create-varity-app 2.0.0-beta.1 → 2.0.0-beta.3

package/dist/create.js

@@ -7,7 +7,7 @@ import ora from "ora";
 import { getInstallCommand } from "./utils.js";
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
-const VARITY_PACKAGE_VERSION = "^2.0.0-alpha.1";
+const VARITY_PACKAGE_VERSION = "^2.0.0-beta.2";
 const WORKSPACE_DEPS = {
     "@varity-labs/sdk": VARITY_PACKAGE_VERSION,
     "@varity-labs/types": VARITY_PACKAGE_VERSION,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-varity-app",
-  "version": "2.0.0-beta.1",
+  "version": "2.0.0-beta.3",
   "description": "Create production-ready apps with auth, database, and payments built in",
   "license": "MIT",
   "repository": {

package/template/.env.example

@@ -6,9 +6,9 @@
 # For production: `varitykit app deploy` injects all credentials automatically.
 # You never need to manually set these values.
 
-# Auth (optional — dev credentials used automatically when blank)
-NEXT_PUBLIC_PRIVY_APP_ID=
-NEXT_PUBLIC_THIRDWEB_CLIENT_ID=
+# Auth configuration (managed by Varity)
+# Leave blank for dev mode, auto-configured on deploy
+NEXT_PUBLIC_VARITY_AUTH_ID=
 
 # Database (optional — dev database used automatically when blank)
 NEXT_PUBLIC_VARITY_APP_TOKEN=

package/template/KNOWN_ISSUES.md

@@ -1,6 +1,6 @@
-# Known Issues — SaaS Starter Template
+# Known Issues -- SaaS Starter Template
 
-> **Last Updated:** February 14, 2026
+> **Last Updated:** March 4, 2026
 > **Template:** `saas-starter` (TaskFlow)
 > **Status:** All features functional, builds with 0 errors (8 routes + _not-found)
 
@@ -11,17 +11,17 @@
 | Feature | Status | Notes |
 |---------|--------|-------|
 | Landing Page | Working | 6 sections, scroll animations, social proof, testimonials, dashboard mockup |
-| Login | Working | Privy email/Google auth, zero-config with dev credentials, auto-redirect |
+| Login | Working | Email/Google auth, zero-config with dev credentials, auto-redirect |
 | Dashboard | Working | KPI cards, getting started checklist, recent activity feed |
 | Projects CRUD | Working | Master-detail, nested tasks, CSV export, validation, optimistic updates |
 | Tasks CRUD | Working | Status cycling (click to advance), filtering, CSV export, cross-references projects |
 | Team CRUD | Working | Invite members, role management, email validation, role badges |
-| Settings | Working | 4 tabs (General, Security, Billing, Account), backend persistence via DB Proxy, skeleton loading |
+| Settings | Working | 4 tabs (General, Security, Billing, Account), backend persistence, skeleton loading |
 | Command Palette | Working | Cmd+K / Ctrl+K, searches pages and actions |
 | Toast Notifications | Working | Success/error/info with progress bar, exit animation, max 3 stack |
 | Protected Routes | Working | Automatic redirect for unauthenticated users |
 | Color Themes | Working | 4 built-in presets (Blue, Purple, Green, Orange) via CSS variables |
-| Static Export | Working | `output: 'export'` for IPFS deployment |
+| Static Export | Working | `output: 'export'` for static hosting deployment |
 | Mobile Nav | Working | Hamburger menu with responsive sidebar |
 | CSV Export | Working | One-click export for tasks and projects |
 | SEO | Working | OpenGraph, Twitter cards, robots.txt, sitemap template |
@@ -29,25 +29,25 @@
 ## Known Issues
 
 ### 1. Navigation Flash (UI-Kit Limitation)
-Brief "Initializing Dashboard" screen when navigating between dashboard pages. Caused by `PrivyReadyGate` in UI-Kit re-checking auth state on each route change. Resolves in <1 second. This is a UI-Kit issue, not template-side.
+Brief "Initializing Dashboard" screen when navigating between dashboard pages. Caused by the auth guard in UI-Kit re-checking auth state on each route change. Resolves in <1 second. This is a UI-Kit issue, not template-side.
 
 ### 2. DashboardLayout Mobile Support
-The `DashboardLayout` from `@varity-labs/ui-kit` does not include mobile navigation. The template provides its own responsive sidebar in `src/app/dashboard/layout.tsx` as a workaround. UI-Kit mobile improvements are planned post-MVP.
+The `DashboardLayout` from `@varity-labs/ui-kit` does not include mobile navigation. The template provides its own responsive sidebar in `src/app/dashboard/layout.tsx` as a workaround. UI-Kit mobile improvements are planned.
 
 ### 3. Billing Section is Mock
 The Settings > Billing tab shows a mock UI (plan name, usage bars, payment method). Developers should wire their own billing provider (Stripe, etc.).
 
 ### 4. Sessions Are Mock
-The Settings > Security tab shows active sessions with a "Revoke" button. Session data is client-side mock — real session management is handled by Privy (the auth provider).
+The Settings > Security tab shows active sessions with a "Revoke" button. Session data is client-side mock -- real session management is handled by the auth provider.
 
 ### 5. Password & Profile Managed by Auth Provider
-"Change password" and profile photo are managed by Privy (the auth provider). The Settings page shows informational dialogs explaining this.
+"Change password" and profile photo are managed by the authentication provider. The Settings page shows informational dialogs explaining this.
 
 ### 6. No Server-Side Rendering
 All pages are statically exported (`output: 'export'`). No server-side rendering, API routes, or middleware. Data fetching happens client-side via the SDK.
 
 ### 7. Team Email Invites
-No SMTP integration — team members are added to the database only. No invitation email is sent. Developers should integrate their own email service.
+No SMTP integration -- team members are added to the database only. No invitation email is sent. Developers should integrate their own email service.
 
 ## Environment
 

package/template/README.md

@@ -1,8 +1,8 @@
-# TaskFlow — SaaS Starter Template
+# TaskFlow -- SaaS Starter Template
 
 [![Built with Varity](https://img.shields.io/badge/built%20with-Varity-7C3AED)](https://varity.so)
 
-A full-featured project management app built with [Varity](https://varity.so). Everything works immediately — no configuration, no API keys, no setup.
+A full-featured project management app built with [Varity](https://varity.so). Everything works immediately -- no configuration, no API keys, no setup.
 
 ## Quick Start
 
@@ -23,12 +23,12 @@ No `.env` file needed. No accounts to create. No credentials to configure.
 
 Transform this into your own branded SaaS app:
 
-1. **App name** — Edit `APP_NAME` in `src/lib/constants.ts`
-2. **Logo** — Replace `public/logo.svg` with your logo
-3. **Colors** — Open `src/app/globals.css` and uncomment a color preset (Purple, Green, or Orange) or set your own
-4. **Meta title** — Update the `title` and `description` in `src/app/layout.tsx`
-5. **Navigation** — Edit `NAVIGATION_ITEMS` in `src/lib/constants.ts` to rename or add sidebar links
-6. **Landing page** — Edit the sections in `src/components/landing/` (Hero, Features, Pricing, etc.)
+1. **App name** -- Edit `APP_NAME` in `src/lib/constants.ts`
+2. **Logo** -- Replace `public/logo.svg` with your logo
+3. **Colors** -- Open `src/app/globals.css` and uncomment a color preset (Purple, Green, or Orange) or set your own
+4. **Meta title** -- Update the `title` and `description` in `src/app/layout.tsx`
+5. **Navigation** -- Edit `NAVIGATION_ITEMS` in `src/lib/constants.ts` to rename or add sidebar links
+6. **Landing page** -- Edit the sections in `src/components/landing/` (Hero, Features, Pricing, etc.)
 
 ## Built-in Color Themes
 
@@ -44,71 +44,53 @@ Switch your entire app's color scheme by editing `src/app/globals.css`:
 
 ## What's Included
 
-- **Zero-Config Auth** — Email and social login works out of the box
-- **Zero-Config Database** — Data persistence with isolated dev environment
-- **Dashboard** — KPI cards, data tables, status badges, getting started guide
-- **Full CRUD** — Create, read, update, delete for projects, tasks, and team members
-- **Command Palette** — Cmd+K search across all data
-- **Protected Routes** — Automatic redirect for unauthenticated users
-- **Landing Page** — Professional marketing page with hero, features, pricing, testimonials
-- **Mobile Responsive** — Hamburger menu, responsive layouts, touch-friendly
-- **TypeScript** — Full type safety throughout
-- **Tailwind CSS** — Utility-first styling with CSS variable theming
+- **Zero-Config Auth** -- Email and social login works out of the box
+- **Zero-Config Database** -- Data persistence with isolated dev environment
+- **Dashboard** -- KPI cards, data tables, status badges, getting started guide
+- **Full CRUD** -- Create, read, update, delete for projects, tasks, and team members
+- **Command Palette** -- Cmd+K search across all data
+- **Protected Routes** -- Automatic redirect for unauthenticated users
+- **Landing Page** -- Professional marketing page with hero, features, pricing, testimonials
+- **Mobile Responsive** -- Hamburger menu, responsive layouts, touch-friendly
+- **TypeScript** -- Full type safety throughout
+- **Tailwind CSS** -- Utility-first styling with CSS variable theming
 
-## ✅ Zero Configuration Required
+## Zero Configuration Required
 
 This template works immediately with **zero setup**:
 
 ### Instant Auth
-- ✅ Email login (Privy)
-- ✅ Google/Apple social login
-- ✅ Dev credentials built-in
-- ❌ No env vars needed
+- Email login (email + Google)
+- Social login support
+- Dev credentials built-in
+- No env vars needed
 
 ### Instant Database
-- ✅ Create, read, update, delete data
-- ✅ Dev token built-in
-- ✅ Production-ready proxy
-- ❌ No credentials needed
+- Create, read, update, delete data
+- Dev token built-in
+- Production-ready
+- No credentials needed
 
 ### Instant Deploy
 ```bash
-npm run deploy
+varitykit app deploy
 ```
-- ✅ Deploys to IPFS
-- ✅ Auto-fetches credentials
-- ❌ No thirdweb account needed
+- Deploys to production
+- Auto-configures credentials
+- No accounts needed
 
 ---
 
-## 🏗️ Architecture
-
-### Workspace Dependencies
-This template uses `workspace:^` protocol for Varity packages:
-```json
-{
-  "dependencies": {
-    "@varity-labs/sdk": "workspace:^",
-    "@varity-labs/ui-kit": "workspace:^",
-    "@varity-labs/types": "workspace:^"
-  }
-}
-```
-
-**Why?** Ensures you always use the latest local package versions during development.
-
-**Publishing:** When published to npm, `workspace:^` converts to `^2.0.0-alpha.1` automatically.
-
 ### Static Export Ready
-- ✅ `output: 'export'` in next.config.js
-- ✅ All pages pre-rendered to static HTML
-- ✅ No server-side dependencies
-- ✅ IPFS/CDN deployable
+- `output: 'export'` in next.config.js
+- All pages pre-rendered to static HTML
+- No server-side dependencies
+- CDN deployable
 
 ### Type Safety
-- ✅ TypeScript strict mode enabled
-- ✅ All errors surface during build
-- ✅ No `ignoreBuildErrors` flag
+- TypeScript strict mode enabled
+- All errors surface during build
+- No `ignoreBuildErrors` flag
 
 ## Project Structure
 
@@ -205,18 +187,17 @@ export function useInvoices(): UseCollectionReturn<Invoice> {
 const { data, loading, create, update, remove } = useInvoices();
 ```
 
-The database collection is created automatically on first use — no migrations needed.
+The database collection is created automatically on first use -- no migrations needed.
 
 ## Environment Variables
 
 **For development:** Leave everything blank. Shared development credentials are used automatically.
 
-**For production:** Run `varitykit app deploy` — it injects all credentials into your build automatically. You never need to manually set API keys.
+**For production:** Run `varitykit app deploy` -- it injects all credentials into your build automatically. You never need to manually set API keys.
 
 | Variable | Required | Notes |
 |----------|----------|-------|
 | `NEXT_PUBLIC_PRIVY_APP_ID` | No | Auth provider (auto-configured) |
-| `NEXT_PUBLIC_THIRDWEB_CLIENT_ID` | No | Infrastructure (auto-configured) |
 | `NEXT_PUBLIC_VARITY_APP_TOKEN` | No | Database token (auto-configured) |
 | `NEXT_PUBLIC_VARITY_APP_ID` | No | App ID (auto-configured) |
 
@@ -230,7 +211,7 @@ varitykit app deploy
 varitykit app deploy --submit-to-store
 ```
 
-The CLI builds your app, provisions a private database, injects production credentials, and deploys — all in one command.
+The CLI builds your app, provisions a private database, injects production credentials, and deploys -- all in one command.
 
 **Deploy from your AI editor:** Set up the [Varity MCP server](https://docs.varity.so/mcp) (`npx @varity-labs/mcp`) and ask your AI to "deploy this project".
 

package/template/next.config.js

@@ -5,7 +5,7 @@ const nextConfig = {
   trailingSlash: true,
   productionBrowserSourceMaps: false,
   webpack: (config, { isServer, dev }) => {
-    // Suppress MetaMask SDK warning for @react-native-async-storage
+    // Suppress async-storage warning from auth provider dependencies
     config.resolve.fallback = {
       ...config.resolve.fallback,
       '@react-native-async-storage/async-storage': false,

package/template/package.json

@@ -19,7 +19,7 @@
   "dependencies": {
     "@varity-labs/sdk": "workspace:^",
     "@varity-labs/types": "workspace:^",
-    "@varity-labs/ui-kit": "workspace:^",
+    "@varity-labs/ui-kit": "^2.0.0-beta.3",
     "lucide-react": "^0.400.0",
     "next": "^15.0.0",
     "react": "^18.3.0",

package/template/src/app/dashboard/layout.tsx

@@ -7,18 +7,20 @@ import { useProjects, useTasks, useTeam } from '@/lib/hooks';
 import { CommandPalette } from '@varity-labs/ui-kit';
 import { Menu, X } from 'lucide-react';
 
-// Conditionally import Privy/UI-Kit components
+// Conditionally import UI-Kit components
 let DashboardLayout: any = null;
-let PrivyProtectedRoute: any = null;
-let PrivyStackComponent: any = null;
-let usePrivyHook: any = null;
+let ProtectedRoute: any = null;
+let AuthStackComponent: any = null;
+let ZeroDevProviderComponent: any = null;
+let useAuthHook: any = null;
 
 try {
   const uiKit = require('@varity-labs/ui-kit');
   DashboardLayout = uiKit.DashboardLayout;
-  PrivyProtectedRoute = uiKit.PrivyProtectedRoute;
-  PrivyStackComponent = uiKit.PrivyStack;
-  usePrivyHook = uiKit.usePrivy;
+  ProtectedRoute = uiKit.PrivyProtectedRoute;
+  AuthStackComponent = uiKit.PrivyStack;
+  ZeroDevProviderComponent = uiKit.ZeroDevProvider;
+  useAuthHook = uiKit.useAuth;
 } catch {}
 
 function RedirectToLogin() {
@@ -111,8 +113,8 @@ function MobileNav({
 
 function DashboardShell({ children }: { children: React.ReactNode }) {
   // eslint-disable-next-line react-hooks/rules-of-hooks -- conditional on require() success, stable across renders
-  const privy = usePrivyHook ? usePrivyHook() : { user: null, logout: async () => {} };
-  const { user, logout } = privy;
+  const auth = useAuthHook ? useAuthHook() : { user: null, logout: async () => {} };
+  const { user, logout } = auth;
   const pathname = usePathname();
   const router = useRouter();
   const isMobile = useIsMobile();
@@ -152,7 +154,7 @@ function DashboardShell({ children }: { children: React.ReactNode }) {
   const userName = user?.email?.address?.split('@')[0] || 'User';
   const userEmail = user?.email?.address || '';
 
-  const handleLogout = async () => {
+  const handleSignOut = async () => {
     await logout();
     router.push('/');
   };
@@ -194,7 +196,7 @@ function DashboardShell({ children }: { children: React.ReactNode }) {
               </nav>
               <div className="mt-8 px-3 border-t border-gray-200 pt-4">
                 <button
-                  onClick={handleLogout}
+                  onClick={handleSignOut}
                   className="flex w-full items-center gap-3 rounded-lg px-3 py-2.5 text-sm font-medium text-red-600 hover:bg-red-50 transition-colors"
                 >
                   Sign Out
@@ -210,7 +212,7 @@ function DashboardShell({ children }: { children: React.ReactNode }) {
               onClose={() => setMobileMenuOpen(false)}
               navItems={navWithActive}
               userEmail={userEmail}
-              onLogout={handleLogout}
+              onLogout={handleSignOut}
               onNavigate={(path) => router.push(path)}
             />
           )}
@@ -241,7 +243,7 @@ function DashboardShell({ children }: { children: React.ReactNode }) {
           onClose={() => setMobileMenuOpen(false)}
           navItems={navWithActive}
           userEmail={userEmail}
-          onLogout={handleLogout}
+          onLogout={handleSignOut}
           onNavigate={(path) => router.push(path)}
         />
       )}
@@ -257,7 +259,7 @@ function DashboardShell({ children }: { children: React.ReactNode }) {
             name: userName,
             address: userEmail,
           }}
-          onLogout={handleLogout}
+          onLogout={handleSignOut}
           onNavigateToProfile={() => router.push('/dashboard/settings')}
           onNavigateToSettings={() => router.push('/dashboard/settings')}
           onSearchClick={() => setCommandPaletteOpen(true)}
@@ -277,22 +279,23 @@ export default function DashboardRootLayout({
 }: {
   children: React.ReactNode;
 }) {
-  // Always wrap in PrivyStack + PrivyProtectedRoute - uses dev credentials automatically when env vars are empty
-  if (!PrivyProtectedRoute || !PrivyStackComponent) {
+  // Auth provider (managed by Varity) with gas sponsorship
+  if (!ProtectedRoute || !AuthStackComponent || !ZeroDevProviderComponent) {
     // Fallback if ui-kit package isn't installed
     return <DashboardShell>{children}</DashboardShell>;
   }
 
   return (
-    <PrivyStackComponent
-      appId={process.env.NEXT_PUBLIC_PRIVY_APP_ID}
-      thirdwebClientId={process.env.NEXT_PUBLIC_THIRDWEB_CLIENT_ID}
+    <AuthStackComponent
+      appId={process.env.NEXT_PUBLIC_VARITY_AUTH_ID}
       loginMethods={['email', 'google']}
       appearance={{ theme: 'light', accentColor: '#2563EB', logo: '/logo.svg' }}
     >
-      <PrivyProtectedRoute fallback={<RedirectToLogin />}>
-        <DashboardShell>{children}</DashboardShell>
-      </PrivyProtectedRoute>
-    </PrivyStackComponent>
+      <ZeroDevProviderComponent>
+        <ProtectedRoute fallback={<RedirectToLogin />}>
+          <DashboardShell>{children}</DashboardShell>
+        </ProtectedRoute>
+      </ZeroDevProviderComponent>
+    </AuthStackComponent>
   );
 }

package/template/src/app/dashboard/settings/page.tsx

@@ -37,15 +37,15 @@ import {
   Key,
 } from 'lucide-react';
 
-const privyAppId = process.env.NEXT_PUBLIC_PRIVY_APP_ID;
+const authAppId = process.env.NEXT_PUBLIC_VARITY_AUTH_ID;
 
-let PrivyUserProfile: any = null;
-let usePrivyHook: any = null;
+let UserProfileComponent: any = null;
+let useAuthHook: any = null;
 
 try {
   const uiKit = require('@varity-labs/ui-kit');
-  PrivyUserProfile = uiKit.PrivyUserProfile;
-  usePrivyHook = uiKit.usePrivy;
+  UserProfileComponent = uiKit.PrivyUserProfile;
+  useAuthHook = uiKit.useAuth;
 } catch {}
 
 const TABS = [
@@ -79,7 +79,7 @@ export default function SettingsPage() {
   const { settings, loading, update: updateSettings } = useUserSettings();
   const toast = useToast();
   // eslint-disable-next-line react-hooks/rules-of-hooks -- conditional on require() + env var, stable across renders
-  const privy = privyAppId && usePrivyHook ? usePrivyHook() : { logout: async () => {} };
+  const auth = authAppId && useAuthHook ? useAuthHook() : { logout: async () => {} };
 
   const [activeTab, setActiveTab] = useState<TabId>('general');
 
@@ -556,14 +556,14 @@ export default function SettingsPage() {
         )}
       </div>
 
-      {/* Privy Account Settings */}
-      {privyAppId && PrivyUserProfile && (
+      {/* Advanced Account Settings */}
+      {authAppId && UserProfileComponent && (
         <div className="rounded-xl border border-gray-200 bg-white p-6 shadow-sm">
           <h2 className="mb-4 text-lg font-semibold text-gray-900 flex items-center gap-2">
             <Key className="h-5 w-5" />
-            Account Settings (Privy)
+            Advanced Account Settings
           </h2>
-          <PrivyUserProfile showLogoutButton={false} />
+          <UserProfileComponent showLogoutButton={false} />
         </div>
       )}
 
@@ -577,7 +577,7 @@ export default function SettingsPage() {
           These actions are permanent and cannot be undone.
         </p>
         <div className="flex flex-wrap gap-3">
-          <Button variant="danger" onClick={() => privy.logout()}>
+          <Button variant="danger" onClick={() => auth.logout()}>
             <LogOut className="h-4 w-4" />
             Sign Out
           </Button>

package/template/src/app/layout.tsx

@@ -5,7 +5,7 @@ import './globals.css';
 export const metadata: Metadata = {
   title: 'TaskFlow - Project Management',
   description: 'Manage projects, track tasks, and collaborate with your team.',
-  metadataBase: new URL('https://example.com'),
+  metadataBase: new URL('https://varity.so'),
   openGraph: {
     title: 'TaskFlow - Project Management',
     description: 'Manage projects, track tasks, and collaborate with your team.',

package/template/src/app/login/page.tsx

@@ -6,29 +6,31 @@ import Link from 'next/link';
 import { CheckCircle } from 'lucide-react';
 import { APP_NAME } from '@/lib/constants';
 
-let PrivyStackComponent: any = null;
-let usePrivyHook: (() => { authenticated: boolean; ready: boolean; login: () => void }) | null = null;
+let AuthStackComponent: any = null;
+let ZeroDevProviderComponent: any = null;
+let useAuthHook: (() => { authenticated: boolean; ready: boolean; login: () => void }) | null = null;
 
 try {
   const uiKit = require('@varity-labs/ui-kit');
-  PrivyStackComponent = uiKit.PrivyStack;
-  usePrivyHook = uiKit.usePrivy;
+  AuthStackComponent = uiKit.PrivyStack;
+  ZeroDevProviderComponent = uiKit.ZeroDevProvider;
+  useAuthHook = uiKit.useAuth;
 } catch {}
 
 function LoginContent() {
   const router = useRouter();
   // eslint-disable-next-line react-hooks/rules-of-hooks -- conditional on require() success, stable across renders
-  const privy = usePrivyHook ? usePrivyHook() : null;
+  const auth = useAuthHook ? useAuthHook() : null;
 
   useEffect(() => {
-    if (privy?.authenticated) {
+    if (auth?.authenticated) {
       router.push('/dashboard');
     }
-  }, [privy?.authenticated, router]);
+  }, [auth?.authenticated, router]);
 
-  const handleLogin = () => {
-    if (privy?.login) {
-      privy.login();
+  const handleSignIn = () => {
+    if (auth?.login) {
+      auth.login();
     }
   };
 
@@ -49,15 +51,15 @@ function LoginContent() {
         </div>
 
         <div className="rounded-xl border border-gray-200 bg-white p-8 shadow-sm">
-          {privy ? (
+          {auth ? (
             <button
-              onClick={handleLogin}
-              disabled={!privy.ready || privy.authenticated}
+              onClick={handleSignIn}
+              disabled={!auth.ready || auth.authenticated}
               className="w-full px-6 py-3 bg-primary-600 hover:bg-primary-700 disabled:bg-gray-300 disabled:cursor-not-allowed text-white font-medium rounded-lg transition-colors shadow-sm"
             >
-              {!privy.ready
+              {!auth.ready
                 ? 'Loading...'
-                : privy.authenticated
+                : auth.authenticated
                 ? 'Already Signed In'
                 : 'Sign In with Email or Social'}
             </button>
@@ -79,17 +81,18 @@ function LoginContent() {
 }
 
 export default function LoginPage() {
-  // Always wrap in PrivyStack - it uses dev credentials automatically when no appId is provided
-  if (PrivyStackComponent) {
+  // Auth provider (managed by Varity) with gas sponsorship
+  if (AuthStackComponent && ZeroDevProviderComponent) {
     return (
-      <PrivyStackComponent
-        appId={process.env.NEXT_PUBLIC_PRIVY_APP_ID}
-        thirdwebClientId={process.env.NEXT_PUBLIC_THIRDWEB_CLIENT_ID}
+      <AuthStackComponent
+        appId={process.env.NEXT_PUBLIC_VARITY_AUTH_ID}
         loginMethods={['email', 'google']}
         appearance={{ theme: 'light', accentColor: '#2563EB', logo: '/logo.svg' }}
       >
-        <LoginContent />
-      </PrivyStackComponent>
+        <ZeroDevProviderComponent>
+          <LoginContent />
+        </ZeroDevProviderComponent>
+      </AuthStackComponent>
     );
   }
 

package/template/src/components/providers.tsx

@@ -5,7 +5,7 @@ import { ToastProvider } from '@varity-labs/ui-kit';
 
 export function Providers({ children }: { children: ReactNode }) {
   // Only ToastProvider at the global level.
-  // PrivyStack is added in dashboard/layout.tsx and login/page.tsx —
+  // Auth provider is added in dashboard/layout.tsx and login/page.tsx —
   // the landing page loads instantly without any auth dependency.
   return <ToastProvider>{children}</ToastProvider>;
 }

package/template/src/lib/hooks.ts

@@ -4,18 +4,18 @@ import { useState, useEffect, useCallback } from 'react';
 import { projects, tasks, teamMembers, userSettings } from './database';
 import type { Project, Task, TeamMember, UserSettings } from '../types';
 
-let usePrivyHook: any = null;
+let useAuthHook: any = null;
 try {
   const uiKit = require('@varity-labs/ui-kit');
-  usePrivyHook = uiKit.usePrivy;
+  useAuthHook = uiKit.useAuth;
 } catch {}
 
 export function useCurrentUser() {
   // eslint-disable-next-line react-hooks/rules-of-hooks -- conditional on require() success, stable across renders
-  const privy = usePrivyHook ? usePrivyHook() : { user: null, authenticated: false, logout: async () => {} };
+  const auth = useAuthHook ? useAuthHook() : { user: null, authenticated: false, logout: async () => {} };
 
-  // Extract email from any Privy auth method (email, Google, GitHub, etc.)
-  const user = privy.user;
+  // Extract email from any auth method (email, Google, GitHub, etc.)
+  const user = auth.user;
   const email =
     user?.email?.address ||
     user?.google?.email ||
@@ -30,8 +30,8 @@ export function useCurrentUser() {
     id: user?.id || 'dev-user-id',
     email,
     name,
-    authenticated: privy.authenticated,
-    logout: privy.logout,
+    authenticated: auth.authenticated,
+    logout: auth.logout,
   };
 }
 

package/template/varity.config.json

@@ -2,7 +2,7 @@
   "name": "my-saas-app",
   "version": "0.1.0",
   "framework": "nextjs",
-  "hosting": "ipfs",
+  "hosting": "static",
   "build": {
     "command": "npm run build",
     "output": "out"

package/template/src/services/dashboardService.ts

@@ -1,589 +0,0 @@
-/**
- * Dashboard Service
- *
- * Centralized service for dashboard-related API calls.
- * Provides type-safe interfaces and error handling.
- */
-
-import type { Project, Task, TeamMember } from '@/types';
-
-// ============================================================================
-// Type Definitions
-// ============================================================================
-
-export interface KPIMetric {
-  title: string;
-  value: string | number;
-  change?: {
-    value: number;
-    period: string;
-  };
-  trend?: 'up' | 'down' | 'neutral';
-  sparklineData?: number[];
-}
-
-export interface KPIResponse {
-  kpis: KPIMetric[];
-  has_data: boolean;
-  last_updated: string;
-}
-
-export interface Activity {
-  id: string;
-  type: 'project_created' | 'task_completed' | 'member_added' | 'comment_added';
-  title: string;
-  description: string;
-  timestamp: string;
-  user?: {
-    name: string;
-    avatar?: string;
-  };
-  metadata?: Record<string, any>;
-}
-
-export interface ActivityResponse {
-  activities: Activity[];
-  total_count: number;
-  has_more: boolean;
-}
-
-export interface ProjectResponse {
-  projects: Project[];
-  total_count: number;
-  active_count: number;
-}
-
-export interface TaskResponse {
-  tasks: Task[];
-  total_count: number;
-  completed_count: number;
-  by_status: {
-    todo: number;
-    in_progress: number;
-    done: number;
-  };
-}
-
-export interface TeamMemberResponse {
-  members: TeamMember[];
-  total_count: number;
-  roles: {
-    owner: number;
-    admin: number;
-    member: number;
-    viewer: number;
-  };
-}
-
-export interface DashboardOverviewResponse {
-  kpis: KPIResponse;
-  recent_activity: Activity[];
-  projects_summary: {
-    active: number;
-    total: number;
-    recent: Project[];
-  };
-  tasks_summary: {
-    open: number;
-    completed: number;
-    completion_rate: number;
-  };
-  team_summary: {
-    total: number;
-    active: number;
-  };
-}
-
-// ============================================================================
-// Error Handling
-// ============================================================================
-
-export class DashboardServiceError extends Error {
-  constructor(
-    message: string,
-    public statusCode?: number,
-    public originalError?: Error
-  ) {
-    super(message);
-    this.name = 'DashboardServiceError';
-  }
-}
-
-async function handleResponse<T>(response: Response): Promise<T> {
-  if (!response.ok) {
-    const errorText = await response.text().catch(() => 'Unknown error');
-    throw new DashboardServiceError(
-      `API request failed: ${response.statusText}`,
-      response.status,
-      new Error(errorText)
-    );
-  }
-
-  try {
-    return await response.json();
-  } catch (error) {
-    throw new DashboardServiceError(
-      'Failed to parse API response',
-      response.status,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-// ============================================================================
-// API Client
-// ============================================================================
-
-const API_BASE_URL = process.env.NEXT_PUBLIC_API_URL || '/api';
-
-/**
- * Fetch dashboard KPIs
- */
-export async function getKPIs(userId: string): Promise<KPIResponse> {
-  try {
-    const response = await fetch(
-      `${API_BASE_URL}/dashboard/kpis?userId=${encodeURIComponent(userId)}`,
-      {
-        method: 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        cache: 'no-store', // Always fetch fresh data
-      }
-    );
-
-    return await handleResponse<KPIResponse>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to fetch KPIs',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Fetch recent activity
- */
-export async function getRecentActivity(
-  userId: string,
-  limit: number = 10
-): Promise<Activity[]> {
-  try {
-    const response = await fetch(
-      `${API_BASE_URL}/dashboard/activity?userId=${encodeURIComponent(userId)}&limit=${limit}`,
-      {
-        method: 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        cache: 'no-store',
-      }
-    );
-
-    const data = await handleResponse<ActivityResponse>(response);
-    return data.activities;
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to fetch recent activity',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Fetch all projects for a user
- */
-export async function getProjects(userId: string): Promise<Project[]> {
-  try {
-    const response = await fetch(
-      `${API_BASE_URL}/projects?userId=${encodeURIComponent(userId)}`,
-      {
-        method: 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        cache: 'no-store',
-      }
-    );
-
-    const data = await handleResponse<ProjectResponse>(response);
-    return data.projects;
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to fetch projects',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Fetch tasks, optionally filtered by project
- */
-export async function getTasks(
-  userId: string,
-  projectId?: string
-): Promise<Task[]> {
-  try {
-    const url = projectId
-      ? `${API_BASE_URL}/tasks?userId=${encodeURIComponent(userId)}&projectId=${encodeURIComponent(projectId)}`
-      : `${API_BASE_URL}/tasks?userId=${encodeURIComponent(userId)}`;
-
-    const response = await fetch(url, {
-      method: 'GET',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      cache: 'no-store',
-    });
-
-    const data = await handleResponse<TaskResponse>(response);
-    return data.tasks;
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to fetch tasks',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Fetch team members
- */
-export async function getTeamMembers(userId: string): Promise<TeamMember[]> {
-  try {
-    const response = await fetch(
-      `${API_BASE_URL}/team?userId=${encodeURIComponent(userId)}`,
-      {
-        method: 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        cache: 'no-store',
-      }
-    );
-
-    const data = await handleResponse<TeamMemberResponse>(response);
-    return data.members;
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to fetch team members',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Fetch complete dashboard overview
- */
-export async function getDashboardOverview(
-  userId: string
-): Promise<DashboardOverviewResponse> {
-  try {
-    const response = await fetch(
-      `${API_BASE_URL}/dashboard/overview?userId=${encodeURIComponent(userId)}`,
-      {
-        method: 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        cache: 'no-store',
-      }
-    );
-
-    return await handleResponse<DashboardOverviewResponse>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to fetch dashboard overview',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Create a new project
- */
-export async function createProject(
-  userId: string,
-  data: Omit<Project, 'id' | 'createdAt' | 'updatedAt'>
-): Promise<Project> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/projects`, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({ userId, ...data }),
-    });
-
-    return await handleResponse<Project>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to create project',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Update an existing project
- */
-export async function updateProject(
-  projectId: string,
-  data: Partial<Project>
-): Promise<Project> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/projects/${projectId}`, {
-      method: 'PATCH',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify(data),
-    });
-
-    return await handleResponse<Project>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to update project',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Delete a project
- */
-export async function deleteProject(projectId: string): Promise<void> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/projects/${projectId}`, {
-      method: 'DELETE',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-    });
-
-    if (!response.ok) {
-      throw new DashboardServiceError(
-        `Failed to delete project: ${response.statusText}`,
-        response.status
-      );
-    }
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to delete project',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Create a new task
- */
-export async function createTask(
-  userId: string,
-  data: Omit<Task, 'id' | 'createdAt' | 'updatedAt'>
-): Promise<Task> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/tasks`, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({ userId, ...data }),
-    });
-
-    return await handleResponse<Task>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to create task',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Update an existing task
- */
-export async function updateTask(
-  taskId: string,
-  data: Partial<Task>
-): Promise<Task> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/tasks/${taskId}`, {
-      method: 'PATCH',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify(data),
-    });
-
-    return await handleResponse<Task>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to update task',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Delete a task
- */
-export async function deleteTask(taskId: string): Promise<void> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/tasks/${taskId}`, {
-      method: 'DELETE',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-    });
-
-    if (!response.ok) {
-      throw new DashboardServiceError(
-        `Failed to delete task: ${response.statusText}`,
-        response.status
-      );
-    }
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to delete task',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Invite a team member
- */
-export async function inviteTeamMember(
-  userId: string,
-  email: string,
-  role: TeamMember['role']
-): Promise<TeamMember> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/team/invite`, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({ userId, email, role }),
-    });
-
-    return await handleResponse<TeamMember>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to invite team member',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Remove a team member
- */
-export async function removeTeamMember(memberId: string): Promise<void> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/team/${memberId}`, {
-      method: 'DELETE',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-    });
-
-    if (!response.ok) {
-      throw new DashboardServiceError(
-        `Failed to remove team member: ${response.statusText}`,
-        response.status
-      );
-    }
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to remove team member',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}
-
-/**
- * Update team member role
- */
-export async function updateTeamMemberRole(
-  memberId: string,
-  role: TeamMember['role']
-): Promise<TeamMember> {
-  try {
-    const response = await fetch(`${API_BASE_URL}/team/${memberId}`, {
-      method: 'PATCH',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({ role }),
-    });
-
-    return await handleResponse<TeamMember>(response);
-  } catch (error) {
-    if (error instanceof DashboardServiceError) {
-      throw error;
-    }
-    throw new DashboardServiceError(
-      'Failed to update team member role',
-      undefined,
-      error instanceof Error ? error : undefined
-    );
-  }
-}