What does the website do?
The website is the first-party business app. It handles login, partner creation, API-key rotation, admin tools, public rounds, Luckotto order records, and verification.
Luckotto platform FAQ
Answers for partner owners, integrators, support teams, and operators working with the monolithic Luckotto app.
Components
Where is the API?
The monolith exposes a small JSON REST API under /api/luckotto for quotes, Luckotto order creation, order lookup, round data, and trusted server-side order creation.
What does the iframe do?
The iframe is the /embed page served by the same app. Partners embed it with public query params.
Where do background jobs run?
Scanner, mempool, settlement, and reset jobs are root package commands. Production can run the scanner loop inside server.ts with RUN_WORKER=true.
Partners and Players
How do partners authenticate?
Each partner has one static API key for trusted server-side calls to /api/luckotto/orders/authenticated. It is created and rotated in the website, but it must never be placed in iframe URLs or browser code.
Does the iframe use the API key?
No. Every API operation used by the iframe is public and works from partnerId, playerUname, playerIdentifier, and deposit address context without an API key.
Do players log in to Luckotto?
No. Partners own their player account systems. Luckotto receives only playerUname and player identifier values from the partner context.
What is playerUname?
playerUname is a public display name. It can appear in ledgers and UI, so partners should treat it as public.
What is the player identifier?
The player identifier is a public opaque value. Anyone may see it, but it should be meaningless without partner-side context.
Deposits and Rounds
Are deposit addresses public?
Order records are public after creation. Each order has a dedicated deposit address so payment and allocation can be audited.
Does every partner get a separate prize pool?
No. All partners sell into the same global round. The prize pool is the sum of allocated weighted claim prices.
Does partner metadata affect winner selection?
No. Winner selection depends on the closing block hash, the resulting weighted draw order, and allocated ticket numbers, not partner metadata, API keys, playerUname, or player identifier.
What is public?
Round data, allocated numbers, requested numbers, partner display metadata, partner payout addresses, playerUname, player identifier, prices, fees, and order IDs can be public.