Speedcash is a pre-production fintech application for wallets, user onboarding, partner operations, admin review workflows, and staged payment integrations.
This repository is not production-ready for real money movement yet. Treat it as a strong prototype / staging hardening codebase until the safety gates below are complete.
| Area | Status | Notes |
|---|---|---|
| Authentication | Functional demo | Firebase Auth is wired. New-user provisioning is implemented through an auth trigger. |
| User wallets | Staging hardening | Client-side wallet writes are blocked by Firestore rules. Backend transaction correctness still needs full ledger/reconciliation proof. |
| P2P transfers | Prototype | Existing backend flow works structurally but still needs ledger-backed invariant tests. |
| Cash-in | Unsafe until provider-confirmed | Do not credit wallets from user-submitted reference data. Provider callback/polling confirmation is required before production. |
| Cash-out | Unsafe until provider-confirmed | Do not mark payouts completed from admin approval alone. Gateway submission, status polling/callbacks, and failure/reversal handling are required. |
| Remittance | Sandbox only | Fixed-rate/remittance assumptions must be replaced by quote IDs, expiry, spread/fee capture, and compliance checks. |
| Admin dashboard | Functional demo | Good structure, but stats/contracts and permission tests must be hardened. |
| Partner portal | Functional demo | Partner route now requires partner/admin/superadmin role. Backend ownership checks must remain the source of truth. |
| AI assistant | Optional demo | Must not be used for compliance decisions or transaction authorization. |
| External integrations | Disabled for production | Enable only after provider sandbox tests, callback verification, idempotency, and reconciliation pass. |
Speedcash must not be treated as live fintech until all of these are done:
- Rotate every secret that was ever committed.
- Rewrite Git history or assume exposed credentials are permanently compromised.
- Store real secrets in Google Secret Manager, not committed config files.
- Deploy locked Firestore and Storage rules.
- Use an immutable ledger for every balance mutation.
- Make cash-in pending until provider confirmation.
- Make cash-out pending/submitted/processing until provider confirmation.
- Make webhook processing idempotent and state-transition aware.
- Add daily reconciliation for balances, ledger entries, failed transactions, and settlement accounts.
- Add emulator integration tests for wallet, cash-in, cash-out, KYC, roles, webhooks, and insufficient-balance cases.
- Make CI block merges on typecheck, lint, tests, frontend build, and functions build.
- Verify staging with sandbox provider credentials before any production credential is connected.
- Node.js 20+
- npm
- Firebase CLI
- Firebase project access
- Secret Manager access for non-local environments
npm install
cd functions && npm install && cd ..
cp env.example .env.local
npm run devenv.example contains placeholders only. Do not put live keys, webhook secrets, signing secrets, or gateway credentials into committed files.
npm run typecheck
npm run lint
npm test
npm run build
npm run build:functionsUse Firebase App Hosting or a single clearly chosen production hosting target. Do not mix contradictory static .next hosting assumptions with SSR/App Hosting deployment paths.
For production-like environments:
- Use Node 20 everywhere.
- Set
NEXT_PUBLIC_API_BASE_URLto the full dispatcher URL or a base Cloud Functions URL that the app can normalize to/cpayDispatcher. - Set
CORS_ALLOWED_ORIGINSto explicit trusted origins only. - Keep real-money feature flags disabled until provider confirmations and reconciliation are proven.
- Storage is scoped by owner path for KYC/KYB files.
- Firestore blocks client writes to wallet, transaction, ledger, cashout, webhook, FX quote, and log records.
- Users can request actions through authenticated backend functions; they must not mutate money records directly.
- Logs must not contain full account numbers, mobile numbers, signatures, tokens, or provider payloads.
src/ Next.js frontend
functions/ Firebase Cloud Functions
docs/ Architecture and readiness notes
scripts/ Utility scripts
firestore.rules Firestore access rules
storage.rules Cloud Storage access rules
apphosting.yaml Firebase App Hosting configuration
Speedcash has useful bones. It is not production fintech yet. The next correct move is boring discipline: secrets rotated, rules deployed, ledger added, provider-confirmed state machines implemented, reconciliation tested, and CI enforced.