Direction, not commitments.
The north star: an AI-native iGaming framework where agents don't just help build it - they help run it.
Live in the repo today
Actively planned, coming next
Directional - not committed
Most iGaming platforms are built and operated by large specialist teams. Openora is a framework designed so AI agents are first-class from day one: they read the self-describing codebase, build features, write tests, review changes and - over time - assist operations. Its job is to stay contract-first, headless and greppable, so agents can always reason about it safely.
What Openora does.
Player-, wallet-, compliance- and game-facing capabilities, and how far along each one is.
Player management
- Player profile - core data and status management
- Player status change history
- Player segmentation and tagging
- GDPR export and erasure
- Age-gate / DOB enforcement
- AI-driven player insights and segment suggestions via MCP
Access control
- Admin authentication
- Roles and permissions matrix
-
-
Wallet management
- Omnibus wallet - deposits, withdrawals, auto-withdrawal rules
- Transaction history (wins, losses, multi-currency)
- PSP adapter port - operators bind their own payment provider
- Idempotency keys on the deposit/withdraw money path
- Crypto custody adapter interface - operators bring their own custody solution
- A production PSP reference implementation (only a mock ships today)
- Per-user vs. omnibus custody as a configurable choice
Compliance
- KYC interface - plug in any external provider (a mock ships as the reference)
- Responsible gambling - limits, cooling-off, self-exclusion
- Audit log - append-only, sha256 hash-chained event logging
- Sealed tokens - a plugin cannot override a regulator-mandated service
- Geo rules - jurisdiction allow/deny at the edge of the API
- Sealed-token implementations (RG, AML/SAR, ledger, RNG)
- AML / SAR monitoring foundations
- Geo-deny baseline - OFAC / sanctions lists
- A production KYC vendor binding
- GDPR export and erasure
- Age-gate / DOB enforcement
- Jurisdiction-specific compliance rule packs
Game management
- Game catalogue, lobby categories and featured slots
- Game rounds - start/end, recorded against the wallet
- Game, RNG and aggregator adapter ports (mock implementations ship)
- A production game aggregator reference implementation
- Sportsbook adapter interface - operators bring their own odds and risk provider
- Promotions and bonus engine management
Backoffice experience
- Admin-console module - admin routes behind a single AdminGuard enforcement point
- Roles, permissions and admin invitations (IAM)
- A public reference backoffice UI, decoupled from any operator's brand
- Full module coverage in that reference UI (wallet, RG, KYC screens)
- White-label backoffice themes for studios and partners
- Multi-brand management from a single backoffice
AI operations
- MCP server - manage Openora via natural language
- Configurable agent scope - operators control what agents can touch
- AI copilots surfaced in the backoffice UI
- Agent-assisted ops - fraud triage, support, compliance review
- AI-driven player insights and segment suggestions
How it's built.
Repository, architecture, AI-native tooling and the quality bar behind the product.
Repository
- Public release readiness - no client refs, no secrets
- Drizzle migrations squashed to a clean baseline
- AGPLv3 + commercial license integrated
- Repository and backoffice pages cleanup
- Stable 1.0 release line with semver guarantees
-
Architecture
- Published @openora/core on npm - consumers upgrade by bumping a version, no forking
- Single @openora/core package with domain subpaths
- Headless - no UI in core, frontend lives in the consumer
- oRPC + Hono API with Zod-first contracts
- Plugin host with last-wins adapter binding
- create:app scaffolds a downstream operator repo linked to core
-
- A durable broker driver (Kafka/Redpanda, NATS) as a drop-in swap
- Hot modules extractable to independent deployables
- Multi-brand / multi-tenant hardening for studios
AI-native surface
- MCP dev server - list modules, routes, schemas, propose tables
- AGENTS.md per module - AI-first documentation
- Claude Code + GitHub Copilot parity via pnpm sync:agents
- Scaffolders - pnpm gen module | route | plugin | adapter | event | job-worker
-
- Agent-built verticals - promotions, loyalty, reporting end-to-end
- Richer scaffolders and playbooks per business domain
Documentation and DX
- Architecture docs - contract spine, plugin host, adapter seams
- Consumer / Operator Guide - how to extend without forking
- Quick Start - clone, install, run in under 15 minutes
- Reference adapter - mock KYC as a starting point
-
-
Quality and security
- OSS security review - secrets scan, dependency scan, repo audit
- No-drift CI check on all generated files
- pnpm verify (typecheck + boundary lint + unit) + integration in CI
- E2E test coverage for all money-path flows
- E2E test coverage for auth flows
-
Adapter contracts
-
- Production-ready PSP adapter contract with reference implementation
- Production-ready crypto custody adapter contract
- Game aggregator adapter contract with reference implementation
- Sportsbook adapter contract with reference implementation
- CRM and marketing platform adapter contract
- Notifications adapter contract (email, SMS, push)
- Analytics adapter contract
Infrastructure
-
- Reusable Pulumi infra generator - ECS, RDS, Redis, ALB
- igaming-deployer agent wired into the consumer scaffolder
-
Ecosystem
-
-
- Community plugin marketplace
- Adapter registry - PSP, KYC, aggregator, notifications, CRM
Built for agents, not bolted onto them.
Machine-readable (Zod + OpenAPI) so agents validate against truth, not guesses.
AGENTS.md files are written for agents first, humans second.
MCP servers and scaffolders give agents safe, deterministic actions instead of free-form edits.
Boundary lint, sealed tokens and drift checks let an agent move fast without breaking architecture or compliance.
This page is a living document - it tracks the ADRs under docs/adr/ in the Openora repo. Treat dates and scope as directional.
Build it. Evolve it.
Own it.
Whether you're building from scratch, extending a legacy platform or planning a gradual migration, the framework gives you the freedom to evolve without vendor lock-in.