andreogle
diff --git a/‎book/docs/consumers/getting-started.md‎
Lines changed: 164 additions & 0 deletions b/‎book/docs/consumers/getting-started.md‎
Lines changed: 164 additions & 0 deletions
diff --git a/‎book/docs/guides/system-overview.md‎
Lines changed: 104 additions & 0 deletions b/‎book/docs/guides/system-overview.md‎
Lines changed: 104 additions & 0 deletions
@@ -0,0 +1,164 @@
+---
+slug: /consumers/getting-started
+sidebar_position: 0
+---
+
+# Getting Started
+
+You have an airnode URL and want to get signed data. This walkthrough takes you from zero to a verified response.
+
+## Step 1: Check if the airnode is running
+
+```bash
+curl http://airnode.example.com/health
+```
+
+```json
+{
+  "status": "ok",
+  "version": "2.0.0",
+  "airnode": "0xd1e98F3Ac20DA5e4da874723517c914a31b0e857"
+}
+```
+
+Save the `airnode` address. You need it to verify signatures.
+
+## Step 2: Find your endpoint ID
+
+The airnode operator provides the endpoint ID for each API route. It is a `bytes32` hash derived from the endpoint's OIS
+specification. The operator's documentation lists available endpoint IDs and their expected parameters.
+
+## Step 3: Make a request
+
+Call the endpoint with parameters in the JSON body.
+
+```bash
+curl -X POST http://airnode.example.com/endpoints/0x1c3e0fa5ac82e5514e0e9abac98e0b8e6c58b7bea12ae0393e4e4abe64ab9620 \
+  -H "Content-Type: application/json" \
+  -H "X-Api-Key: your-key" \
+  -d '{"parameters":{"ids":"ethereum","vs_currencies":"usd"}}'
+```
+
+The response contains the data and a signature:
+
+```json
+{
+  "airnode": "0xd1e98F3Ac20DA5e4da874723517c914a31b0e857",
+  "endpointId": "0x1c3e0fa5ac82e5514e0e9abac98e0b8e6c58b7bea12ae0393e4e4abe64ab9620",
+  "timestamp": 1700000000,
+  "data": "0x0000000000000000000000000000000000000000000000d8e29e69b3e1e80000",
+  "signature": "0x3a4e...signed"
+}
+```
+
+If the endpoint has no encoding configured, you get `rawData` instead of `data`:
+
+```json
+{
+  "airnode": "0xd1e98F3Ac20DA5e4da874723517c914a31b0e857",
+  "endpointId": "0x1c3e0fa5ac82e5514e0e9abac98e0b8e6c58b7bea12ae0393e4e4abe64ab9620",
+  "timestamp": 1700000000,
+  "rawData": { "ethereum": { "usd": 3842.17 } },
+  "signature": "0x3a4e...signed"
+}
+```
+
+## Step 4: Verify the signature
+
+Recover the signer address and compare it to the airnode address from `/health`.
+
+```typescript
+import { recoverAddress, hashMessage, keccak256, encodePacked, type Hex } from 'viem';
+
+const endpointId = '0x1c3e0fa5ac82e5514e0e9abac98e0b8e6c58b7bea12ae0393e4e4abe64ab9620' as Hex;
+const timestamp = 1700000000n;
+const data = '0x0000000000000000000000000000000000000000000000d8e29e69b3e1e80000' as Hex;
+const signature = '0x3a4e...signed' as Hex;
+const expectedAirnode = '0xd1e98F3Ac20DA5e4da874723517c914a31b0e857';
+
+// Reconstruct the message hash
+const messageHash = keccak256(encodePacked(['bytes32', 'uint256', 'bytes'], [endpointId, timestamp, data]));
+
+// Recover the signer
+const recovered = await recoverAddress({
+  hash: hashMessage({ raw: messageHash }),
+  signature,
+});
+
+if (recovered.toLowerCase() !== expectedAirnode.toLowerCase()) {
+  throw new Error('Signature verification failed');
+}
+```
+
+For raw responses, hash the JSON before verifying:
+
+```typescript
+import { toBytes, keccak256 as keccak } from 'viem';
+
+const rawDataHash = keccak(toBytes(JSON.stringify(rawData)));
+// Use rawDataHash in place of `data` in the encodePacked call above
+```
+
+## Step 5: Decode the data
+
+Encoded responses contain ABI-encoded values. Decode them with viem.
+
+```typescript
+import { decodeAbiParameters } from 'viem';
+
+// For an int256 value (e.g., price with 18 decimals)
+const [value] = decodeAbiParameters([{ type: 'int256' }], data);
+
+// Convert from 18 decimals to human-readable
+const price = Number(value) / 1e18;
+console.log(`ETH price: $${price}`); // ETH price: $3842.17
+```
+
+Raw responses need no decoding. Access the JSON directly:
+
+```typescript
+const ethPrice = rawData.ethereum.usd; // 3842.17
+```
+
+## Step 6: Submit on-chain (optional)
+
+Pass the signed data to an on-chain verifier contract. See [On-Chain Integration](/docs/consumers/on-chain) for contract
+examples using AirnodeVerifier (pull) and AirnodeDataFeed (push).
+
+## Choosing encoding at request time
+
+Some endpoints leave encoding unset, letting the client choose at request time. Pass reserved parameters in the request
+body:
+
+```json
+{
+  "parameters": {
+    "ids": "ethereum",
+    "vs_currencies": "usd",
+    "_type": "int256",
+    "_path": "ethereum.usd",
+    "_times": "1000000000000000000"
+  }
+}
+```
+
+- `_type` -- the Solidity ABI type to encode as (`int256`, `uint256`, `bool`, `bytes32`, `address`, `string`, `bytes`)
+- `_path` -- dot-separated JSON path to extract from the upstream response
+- `_times` -- multiplier applied before encoding (use `1e18` for 18 decimal precision)
+
+Both `_type` and `_path` are required together. `_times` is optional and defaults to no multiplication.
+
+## What can go wrong
+
+| Status | Error                                            | What to do                                                                      |
+| ------ | ------------------------------------------------ | ------------------------------------------------------------------------------- |
+| `400`  | `Missing required parameter(s): X`               | Add the missing parameters to your request body.                                |
+| `400`  | `Both _type and _path are required for encoding` | You sent one reserved parameter without the other. Send both or neither.        |
+| `401`  | `Missing X-Api-Key header`                       | The endpoint requires authentication. Add `X-Api-Key: your-key` to the request. |
+| `401`  | `Invalid API key`                                | The key value is wrong. Check with the airnode operator.                        |
+| `404`  | `Endpoint not found`                             | The endpoint ID is incorrect. Verify the ID with the operator.                  |
+| `413`  | `Request body too large`                         | The request body exceeds 64KB. Reduce the payload size.                         |
+| `415`  | `Unsupported Media Type`                         | Set `Content-Type: application/json`.                                           |
+| `429`  | `Rate limit exceeded`                            | Wait and retry. The airnode has a request rate limit configured.                |
+| `502`  | `API call failed`                                | The upstream API is unreachable or returning errors. Try again later.           |
+| `502`  | `No value found at path: $.X`                    | The upstream response shape changed or the path is wrong. Contact the operator. |
@@ -0,0 +1,104 @@
+---
+slug: /guides/system-overview
+sidebar_position: 1
+---
+
+# System Overview
+
+Airnode connects APIs to blockchains. This page shows how the pieces fit together.
+
+```
+                         ┌──────────────┐
+                         │  Upstream    │
+                         │  API         │
+                         └──────┬───────┘
+                                │
+                                ▼
+┌─────────┐  POST /endpoints  ┌──────────────┐  GET /beacons  ┌──────────────┐
+│  Client  │ ───────────────▶ │   Airnode     │ ◀──────────── │   Relayer    │
+│  (pull)  │ ◀─── signed ─── │              │ ─── signed ──▶ │              │
+└─────────┘    response       └──────────────┘    beacon      └──────┬───────┘
+                                     │                               │
+                                     │ (optional)                    │
+                                     ▼                               ▼
+                              ┌──────────────┐              ┌──────────────┐
+                              │ Cache Server │              │  On-chain    │
+                              │              │              │  Contract    │
+                              └──────────────┘              └──────────────┘
+```
+
+The left side is the **pull path** (on-demand). The right side is the **push path** (continuous feeds).
+
+## Components
+
+**Airnode** -- the core HTTP server. Receives requests, calls upstream APIs, signs responses with the operator's private
+key. Stateless. Runs anywhere Bun runs.
+
+**Cache Server** -- an optional intermediary that aggregates signed data from multiple airnodes. Stores the latest
+signed responses so clients and relayers do not need direct access to each airnode. Useful in multi-operator setups.
+
+**Relayer** -- reads signed beacon data from an airnode or cache server and submits it on-chain at a configured cadence.
+Pays gas. Not part of the airnode itself -- it is a separate service.
+
+**AirnodeVerifier** (contract) -- on-chain signature verification for the pull path. Recovers the signer, checks replay
+protection, and forwards data to a callback contract. See [Verifier](/docs/contracts/verifier).
+
+**AirnodeDataFeed** (contract) -- on-chain storage for the push path. Stores `(int224, uint32)` beacon values. Anyone
+can submit signed data. Contracts read the latest value at any time. See [Data Feed](/docs/contracts/data-feed).
+
+## Pull flow
+
+1. Client sends `POST /endpoints/{endpointId}` with parameters to the airnode.
+2. Airnode authenticates the request (API key, free, or other configured method).
+3. Airnode calls the upstream API with the assembled HTTP request.
+4. Airnode encodes the response (ABI encoding or raw JSON) and signs it with EIP-191.
+5. Client receives the signed response containing `airnode`, `endpointId`, `timestamp`, `data`, and `signature`.
+6. Client verifies the signature off-chain by recovering the signer address.
+7. (Optional) Client submits the signed data to `AirnodeVerifier.verify_and_fulfill()` on-chain.
+8. AirnodeVerifier recovers the signer, enforces replay protection, and calls the consumer contract's callback.
+
+## Push flow
+
+1. Airnode's push loop fires at the configured `push.interval` for each push endpoint.
+2. Airnode calls the upstream API and ABI-encodes the response.
+3. Airnode signs the encoded data and stores it in the in-memory beacon store.
+4. A relayer polls `GET /beacons/{beaconId}` to fetch the latest signed beacon.
+5. The relayer submits the signed data to `AirnodeDataFeed.update_beacon()` on-chain.
+6. AirnodeDataFeed verifies the signature, checks timestamp freshness, and stores the value.
+7. Consumer contracts call `read_beacon(beaconId)` to get the latest `(int224 value, uint32 timestamp)`.
+
+## Single-operator setup
+
+The simplest deployment: one airnode serving data directly to clients.
+
+```
+Client ──▶ Airnode ──▶ Upstream API
+```
+
+This is enough when:
+
+- One API provider operates one airnode.
+- Clients connect directly to the airnode (no aggregation needed).
+- You only use the pull path, or run your own relayer for push.
+
+No cache server or external infrastructure required. The airnode is the entire backend.
+
+## Multi-operator setup
+
+Multiple independent airnodes serve the same API data. A cache server aggregates their signed responses. Relayers read
+from the cache server and submit on-chain with quorum verification.
+
+```
+Airnode A ──┐
+Airnode B ──┼──▶ Cache Server ──▶ Relayer ──▶ On-chain Contract
+Airnode C ──┘
+```
+
+Use this when:
+
+- You need redundancy across independent operators.
+- On-chain consumers require data signed by multiple sources (beacon sets / quorum).
+- You want to decouple airnode operators from gas payment and on-chain submission.
+
+Each airnode produces its own beacon ID for the same endpoint. The cache server collects all of them. A relayer can
+aggregate them into a beacon set on-chain using median aggregation.