Skip to content

Environment variables

operator

Every env var, its scope (server vs NEXT_PUBLIC), what it gates, and the never-commit rules.

Core launch variables

VariableScopePurpose
NEXT_PUBLIC_SITE_URLpublicCanonical production URL for metadata, share links, OG images.
DATABASE_URLserverMarketplace Postgres (Neon) pooled connection string. Persistence is gated on its presence.
DIRECT_DATABASE_URLserverUnpooled connection for migrations, if the provider separates it (Neon also injects DATABASE_URL_UNPOOLED).
NEXT_PUBLIC_ENABLE_DB_REQUIREDpublic"true" makes production builds fail when DATABASE_URL/SESSION_SECRET are missing. Flip only after provisioning.
SESSION_SECRETserverSigns wallet session cookies (SIWE-style auth). Rotate to revoke all sessions.
NEXT_PUBLIC_WALLETCONNECT_PROJECT_IDpublicEnables the WalletConnect connector. Optional — injected browser wallets work without it.

Bankr / x402

VariableScopePurpose
BANKR_API_KEYserverBankr Agent API. Server-side only; never NEXT_PUBLIC.
BANKR_BASE_URLserverBankr API base (default https://api.bankr.bot).
BANKR_X402_TREASURY_PAYTOserverpayTo treasury wallet for deployed x402 services.
BANKR_AGENT_PROFILE_IDserverBankr Agent Profile id, once the profile exists.

Pre-existing app flags

The Phase 5 flags (AI_PROVIDER, NEXT_PUBLIC_ENABLE_X402, oracle/chain RPC settings, and the mock/live feature flags) are documented in Modes & flags. Live-path flags ship disabled by default and require release approval to flip.

Checking an environment

bash
pnpm check:env            # local
vercel env ls production  # names + scopes only
vercel env pull .env.local

$HISS is independent research software in paper mode — not investment advice, and not affiliated with Robinhood, Bankr, or Chainlink.