Skip to main content

Environment Variables

Complete reference for configuring SHIELD.

Required Variables

Database

POSTGRES_URL=postgresql://user:password@host:port/database
PostgreSQL connection string using Neon or your provider.

Authentication

JWT_SECRET=your_random_32_character_string
Secret for signing JWT sessions. Generate with: 
openssl rand -base64 32

Blockchain RPC

BASE_RPC_URL=https://mainnet.base.org
# or for development:
BASE_MAINNET_RPC_URL=https://mainnet.base.org
Base network RPC endpoint. Can use public endpoint or private RPC.

Smart Contracts

NEXT_PUBLIC_CONTRACT_ADDRESS=0x...
Shield contract address on Base mainnet.

WalletConnect

NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID=your_project_id
Get from WalletConnect Cloud.

IPFS (Pinata)

PINATA_JWT=eyJhbGciOiJIUzI1NiIs...
NEXT_PUBLIC_PINATA_API_KEY=your_pinata_api_key
  • PINATA_JWT: Server-side JWT for IPFS operations
  • NEXT_PUBLIC_PINATA_API_KEY: Client-side restricted key for uploads

Upgrade Payments

NEXT_PUBLIC_UPGRADE_WALLET_ADDRESS=0x...
NEXT_PUBLIC_USDC_CONTRACT_ADDRESS=0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913
USDC_CONTRACT_ADDRESS=0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913
UPGRADE_WALLET_ADDRESS=0x...
  • Upgrade wallet: Where USDC payments are sent
  • USDC contract: Base mainnet USDC token address

Optional Variables

Application URLs

FRONTEND_URL=https://app.shieldhq.xyz
NEXT_PUBLIC_FRONTEND_URL=https://app.shieldhq.xyz
VERCEL_URL=your-project.vercel.app

Admin Configuration

ADMIN_ADDRESSES=0x123...,0x456...
SUPER_ADMIN_ADDRESSES=0xabc...,0xdef...
TEAM_ADMIN_ADDRESSES=0x789...,0x012...
Comma-separated list of admin wallet addresses.

Cron Jobs

CRON_SECRET=your_cron_secret
Secret for authorizing cron job requests.

Third-Party APIs

TALENT_PROTOCOL_API_KEY=your_api_key
ETHERSCAN_API_KEY=your_api_key

Monitoring

NEXT_PUBLIC_VERCEL_ANALYTICS_ID=...
SENTRY_DSN=...

Configuration by Environment

Development

NODE_ENV=development
NEXT_PUBLIC_FRONTEND_URL=http://localhost:3000
FRONTEND_URL=http://localhost:3000
POSTGRES_URL=postgresql://postgres:password@localhost:5432/shield
NEXT_PUBLIC_CONTRACT_ADDRESS=0x...sepolia...
BASE_RPC_URL=https://sepolia.base.org

Production

NODE_ENV=production
NEXT_PUBLIC_FRONTEND_URL=https://app.shieldhq.xyz
FRONTEND_URL=https://app.shieldhq.xyz
POSTGRES_URL=postgresql://...neon.tech/shield
NEXT_PUBLIC_CONTRACT_ADDRESS=0x...mainnet...
BASE_RPC_URL=https://mainnet.base.org

Security Best Practices

❌ Never Commit

JWT_SECRET
POSTGRES_URL
PINATA_JWT
CRON_SECRET
UPGRADE_WALLET_ADDRESS (private)

✅ Safe to Expose (NEXT_PUBLIC_*)

NEXT_PUBLIC_CONTRACT_ADDRESS
NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID
NEXT_PUBLIC_FRONTEND_URL
NEXT_PUBLIC_PINATA_API_KEY (restricted)
NEXT_PUBLIC_UPGRADE_WALLET_ADDRESS
NEXT_PUBLIC_USDC_CONTRACT_ADDRESS

Platform-Specific

Vercel

Add in Project Settings → Environment Variables:
NameValue
POSTGRES_URLpostgresql://…
JWT_SECRET
PINATA_JWTeyJ…
NEXT_PUBLIC_CONTRACT_ADDRESS0x…

Troubleshooting

SymptomLikely Cause
”JWT_SECRET is missing”JWT_SECRET not set
”POSTGRES_URL is missing”Database URL not configured
IPFS upload failsPINATA_JWT invalid or expired
Contract calls failNEXT_PUBLIC_CONTRACT_ADDRESS wrong
Database connection failsPOSTGRES_URL malformed