Skip to main content

Command Palette

Search for a command to run...

SpriteDX - Billing

Published
2 min readView as Markdown
SpriteDX - Billing

Yesterday, we added very basic Google authentication. It is using Supabase and so far so good.

Today, we are adding billing and this is of the most challenging rabbit hole right now to navigate.

SpriteDX currently uses ComfyUI as a backend orchestrator, and in particular we are using ComfyUI’s default API nodes to generate AI arts and animations.

ComfyUI’s charging system for API nodes just charges the account inside https://api.comfy.org. Beautiful, and very conveniently, they don’t really provide any sort of public APIs. They take a rather black box approach at least for the time being.

Problem

ComfyUI API’s is a black box. There is no public APIs.

Approaches

Option 1: Ditch ComfyUI API and find some other more palatable providers.

Option 2: Set up a proxy node that will be a man in the middle to charge our users.

Fixing One Axis

Due to limited time I have today (1hr), I need to fix one side of the axis. Let’s just use Option 2. And experiment with a solution there.

Current Design

UI -> CloudFlare (vend API key) -> RunPod (ComfyUI) -> ComfyAPI (charging)

Proposed Design

UI -> CloudFlare -> RunPod (ComfyUI) -> CloudFlare (API key + charging) -> ComfyAPI (charging)

The basic idea is that:

  1. UI → Cloudflare Worker: “Run stage 1”

  2. Cloudflare Worker → RunPod: “Run stage 1“

  3. RunPod → CloudFlare Worker: “Run this ComfyAPI ($)“

  4. Cloudflare Worker

    1. Validate comfyAPI request against a allowlist.

      1. For now: BFL Flux.1 Dev [Fill] and Seedance 1 Pro.
    2. Reserve some number of credit (if not enough, fail fast).

    3. Proxy the request to Comfy API server (with the API KEY)

    4. Wait for the result then validate it.

    5. If result is good, charge the user that amount of credit.

    6. Then return the result back.


Why Are We Doing This?

Right now, the API allows users to run any arbitrary ComfyUI Workflows. We need a gate for billed partner APIs including ComfyUI API sets.


Will Man In The Middle Work?

RunPod’s running at an unknown origin, and from the perspective of api.comfy.org, whether we submit the request from RunPod address or submit it from Cloudflare, there shouldn’t be any difference.

Yeah, this is flaky as hell. But let’s just implement this as a practice and we will learn something as we do it.


Why not embed the gate keeping logic in the RunPod handler code?

I want to keep the API key not accessible in the RunPod instance.


That’s the gist of the plan.

— Sprited Dev 🐛

SpriteDX

Part 1 of 50

Tracks development of sprite generator AI tool. https://spritedx.com