Initial commit - WASL Digital Wallet

2026-06-20 21:55:06 +03:00
commit 7306c47368
61 changed files with 4157 additions and 0 deletions
--- a/Backend/config/wasl.php
+++ b/Backend/config/wasl.php
@@ -0,0 +1,132 @@
+<?php
+
+/*
+ * |--------------------------------------------------------------------------
+ * | WASL — Domain-specific configuration for the wallet platform
+ * | Centralized business rules, limits, and feature flags. Changing behavior
+ * | should NEVER require a code change — only an .env flip.
+ * |--------------------------------------------------------------------------
+ */
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Wallet & Money
+    |--------------------------------------------------------------------------
+    */
+
+    'wallet' => [
+        'default_currency' => env('WASL_DEFAULT_CURRENCY', 'SYP'),
+        'supported_currencies' => ['SYP', 'USD', 'EUR', 'AED'],
+
+        // Per-KYC-tier limits (in minor units of SYP)
+        // Tier 0: no KYC, Tier 1: phone verified, Tier 2: ID verified, Tier 3: full
+        'limits' => [
+            0 => ['balance' => 0,         'daily_tx' => 0,         'monthly_tx' => 0],
+            1 => ['balance' => 5000000,   'daily_tx' => 1000000,   'monthly_tx' => 20000000],   // 50k / 10k / 200k SYP
+            2 => ['balance' => 50000000,  'daily_tx' => 10000000,  'monthly_tx' => 200000000],  // 500k / 100k / 2M SYP
+            3 => ['balance' => 500000000, 'daily_tx' => 100000000, 'monthly_tx' => 2000000000], // 5M / 1M / 20M SYP
+        ],
+
+        // Fees in minor units (basis points * amount, or flat)
+        'fees' => [
+            'p2p' => [
+                'enabled'      => env('WASL_FEE_P2P_ENABLED', false),
+                'percent'      => env('WASL_FEE_P2P_PERCENT', 0),     // e.g. 0.5 = 0.5%
+                'flat_minor'   => env('WASL_FEE_P2P_FLAT', 0),
+                'min_minor'    => env('WASL_FEE_P2P_MIN', 0),
+                'max_minor'    => env('WASL_FEE_P2P_MAX', 0),
+            ],
+        ],
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Security
+    |--------------------------------------------------------------------------
+    */
+
+    'security' => [
+        'pin' => [
+            'min_length' => 6,
+            'max_attempts' => env('WASL_PIN_MAX_ATTEMPTS', 5),
+            'lock_minutes' => env('WASL_PIN_LOCK_MINUTES', 30),
+            'hash_algo' => 'argon2id',
+        ],
+
+        'otp' => [
+            'length' => env('WASL_OTP_LENGTH', 6),
+            'ttl_seconds' => env('WASL_OTP_TTL', 300),     // 5 minutes
+            'max_attempts' => env('WASL_OTP_MAX_ATTEMPTS', 3),
+            'resend_cooldown' => env('WASL_OTP_RESEND_COOLDOWN', 60), // 1 minute
+        ],
+
+        'login' => [
+            'max_attempts' => env('WASL_LOGIN_MAX_ATTEMPTS', 5),
+            'lock_minutes' => env('WASL_LOGIN_LOCK_MINUTES', 30),
+        ],
+
+        // Encryption keys for field-level encryption (phone, national_id, cards)
+        'encryption' => [
+            'cipher' => env('WASL_ENC_CIPHER', 'aes-256-cbc'),
+            // Separate key from APP_KEY to allow key rotation without re-encrypting all data
+            'field_key' => env('WASL_FIELD_ENCRYPTION_KEY'),
+        ],
+
+        'idempotency' => [
+            'enabled' => env('WASL_IDEMPOTENCY_ENABLED', true),
+            'ttl_seconds' => env('WASL_IDEMPOTENCY_TTL', 86400), // 24h
+        ],
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | KYC
+    |--------------------------------------------------------------------------
+    */
+
+    'kyc' => [
+        'auto_approve_in_local' => env('WASL_KYC_AUTO_APPROVE_LOCAL', false),
+        'max_document_size_mb' => env('WASL_KYC_MAX_DOC_MB', 5),
+        'allowed_mime_types' => ['image/jpeg', 'image/png', 'application/pdf'],
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Rate Limiting (per-IP / per-user)
+    |--------------------------------------------------------------------------
+    */
+
+    'throttle' => [
+        'login'    => ['max' => 5,   'minutes' => 1],
+        'otp_request' => ['max' => 3, 'minutes' => 1],
+        'transfer' => ['max' => 10,  'minutes' => 60],
+        'api'      => ['max' => 60,  'minutes' => 1],
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Reference Code Format
+    | P2P transfer reference codes visible to users.
+    |--------------------------------------------------------------------------
+    */
+
+    'reference' => [
+        'prefix' => env('WASL_REF_PREFIX', 'WASL'),
+        'length' => env('WASL_REF_LENGTH', 8), // alphanumeric chars after prefix
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Feature Flags
+    |--------------------------------------------------------------------------
+    */
+
+    'features' => [
+        'crypto'        => env('WASL_FEATURE_CRYPTO', false),
+        'cards'         => env('WASL_FEATURE_CARDS', false),
+        'international' => env('WASL_FEATURE_INTERNATIONAL', false),
+        'merchant'      => env('WASL_FEATURE_MERCHANT', true),
+    ],
+];