From c4a6ed2426b6930e8041fc12b397a13387c46026 Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Sat, 20 Jun 2026 22:02:39 +0300
Subject: [PATCH] Setup landing page, README, and project details

---
 README.md       |  25 ++++
 index.php       | 303 ++++++++++++++++++++++++++++++++++++++++++++++++
 wasl_concept.md |  48 ++++++++
 3 files changed, 376 insertions(+)
 create mode 100644 README.md
 create mode 100644 index.php
 create mode 100644 wasl_concept.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b3e8a24
--- /dev/null
+++ b/README.md
@@ -0,0 +1,25 @@
+# WASL (وَصْل) Digital Wallet
+
+WASL is a bank-grade, secure P2P and merchant digital wallet platform tailored for Syria.
+
+## Tech Stack
+- **Backend**: Laravel 11 + Laravel Octane (Swoole driver)
+- **Mobile**: Flutter 3.x (Clean Architecture + BLoC/Cubit)
+- **Database**: PostgreSQL 16 (with transaction audit ledgers)
+- **Cache / Queue**: Redis 7
+- **Storage**: MinIO (S3-compatible secure private storage)
+- **Deployment**: Docker Compose
+
+## Architectural Core Principles
+- **ACID Compliance**: Ensuring complete database integrity for all financial mutation queries.
+- **Double-Entry Ledger**: Every transaction produces exactly 2 balancing ledger entries (debit and credit).
+- **Strict Minor Units**: All monetary values stored and processed as `BIGINT` minor units (e.g. SYP is stored as minor units to avoid floating-point inaccuracies).
+- **Pessimistic Locking**: `SELECT ... FOR UPDATE` with deterministic resource locking order to prevent deadlocks.
+- **Data Encryption**: AES-256 field-level encryption for sensitive PII (Phone number, National ID).
+- **Audit Logging**: Immutable ledger tracking all authentication, registration, and transfer activities.
+
+## Directory Structure
+- `Backend/`: The Laravel API and administrator control panel.
+- `Mobile App/`: The Flutter application codebase.
+- `wasl_concept.md`: Complete details of the 4 phase implementation prompts.
+- `deploy.sh`: Shell script to stage, commit, and push changes to the repository.
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..c746562
--- /dev/null
+++ b/index.php
@@ -0,0 +1,303 @@
+<!DOCTYPE html>
+<html lang="ar" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>وَصْل | المحفظة الرقمية الآمنة - WASL Wallet</title>
+    
+    <!-- Google Fonts: Cairo & Outfit -->
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+    <link href="https://fonts.googleapis.com/css2?family=Cairo:wght@300;400;600;700;800&family=Outfit:wght@300;400;600;700&display=swap" rel="stylesheet">
+
+    <style>
+        :root {
+            --primary: #0d9488;
+            --primary-dark: #0f766e;
+            --primary-light: #2dd4bf;
+            --bg-dark: #0b0f19;
+            --card-bg: rgba(17, 24, 39, 0.7);
+            --border-color: rgba(45, 212, 191, 0.15);
+            --text-light: #f3f4f6;
+            --text-muted: #9ca3af;
+        }
+
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+            font-family: 'Cairo', 'Outfit', sans-serif;
+            scroll-behavior: smooth;
+        }
+
+        body {
+            background-color: var(--bg-dark);
+            color: var(--text-light);
+            overflow-x: hidden;
+            background-image: 
+                radial-gradient(circle at 10% 20%, rgba(13, 148, 136, 0.15) 0%, transparent 40%),
+                radial-gradient(circle at 90% 80%, rgba(45, 212, 191, 0.1) 0%, transparent 40%);
+            background-attachment: fixed;
+        }
+
+        /* ── Header ── */
+        header {
+            display: flex;
+            justify-content: space-between;
+            align-items: center;
+            padding: 1.5rem 8%;
+            position: sticky;
+            top: 0;
+            z-index: 1000;
+            background: rgba(11, 15, 25, 0.8);
+            backdrop-filter: blur(12px);
+            border-bottom: 1px solid var(--border-color);
+        }
+
+        .logo {
+            font-size: 1.8rem;
+            font-weight: 800;
+            color: var(--text-light);
+            display: flex;
+            align-items: center;
+            gap: 0.5rem;
+        }
+
+        .logo span {
+            color: var(--primary-light);
+        }
+
+        .nav-links {
+            display: flex;
+            list-style: none;
+            gap: 2rem;
+        }
+
+        .nav-links a {
+            color: var(--text-light);
+            text-decoration: none;
+            font-weight: 600;
+            transition: color 0.3s;
+        }
+
+        .nav-links a:hover {
+            color: var(--primary-light);
+        }
+
+        .btn-action {
+            background: linear-gradient(135deg, var(--primary) 0%, var(--primary-dark) 100%);
+            color: white;
+            padding: 0.6rem 1.5rem;
+            border-radius: 50px;
+            text-decoration: none;
+            font-weight: 700;
+            box-shadow: 0 4px 15px rgba(13, 148, 136, 0.3);
+            transition: all 0.3s;
+        }
+
+        .btn-action:hover {
+            transform: translateY(-2px);
+            box-shadow: 0 6px 20px rgba(45, 212, 191, 0.4);
+        }
+
+        /* ── Hero Section ── */
+        .hero {
+            display: flex;
+            flex-direction: column;
+            align-items: center;
+            justify-content: center;
+            text-align: center;
+            padding: 8rem 8% 5rem 8%;
+            min-height: 80vh;
+        }
+
+        .hero h1 {
+            font-size: 3.5rem;
+            font-weight: 800;
+            line-height: 1.3;
+            margin-bottom: 1.5rem;
+            background: linear-gradient(135deg, #ffffff 0%, var(--primary-light) 100%);
+            -webkit-background-clip: text;
+            -webkit-text-fill-color: transparent;
+        }
+
+        .hero p {
+            font-size: 1.25rem;
+            color: var(--text-muted);
+            max-width: 700px;
+            margin-bottom: 2.5rem;
+            line-height: 1.8;
+        }
+
+        /* ── Features Section ── */
+        .section-title {
+            text-align: center;
+            font-size: 2.2rem;
+            font-weight: 700;
+            margin-bottom: 3rem;
+            position: relative;
+        }
+
+        .section-title::after {
+            content: '';
+            position: absolute;
+            bottom: -10px;
+            left: 50%;
+            transform: translateX(-50%);
+            width: 60px;
+            height: 4px;
+            background-color: var(--primary-light);
+            border-radius: 2px;
+        }
+
+        .features {
+            padding: 5rem 8%;
+        }
+
+        .grid-features {
+            display: grid;
+            grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
+            gap: 2rem;
+        }
+
+        .card {
+            background: var(--card-bg);
+            border: 1px solid var(--border-color);
+            border-radius: 16px;
+            padding: 2.5rem;
+            backdrop-filter: blur(8px);
+            transition: all 0.3s;
+            position: relative;
+            overflow: hidden;
+        }
+
+        .card::before {
+            content: '';
+            position: absolute;
+            top: 0;
+            left: 0;
+            width: 100%;
+            height: 100%;
+            background: linear-gradient(135deg, rgba(45, 212, 191, 0.1) 0%, transparent 100%);
+            opacity: 0;
+            transition: opacity 0.3s;
+        }
+
+        .card:hover {
+            transform: translateY(-5px);
+            border-color: var(--primary-light);
+            box-shadow: 0 10px 30px rgba(13, 148, 136, 0.1);
+        }
+
+        .card:hover::before {
+            opacity: 1;
+        }
+
+        .card-icon {
+            font-size: 2.5rem;
+            margin-bottom: 1.5rem;
+            color: var(--primary-light);
+        }
+
+        .card h3 {
+            font-size: 1.5rem;
+            margin-bottom: 1rem;
+            font-weight: 700;
+        }
+
+        .card p {
+            color: var(--text-muted);
+            line-height: 1.7;
+        }
+
+        /* ── Footer ── */
+        footer {
+            padding: 3rem 8%;
+            text-align: center;
+            border-top: 1px solid var(--border-color);
+            background: rgba(11, 15, 25, 0.95);
+            color: var(--text-muted);
+        }
+
+        footer p {
+            margin-bottom: 1rem;
+        }
+
+        .footer-logo {
+            font-weight: 800;
+            color: var(--text-light);
+            font-size: 1.5rem;
+            margin-bottom: 1rem;
+        }
+
+        @media (max-width: 768px) {
+            header {
+                padding: 1rem 5%;
+                flex-direction: column;
+                gap: 1rem;
+            }
+
+            .hero h1 {
+                font-size: 2.2rem;
+            }
+
+            .hero p {
+                font-size: 1.1rem;
+            }
+        }
+    </style>
+</head>
+<body>
+
+    <!-- Header -->
+    <header>
+        <div class="logo">
+            وَصْل <span>WASL</span>
+        </div>
+        <ul class="nav-links">
+            <li><a href="#features">المميزات</a></li>
+            <li><a href="#about">عن المشروع</a></li>
+        </ul>
+        <a href="https://git.intaleqapp.com/Hamza/wasl.git" class="btn-action" target="_blank">المستودع البرمجي</a>
+    </header>
+
+    <!-- Hero Section -->
+    <section class="hero">
+        <h1>المحفظة الرقمية الأكثر أماناً وموثوقية</h1>
+        <p>بوابتك المالية المتكاملة للدفع الرقمي وخدمات النظير للنظير (P2P) في سوريا، مصممة بأعلى معايير الحماية وموثوقية المعاملات المالية.</p>
+        <a href="#features" class="btn-action">استكشف مميزات وَصْل</a>
+    </section>
+
+    <!-- Features Section -->
+    <section class="features" id="features">
+        <h2 class="section-title">لماذا محفظة وَصْل؟</h2>
+        <div class="grid-features">
+            <!-- Card 1 -->
+            <div class="card">
+                <div class="card-icon">🔒</div>
+                <h3>أمان بمستوى بنكي</h3>
+                <p>تشفير البيانات الحساسة وثنائية التحقق مع تتبع كامل وجرد فوري ومقاوم للاحتيال.</p>
+            </div>
+            <!-- Card 2 -->
+            <div class="card">
+                <div class="card-icon">💸</div>
+                <h3>تحويل فوري (P2P)</h3>
+                <p>أرسل واستقبل الأموال فورياً برقم الهاتف، وبشكل فوري وبأقل عمولة ممكنة.</p>
+            </div>
+            <!-- Card 3 -->
+            <div class="card">
+                <div class="card-icon">📊</div>
+                <h3>قيد مزدوج (Double-Entry)</h3>
+                <p>كل معاملة مالية تقيد بدقة لضمان توازن الحسابات والشفافية التامة في النظام المالي.</p>
+            </div>
+        </div>
+    </section>
+
+    <!-- Footer -->
+    <footer id="about">
+        <div class="footer-logo">وَصْل | WASL</div>
+        <p>© <?php echo date('Y'); ?> محفظة وَصْل الرقمية. جميع الحقوق محفوظة.</p>
+    </footer>
+
+</body>
+</html>
diff --git a/wasl_concept.md b/wasl_concept.md
new file mode 100644
index 0000000..b58191a
--- /dev/null
+++ b/wasl_concept.md
@@ -0,0 +1,48 @@
+# WASL Digital Wallet — Core Reference Document & Prompts
+
+This document contains the core principles, architecture definitions, and reference prompts for the 4 implementation phases of **WASL (وَصْل)**.
+
+---
+
+## Core Principles (Non-Negotiable)
+1. **ACID Compliance**: Enforced on all financial operations.
+2. **BIGINT Minor Units Only**: No float, no decimal for money.
+3. **Idempotency**: Enforced on all mutation endpoints (client-supplied UUID keys).
+4. **Double-Entry Bookkeeping**: Every balance change produces exactly 2 ledger entries (debit + credit).
+5. **Audit Trail**: Every sensitive action logged (who, what, when, where, IP, device).
+6. **Pessimistic Locking**: `SELECT ... FOR UPDATE` on wallet balance updates.
+7. **AES-256 Encryption**: Encrypt PII (phone, national_id, card numbers).
+8. **6-Layer Security**: User → App → Transport → Edge → Backend → Database.
+
+---
+
+## Implementation Phases
+
+### Phase 1: Foundation & Authentication
+- Initialize Laravel 11 + Octane (Swoole).
+- Migrations: `users`, `wallets`, `transactions`, `transaction_entries`, `user_devices`, `otp_codes`, `audit_logs`, `kyc_documents`, `fraud_alerts`.
+- Authentication flow: OTP registration/verification, argon2id PIN setup, JWT access tokens (RS256/custom).
+- AuditService & EncryptionService implementations.
+- Flutter structure (Clean Architecture, BLoC/Cubit, flutter_secure_storage, dio interceptors).
+
+### Phase 2: Wallet & Transactions
+- WalletService: balance checks, limit checking, freezing.
+- LedgerService: debit/credit ledger entries.
+- TransferService: idempotent money transfers, pessimistic locking with ordering.
+- Reconciliation Job: daily balance check verifying `sum(entries) == wallet.balance_minor`.
+- Flutter Wallet UI & Transfer Flow.
+
+### Phase 3: Merchants & QR Payments
+- Merchant and QR database schema.
+- Signed base64 QR code payload validation.
+- MerchantPaymentService: commission calculations, platform fee logic.
+- Settlement Engine: daily batch settlements.
+- Flutter scanner & Merchant dashboard.
+
+### Phase 4: KYC, Advanced Security & Launch
+- 3-tier KYC system (Phone → ID → Selfie + Manual Review).
+- Fraud Detection Engine (rules engine evaluating rapid transfers, new devices, transaction sizes).
+- Device fingerprinting and MFA for sensitive actions.
+- Performance optimization (e.g. eager loading, caching, pg_stat_statements).
+- k6 load testing scripts.
+- Flutter UI polish, accessibility, offline support.