Wallet System API Documentation

📋 Overview

System architecture and key concepts

Points System

1 Knot = 100 Points (display unit)
1 OMR = 100 Points (currency conversion for top-ups)
Top-Up Commission: 3% added to the base amount (buyer pays base + 3%)
Price Guard: P2P trades limited to 950-1000 baisas per Knot
Annual Mint Limit: 1,000,000 points per merchant

Authentication

All endpoints require JWT Bearer token unless marked as Public

Authorization: Bearer <jwt_token>

Base URL

/wallet

💰 Balance & Transactions

View wallet balance and transaction history

GET /wallet/balance Auth Required

Get current user's wallet balance

Response

{
  "points": 50000,
  "knots": 50,
  "frozenPoints": 5000,
  "frozenKnots": 5,
  "availablePoints": 45000,
  "availableKnots": 45
}

GET /wallet/balance/:userId Auth Required

Get another user's wallet balance (public info)

GET /wallet/transactions Auth Required

Get current user's transaction history

Query Param	Type	Description
`page`	number	Page number (default: 1)
`limit`	number	Items per page (default: 20, max: 100)

💳 Top-Up (Buy Points)

Purchase points using Thawani payment gateway (default)

POST /wallet/topup Auth Required

Initiate a top-up to buy points (default gateway: Thawani). To force EdfaPay, pass gateway=edfapay.

Request Body

Field	Type	Description
`points`	number	Points to purchase (min: 1000)
`gateway`	enum	Payment gateway (default: `thawani`). Allowed: `thawani`, `edfapay`.
`termUrl3ds`	string	3DS return URL for your app
`currency`	string	Currency code (default: OMR)
`payerFirstName`	string	Payer's first name
`payerLastName`	string	Payer's last name
`payerEmail`	string	Payer's email
`payerPhone`	string	Payer's phone
`payerAddress`	string	Payer's address
`payerCity`	string	Payer's city
`payerCountry`	string	Country code (default: OM)
`payerZip`	string	Postal code
`payerIp`	string	Payer's IP address

Response

{
  "topUpId": "uuid",
  "redirectUrl": "https://checkout.thawani.om/pay/...",
  "pointsToCredit": 5000,
  "amountInCurrency": 51.50,
  "currency": "OMR"
}

amountInCurrency: Stored/returned in OMR major units (2 decimals) and includes the 3% commission.

ℹ️ Flow Redirect user to redirectUrl. After payment, Thawani calls the webhook to credit points. (EdfaPay callbacks remain supported for legacy flows.)

GET /wallet/topups Auth Required

Get user's top-up history

↔️ Transfer Points

Send points to other users

POST /wallet/transfer Auth Required

Transfer points to another user

Field	Type	Description
`toUserId`	uuid	Recipient user ID
`amount`	number	Points to transfer (min: 1)
`description`	string	Transfer note/memo

⚠️ Important Transfer is instant and irreversible. Ensure recipient ID is correct.

🔒 Escrow (Order Checkout)

Pay for orders with points using escrow protection. Carriers can set custom shipping/escrow durations.

┌─────────────┐ ┌────────────────┐ ┌─────────────────────┐ ┌─────────────┐ ┌──────────────────────┐ │ Create Order│───▶│Carrier Sets │───▶│ Checkout with Points│───▶│ Seller Ships│───▶│Carrier Confirms │ │ PENDING │ │ Escrow Hours │ │ AWAITING_FULFILLMENT│ │ SHIPPED │ │Delivery (Shipments) │ └─────────────┘ │ (1-168 hours) │ │ (Points in Escrow) │ └─────────────┘ └──────────────────────┘ └────────────────┘ └─────────────────────┘ │ │ (optional) │ │ │ Releases escrow │ Timeout (carrier-set or 12h default) ▼ ▼ ┌────────────────┐ ┌─────────────────────┐ │ Order COMPLETED │ │ Auto-Refund │ │ Points to Seller│ │ CANCELLED │ └────────────────┘ │ (Points to Buyer) │ └─────────────────────┘

PATCH /orders/:orderId/escrow-hours Auth Required Carrier Only

Set custom escrow/shipping duration for an order (must be called before checkout)

Field	Type	Description
`hours`	number	Escrow duration in hours (1-168, i.e., 1 hour to 7 days)

🚚 Carrier Feature Only users with isCarrier: true can set escrow hours. This allows carriers to set realistic shipping timeframes based on distance and logistics.

POST /orders/:orderId/checkout/points Auth Required

Pay for an order with points (creates escrow)

✅ Buyer Protection Points are held in escrow for the carrier-set duration (or 12 hours default). If seller doesn't fulfill, points are automatically refunded.

POST /orders/:orderId/confirm-delivery Auth Required

Confirm delivery (buyer only). For points-based orders, delivery confirmation must be done by the assigned carrier via /shipments/:shipmentId/confirm-delivery

POST /shipments/:shipmentId/confirm-pickup Auth Required Admin or Carrier

Carrier confirms pickup from merchant/company (must be the assigned carrier unless admin)

POST /shipments/:shipmentId/confirm-delivery Auth Required Admin or Carrier

Carrier confirms delivery to customer. For points-based orders, this releases escrow and completes the order

POST /orders/:orderId/ship Auth Required

Mark order as shipped (seller only)

POST /orders/:orderId/cancel Auth Required

Cancel order and refund escrow (buyer or seller)

Field	Type	Description
`reason`	string	Cancellation reason

🤝 P2P Trading

Buy and sell points with other users (price guard: 950-1000 baisas/Knot)

┌────────────────┐ ┌────────────────┐ ┌────────────────┐ ┌────────────────┐ │ Seller Creates │───▶│ Buyer Requests │───▶│ Seller Approves│───▶│ Buyer Completes│ │ OPEN │ │ PENDING │ │ APPROVED │ │ COMPLETED │ │ │ │ │ │(Points Frozen) │ │(Points Transfer) └────────────────┘ └────────────────┘ └────────────────┘ └────────────────┘ │ │ │ Cancel │ Cancel (unfreeze) ▼ ▼ CANCELLED CANCELLED

GET /wallet/trades/marketplace Auth Required

List all open trade offers

GET /wallet/trades/my Auth Required

List user's trades

Query Param	Type	Description
`role`	string	Filter: seller \| buyer \| all
`status`	string	Filter: open \| pending \| approved \| completed \| cancelled

POST /wallet/trades Auth Required

Create a trade offer (sell points)

Field	Type	Description
`pointsAmount`	number	Points to sell (min: 1000)
`pricePerKnot`	number	Price in baisas (950-1000)
`expiresInHours`	number	Offer expiry (default: 24)

⚠️ Price Guard Price must be between 950-1000 baisas per Knot to prevent extreme pricing.

POST /wallet/trades/:tradeId/request Auth Required

Request to buy from a trade offer

POST /wallet/trades/:tradeId/approve Auth Required

Seller approves buyer's request (freezes seller's points)

POST /wallet/trades/:tradeId/complete Auth Required

Buyer completes trade (after external payment)

POST /wallet/trades/:tradeId/cancel Auth Required

Cancel trade (unfreezes points if approved)

🏭 Admin Point Minting

Admins can mint new points directly for users

POST /wallet/admin/users/mint Admin Only

Mint points directly for a user

Field	Type	Description
`userId`	UUID	Target user's ID
`points`	number	Points to mint (min: 1)
`reason`	string	Reason for minting

Response

{
  "success": true,
  "message": "Minted 1000 points for user",
  "transaction": { "id": "...", "amount": "1000", ... },
  "newBalance": "5000"
}

⚠️ Admin Only Only admins can mint points. All minting actions are logged in the audit trail and the user receives an email notification.

🎗️ Charity & Donations

Create charity profiles and accept point donations

GET /wallet/charities Auth Required

List verified charities

GET /wallet/charities/slug/:slug Public

Get charity by slug (for donation pages/QR codes)

GET /wallet/charities/:charityId Auth Required

Get charity details

GET /wallet/charities/:charityId/donations Auth Required

Get charity's donation history

POST /wallet/charities Auth Required

Field	Type	Description
`name`	string	Charity name
`slug`	string	Unique URL-friendly identifier
`description`	string	Charity description
`websiteUrl`	string	Website URL
`registrationNumber`	string	Official registration number

ℹ️ Verification New charities start as PENDING and must be verified by an admin before accepting donations.

POST /wallet/charities/:charityId/update Auth Required

Update charity profile (owner only)

POST /wallet/donate Auth Required

Donate points to a charity

Field	Type	Description
`charityId`	uuid	Charity ID
`amount`	number	Points to donate (min: 100)
`message`	string	Donation message

POST /wallet/donate/slug Auth Required

Donate by charity slug (for QR code donations)

Field	Type	Description
`charitySlug`	string	Charity slug
`amount`	number	Points to donate
`message`	string	Donation message

🏦 Withdrawals

Convert points back to real money via bank transfer

┌────────────────┐ ┌────────────────┐ ┌────────────────┐ ┌────────────────┐ │ User Requests │───▶│ Admin Reviews │───▶│ Admin Transfers│───▶│ Admin Resolves │ │ PENDING │ │ │ │ (Bank Payment) │ │ COMPLETED │ │(Points Frozen) │ │ │ │ │ │(Receipt Upload)│ └────────────────┘ └────────────────┘ └────────────────┘ └────────────────┘ │ │ │ User Cancel Reject (Refund) ▼ ▼ CANCELLED REJECTED (Points Restored) (Points Restored)

POST /wallet/withdrawals Auth Required

Create a withdrawal request (convert points to bank transfer)

Field	Type	Description
`amount`	number	Points to withdraw (min: 1000)
`bankName`	string	Bank name (max: 100)
`accountNumber`	string	Bank account number (max: 50)
`accountHolderName`	string	Account holder name (max: 200)
`iban`	string	IBAN (max: 50)
`reason`	enum	Reason: selling_plastic \| selling_metals \| selling_paper \| selling_glass \| selling_electronics \| selling_various_materials \| transport_service \| landfill_service \| other
`reasonNotes`	string	Additional notes for reason (max: 1000, recommended if reason is "other")
`attachmentUrl`	string	URL of supporting document or image
`userNote`	string	Note to admin (max: 500)

Response

{
  "id": "uuid",
  "amount": "10000",
  "status": "pending",
  "bankName": "Bank Muscat",
  "accountNumber": "1234567890",
  "reason": "selling_various_materials",
  "attachmentUrl": "https://example.com/doc.pdf",
  "reasonNotes": null,
  "currencyAmount": "10000",
  "currency": "OMR"
}

⚠️ Points Frozen Requested points are frozen immediately and cannot be used until the request is resolved or cancelled.

GET /wallet/withdrawals Auth Required

Get user's withdrawal request history

Query Param	Type	Description
`page`	number	Page number (default: 1)
`limit`	number	Items per page (default: 20)

GET /wallet/withdrawals/:requestId Auth Required

Get details of a specific withdrawal request

POST /wallet/withdrawals/:requestId/cancel Auth Required

Cancel a pending withdrawal request (restores frozen points)

ℹ️ Note Only PENDING requests can be cancelled. Points are immediately restored to available balance.

🛡️ Admin Endpoints

Administrative functions (requires admin privileges)

Dashboard

GET /wallet/admin/stats Admin Only

Get wallet system statistics

Response

{
  "totalCirculatingPoints": 50000000,
  "totalFrozenPoints": 1000000,
  "totalUsersWithWallet": 1250,
  "totalTopUpAmountInCurrency": 45000000,
  "currency": "OMR"
}

Platform Profit

GET /admin/profit/reports Admin Only

Get platform profit reports (weekly / monthly / yearly) aggregated by period and side (buyer/seller)

Query Param	Type	Description
`period`	string	weekly \| monthly \| yearly
`from`	string	Start date (ISO), optional
`to`	string	End date (ISO), optional

Example

GET /admin/profit/reports?period=monthly&from=2026-01-01&to=2026-12-31

Response

[
  {
    "period": "2026-01-01T00:00:00.000Z",
    "side": "buyer",
    "totalQuantity": 1500,
    "totalSar": 15,
    "totalPoints": 1500
  },
  {
    "period": "2026-01-01T00:00:00.000Z",
    "side": "seller",
    "totalQuantity": 1500,
    "totalSar": 15,
    "totalPoints": 1500
  }
]

GET /wallet/admin/dashboard Admin Only

Get full dashboard with wallet and audit stats

GET /wallet/admin/dashboard/detailed Admin Only

Get detailed dashboard with date range

Query Param	Type	Description
`startDate`	ISO date	Start of period
`endDate`	ISO date	End of period

Mint Requests

GET /wallet/admin/mint-requests Admin Only

List all mint requests

Query Param	Type	Description
`status`	string	Filter: pending \| partially_approved \| approved \| rejected

POST /wallet/admin/mint-requests/:requestId/approve Admin Only

Approve a mint request (requires 2 different admins)

POST /wallet/admin/mint-requests/:requestId/reject Admin Only

Reject a mint request

Field	Type	Description
`reason`	string	Rejection reason

Charities

GET /wallet/admin/charities Admin Only

List all charities (including pending)

Query Param	Type	Description
`status`	string	Filter: pending \| verified \| suspended

POST /wallet/admin/charities/:charityId/verify Admin Only

Verify a charity (enables donations)

Withdrawals

GET /wallet/admin/withdrawals Admin Only

List all withdrawal requests

Query Param	Type	Description
`status`	string	Filter: pending \| processing \| completed \| rejected \| cancelled
`page`	number	Page number (default: 1)
`limit`	number	Items per page (default: 20)

GET /wallet/admin/withdrawals/pending-count Admin Only

Get count of pending withdrawal requests (for dashboard badge)

Response

POST /wallet/admin/withdrawals/:requestId/resolve Admin Only

Mark withdrawal as completed after bank transfer

Field	Type	Description
`receiptImageUrl`	string	URL of uploaded bank transfer receipt image
`adminNote`	string	Note visible to user (max: 500)
`referenceNumber`	string	Bank transaction reference (max: 50)

✅ Completion Flow 1. Admin transfers money to user's bank account
2. Admin uploads receipt image (to storage, get URL)
3. Admin calls this endpoint with receipt URL
4. User receives email notification with receipt

POST /wallet/admin/withdrawals/:requestId/reject Admin Only

Reject a withdrawal request (restores user's frozen points)

Field	Type	Description
`reason`	string	Rejection reason (max: 500)

⚠️ Points Restored Frozen points are automatically restored to user's available balance when rejected.

Audit Logs

GET /wallet/admin/audit Admin Only

Get audit logs with filtering

Query Param	Type	Description
`userId`	uuid	Filter by user
`action`	string	Filter by action type
`severity`	string	Filter: info \| warning \| critical

POST /wallet/admin/audit/search Admin Only

Advanced audit log search

GET /wallet/admin/audit/critical Admin Only

Get critical security events

GET /wallet/admin/audit/user/:userId Admin Only

Get all audit logs for a specific user

GET /wallet/admin/audit/stats Admin Only

Get audit statistics

User Management

GET /wallet/admin/users/:userId/wallet Admin Only

Get detailed user wallet info (balance, transactions, audit logs)

POST /wallet/admin/users/freeze Admin Only

Freeze points in user's wallet

Field	Type	Description
`userId`	uuid	Target user ID
`points`	number	Points to freeze
`reason`	string	Reason for freeze

POST /wallet/admin/users/unfreeze Admin Only

Unfreeze points in user's wallet

POST /wallet/admin/users/adjust Admin Only

Adjust user's balance (for corrections)

Field	Type	Description
`userId`	uuid	Target user ID
`amount`	number	Amount to adjust (can be negative)
`reason`	string	Reason for adjustment

🔔 Webhooks

Payment gateway callback endpoints

POST /webhooks/wallet/edfapay Public

EdfaPay payment callback (called by EdfaPay servers)

ℹ️ Server-to-Server This endpoint is called by EdfaPay after payment processing. It automatically credits points on successful payments.

POST /webhooks/wallet/thawani Public

Thawani payment callback (called by Thawani servers)

ℹ️ Server-to-Server This endpoint is called by Thawani after payment processing. It automatically credits points on successful payments.

POST /webhooks/wallet/edfapay/3ds-return Public

EdfaPay 3DS return handler (user redirect after 3DS)

🗄️ Database Entities

Core data models for the wallet system

Wallet

User's point balance and statistics

Field	Type	Description
`balancePoints`	bigint	Total points in wallet
`frozenPoints`	bigint	Points held in escrow/trades
`totalEarnedPoints`	bigint	Lifetime earned points
`totalSpentPoints`	bigint	Lifetime spent points

WalletTransaction

Record of all point movements

Field	Type	Description
`type`	enum	TOPUP, TRANSFER, PURCHASE, PURCHASE_COMPLETE, REFUND, DONATION, MINT
`status`	enum	PENDING, COMPLETED, FAILED, CANCELLED
`amount`	bigint	Points transferred
`sender`	User	Source user (null for system)
`receiver`	User	Destination user

TopUp

Payment gateway top-up records

Field	Type	Description
`gateway`	enum	EDFAPAY, THAWANI, STRIPE
`status`	enum	PENDING, COMPLETED, FAILED, EXPIRED
`amountInCurrency`	bigint	Amount in minor units (baisas)
`pointsToCredit`	bigint	Points to add on success

Escrow

Buyer protection for order payments

Field	Type	Description
`status`	enum	HOLDING, RELEASED, REFUNDED
`amount`	bigint	Frozen points
`expiresAt`	timestamp	Auto-refund deadline (carrier-set or 12h default)

Order (Escrow Fields)

Order entity fields related to escrow

Field	Type	Description
`escrowId`	uuid	Reference to escrow record (if paid with points)
`escrowHours`	int \| null	Carrier-set escrow duration (1-168 hours, null = 12h default)

P2PTrade

Peer-to-peer point trading offers

Field	Type	Description
`status`	enum	OPEN, PENDING, APPROVED, COMPLETED, CANCELLED, EXPIRED
`pointsAmount`	bigint	Points for sale
`pricePerKnot`	int	Price in baisas (950-1000)
`totalPrice`	bigint	Total price in baisas

MintRequest

Merchant requests to mint new points

Field	Type	Description
`status`	enum	PENDING, PARTIALLY_APPROVED, APPROVED, REJECTED
`requestedPoints`	bigint	Points to mint
`justification`	text	Business reason
`approvedBy1/2`	User	Two admins required
`year`	int	For annual limit tracking

Charity

Verified charity profiles for donations

Field	Type	Description
`status`	enum	PENDING, VERIFIED, SUSPENDED
`slug`	string	URL-friendly unique ID
`totalDonationsReceived`	bigint	Cumulative donations
`donorCount`	int	Number of donors

WithdrawalRequest

User requests to withdraw points to bank account

Field	Type	Description
`status`	enum	PENDING, PROCESSING, COMPLETED, REJECTED, CANCELLED
`amount`	bigint	Points to withdraw
`bankName`	string	User's bank name
`accountNumber`	string	Bank account number
`accountHolderName`	string	Account holder name
`iban`	string	Optional IBAN
`receiptImageUrl`	text	Admin's uploaded receipt
`processedBy`	User	Admin who resolved
`processedAt`	timestamp	When resolved
`rejectionReason`	text	Why rejected (if applicable)
`currencyAmount`	bigint	Equivalent in currency

WalletAuditLog

Audit trail for all wallet actions

Field	Type	Description
`action`	enum	40+ action types (topup, transfer, escrow, trade, mint, etc.)
`severity`	enum	INFO, WARNING, CRITICAL
`pointsAmount`	bigint	Points involved
`metadata`	jsonb	Additional context

📧 Email Notifications

Automatic email alerts for wallet events

Notification Events

All wallet actions trigger email notifications to relevant users

Event	Recipient	Description
`Top-Up Initiated`	Buyer	Payment process started
`Top-Up Completed`	Buyer	Points credited to wallet
`Top-Up Failed`	Buyer	Payment failed or expired
`Transfer Sent`	Sender	Points sent to another user
`Transfer Received`	Receiver	Points received from user
`Escrow Created`	Buyer	Order payment held
`Escrow Released`	Seller	Payment released after delivery
`Escrow Refunded`	Buyer	Payment refunded (cancel/timeout)
`Trade Created`	Seller	Trade offer listed
`Trade Requested`	Seller	Buyer wants to purchase
`Trade Approved`	Buyer	Seller approved request
`Trade Completed`	Both	Points transferred
`Trade Cancelled`	Both	Trade cancelled
`Donation Sent`	Donor	Thank you for donating
`Donation Received`	Charity	New donation alert
`Mint Approved`	Merchant	Points minted to wallet
`Mint Rejected`	Merchant	Request rejected with reason
`Charity Verified`	Owner	Charity approved for donations
`Withdrawal Requested`	User	Withdrawal request submitted
`Withdrawal Request (Admin)`	All Admins	New withdrawal needs processing
`Withdrawal Completed`	User	Bank transfer completed with receipt
`Withdrawal Rejected`	User	Request rejected, points restored
`Security Alert`	User	Suspicious activity detected

📬 Email Features
• Beautiful responsive HTML templates
• Color-coded amounts (green for credits, red for debits)
• Transaction details and balances
• Non-blocking async delivery
• Branded headers with app name

📋 Audit Logging

Comprehensive activity tracking for compliance and security

Audit Actions

All wallet operations are logged with full context

Category	Actions
Wallet	wallet_created
Top-Up	topup_initiated, topup_completed, topup_failed
Transfer	transfer_sent, transfer_received
Escrow	escrow_created, escrow_released, escrow_refunded, escrow_expired
P2P Trade	trade_created, trade_requested, trade_approved, trade_completed, trade_cancelled
Charity	charity_created, charity_verified, donation_sent, donation_received
Admin	admin_freeze, admin_unfreeze, admin_adjustment, admin_mint
Withdrawal	withdrawal_requested, withdrawal_completed, withdrawal_rejected, withdrawal_cancelled

Logged Information

User ID and action timestamp
Points amount and balance after
Related entity (topup, escrow, trade, etc.)
IP address and user agent
Admin who performed action (if applicable)
Custom metadata (JSON)

⚠️ Security Levels
• INFO: Normal operations
• WARNING: Minting, large transactions
• CRITICAL: Admin actions, security events

⚙️ Configuration

Environment variables and system settings

Required Environment Variables

# SMTP Configuration (Email)
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_SECURE=false
SMTP_USER=your-username
SMTP_PASS=your-password
MAIL_FROM=Invare <support@invare.sa>

# App Settings
APP_NAME=Invare
SUPPORT_EMAIL=support@invare.sa

# EdfaPay Configuration
EDFAPAY_API_BASE=https://api.edfapay.com
EDFAPAY_MERCHANT_ID=your-merchant-id
EDFAPAY_PASSWORD=your-password
EDFAPAY_CURRENCY=OMR

System Constants

Constant	Value	Description
`POINTS_PER_KNOT`	100	Points per Knot (display unit)
`DEFAULT_ESCROW_HOURS`	12	Default hours before auto-refund (carrier can override per order)
`ANNUAL_MINT_LIMIT`	1,000,000	Max points per merchant/year
`P2P_PRICE_MIN`	950	Min baisas per Knot
`P2P_PRICE_MAX`	1000	Max baisas per Knot
`MIN_DONATION`	100	Minimum donation points

Scheduled Jobs

Job	Schedule	Description
`refundExpiredEscrows`	Every 5 min	Auto-refund escrows past 12 hours
`cleanupExpiredTopUps`	Daily midnight	Mark pending top-ups as expired (24h)