e3e3f09df	✨ Gateway config serving	2025-10-03 16:37:51 +08:00
LittleSheep	fa24f14c05	✨ Subscription gifts	2025-10-03 14:36:27 +08:00
LittleSheep	a93b633e84	🐛 Fixes member issue	2025-10-02 17:09:11 +08:00
LittleSheep	97a7b876db	♻️ Better file upload error	2025-10-02 01:14:03 +08:00
LittleSheep	909fe173c2	🐛 Fix function changes not fully applied	2025-09-27 19:28:47 +08:00
LittleSheep	58a44e8af4	✨ Chat subscribe fixes and status update	2025-09-27 19:25:10 +08:00
LittleSheep	1075177511	✨ Message subscribe	2025-09-27 17:50:51 +08:00
LittleSheep	78f8a9e638	🚚 Move packages	2025-09-27 16:30:35 +08:00
LittleSheep	9ce31c4dd8	♻️ Finish centerlizing the data models	2025-09-27 15:14:05 +08:00
LittleSheep	e70d8371f8	♻️ Centralized data models (wip)	2025-09-27 14:09:28 +08:00
LittleSheep	51b6f7309e	💄 Optimize the background file analyze process	2025-09-26 23:29:27 +08:00
LittleSheep	d75876a772	🐛 Proper file upload retries	2025-09-26 22:11:52 +08:00
LittleSheep	4910c3296b	🐛 Fix openid configuration outdated	2025-09-26 00:13:46 +08:00
LittleSheep	7b924fa075	🐛 Fix something	2025-09-26 00:03:09 +08:00
LittleSheep	d69c9f9623	♻️ Refactored swagger generation	2025-09-25 23:44:43 +08:00
LittleSheep	a88d828e21	✨ Fix swaggergen for drive	2025-09-25 23:14:17 +08:00
LittleSheep	14c93d372e	🐛 Fix develop missing a reference	2025-09-25 13:12:28 +08:00
LittleSheep	adf371a72e	🐛 Fix pool order	2025-09-25 02:35:33 +08:00
LittleSheep	c03f2472fa	♻️ Refactor Gateway and expose swagger	2025-09-25 01:29:22 +08:00
LittleSheep	50efe62bac	🐛 Fix birthday check in	2025-09-24 21:37:59 +08:00
LittleSheep	7bc94a9646	🔨 Update build script	2025-09-24 20:22:11 +08:00
LittleSheep	d9fe1273b5	🔨 Add gateway image build	2025-09-24 18:55:18 +08:00
LittleSheep	ff9d490869	🗃️ Update status migration	2025-09-24 13:48:36 +08:00
LittleSheep	266312e97e	✨ Automated status meta	2025-09-24 13:45:05 +08:00
LittleSheep	7087736e31	👔 New leveling algorithm	2025-09-24 12:54:14 +08:00
LittleSheep	82bf1608fd	🐛 Fix award handler	2025-09-23 23:05:41 +08:00
LittleSheep	3b3287db0b	✨ Add a proper Gateway service	2025-09-23 22:56:06 +08:00
LittleSheep	4573d9395f	🐛 Fix inconsistent chat meta	2025-09-23 22:34:47 +08:00
LittleSheep	a8c99b3128	✨ Editing message previous content diff	2025-09-23 15:27:26 +08:00
LittleSheep	fdd7bd3c9d	🐛 Fixes sync issue	2025-09-23 14:58:25 +08:00
LittleSheep	b785d0098b	💥 New message system and syncing API	2025-09-22 01:47:24 +08:00
LittleSheep	5b31357fe9	🐛 Fix websocket gateway, finally	2025-09-22 01:33:30 +08:00
LittleSheep	d5a5721402	🐛 Fix websocket gateway	2025-09-22 00:13:43 +08:00
LittleSheep	204640a759	♻️ Refactor the way to handle websocket	2025-09-21 23:07:20 +08:00
LittleSheep	e3657386cd	🐛 Fix websocket create rpc	2025-09-21 20:20:31 +08:00
LittleSheep	f81e3dc9f4	♻️ Move file analyze, upload into message queue	2025-09-21 19:38:40 +08:00
LittleSheep	b2a0d25ffa	✨ Functionable new upload method	2025-09-21 18:32:08 +08:00
LittleSheep	e1459951c4	🐛 Fix websocket gateway	2025-09-21 17:25:52 +08:00
LittleSheep	a88843a4c2	🐛 Fix aspire local dev issue	2025-09-21 17:25:43 +08:00
LittleSheep	4d83c2de31	⚗️ Experimental new file upload API	2025-09-21 16:33:34 +08:00
LittleSheep	f63c934cee	🐛 Fix bugs	2025-09-21 02:00:57 +08:00
LittleSheep	001da9ae40	🐛 Remove duplicate CORS	2025-09-21 01:58:08 +08:00
LittleSheep	4efbfa948a	🐛 Fix missing fields	2025-09-21 01:33:33 +08:00
LittleSheep	3458e85a8b	🐛 Fix subscription missing AccountId	2025-09-21 01:24:08 +08:00
LittleSheep	3710169f8c	🐛 Bug fixes	2025-09-20 16:29:45 +08:00
LittleSheep	9e4a58a8a0	🐛 Fix gha repo name	2025-09-19 23:18:25 +08:00
LittleSheep	dc93991de2	🐛 Fix gha again...	2025-09-19 23:15:35 +08:00
LittleSheep	b0154e1a63	🐛 Fix gha script	2025-09-19 23:12:50 +08:00
LittleSheep	66e14ffedb	:drunk: Give gemini gha script a try	2025-09-19 23:09:05 +08:00
LittleSheep	b152edb848	🐛 Fix gha script did not setup docker	2025-09-19 22:56:20 +08:00