mirror of
https://github.com/pezkuwichain/pwap.git
synced 2026-06-10 16:01:08 +00:00
pezkuwichain
ca3976fe62
Faz 1 — State-actor threat-model defenses:
* Telegram approval gate via PEXSEC_BOT — CEO must approve every deploy in Telegram (30-min timeout). Runs on new self-hosted pwap-runner on DEV VPS, shares /tmp/pexsec-gates/ with pexsec-bot.service.
* DEV VPS app-deploy user privilege drop — deploys no longer run as root. CI key restricted with no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-user-rc. Privilege drop verified (cannot read /etc/shadow, /root/, sudo blocked).
* Image-based deploy — Dockerfile (node 20 build → busybox:musl dist) pushed to GHCR with SHA tag. Deploys pull image, extract /dist, scp to VPS. Immutable artifacts, full provenance.
* Health check + Telegram failure alert post-deploy.
* Rollback path: workflow_dispatch with rollback_to=<sha> — skips build, redeploys old image. CEO gate still required.
Faz 2 — Higher-tier defenses:
* TruffleHog secret scan — PR diff (fast) + push full-repo (verified secrets only).
* CodeQL SAST workflow — javascript-typescript, security-extended + security-and-quality queries. PR + push + weekly cron.
* npm audit raised from --audit-level=critical to --audit-level=high (caught more CVEs).
* CI Gate ✅ explicit merge-block job — fails if any required check is not success/skipped.
exchange
@ bb3bc812ed
Pezkuwi Web App Projects (PWAP)
Monorepo for Pezkuwi blockchain frontend applications.
Project Structure
pwap/
├── web/ # Main web application
├── mobile/ # Mobile application (React Native + Expo)
├── backend/ # Backend API services
├── shared/ # Shared code and utilities
└── package.json # Root package with build scripts
Related Repositories
| Repository | Description | URL |
|---|---|---|
| pezkuwi-sdk-ui | Blockchain Explorer & Developer Tools | https://github.com/pezkuwichain/pezkuwi-sdk-ui |
| pezkuwi-extension | Browser Wallet Extension | https://github.com/pezkuwichain/pezkuwi-extension |
Projects
1. web/ - Main Web Application
Status: ✅ Production Ready
The primary web interface for Pezkuwi blockchain at app.pezkuwichain.io
Tech Stack:
- React 18 + TypeScript
- Vite
- @pezkuwi/api
- Supabase (Auth & Database)
- Tailwind CSS + shadcn/ui
- i18next
Features:
- Wallet integration (Pezkuwi Extension)
- Live blockchain data
- Staking dashboard
- DEX/Swap interface
- P2P Fiat Trading with atomic escrow
- Transaction history
- Multi-language support (EN, TR, KMR, CKB, AR, FA)
- Governance with live blockchain integration
cd web
npm install
npm run dev
2. mobile/ - Mobile Application
Status: 🚧 In Development
React Native Expo app for iOS and Android.
Features:
- Welcome screen with language selection
- Multi-language support (6 languages with RTL)
- Authentication (Sign In/Up)
- Main dashboard navigation (5-tab bottom nav)
- Wallet integration with @pezkuwi/api
- Live blockchain data (HEZ, PEZ, USDT)
- Send/receive transactions
- Biometric authentication
cd mobile
npm install
npm start
3. backend/ - Backend Services
API services for the applications.
cd backend
npm install
npm run dev
4. shared/ - Shared Code
Common code, types, and utilities used across all platforms.
shared/
├── types/ # TypeScript type definitions
├── utils/ # Helper functions
├── blockchain/ # Blockchain utilities
├── constants/ # App constants
├── images/ # Shared images and logos
└── i18n/ # Internationalization
Quick Start
Prerequisites
- Node.js 18+
- npm
Installation
# Clone repository
git clone https://github.com/pezkuwichain/pwap.git
cd pwap
# Install all dependencies
npm install
# Or install individually
npm run install:web
npm run install:mobile
npm run install:backend
Build All Projects
npm run build
This builds:
web- Vite production buildpezkuwi-sdk-ui- Full SDK UI build (separate repo)mobile- Expo web export
Development
# Run web and mobile in parallel
npm run dev
# Or run individually
npm run dev:web
npm run dev:mobile
Multi-Language Support
All applications support:
- 🇬🇧 English (EN)
- 🇹🇷 Türkçe (TR)
- ☀️ Kurmancî (KMR)
- ☀️ سۆرانی (CKB)
- 🇸🇦 العربية (AR)
- 🇮🇷 فارسی (FA)
RTL support for CKB, AR, FA.
Scripts
| Command | Description |
|---|---|
npm run build |
Build all projects |
npm run dev |
Start development servers |
npm run lint |
Run linters |
npm run test |
Run tests |
npm run install:all |
Install all dependencies |
Links
- Website: https://app.pezkuwichain.io
- Website (alt): https://pex.mom
- Exchange: https://pex.network
- Documentation: https://docs.pezkuwichain.io
License
Apache-2.0