restucturization of recipients payment methods

api/gateway/chain/.air.toml

@@ -0,0 +1,32 @@
+# Config file for Air in TOML format
+
+root = "./../.."
+tmp_dir = "tmp"
+
+[build]
+cmd = "go build -o app -ldflags \"-X 'github.com/tech/sendico/gateway/chain/internal/appversion.BuildUser=$(whoami)' -X 'github.com/tech/sendico/gateway/chain/internal/appversion.Version=$APP_V' -X 'github.com/tech/sendico/gateway/chain/internal/appversion.Branch=$BUILD_BRANCH' -X 'github.com/tech/sendico/gateway/chain/internal/appversion.Revision=$GIT_REV' -X 'github.com/tech/sendico/gateway/chain/internal/appversion.BuildDate=$(date)'\""
+bin = "./app"
+full_bin = "./app --debug --config.file=config.yml"
+include_ext = ["go", "yaml", "yml"]
+exclude_dir = ["gateway/chain/tmp", "pkg/.git", "gateway/chain/env"]
+exclude_regex = ["_test\\.go"]
+exclude_unchanged = true
+follow_symlink = true
+log = "air.log"
+delay = 0
+stop_on_error = true
+send_interrupt = true
+kill_delay = 500
+args_bin = []
+
+[log]
+time = false
+
+[color]
+main = "magenta"
+watcher = "cyan"
+build = "yellow"
+runner = "green"
+
+[misc]
+clean_on_exit = true

api/gateway/chain/.gitignore

@@ -0,0 +1,3 @@
+internal/generated
+.gocache
+app

api/gateway/chain/client/client.go

@@ -0,0 +1,148 @@
+package client
+
+import (
+	"context"
+	"crypto/tls"
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/pkg/merrors"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/credentials/insecure"
+)
+
+// Client exposes typed helpers around the chain gateway gRPC API.
+type Client interface {
+	CreateManagedWallet(ctx context.Context, req *chainv1.CreateManagedWalletRequest) (*chainv1.CreateManagedWalletResponse, error)
+	GetManagedWallet(ctx context.Context, req *chainv1.GetManagedWalletRequest) (*chainv1.GetManagedWalletResponse, error)
+	ListManagedWallets(ctx context.Context, req *chainv1.ListManagedWalletsRequest) (*chainv1.ListManagedWalletsResponse, error)
+	GetWalletBalance(ctx context.Context, req *chainv1.GetWalletBalanceRequest) (*chainv1.GetWalletBalanceResponse, error)
+	SubmitTransfer(ctx context.Context, req *chainv1.SubmitTransferRequest) (*chainv1.SubmitTransferResponse, error)
+	GetTransfer(ctx context.Context, req *chainv1.GetTransferRequest) (*chainv1.GetTransferResponse, error)
+	ListTransfers(ctx context.Context, req *chainv1.ListTransfersRequest) (*chainv1.ListTransfersResponse, error)
+	EstimateTransferFee(ctx context.Context, req *chainv1.EstimateTransferFeeRequest) (*chainv1.EstimateTransferFeeResponse, error)
+	Close() error
+}
+
+type grpcGatewayClient interface {
+	CreateManagedWallet(ctx context.Context, in *chainv1.CreateManagedWalletRequest, opts ...grpc.CallOption) (*chainv1.CreateManagedWalletResponse, error)
+	GetManagedWallet(ctx context.Context, in *chainv1.GetManagedWalletRequest, opts ...grpc.CallOption) (*chainv1.GetManagedWalletResponse, error)
+	ListManagedWallets(ctx context.Context, in *chainv1.ListManagedWalletsRequest, opts ...grpc.CallOption) (*chainv1.ListManagedWalletsResponse, error)
+	GetWalletBalance(ctx context.Context, in *chainv1.GetWalletBalanceRequest, opts ...grpc.CallOption) (*chainv1.GetWalletBalanceResponse, error)
+	SubmitTransfer(ctx context.Context, in *chainv1.SubmitTransferRequest, opts ...grpc.CallOption) (*chainv1.SubmitTransferResponse, error)
+	GetTransfer(ctx context.Context, in *chainv1.GetTransferRequest, opts ...grpc.CallOption) (*chainv1.GetTransferResponse, error)
+	ListTransfers(ctx context.Context, in *chainv1.ListTransfersRequest, opts ...grpc.CallOption) (*chainv1.ListTransfersResponse, error)
+	EstimateTransferFee(ctx context.Context, in *chainv1.EstimateTransferFeeRequest, opts ...grpc.CallOption) (*chainv1.EstimateTransferFeeResponse, error)
+}
+
+type chainGatewayClient struct {
+	cfg    Config
+	conn   *grpc.ClientConn
+	client grpcGatewayClient
+}
+
+// New dials the chain gateway endpoint and returns a ready client.
+func New(ctx context.Context, cfg Config, opts ...grpc.DialOption) (Client, error) {
+	cfg.setDefaults()
+	if strings.TrimSpace(cfg.Address) == "" {
+		return nil, merrors.InvalidArgument("chain-gateway: address is required")
+	}
+
+	dialCtx, cancel := context.WithTimeout(ctx, cfg.DialTimeout)
+	defer cancel()
+
+	dialOpts := make([]grpc.DialOption, 0, len(opts)+1)
+	dialOpts = append(dialOpts, opts...)
+
+	if cfg.Insecure {
+		dialOpts = append(dialOpts, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	} else {
+		dialOpts = append(dialOpts, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})))
+	}
+
+	conn, err := grpc.DialContext(dialCtx, cfg.Address, dialOpts...)
+	if err != nil {
+		return nil, merrors.Internal(fmt.Sprintf("chain-gateway: dial %s: %s", cfg.Address, err.Error()))
+	}
+
+	return &chainGatewayClient{
+		cfg:    cfg,
+		conn:   conn,
+		client: chainv1.NewChainGatewayServiceClient(conn),
+	}, nil
+}
+
+// NewWithClient injects a pre-built gateway client (useful for tests).
+func NewWithClient(cfg Config, gc grpcGatewayClient) Client {
+	cfg.setDefaults()
+	return &chainGatewayClient{
+		cfg:    cfg,
+		client: gc,
+	}
+}
+
+func (c *chainGatewayClient) Close() error {
+	if c.conn != nil {
+		return c.conn.Close()
+	}
+	return nil
+}
+
+func (c *chainGatewayClient) CreateManagedWallet(ctx context.Context, req *chainv1.CreateManagedWalletRequest) (*chainv1.CreateManagedWalletResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.CreateManagedWallet(ctx, req)
+}
+
+func (c *chainGatewayClient) GetManagedWallet(ctx context.Context, req *chainv1.GetManagedWalletRequest) (*chainv1.GetManagedWalletResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.GetManagedWallet(ctx, req)
+}
+
+func (c *chainGatewayClient) ListManagedWallets(ctx context.Context, req *chainv1.ListManagedWalletsRequest) (*chainv1.ListManagedWalletsResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.ListManagedWallets(ctx, req)
+}
+
+func (c *chainGatewayClient) GetWalletBalance(ctx context.Context, req *chainv1.GetWalletBalanceRequest) (*chainv1.GetWalletBalanceResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.GetWalletBalance(ctx, req)
+}
+
+func (c *chainGatewayClient) SubmitTransfer(ctx context.Context, req *chainv1.SubmitTransferRequest) (*chainv1.SubmitTransferResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.SubmitTransfer(ctx, req)
+}
+
+func (c *chainGatewayClient) GetTransfer(ctx context.Context, req *chainv1.GetTransferRequest) (*chainv1.GetTransferResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.GetTransfer(ctx, req)
+}
+
+func (c *chainGatewayClient) ListTransfers(ctx context.Context, req *chainv1.ListTransfersRequest) (*chainv1.ListTransfersResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.ListTransfers(ctx, req)
+}
+
+func (c *chainGatewayClient) EstimateTransferFee(ctx context.Context, req *chainv1.EstimateTransferFeeRequest) (*chainv1.EstimateTransferFeeResponse, error) {
+	ctx, cancel := c.callContext(ctx)
+	defer cancel()
+	return c.client.EstimateTransferFee(ctx, req)
+}
+
+func (c *chainGatewayClient) callContext(ctx context.Context) (context.Context, context.CancelFunc) {
+	timeout := c.cfg.CallTimeout
+	if timeout <= 0 {
+		timeout = 3 * time.Second
+	}
+	return context.WithTimeout(ctx, timeout)
+}

api/gateway/chain/client/config.go

@@ -0,0 +1,20 @@
+package client
+
+import "time"
+
+// Config captures connection settings for the chain gateway gRPC service.
+type Config struct {
+	Address     string
+	DialTimeout time.Duration
+	CallTimeout time.Duration
+	Insecure    bool
+}
+
+func (c *Config) setDefaults() {
+	if c.DialTimeout <= 0 {
+		c.DialTimeout = 5 * time.Second
+	}
+	if c.CallTimeout <= 0 {
+		c.CallTimeout = 3 * time.Second
+	}
+}

api/gateway/chain/client/fake.go

@@ -0,0 +1,83 @@
+package client
+
+import (
+	"context"
+
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+)
+
+// Fake implements Client for tests.
+type Fake struct {
+	CreateManagedWalletFn func(ctx context.Context, req *chainv1.CreateManagedWalletRequest) (*chainv1.CreateManagedWalletResponse, error)
+	GetManagedWalletFn    func(ctx context.Context, req *chainv1.GetManagedWalletRequest) (*chainv1.GetManagedWalletResponse, error)
+	ListManagedWalletsFn  func(ctx context.Context, req *chainv1.ListManagedWalletsRequest) (*chainv1.ListManagedWalletsResponse, error)
+	GetWalletBalanceFn    func(ctx context.Context, req *chainv1.GetWalletBalanceRequest) (*chainv1.GetWalletBalanceResponse, error)
+	SubmitTransferFn      func(ctx context.Context, req *chainv1.SubmitTransferRequest) (*chainv1.SubmitTransferResponse, error)
+	GetTransferFn         func(ctx context.Context, req *chainv1.GetTransferRequest) (*chainv1.GetTransferResponse, error)
+	ListTransfersFn       func(ctx context.Context, req *chainv1.ListTransfersRequest) (*chainv1.ListTransfersResponse, error)
+	EstimateTransferFeeFn func(ctx context.Context, req *chainv1.EstimateTransferFeeRequest) (*chainv1.EstimateTransferFeeResponse, error)
+	CloseFn               func() error
+}
+
+func (f *Fake) CreateManagedWallet(ctx context.Context, req *chainv1.CreateManagedWalletRequest) (*chainv1.CreateManagedWalletResponse, error) {
+	if f.CreateManagedWalletFn != nil {
+		return f.CreateManagedWalletFn(ctx, req)
+	}
+	return &chainv1.CreateManagedWalletResponse{}, nil
+}
+
+func (f *Fake) GetManagedWallet(ctx context.Context, req *chainv1.GetManagedWalletRequest) (*chainv1.GetManagedWalletResponse, error) {
+	if f.GetManagedWalletFn != nil {
+		return f.GetManagedWalletFn(ctx, req)
+	}
+	return &chainv1.GetManagedWalletResponse{}, nil
+}
+
+func (f *Fake) ListManagedWallets(ctx context.Context, req *chainv1.ListManagedWalletsRequest) (*chainv1.ListManagedWalletsResponse, error) {
+	if f.ListManagedWalletsFn != nil {
+		return f.ListManagedWalletsFn(ctx, req)
+	}
+	return &chainv1.ListManagedWalletsResponse{}, nil
+}
+
+func (f *Fake) GetWalletBalance(ctx context.Context, req *chainv1.GetWalletBalanceRequest) (*chainv1.GetWalletBalanceResponse, error) {
+	if f.GetWalletBalanceFn != nil {
+		return f.GetWalletBalanceFn(ctx, req)
+	}
+	return &chainv1.GetWalletBalanceResponse{}, nil
+}
+
+func (f *Fake) SubmitTransfer(ctx context.Context, req *chainv1.SubmitTransferRequest) (*chainv1.SubmitTransferResponse, error) {
+	if f.SubmitTransferFn != nil {
+		return f.SubmitTransferFn(ctx, req)
+	}
+	return &chainv1.SubmitTransferResponse{}, nil
+}
+
+func (f *Fake) GetTransfer(ctx context.Context, req *chainv1.GetTransferRequest) (*chainv1.GetTransferResponse, error) {
+	if f.GetTransferFn != nil {
+		return f.GetTransferFn(ctx, req)
+	}
+	return &chainv1.GetTransferResponse{}, nil
+}
+
+func (f *Fake) ListTransfers(ctx context.Context, req *chainv1.ListTransfersRequest) (*chainv1.ListTransfersResponse, error) {
+	if f.ListTransfersFn != nil {
+		return f.ListTransfersFn(ctx, req)
+	}
+	return &chainv1.ListTransfersResponse{}, nil
+}
+
+func (f *Fake) EstimateTransferFee(ctx context.Context, req *chainv1.EstimateTransferFeeRequest) (*chainv1.EstimateTransferFeeResponse, error) {
+	if f.EstimateTransferFeeFn != nil {
+		return f.EstimateTransferFeeFn(ctx, req)
+	}
+	return &chainv1.EstimateTransferFeeResponse{}, nil
+}
+
+func (f *Fake) Close() error {
+	if f.CloseFn != nil {
+		return f.CloseFn()
+	}
+	return nil
+}

api/gateway/chain/config.yml

@@ -0,0 +1,57 @@
+runtime:
+  shutdown_timeout_seconds: 15
+
+grpc:
+  network: tcp
+  address: ":50070"
+  enable_reflection: true
+  enable_health: true
+
+metrics:
+  address: ":9403"
+
+database:
+  driver: mongodb
+  settings:
+    host_env: CHAIN_GATEWAY_MONGO_HOST
+    port_env: CHAIN_GATEWAY_MONGO_PORT
+    database_env: CHAIN_GATEWAY_MONGO_DATABASE
+    user_env: CHAIN_GATEWAY_MONGO_USER
+    password_env: CHAIN_GATEWAY_MONGO_PASSWORD
+    auth_source_env: CHAIN_GATEWAY_MONGO_AUTH_SOURCE
+    replica_set_env: CHAIN_GATEWAY_MONGO_REPLICA_SET
+
+messaging:
+  driver: NATS
+  settings:
+    url_env: NATS_URL
+    host_env: NATS_HOST
+    port_env: NATS_PORT
+    username_env: NATS_USER
+    password_env: NATS_PASSWORD
+    broker_name: Chain Gateway Service
+    max_reconnects: 10
+    reconnect_wait: 5
+
+chains:
+  - name: arbitrum_one
+    rpc_url_env: CHAIN_GATEWAY_ARBITRUM_RPC_URL
+    tokens:
+      - symbol: USDC
+        contract: "0xaf88d065e77c8cc2239327c5edb3a432268e5831"
+      - symbol: USDT
+        contract: "0xfd086bc7cd5c481dcc9c85ebe478a1c0b69fcbb9"
+
+service_wallet:
+  chain: arbitrum_one
+  address_env: CHAIN_GATEWAY_SERVICE_WALLET_ADDRESS
+  private_key_env: CHAIN_GATEWAY_SERVICE_WALLET_KEY
+
+key_management:
+  driver: vault
+  settings:
+    address: "https://vault.sendico.io"
+    token_env: VAULT_TOKEN
+    namespace: ""
+    mount_path: kv
+    key_prefix: gateway/chain/wallets

api/gateway/chain/entrypoint.sh

@@ -0,0 +1,15 @@
+#!/bin/sh
+set -eu
+
+if [ -n "${VAULT_TOKEN_FILE:-}" ] && [ -f "${VAULT_TOKEN_FILE}" ]; then
+  token="$(cat "${VAULT_TOKEN_FILE}" 2>/dev/null | tr -d '[:space:]')"
+  if [ -n "${token}" ]; then
+    export VAULT_TOKEN="${token}"
+  fi
+fi
+
+if [ -z "${VAULT_TOKEN:-}" ]; then
+  echo "[entrypoint] VAULT_TOKEN is not set; expected Vault Agent sink to write a token to ${VAULT_TOKEN_FILE:-/run/vault/token}" >&2
+fi
+
+exec /app/chain-gateway "$@"

api/gateway/chain/env/.gitignore

@@ -0,0 +1 @@
+.env.api

api/gateway/chain/go.mod

@@ -0,0 +1,90 @@
+module github.com/tech/sendico/gateway/chain
+
+go 1.25.3
+
+replace github.com/tech/sendico/pkg => ../../pkg
+
+require (
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0
+	github.com/ethereum/go-ethereum v1.16.7
+	github.com/hashicorp/vault/api v1.22.0
+	github.com/mitchellh/mapstructure v1.5.0
+	github.com/prometheus/client_golang v1.23.2
+	github.com/shopspring/decimal v1.4.0
+	github.com/stretchr/testify v1.11.1
+	github.com/tech/sendico/pkg v0.1.0
+	go.mongodb.org/mongo-driver v1.17.6
+	go.uber.org/zap v1.27.1
+	google.golang.org/grpc v1.77.0
+	google.golang.org/protobuf v1.36.10
+	gopkg.in/yaml.v3 v3.0.1
+)
+
+require (
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ProjectZKM/Ziren/crates/go-runtime/zkvm_runtime v0.0.0-20251119083800-2aa1d4cc79d7 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/bits-and-blooms/bitset v1.24.4 // indirect
+	github.com/bmatcuk/doublestar/v4 v4.9.1 // indirect
+	github.com/casbin/casbin/v2 v2.134.0 // indirect
+	github.com/casbin/govaluate v1.10.0 // indirect
+	github.com/casbin/mongodb-adapter/v3 v3.7.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/consensys/gnark-crypto v0.19.2 // indirect
+	github.com/crate-crypto/go-eth-kzg v1.4.0 // indirect
+	github.com/crate-crypto/go-ipa v0.0.0-20240724233137-53bbb0ceb27a // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/deckarep/golang-set/v2 v2.8.0 // indirect
+	github.com/ethereum/c-kzg-4844/v2 v2.1.5 // indirect
+	github.com/ethereum/go-verkle v0.2.2 // indirect
+	github.com/go-chi/chi/v5 v5.2.3 // indirect
+	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
+	github.com/go-ole/go-ole v1.3.0 // indirect
+	github.com/golang/snappy v1.0.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/gorilla/websocket v1.5.3 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.8 // indirect
+	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0 // indirect
+	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.7 // indirect
+	github.com/hashicorp/hcl v1.0.1-vault-7 // indirect
+	github.com/holiman/uint256 v1.3.2 // indirect
+	github.com/klauspost/compress v1.18.1 // indirect
+	github.com/mattn/go-colorable v0.1.14 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/montanaflynn/stats v0.7.1 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/nats-io/nats.go v1.47.0 // indirect
+	github.com/nats-io/nkeys v0.4.12 // indirect
+	github.com/nats-io/nuid v1.0.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_model v0.6.2 // indirect
+	github.com/prometheus/common v0.67.4 // indirect
+	github.com/prometheus/procfs v0.19.2 // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
+	github.com/shirou/gopsutil v3.21.11+incompatible // indirect
+	github.com/supranational/blst v0.3.16 // indirect
+	github.com/tklauser/go-sysconf v0.3.16 // indirect
+	github.com/tklauser/numcpus v0.11.0 // indirect
+	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
+	github.com/xdg-go/scram v1.2.0 // indirect
+	github.com/xdg-go/stringprep v1.0.4 // indirect
+	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
+	github.com/yusufpapurcu/wmi v1.2.4 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.yaml.in/yaml/v2 v2.4.3 // indirect
+	golang.org/x/crypto v0.45.0 // indirect
+	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 // indirect
+	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/time v0.14.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251124214823-79d6a2a48846 // indirect
+)

api/gateway/chain/go.sum

@@ -0,0 +1,379 @@
+dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
+dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
+github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0=
+github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
+github.com/DataDog/zstd v1.4.5 h1:EndNeuB0l9syBZhut0wns3gV1hL8zX8LIu6ZiVHWLIQ=
+github.com/DataDog/zstd v1.4.5/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
+github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
+github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
+github.com/ProjectZKM/Ziren/crates/go-runtime/zkvm_runtime v0.0.0-20251119083800-2aa1d4cc79d7 h1:uups37roJCTtR/BrJa0WoMrxt3rzgV+Qrj+TxYyJoAo=
+github.com/ProjectZKM/Ziren/crates/go-runtime/zkvm_runtime v0.0.0-20251119083800-2aa1d4cc79d7/go.mod h1:ioLG6R+5bUSO1oeGSDxOV3FADARuMoytZCSX6MEMQkI=
+github.com/VictoriaMetrics/fastcache v1.13.0 h1:AW4mheMR5Vd9FkAPUv+NH6Nhw+fmbTMGMsNAoA/+4G0=
+github.com/VictoriaMetrics/fastcache v1.13.0/go.mod h1:hHXhl4DA2fTL2HTZDJFXWgW0LNjo6B+4aj2Wmng3TjU=
+github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/bits-and-blooms/bitset v1.24.4 h1:95H15Og1clikBrKr/DuzMXkQzECs1M6hhoGXLwLQOZE=
+github.com/bits-and-blooms/bitset v1.24.4/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
+github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
+github.com/bmatcuk/doublestar/v4 v4.9.1 h1:X8jg9rRZmJd4yRy7ZeNDRnM+T3ZfHv15JiBJ/avrEXE=
+github.com/bmatcuk/doublestar/v4 v4.9.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
+github.com/casbin/casbin/v2 v2.134.0 h1:wyO3hZb487GzlGVAI2hUoHQT0ehFD+9B5P+HVG9BVTM=
+github.com/casbin/casbin/v2 v2.134.0/go.mod h1:FmcfntdXLTcYXv/hxgNntcRPqAbwOG9xsism0yXT+18=
+github.com/casbin/govaluate v1.3.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A=
+github.com/casbin/govaluate v1.10.0 h1:ffGw51/hYH3w3rZcxO/KcaUIDOLP84w7nsidMVgaDG0=
+github.com/casbin/govaluate v1.10.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A=
+github.com/casbin/mongodb-adapter/v3 v3.7.0 h1:w9c3bea1BGK4eZTAmk17JkY52yv/xSZDSHKji8q+z6E=
+github.com/casbin/mongodb-adapter/v3 v3.7.0/go.mod h1:F1mu4ojoJVE/8VhIMxMedhjfwRDdIXgANYs6Sd0MgVA=
+github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
+github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cockroachdb/errors v1.11.3 h1:5bA+k2Y6r+oz/6Z/RFlNeVCesGARKuC6YymtcDrbC/I=
+github.com/cockroachdb/errors v1.11.3/go.mod h1:m4UIW4CDjx+R5cybPsNrRbreomiFqt8o1h1wUVazSd8=
+github.com/cockroachdb/fifo v0.0.0-20240606204812-0bbfbd93a7ce h1:giXvy4KSc/6g/esnpM7Geqxka4WSqI1SZc7sMJFd3y4=
+github.com/cockroachdb/fifo v0.0.0-20240606204812-0bbfbd93a7ce/go.mod h1:9/y3cnZ5GKakj/H4y9r9GTjCvAFta7KLgSHPJJYc52M=
+github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b h1:r6VH0faHjZeQy818SGhaone5OnYfxFR/+AzdY3sf5aE=
+github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b/go.mod h1:Vz9DsVWQQhf3vs21MhPMZpMGSht7O/2vFW2xusFUVOs=
+github.com/cockroachdb/pebble v1.1.5 h1:5AAWCBWbat0uE0blr8qzufZP5tBjkRyy/jWe1QWLnvw=
+github.com/cockroachdb/pebble v1.1.5/go.mod h1:17wO9el1YEigxkP/YtV8NtCivQDgoCyBg5c4VR/eOWo=
+github.com/cockroachdb/redact v1.1.5 h1:u1PMllDkdFfPWaNGMyLD1+so+aq3uUItthCFqzwPJ30=
+github.com/cockroachdb/redact v1.1.5/go.mod h1:BVNblN9mBWFyMyqK1k3AAiSxhvhfK2oOZZ2lK+dpvRg=
+github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06 h1:zuQyyAKVxetITBuuhv3BI9cMrmStnpT18zmgmTxunpo=
+github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06/go.mod h1:7nc4anLGjupUW/PeY5qiNYsdNXj7zopG+eqsS7To5IQ=
+github.com/consensys/gnark-crypto v0.19.2 h1:qrEAIXq3T4egxqiliFFoNrepkIWVEeIYwt3UL0fvS80=
+github.com/consensys/gnark-crypto v0.19.2/go.mod h1:rT23F0XSZqE0mUA0+pRtnL56IbPxs6gp4CeRsBk4XS0=
+github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
+github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
+github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A=
+github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw=
+github.com/cpuguy83/dockercfg v0.3.2 h1:DlJTyZGBDlXqUZ2Dk2Q3xHs/FtnooJJVaad2S9GKorA=
+github.com/cpuguy83/dockercfg v0.3.2/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc=
+github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
+github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/crate-crypto/go-eth-kzg v1.4.0 h1:WzDGjHk4gFg6YzV0rJOAsTK4z3Qkz5jd4RE3DAvPFkg=
+github.com/crate-crypto/go-eth-kzg v1.4.0/go.mod h1:J9/u5sWfznSObptgfa92Jq8rTswn6ahQWEuiLHOjCUI=
+github.com/crate-crypto/go-ipa v0.0.0-20240724233137-53bbb0ceb27a h1:W8mUrRp6NOVl3J+MYp5kPMoUZPp7aOYHtaua31lwRHg=
+github.com/crate-crypto/go-ipa v0.0.0-20240724233137-53bbb0ceb27a/go.mod h1:sTwzHBvIzm2RfVCGNEBZgRyjwK40bVoun3ZnGOCafNM=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dchest/siphash v1.2.3 h1:QXwFc8cFOR2dSa/gE6o/HokBMWtLUaNDVd+22aKHeEA=
+github.com/dchest/siphash v1.2.3/go.mod h1:0NvQU092bT0ipiFN++/rXm69QG9tVxLAlQHIXMPAkHc=
+github.com/deckarep/golang-set/v2 v2.8.0 h1:swm0rlPCmdWn9mESxKOjWk8hXSqoxOp+ZlfuyaAdFlQ=
+github.com/deckarep/golang-set/v2 v2.8.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4=
+github.com/decred/dcrd/crypto/blake256 v1.1.0 h1:zPMNGQCm0g4QTY27fOCorQW7EryeQ/U0x++OzVrdms8=
+github.com/decred/dcrd/crypto/blake256 v1.1.0/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40=
+github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
+github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
+github.com/docker/docker v27.3.1+incompatible h1:KttF0XoteNTicmUtBO0L2tP+J7FGRFTjaEF4k6WdhfI=
+github.com/docker/docker v27.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
+github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
+github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
+github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/emicklei/dot v1.6.2 h1:08GN+DD79cy/tzN6uLCT84+2Wk9u+wvqP+Hkx/dIR8A=
+github.com/emicklei/dot v1.6.2/go.mod h1:DeV7GvQtIw4h2u73RKBkkFdvVAz0D9fzeJrgPW6gy/s=
+github.com/ethereum/c-kzg-4844/v2 v2.1.5 h1:aVtoLK5xwJ6c5RiqO8g8ptJ5KU+2Hdquf6G3aXiHh5s=
+github.com/ethereum/c-kzg-4844/v2 v2.1.5/go.mod h1:u59hRTTah4Co6i9fDWtiCjTrblJv0UwsqZKCc0GfgUs=
+github.com/ethereum/go-bigmodexpfix v0.0.0-20250911101455-f9e208c548ab h1:rvv6MJhy07IMfEKuARQ9TKojGqLVNxQajaXEp/BoqSk=
+github.com/ethereum/go-bigmodexpfix v0.0.0-20250911101455-f9e208c548ab/go.mod h1:IuLm4IsPipXKF7CW5Lzf68PIbZ5yl7FFd74l/E0o9A8=
+github.com/ethereum/go-ethereum v1.16.7 h1:qeM4TvbrWK0UC0tgkZ7NiRsmBGwsjqc64BHo20U59UQ=
+github.com/ethereum/go-ethereum v1.16.7/go.mod h1:Fs6QebQbavneQTYcA39PEKv2+zIjX7rPUZ14DER46wk=
+github.com/ethereum/go-verkle v0.2.2 h1:I2W0WjnrFUIzzVPwm8ykY+7pL2d4VhlsePn4j7cnFk8=
+github.com/ethereum/go-verkle v0.2.2/go.mod h1:M3b90YRnzqKyyzBEWJGqj8Qff4IDeXnzFw0P9bFw3uk=
+github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
+github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/ferranbt/fastssz v0.1.4 h1:OCDB+dYDEQDvAgtAGnTSidK1Pe2tW3nFV40XyMkTeDY=
+github.com/ferranbt/fastssz v0.1.4/go.mod h1:Ea3+oeoRGGLGm5shYAeDgu6PGUlcvQhE2fILyD9+tGg=
+github.com/getsentry/sentry-go v0.27.0 h1:Pv98CIbtB3LkMWmXi4Joa5OOcwbmnX88sF5qbK3r3Ps=
+github.com/getsentry/sentry-go v0.27.0/go.mod h1:lc76E2QywIyW8WuBnwl8Lc4bkmQH4+w1gwTf25trprY=
+github.com/go-chi/chi/v5 v5.2.3 h1:WQIt9uxdsAbgIYgid+BpYc+liqQZGMHRaUwp0JUcvdE=
+github.com/go-chi/chi/v5 v5.2.3/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
+github.com/go-jose/go-jose/v4 v4.1.3 h1:CVLmWDhDVRa6Mi/IgCgaopNosCaHz7zrMeF9MlZRkrs=
+github.com/go-jose/go-jose/v4 v4.1.3/go.mod h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
+github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
+github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
+github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
+github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
+github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
+github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U=
+github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
+github.com/gofrs/flock v0.12.1 h1:MTLVXXHf8ekldpJk3AKicLij9MdwOWkZ+a/jHHZby9E=
+github.com/gofrs/flock v0.12.1/go.mod h1:9zxTsyu5xtJ9DK+1tFZyibEV7y3uwDxPPfbxeeHCoD0=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
+github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/golang/snappy v1.0.0 h1:Oy607GVXHs7RtbggtPBnr2RmDArIsAefDwvrdWvRhGs=
+github.com/golang/snappy v1.0.0/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
+github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
+github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/go-bexpr v0.1.10 h1:9kuI5PFotCboP3dkDYFr/wi0gg0QVbSNz5oFRpxn4uE=
+github.com/hashicorp/go-bexpr v0.1.10/go.mod h1:oxlubA2vC/gFVfX1A6JGp7ls7uCDlfJn732ehYYg+g0=
+github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
+github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
+github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
+github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
+github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
+github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
+github.com/hashicorp/go-retryablehttp v0.7.8 h1:ylXZWnqa7Lhqpk0L1P1LzDtGcCR0rPVUrx/c8Unxc48=
+github.com/hashicorp/go-retryablehttp v0.7.8/go.mod h1:rjiScheydd+CxvumBsIrFKlx3iS0jrZ7LvzFGFmuKbw=
+github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
+github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0 h1:U+kC2dOhMFQctRfhK0gRctKAPTloZdMU5ZJxaesJ/VM=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0/go.mod h1:Ll013mhdmsVDuoIXVfBtvgGJsXDYkTw1kooNcoCXuE0=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
+github.com/hashicorp/go-sockaddr v1.0.7 h1:G+pTkSO01HpR5qCxg7lxfsFEZaG+C0VssTy/9dbT+Fw=
+github.com/hashicorp/go-sockaddr v1.0.7/go.mod h1:FZQbEYa1pxkQ7WLpyXJ6cbjpT8q0YgQaK/JakXqGyWw=
+github.com/hashicorp/hcl v1.0.1-vault-7 h1:ag5OxFVy3QYTFTJODRzTKVZ6xvdfLLCA1cy/Y6xGI0I=
+github.com/hashicorp/hcl v1.0.1-vault-7/go.mod h1:XYhtn6ijBSAj6n4YqAaf7RBPS4I06AItNorpy+MoQNM=
+github.com/hashicorp/vault/api v1.22.0 h1:+HYFquE35/B74fHoIeXlZIP2YADVboaPjaSicHEZiH0=
+github.com/hashicorp/vault/api v1.22.0/go.mod h1:IUZA2cDvr4Ok3+NtK2Oq/r+lJeXkeCrHRmqdyWfpmGM=
+github.com/holiman/billy v0.0.0-20250707135307-f2f9b9aae7db h1:IZUYC/xb3giYwBLMnr8d0TGTzPKFGNTCGgGLoyeX330=
+github.com/holiman/billy v0.0.0-20250707135307-f2f9b9aae7db/go.mod h1:xTEYN9KCHxuYHs+NmrmzFcnvHMzLLNiGFafCb1n3Mfg=
+github.com/holiman/bloomfilter/v2 v2.0.3 h1:73e0e/V0tCydx14a0SCYS/EWCxgwLZ18CZcZKVu0fao=
+github.com/holiman/bloomfilter/v2 v2.0.3/go.mod h1:zpoh+gs7qcpqrHr3dB55AMiJwo0iURXE7ZOP9L9hSkA=
+github.com/holiman/uint256 v1.3.2 h1:a9EgMPSC1AAaj1SZL5zIQD3WbwTuHrMGOerLjGmM/TA=
+github.com/holiman/uint256 v1.3.2/go.mod h1:EOMSn4q6Nyt9P6efbI3bueV4e1b3dGlUCXeiRV4ng7E=
+github.com/huin/goupnp v1.3.0 h1:UvLUlWDNpoUdYzb2TCn+MuTWtcjXKSza2n6CBdQ0xXc=
+github.com/huin/goupnp v1.3.0/go.mod h1:gnGPsThkYa7bFi/KWmEysQRf48l2dvR5bxr2OFckNX8=
+github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
+github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
+github.com/klauspost/compress v1.18.1 h1:bcSGx7UbpBqMChDtsF28Lw6v/G94LPrrbMbdC3JH2co=
+github.com/klauspost/compress v1.18.1/go.mod h1:ZQFFVG+MdnR0P+l6wpXgIL4NTtwiKIdBnrBd8Nrxr+0=
+github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
+github.com/leanovate/gopter v0.2.11 h1:vRjThO1EKPb/1NsDXuDrzldR28RLkBflWYcU9CvzWu4=
+github.com/leanovate/gopter v0.2.11/go.mod h1:aK3tzZP/C+p1m3SPRE4SYZFGP7jjkuSI4f7Xvpt0S9c=
+github.com/lufia/plan9stats v0.0.0-20250827001030-24949be3fa54 h1:mFWunSatvkQQDhpdyuFAYwyAan3hzCuma+Pz8sqvOfg=
+github.com/lufia/plan9stats v0.0.0-20250827001030-24949be3fa54/go.mod h1:autxFIvghDt3jPTLoqZ9OZ7s9qTGNAWmYCjVFWPX/zg=
+github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
+github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
+github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
+github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU=
+github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g=
+github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM=
+github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
+github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+github.com/mitchellh/pointerstructure v1.2.0 h1:O+i9nHnXS3l/9Wu7r4NrEdwA2VFTicjUEN1uBnDo34A=
+github.com/mitchellh/pointerstructure v1.2.0/go.mod h1:BRAsLI5zgXmw97Lf6s25bs8ohIXc3tViBH44KcwB2g4=
+github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
+github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
+github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
+github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
+github.com/moby/sys/sequential v0.6.0 h1:qrx7XFUd/5DxtqcoH1h438hF5TmOvzC/lspjy7zgvCU=
+github.com/moby/sys/sequential v0.6.0/go.mod h1:uyv8EUTrca5PnDsdMGXhZe6CCe8U/UiTWd+lL+7b/Ko=
+github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo=
+github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs=
+github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g=
+github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28=
+github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
+github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
+github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE=
+github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
+github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/nats-io/nats.go v1.47.0 h1:YQdADw6J/UfGUd2Oy6tn4Hq6YHxCaJrVKayxxFqYrgM=
+github.com/nats-io/nats.go v1.47.0/go.mod h1:iRWIPokVIFbVijxuMQq4y9ttaBTMe0SFdlZfMDd+33g=
+github.com/nats-io/nkeys v0.4.12 h1:nssm7JKOG9/x4J8II47VWCL1Ds29avyiQDRn0ckMvDc=
+github.com/nats-io/nkeys v0.4.12/go.mod h1:MT59A1HYcjIcyQDJStTfaOY6vhy9XTUjOFo+SVsvpBg=
+github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
+github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
+github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
+github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
+github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
+github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
+github.com/pion/dtls/v2 v2.2.7 h1:cSUBsETxepsCSFSxC3mc/aDo14qQLMSL+O6IjG28yV8=
+github.com/pion/dtls/v2 v2.2.7/go.mod h1:8WiMkebSHFD0T+dIU+UeBaoV7kDhOW5oDCzZ7WZ/F9s=
+github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY=
+github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms=
+github.com/pion/stun/v2 v2.0.0 h1:A5+wXKLAypxQri59+tmQKVs7+l6mMM+3d+eER9ifRU0=
+github.com/pion/stun/v2 v2.0.0/go.mod h1:22qRSh08fSEttYUmJZGlriq9+03jtVmXNODgLccj8GQ=
+github.com/pion/transport/v2 v2.2.1 h1:7qYnCBlpgSJNYMbLCKuSY9KbQdBFoETvPNETv0y4N7c=
+github.com/pion/transport/v2 v2.2.1/go.mod h1:cXXWavvCnFF6McHTft3DWS9iic2Mftcz1Aq29pGcU5g=
+github.com/pion/transport/v3 v3.0.1 h1:gDTlPJwROfSfz6QfSi0ZmeCSkFcnWWiiR9ES0ouANiM=
+github.com/pion/transport/v3 v3.0.1/go.mod h1:UY7kiITrlMv7/IKgd5eTUcaahZx5oUN3l9SzK5f5xE0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
+github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
+github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o=
+github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg=
+github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
+github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
+github.com/prometheus/common v0.67.4 h1:yR3NqWO1/UyO1w2PhUvXlGQs/PtFmoveVO0KZ4+Lvsc=
+github.com/prometheus/common v0.67.4/go.mod h1:gP0fq6YjjNCLssJCQp0yk4M8W6ikLURwkdd/YKtTbyI=
+github.com/prometheus/procfs v0.19.2 h1:zUMhqEW66Ex7OXIiDkll3tl9a1ZdilUOd/F6ZXw4Vws=
+github.com/prometheus/procfs v0.19.2/go.mod h1:M0aotyiemPhBCM0z5w87kL22CxfcH05ZpYlu+b4J7mw=
+github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
+github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
+github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
+github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
+github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI=
+github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
+github.com/shirou/gopsutil/v3 v3.24.5 h1:i0t8kL+kQTvpAYToeuiVk3TgDeKOFioZO3Ztz/iZ9pI=
+github.com/shirou/gopsutil/v3 v3.24.5/go.mod h1:bsoOS1aStSs9ErQ1WWfxllSeS1K5D+U30r2NfcubMVk=
+github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
+github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
+github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k=
+github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+github.com/supranational/blst v0.3.16 h1:bTDadT+3fK497EvLdWRQEjiGnUtzJ7jjIUMF0jqwYhE=
+github.com/supranational/blst v0.3.16/go.mod h1:jZJtfjgudtNl4en1tzwPIV3KjUnQUvG3/j+w+fVonLw=
+github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 h1:epCh84lMvA70Z7CTTCmYQn2CKbY8j86K7/FAIr141uY=
+github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7/go.mod h1:q4W45IWZaF22tdD+VEXcAWRA037jwmWEB5VWYORlTpc=
+github.com/testcontainers/testcontainers-go v0.33.0 h1:zJS9PfXYT5O0ZFXM2xxXfk4J5UMw/kRiISng037Gxdw=
+github.com/testcontainers/testcontainers-go v0.33.0/go.mod h1:W80YpTa8D5C3Yy16icheD01UTDu+LmXIA2Keo+jWtT8=
+github.com/testcontainers/testcontainers-go/modules/mongodb v0.33.0 h1:iXVA84s5hKMS5gn01GWOYHE3ymy/2b+0YkpFeTxB2XY=
+github.com/testcontainers/testcontainers-go/modules/mongodb v0.33.0/go.mod h1:R6tMjTojRiaoo89fh/hf7tOmfzohdqSU17R9DwSVSog=
+github.com/tklauser/go-sysconf v0.3.16 h1:frioLaCQSsF5Cy1jgRBrzr6t502KIIwQ0MArYICU0nA=
+github.com/tklauser/go-sysconf v0.3.16/go.mod h1:/qNL9xxDhc7tx3HSRsLWNnuzbVfh3e7gh/BmM179nYI=
+github.com/tklauser/numcpus v0.11.0 h1:nSTwhKH5e1dMNsCdVBukSZrURJRoHbSEQjdEbY+9RXw=
+github.com/tklauser/numcpus v0.11.0/go.mod h1:z+LwcLq54uWZTX0u/bGobaV34u6V7KNlTZejzM6/3MQ=
+github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
+github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
+github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
+github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
+github.com/xdg-go/scram v1.2.0 h1:bYKF2AEwG5rqd1BumT4gAnvwU/M9nBp2pTSxeZw7Wvs=
+github.com/xdg-go/scram v1.2.0/go.mod h1:3dlrS0iBaWKYVt2ZfA4cj48umJZ+cAEbR6/SjLA88I8=
+github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8=
+github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM=
+github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
+github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
+github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 h1:ilQV1hzziu+LLM3zUTJ0trRztfwgjqKnBWNtSRkbmwM=
+github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78/go.mod h1:aL8wCCfTfSfmXjznFBSZNN13rSJjlIOI1fUNAtF7rmI=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
+github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
+go.mongodb.org/mongo-driver v1.17.6 h1:87JUG1wZfWsr6rIz3ZmpH90rL5tea7O3IHuSwHUpsss=
+go.mongodb.org/mongo-driver v1.17.6/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ=
+go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
+go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0 h1:UP6IpuHFkUgOQL9FFQFrZ+5LiwhhYRbi7VZSIx6Nj5s=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0/go.mod h1:qxuZLtbq5QDtdeSHsS7bcf6EH6uO6jUAgk764zd3rhM=
+go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8=
+go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM=
+go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA=
+go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI=
+go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E=
+go.opentelemetry.io/otel/sdk v1.38.0/go.mod h1:ghmNdGlVemJI3+ZB5iDEuk4bWA3GkTpW+DOoZMYBVVg=
+go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6qT5wthqPoM=
+go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA=
+go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE=
+go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
+go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
+go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
+go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
+go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 h1:mgKeJMpvi0yx/sU5GsxQ7p6s2wtOnGAHZWCHUM4KGzY=
+golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546/go.mod h1:j/pmGrbnkbPtQfxEe5D0VQhZC6qKbfKifgD0oM7sR70=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
+golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
+golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI=
+golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
+gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251124214823-79d6a2a48846 h1:Wgl1rcDNThT+Zn47YyCXOXyX/COgMTIdhJ717F0l4xk=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251124214823-79d6a2a48846/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
+google.golang.org/grpc v1.77.0 h1:wVVY6/8cGA6vvffn+wWK5ToddbgdU3d8MNENr4evgXM=
+google.golang.org/grpc v1.77.0/go.mod h1:z0BY1iVj0q8E1uSQCjL9cppRj+gnZjzDnzV0dHhrNig=
+google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
+google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc=
+gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

api/gateway/chain/internal/appversion/version.go

@@ -0,0 +1,27 @@
+package appversion
+
+import (
+	"github.com/tech/sendico/pkg/version"
+	vf "github.com/tech/sendico/pkg/version/factory"
+)
+
+// Build information. Populated at build-time.
+var (
+	Version   string
+	Revision  string
+	Branch    string
+	BuildUser string
+	BuildDate string
+)
+
+func Create() version.Printer {
+	info := version.Info{
+		Program:   "Sendico Chain Gateway Service",
+		Revision:  Revision,
+		Branch:    Branch,
+		BuildUser: BuildUser,
+		BuildDate: BuildDate,
+		Version:   Version,
+	}
+	return vf.Create(&info)
+}

api/gateway/chain/internal/keymanager/config.go

@@ -0,0 +1,13 @@
+package keymanager
+
+import "github.com/tech/sendico/pkg/model"
+
+// Driver identifies the key management backend implementation.
+type Driver string
+
+const (
+	DriverVault Driver = "vault"
+)
+
+// Config represents a configured key manager driver with arbitrary settings.
+type Config = model.DriverConfig[Driver]

api/gateway/chain/internal/keymanager/keymanager.go

@@ -0,0 +1,23 @@
+package keymanager
+
+import (
+	"context"
+	"math/big"
+
+	"github.com/ethereum/go-ethereum/core/types"
+)
+
+// ManagedWalletKey captures information returned after provisioning a managed wallet key.
+type ManagedWalletKey struct {
+	KeyID     string
+	Address   string
+	PublicKey string
+}
+
+// Manager defines the contract for managing managed wallet keys.
+type Manager interface {
+	// CreateManagedWalletKey provisions a new managed wallet key for the provided wallet reference and network.
+	CreateManagedWalletKey(ctx context.Context, walletRef string, network string) (*ManagedWalletKey, error)
+	// SignTransaction signs the provided transaction using the identified key material.
+	SignTransaction(ctx context.Context, keyID string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error)
+}

api/gateway/chain/internal/keymanager/vault/manager.go

@@ -0,0 +1,269 @@
+package vault
+
+import (
+	"context"
+	"crypto/ecdsa"
+	"crypto/rand"
+	"encoding/hex"
+	"math/big"
+	"os"
+	"path"
+	"strings"
+
+	"github.com/decred/dcrd/dcrec/secp256k1/v4"
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/hashicorp/vault/api"
+	"go.uber.org/zap"
+
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+)
+
+// Config describes how to connect to Vault for managed wallet keys.
+type Config struct {
+	Address   string `mapstructure:"address"`
+	TokenEnv  string `mapstructure:"token_env"`
+	Namespace string `mapstructure:"namespace"`
+	MountPath string `mapstructure:"mount_path"`
+	KeyPrefix string `mapstructure:"key_prefix"`
+}
+
+// Manager implements the keymanager.Manager contract backed by HashiCorp Vault.
+type Manager struct {
+	logger    mlogger.Logger
+	client    *api.Client
+	store     *api.KVv2
+	keyPrefix string
+}
+
+// New constructs a Vault-backed key manager.
+func New(logger mlogger.Logger, cfg Config) (*Manager, error) {
+	if logger == nil {
+		return nil, merrors.InvalidArgument("vault key manager: logger is required")
+	}
+	address := strings.TrimSpace(cfg.Address)
+	if address == "" {
+		logger.Error("vault address missing")
+		return nil, merrors.InvalidArgument("vault key manager: address is required")
+	}
+	tokenEnv := strings.TrimSpace(cfg.TokenEnv)
+	if tokenEnv == "" {
+		logger.Error("vault token env missing")
+		return nil, merrors.InvalidArgument("vault key manager: token_env is required")
+	}
+	token := strings.TrimSpace(os.Getenv(tokenEnv))
+	if token == "" {
+		logger.Error("vault token missing; expected Vault Agent to export token", zap.String("env", tokenEnv))
+		return nil, merrors.InvalidArgument("vault key manager: token env " + tokenEnv + " is not set (expected Vault Agent sink to populate it)")
+	}
+	mountPath := strings.Trim(strings.TrimSpace(cfg.MountPath), "/")
+	if mountPath == "" {
+		logger.Error("vault mount path missing")
+		return nil, merrors.InvalidArgument("vault key manager: mount_path is required")
+	}
+	keyPrefix := strings.Trim(strings.TrimSpace(cfg.KeyPrefix), "/")
+	if keyPrefix == "" {
+		keyPrefix = "chain/gateway/wallets"
+	}
+
+	clientCfg := api.DefaultConfig()
+	clientCfg.Address = address
+
+	client, err := api.NewClient(clientCfg)
+	if err != nil {
+		logger.Error("failed to create vault client", zap.Error(err))
+		return nil, merrors.Internal("vault key manager: failed to create client: " + err.Error())
+	}
+	client.SetToken(token)
+	if ns := strings.TrimSpace(cfg.Namespace); ns != "" {
+		client.SetNamespace(ns)
+	}
+
+	kv := client.KVv2(mountPath)
+
+	return &Manager{
+		logger:    logger.Named("vault"),
+		client:    client,
+		store:     kv,
+		keyPrefix: keyPrefix,
+	}, nil
+}
+
+// CreateManagedWalletKey creates a new managed wallet key and stores it in Vault.
+func (m *Manager) CreateManagedWalletKey(ctx context.Context, walletRef string, network string) (*keymanager.ManagedWalletKey, error) {
+	if strings.TrimSpace(walletRef) == "" {
+		m.logger.Warn("walletRef missing for managed key creation", zap.String("network", network))
+		return nil, merrors.InvalidArgument("vault key manager: walletRef is required")
+	}
+	if strings.TrimSpace(network) == "" {
+		m.logger.Warn("network missing for managed key creation", zap.String("wallet_ref", walletRef))
+		return nil, merrors.InvalidArgument("vault key manager: network is required")
+	}
+
+	privateKey, err := ecdsa.GenerateKey(secp256k1.S256(), rand.Reader)
+	if err != nil {
+		m.logger.Warn("failed to generate managed wallet key", zap.String("wallet_ref", walletRef), zap.String("network", network), zap.Error(err))
+		return nil, merrors.Internal("vault key manager: failed to generate key: " + err.Error())
+	}
+	privateKeyBytes := crypto.FromECDSA(privateKey)
+	publicKey := privateKey.PublicKey
+	publicKeyBytes := crypto.FromECDSAPub(&publicKey)
+	publicKeyHex := hex.EncodeToString(publicKeyBytes)
+	address := crypto.PubkeyToAddress(publicKey).Hex()
+
+	err = m.persistKey(ctx, walletRef, network, privateKeyBytes, publicKeyBytes, address)
+	if err != nil {
+		m.logger.Warn("failed to persist managed wallet key", zap.String("wallet_ref", walletRef), zap.String("network", network), zap.Error(err))
+		zeroBytes(privateKeyBytes)
+		zeroBytes(publicKeyBytes)
+		return nil, err
+	}
+	zeroBytes(privateKeyBytes)
+	zeroBytes(publicKeyBytes)
+
+	m.logger.Info("managed wallet key created",
+		zap.String("wallet_ref", walletRef),
+		zap.String("network", network),
+		zap.String("address", strings.ToLower(address)),
+	)
+
+	return &keymanager.ManagedWalletKey{
+		KeyID:     m.buildKeyID(network, walletRef),
+		Address:   strings.ToLower(address),
+		PublicKey: publicKeyHex,
+	}, nil
+}
+
+func (m *Manager) persistKey(ctx context.Context, walletRef, network string, privateKey, publicKey []byte, address string) error {
+	secretPath := m.buildKeyID(network, walletRef)
+	payload := map[string]interface{}{
+		"private_key": hex.EncodeToString(privateKey),
+		"public_key":  hex.EncodeToString(publicKey),
+		"address":     strings.ToLower(address),
+		"network":     strings.ToLower(network),
+	}
+	if _, err := m.store.Put(ctx, secretPath, payload); err != nil {
+		return merrors.Internal("vault key manager: failed to write secret at " + secretPath + ": " + err.Error())
+	}
+	return nil
+}
+
+func (m *Manager) buildKeyID(network, walletRef string) string {
+	net := strings.Trim(strings.ToLower(network), "/")
+	return path.Join(m.keyPrefix, net, walletRef)
+}
+
+// SignTransaction loads the key material from Vault and signs the transaction.
+func (m *Manager) SignTransaction(ctx context.Context, keyID string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) {
+	if strings.TrimSpace(keyID) == "" {
+		m.logger.Warn("signing failed: empty key id")
+		return nil, merrors.InvalidArgument("vault key manager: keyID is required")
+	}
+	if tx == nil {
+		m.logger.Warn("signing failed: nil transaction", zap.String("key_id", keyID))
+		return nil, merrors.InvalidArgument("vault key manager: transaction is nil")
+	}
+	if chainID == nil {
+		m.logger.Warn("signing failed: nil chain id", zap.String("key_id", keyID))
+		return nil, merrors.InvalidArgument("vault key manager: chainID is nil")
+	}
+
+	material, err := m.loadKey(ctx, keyID)
+	if err != nil {
+		m.logger.Warn("failed to load key material", zap.String("key_id", keyID), zap.Error(err))
+		return nil, err
+	}
+
+	keyBytes, err := hex.DecodeString(material.PrivateKey)
+	if err != nil {
+		m.logger.Warn("invalid key material", zap.String("key_id", keyID), zap.Error(err))
+		return nil, merrors.Internal("vault key manager: invalid key material: " + err.Error())
+	}
+	defer zeroBytes(keyBytes)
+
+	privateKey, err := crypto.ToECDSA(keyBytes)
+	if err != nil {
+		m.logger.Warn("failed to construct private key", zap.String("key_id", keyID), zap.Error(err))
+		return nil, merrors.Internal("vault key manager: failed to construct private key: " + err.Error())
+	}
+
+	signed, err := types.SignTx(tx, types.LatestSignerForChainID(chainID), privateKey)
+	if err != nil {
+		m.logger.Warn("failed to sign transaction", zap.String("key_id", keyID), zap.Error(err))
+		return nil, merrors.Internal("vault key manager: failed to sign transaction: " + err.Error())
+	}
+	m.logger.Info("transaction signed with managed key",
+		zap.String("key_id", keyID),
+		zap.String("network", material.Network),
+		zap.String("tx_hash", signed.Hash().Hex()),
+	)
+	return signed, nil
+}
+
+type keyMaterial struct {
+	PrivateKey string
+	PublicKey  string
+	Address    string
+	Network    string
+}
+
+func (m *Manager) loadKey(ctx context.Context, keyID string) (*keyMaterial, error) {
+	secretPath := strings.Trim(strings.TrimPrefix(keyID, "/"), "/")
+	secret, err := m.store.Get(ctx, secretPath)
+	if err != nil {
+		m.logger.Warn("failed to read secret", zap.String("path", secretPath), zap.Error(err))
+		return nil, merrors.Internal("vault key manager: failed to read secret at " + secretPath + ": " + err.Error())
+	}
+	if secret == nil || secret.Data == nil {
+		m.logger.Warn("secret not found", zap.String("path", secretPath))
+		return nil, merrors.NoData("vault key manager: secret " + secretPath + " not found")
+	}
+
+	getString := func(key string) (string, error) {
+		val, ok := secret.Data[key]
+		if !ok {
+			m.logger.Warn("secret missing field", zap.String("path", secretPath), zap.String("field", key))
+			return "", merrors.Internal("vault key manager: secret " + secretPath + " missing " + key)
+		}
+		str, ok := val.(string)
+		if !ok || strings.TrimSpace(str) == "" {
+			m.logger.Warn("secret field invalid", zap.String("path", secretPath), zap.String("field", key))
+			return "", merrors.Internal("vault key manager: secret " + secretPath + " invalid " + key)
+		}
+		return str, nil
+	}
+
+	privateKey, err := getString("private_key")
+	if err != nil {
+		return nil, err
+	}
+	publicKey, err := getString("public_key")
+	if err != nil {
+		return nil, err
+	}
+	address, err := getString("address")
+	if err != nil {
+		return nil, err
+	}
+	network, err := getString("network")
+	if err != nil {
+		return nil, err
+	}
+
+	return &keyMaterial{
+		PrivateKey: privateKey,
+		PublicKey:  publicKey,
+		Address:    address,
+		Network:    network,
+	}, nil
+}
+
+func zeroBytes(data []byte) {
+	for i := range data {
+		data[i] = 0
+	}
+}
+
+var _ keymanager.Manager = (*Manager)(nil)

api/gateway/chain/internal/server/internal/serverimp.go

@@ -0,0 +1,260 @@
+package serverimp
+
+import (
+	"context"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/mitchellh/mapstructure"
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	vaultmanager "github.com/tech/sendico/gateway/chain/internal/keymanager/vault"
+	gatewayservice "github.com/tech/sendico/gateway/chain/internal/service/gateway"
+	gatewayshared "github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage"
+	gatewaymongo "github.com/tech/sendico/gateway/chain/storage/mongo"
+	"github.com/tech/sendico/pkg/api/routers"
+	"github.com/tech/sendico/pkg/db"
+	"github.com/tech/sendico/pkg/merrors"
+	msg "github.com/tech/sendico/pkg/messaging"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/server/grpcapp"
+	"go.uber.org/zap"
+	"gopkg.in/yaml.v3"
+)
+
+type Imp struct {
+	logger mlogger.Logger
+	file   string
+	debug  bool
+
+	config *config
+	app    *grpcapp.App[storage.Repository]
+}
+
+type config struct {
+	*grpcapp.Config `yaml:",inline"`
+	Chains          []chainConfig       `yaml:"chains"`
+	ServiceWallet   serviceWalletConfig `yaml:"service_wallet"`
+	KeyManagement   keymanager.Config   `yaml:"key_management"`
+}
+
+type chainConfig struct {
+	Name        string        `yaml:"name"`
+	RPCURLEnv   string        `yaml:"rpc_url_env"`
+	ChainID     uint64        `yaml:"chain_id"`
+	NativeToken string        `yaml:"native_token"`
+	Tokens      []tokenConfig `yaml:"tokens"`
+}
+
+type serviceWalletConfig struct {
+	Chain         string `yaml:"chain"`
+	Address       string `yaml:"address"`
+	AddressEnv    string `yaml:"address_env"`
+	PrivateKeyEnv string `yaml:"private_key_env"`
+}
+
+type tokenConfig struct {
+	Symbol      string `yaml:"symbol"`
+	Contract    string `yaml:"contract"`
+	ContractEnv string `yaml:"contract_env"`
+}
+
+// Create initialises the chain gateway server implementation.
+func Create(logger mlogger.Logger, file string, debug bool) (*Imp, error) {
+	return &Imp{
+		logger: logger.Named("server"),
+		file:   file,
+		debug:  debug,
+	}, nil
+}
+
+func (i *Imp) Shutdown() {
+	if i.app == nil {
+		return
+	}
+
+	timeout := 15 * time.Second
+	if i.config != nil && i.config.Runtime != nil {
+		timeout = i.config.Runtime.ShutdownTimeout()
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	i.app.Shutdown(ctx)
+}
+
+func (i *Imp) Start() error {
+	cfg, err := i.loadConfig()
+	if err != nil {
+		return err
+	}
+	i.config = cfg
+
+	repoFactory := func(logger mlogger.Logger, conn *db.MongoConnection) (storage.Repository, error) {
+		return gatewaymongo.New(logger, conn)
+	}
+
+	cl := i.logger.Named("config")
+	networkConfigs := resolveNetworkConfigs(cl.Named("network"), cfg.Chains)
+	walletConfig := resolveServiceWallet(cl.Named("wallet"), cfg.ServiceWallet)
+	keyManager, err := resolveKeyManager(i.logger.Named("key_manager"), cfg.KeyManagement)
+	if err != nil {
+		return err
+	}
+
+	serviceFactory := func(logger mlogger.Logger, repo storage.Repository, producer msg.Producer) (grpcapp.Service, error) {
+		executor := gatewayservice.NewOnChainExecutor(logger, keyManager)
+		opts := []gatewayservice.Option{
+			gatewayservice.WithNetworks(networkConfigs),
+			gatewayservice.WithServiceWallet(walletConfig),
+			gatewayservice.WithKeyManager(keyManager),
+			gatewayservice.WithTransferExecutor(executor),
+		}
+		return gatewayservice.NewService(logger, repo, producer, opts...), nil
+	}
+
+	app, err := grpcapp.NewApp(i.logger, "chain_gateway", cfg.Config, i.debug, repoFactory, serviceFactory)
+	if err != nil {
+		return err
+	}
+	i.app = app
+
+	return i.app.Start()
+}
+
+func (i *Imp) loadConfig() (*config, error) {
+	data, err := os.ReadFile(i.file)
+	if err != nil {
+		i.logger.Error("could not read configuration file", zap.String("config_file", i.file), zap.Error(err))
+		return nil, err
+	}
+
+	cfg := &config{
+		Config: &grpcapp.Config{},
+	}
+	if err := yaml.Unmarshal(data, cfg); err != nil {
+		i.logger.Error("failed to parse configuration", zap.Error(err))
+		return nil, err
+	}
+
+	if cfg.Runtime == nil {
+		cfg.Runtime = &grpcapp.RuntimeConfig{ShutdownTimeoutSeconds: 15}
+	}
+
+	if cfg.GRPC == nil {
+		cfg.GRPC = &routers.GRPCConfig{
+			Network:          "tcp",
+			Address:          ":50070",
+			EnableReflection: true,
+			EnableHealth:     true,
+		}
+	}
+
+	return cfg, nil
+}
+
+func resolveNetworkConfigs(logger mlogger.Logger, chains []chainConfig) []gatewayshared.Network {
+	result := make([]gatewayshared.Network, 0, len(chains))
+	for _, chain := range chains {
+		if strings.TrimSpace(chain.Name) == "" {
+			logger.Warn("skipping unnamed chain configuration")
+			continue
+		}
+		rpcURL := strings.TrimSpace(os.Getenv(chain.RPCURLEnv))
+		if rpcURL == "" {
+			logger.Warn("chain RPC endpoint not configured", zap.String("chain", chain.Name), zap.String("env", chain.RPCURLEnv))
+		}
+		contracts := make([]gatewayshared.TokenContract, 0, len(chain.Tokens))
+		for _, token := range chain.Tokens {
+			symbol := strings.TrimSpace(token.Symbol)
+			if symbol == "" {
+				logger.Warn("skipping token with empty symbol", zap.String("chain", chain.Name))
+				continue
+			}
+			addr := strings.TrimSpace(token.Contract)
+			env := strings.TrimSpace(token.ContractEnv)
+			if addr == "" && env != "" {
+				addr = strings.TrimSpace(os.Getenv(env))
+			}
+			if addr == "" {
+				if env != "" {
+					logger.Warn("token contract not configured", zap.String("token", symbol), zap.String("env", env), zap.String("chain", chain.Name))
+				} else {
+					logger.Warn("token contract not configured", zap.String("token", symbol), zap.String("chain", chain.Name))
+				}
+				continue
+			}
+			contracts = append(contracts, gatewayshared.TokenContract{
+				Symbol:          symbol,
+				ContractAddress: addr,
+			})
+		}
+
+		result = append(result, gatewayshared.Network{
+			Name:         chain.Name,
+			RPCURL:       rpcURL,
+			ChainID:      chain.ChainID,
+			NativeToken:  chain.NativeToken,
+			TokenConfigs: contracts,
+		})
+	}
+	return result
+}
+
+func resolveServiceWallet(logger mlogger.Logger, cfg serviceWalletConfig) gatewayshared.ServiceWallet {
+	address := strings.TrimSpace(cfg.Address)
+	if address == "" && cfg.AddressEnv != "" {
+		address = strings.TrimSpace(os.Getenv(cfg.AddressEnv))
+	}
+
+	privateKey := strings.TrimSpace(os.Getenv(cfg.PrivateKeyEnv))
+
+	if address == "" {
+		if cfg.AddressEnv != "" {
+			logger.Warn("service wallet address not configured", zap.String("env", cfg.AddressEnv))
+		} else {
+			logger.Warn("service wallet address not configured", zap.String("chain", cfg.Chain))
+		}
+	}
+	if privateKey == "" {
+		logger.Warn("service wallet private key not configured", zap.String("env", cfg.PrivateKeyEnv))
+	}
+
+	return gatewayshared.ServiceWallet{
+		Network:    cfg.Chain,
+		Address:    address,
+		PrivateKey: privateKey,
+	}
+}
+
+func resolveKeyManager(logger mlogger.Logger, cfg keymanager.Config) (keymanager.Manager, error) {
+	driver := strings.ToLower(strings.TrimSpace(string(cfg.Driver)))
+	if driver == "" {
+		err := merrors.InvalidArgument("key management driver is not configured")
+		logger.Error("key management driver missing")
+		return nil, err
+	}
+
+	switch keymanager.Driver(driver) {
+	case keymanager.DriverVault:
+		settings := vaultmanager.Config{}
+		if len(cfg.Settings) > 0 {
+			if err := mapstructure.Decode(cfg.Settings, &settings); err != nil {
+				logger.Error("failed to decode vault key manager settings", zap.Error(err), zap.Any("settings", cfg.Settings))
+				return nil, merrors.InvalidArgument("invalid vault key manager settings: " + err.Error())
+			}
+		}
+		manager, err := vaultmanager.New(logger, settings)
+		if err != nil {
+			logger.Error("failed to initialise vault key manager", zap.Error(err))
+			return nil, err
+		}
+		return manager, nil
+	default:
+		err := merrors.InvalidArgument("unsupported key management driver: " + driver)
+		logger.Error("unsupported key management driver", zap.String("driver", driver))
+		return nil, err
+	}
+}

api/gateway/chain/internal/server/server.go

@@ -0,0 +1,12 @@
+package server
+
+import (
+	serverimp "github.com/tech/sendico/gateway/chain/internal/server/internal"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/server"
+)
+
+// Create constructs the chain gateway server implementation.
+func Create(logger mlogger.Logger, file string, debug bool) (server.Application, error) {
+	return serverimp.Create(logger, file, debug)
+}

api/gateway/chain/internal/service/gateway/commands/registry.go

@@ -0,0 +1,44 @@
+package commands
+
+import (
+	"context"
+
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/commands/transfer"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/commands/wallet"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+)
+
+type Unary[TReq any, TResp any] interface {
+	Execute(context.Context, *TReq) gsresponse.Responder[TResp]
+}
+
+type Registry struct {
+	CreateManagedWallet Unary[chainv1.CreateManagedWalletRequest, chainv1.CreateManagedWalletResponse]
+	GetManagedWallet    Unary[chainv1.GetManagedWalletRequest, chainv1.GetManagedWalletResponse]
+	ListManagedWallets  Unary[chainv1.ListManagedWalletsRequest, chainv1.ListManagedWalletsResponse]
+	GetWalletBalance    Unary[chainv1.GetWalletBalanceRequest, chainv1.GetWalletBalanceResponse]
+
+	SubmitTransfer   Unary[chainv1.SubmitTransferRequest, chainv1.SubmitTransferResponse]
+	GetTransfer      Unary[chainv1.GetTransferRequest, chainv1.GetTransferResponse]
+	ListTransfers    Unary[chainv1.ListTransfersRequest, chainv1.ListTransfersResponse]
+	EstimateTransfer Unary[chainv1.EstimateTransferFeeRequest, chainv1.EstimateTransferFeeResponse]
+}
+
+type RegistryDeps struct {
+	Wallet   wallet.Deps
+	Transfer transfer.Deps
+}
+
+func NewRegistry(deps RegistryDeps) Registry {
+	return Registry{
+		CreateManagedWallet: wallet.NewCreateManagedWallet(deps.Wallet.WithLogger("wallet.create")),
+		GetManagedWallet:    wallet.NewGetManagedWallet(deps.Wallet.WithLogger("wallet.get")),
+		ListManagedWallets:  wallet.NewListManagedWallets(deps.Wallet.WithLogger("wallet.list")),
+		GetWalletBalance:    wallet.NewGetWalletBalance(deps.Wallet.WithLogger("wallet.balance")),
+		SubmitTransfer:      transfer.NewSubmitTransfer(deps.Transfer.WithLogger("transfer.submit")),
+		GetTransfer:         transfer.NewGetTransfer(deps.Transfer.WithLogger("transfer.get")),
+		ListTransfers:       transfer.NewListTransfers(deps.Transfer.WithLogger("transfer.list")),
+		EstimateTransfer:    transfer.NewEstimateTransfer(deps.Transfer.WithLogger("transfer.estimate_fee")),
+	}
+}

api/gateway/chain/internal/service/gateway/commands/transfer/convert_fees.go

@@ -0,0 +1,43 @@
+package transfer
+
+import (
+	"strings"
+
+	"github.com/shopspring/decimal"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+)
+
+func convertFees(fees []*chainv1.ServiceFeeBreakdown, currency string) ([]model.ServiceFee, decimal.Decimal, error) {
+	result := make([]model.ServiceFee, 0, len(fees))
+	sum := decimal.NewFromInt(0)
+	for _, fee := range fees {
+		if fee == nil || fee.GetAmount() == nil {
+			return nil, decimal.Decimal{}, merrors.InvalidArgument("fee amount is required")
+		}
+		amtCurrency := strings.ToUpper(strings.TrimSpace(fee.GetAmount().GetCurrency()))
+		if amtCurrency != strings.ToUpper(currency) {
+			return nil, decimal.Decimal{}, merrors.InvalidArgument("fee currency mismatch")
+		}
+		amtValue := strings.TrimSpace(fee.GetAmount().GetAmount())
+		if amtValue == "" {
+			return nil, decimal.Decimal{}, merrors.InvalidArgument("fee amount is required")
+		}
+		dec, err := decimal.NewFromString(amtValue)
+		if err != nil {
+			return nil, decimal.Decimal{}, merrors.InvalidArgument("invalid fee amount")
+		}
+		if dec.IsNegative() {
+			return nil, decimal.Decimal{}, merrors.InvalidArgument("fee amount must be non-negative")
+		}
+		sum = sum.Add(dec)
+		result = append(result, model.ServiceFee{
+			FeeCode:     strings.TrimSpace(fee.GetFeeCode()),
+			Amount:      shared.CloneMoney(fee.GetAmount()),
+			Description: strings.TrimSpace(fee.GetDescription()),
+		})
+	}
+	return result, sum, nil
+}

api/gateway/chain/internal/service/gateway/commands/transfer/deps.go

@@ -0,0 +1,26 @@
+package transfer
+
+import (
+	"context"
+
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage"
+	clockpkg "github.com/tech/sendico/pkg/clock"
+	"github.com/tech/sendico/pkg/mlogger"
+)
+
+type Deps struct {
+	Logger           mlogger.Logger
+	Networks         map[string]shared.Network
+	Storage          storage.Repository
+	Clock            clockpkg.Clock
+	EnsureRepository func(context.Context) error
+	LaunchExecution  func(transferRef, sourceWalletRef string, network shared.Network)
+}
+
+func (d Deps) WithLogger(name string) Deps {
+	if d.Logger != nil {
+		d.Logger = d.Logger.Named(name)
+	}
+	return d
+}

api/gateway/chain/internal/service/gateway/commands/transfer/destination.go

@@ -0,0 +1,50 @@
+package transfer
+
+import (
+	"context"
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+func resolveDestination(ctx context.Context, deps Deps, dest *chainv1.TransferDestination, source *model.ManagedWallet) (model.TransferDestination, error) {
+	if dest == nil {
+		return model.TransferDestination{}, merrors.InvalidArgument("destination is required")
+	}
+	managedRef := strings.TrimSpace(dest.GetManagedWalletRef())
+	external := strings.TrimSpace(dest.GetExternalAddress())
+	if managedRef != "" && external != "" {
+		deps.Logger.Warn("both managed and external destination provided")
+		return model.TransferDestination{}, merrors.InvalidArgument("destination must be managed_wallet_ref or external_address")
+	}
+	if managedRef != "" {
+		wallet, err := deps.Storage.Wallets().Get(ctx, managedRef)
+		if err != nil {
+			deps.Logger.Warn("destination wallet lookup failed", zap.Error(err), zap.String("managed_wallet_ref", managedRef))
+			return model.TransferDestination{}, err
+		}
+		if !strings.EqualFold(wallet.Network, source.Network) {
+			deps.Logger.Warn("destination wallet network mismatch", zap.String("source_network", source.Network), zap.String("dest_network", wallet.Network))
+			return model.TransferDestination{}, merrors.InvalidArgument("destination wallet network mismatch")
+		}
+		if strings.TrimSpace(wallet.DepositAddress) == "" {
+			deps.Logger.Warn("destination wallet missing deposit address", zap.String("managed_wallet_ref", managedRef))
+			return model.TransferDestination{}, merrors.InvalidArgument("destination wallet missing deposit address")
+		}
+		return model.TransferDestination{
+			ManagedWalletRef: wallet.WalletRef,
+			Memo:             strings.TrimSpace(dest.GetMemo()),
+		}, nil
+	}
+	if external == "" {
+		deps.Logger.Warn("destination external address missing")
+		return model.TransferDestination{}, merrors.InvalidArgument("destination is required")
+	}
+	return model.TransferDestination{
+		ExternalAddress: strings.ToLower(external),
+		Memo:            strings.TrimSpace(dest.GetMemo()),
+	}, nil
+}

api/gateway/chain/internal/service/gateway/commands/transfer/destination_address.go

@@ -0,0 +1,26 @@
+package transfer
+
+import (
+	"context"
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+)
+
+func destinationAddress(ctx context.Context, deps Deps, dest model.TransferDestination) (string, error) {
+	if ref := strings.TrimSpace(dest.ManagedWalletRef); ref != "" {
+		wallet, err := deps.Storage.Wallets().Get(ctx, ref)
+		if err != nil {
+			return "", err
+		}
+		if strings.TrimSpace(wallet.DepositAddress) == "" {
+			return "", merrors.Internal("destination wallet missing deposit address")
+		}
+		return wallet.DepositAddress, nil
+	}
+	if addr := strings.TrimSpace(dest.ExternalAddress); addr != "" {
+		return strings.ToLower(addr), nil
+	}
+	return "", merrors.InvalidArgument("transfer destination address not resolved")
+}

api/gateway/chain/internal/service/gateway/commands/transfer/fee.go

@@ -0,0 +1,248 @@
+package transfer
+
+import (
+	"context"
+	"errors"
+	"math/big"
+	"strings"
+	"time"
+
+	"github.com/ethereum/go-ethereum"
+	"github.com/ethereum/go-ethereum/accounts/abi"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/ethclient"
+	"github.com/shopspring/decimal"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/mservice"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type estimateTransferFeeCommand struct {
+	deps Deps
+}
+
+func NewEstimateTransfer(deps Deps) *estimateTransferFeeCommand {
+	return &estimateTransferFeeCommand{deps: deps}
+}
+
+func (c *estimateTransferFeeCommand) Execute(ctx context.Context, req *chainv1.EstimateTransferFeeRequest) gsresponse.Responder[chainv1.EstimateTransferFeeResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if req == nil {
+		c.deps.Logger.Warn("nil request")
+		return gsresponse.InvalidArgument[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("request is required"))
+	}
+
+	sourceWalletRef := strings.TrimSpace(req.GetSourceWalletRef())
+	if sourceWalletRef == "" {
+		c.deps.Logger.Warn("source wallet ref missing")
+		return gsresponse.InvalidArgument[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("source_wallet_ref is required"))
+	}
+	amount := req.GetAmount()
+	if amount == nil || strings.TrimSpace(amount.GetAmount()) == "" || strings.TrimSpace(amount.GetCurrency()) == "" {
+		c.deps.Logger.Warn("amount missing or incomplete")
+		return gsresponse.InvalidArgument[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("amount is required"))
+	}
+
+	sourceWallet, err := c.deps.Storage.Wallets().Get(ctx, sourceWalletRef)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("source wallet not found", zap.String("source_wallet_ref", sourceWalletRef))
+			return gsresponse.NotFound[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("storage get wallet failed", zap.Error(err), zap.String("source_wallet_ref", sourceWalletRef))
+		return gsresponse.Auto[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	networkKey := strings.ToLower(strings.TrimSpace(sourceWallet.Network))
+	networkCfg, ok := c.deps.Networks[networkKey]
+	if !ok {
+		c.deps.Logger.Warn("unsupported chain", zap.String("network", networkKey))
+		return gsresponse.InvalidArgument[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("unsupported chain for wallet"))
+	}
+
+	dest, err := resolveDestination(ctx, c.deps, req.GetDestination(), sourceWallet)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("destination not found", zap.String("destination_wallet_ref", req.GetDestination().GetManagedWalletRef()))
+			return gsresponse.NotFound[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("invalid destination", zap.Error(err))
+		return gsresponse.InvalidArgument[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	destinationAddress, err := destinationAddress(ctx, c.deps, dest)
+	if err != nil {
+		c.deps.Logger.Warn("failed to resolve destination address", zap.Error(err))
+		return gsresponse.InvalidArgument[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	feeMoney, err := estimateNetworkFee(ctx, c.deps.Logger, networkCfg, sourceWallet, destinationAddress, amount)
+	if err != nil {
+		c.deps.Logger.Warn("fee estimation failed", zap.Error(err))
+		return gsresponse.Auto[chainv1.EstimateTransferFeeResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	resp := &chainv1.EstimateTransferFeeResponse{
+		NetworkFee:        feeMoney,
+		EstimationContext: "erc20_transfer",
+	}
+	return gsresponse.Success(resp)
+}
+
+func estimateNetworkFee(ctx context.Context, logger mlogger.Logger, network shared.Network, wallet *model.ManagedWallet, destination string, amount *moneyv1.Money) (*moneyv1.Money, error) {
+	rpcURL := strings.TrimSpace(network.RPCURL)
+	if rpcURL == "" {
+		return nil, merrors.InvalidArgument("network rpc url not configured")
+	}
+	if strings.TrimSpace(wallet.ContractAddress) == "" {
+		return nil, merrors.NotImplemented("native token transfers not supported")
+	}
+	if !common.IsHexAddress(wallet.ContractAddress) {
+		return nil, merrors.InvalidArgument("invalid token contract address")
+	}
+	if !common.IsHexAddress(wallet.DepositAddress) {
+		return nil, merrors.InvalidArgument("invalid source wallet address")
+	}
+	if !common.IsHexAddress(destination) {
+		return nil, merrors.InvalidArgument("invalid destination address")
+	}
+
+	client, err := ethclient.DialContext(ctx, rpcURL)
+	if err != nil {
+		return nil, merrors.Internal("failed to connect to rpc: " + err.Error())
+	}
+	defer client.Close()
+
+	timeoutCtx, cancel := context.WithTimeout(ctx, 15*time.Second)
+	defer cancel()
+
+	tokenABI, err := abi.JSON(strings.NewReader(erc20TransferABI))
+	if err != nil {
+		return nil, merrors.Internal("failed to parse erc20 abi: " + err.Error())
+	}
+	tokenAddr := common.HexToAddress(wallet.ContractAddress)
+	toAddr := common.HexToAddress(destination)
+	fromAddr := common.HexToAddress(wallet.DepositAddress)
+
+	decimals, err := erc20Decimals(timeoutCtx, client, tokenABI, tokenAddr)
+	if err != nil {
+		logger.Warn("failed to read token decimals", zap.Error(err))
+		return nil, err
+	}
+
+	amountBase, err := toBaseUnits(strings.TrimSpace(amount.GetAmount()), decimals)
+	if err != nil {
+		return nil, err
+	}
+
+	input, err := tokenABI.Pack("transfer", toAddr, amountBase)
+	if err != nil {
+		return nil, merrors.Internal("failed to encode transfer call: " + err.Error())
+	}
+
+	gasPrice, err := client.SuggestGasPrice(timeoutCtx)
+	if err != nil {
+		return nil, merrors.Internal("failed to suggest gas price: " + err.Error())
+	}
+
+	callMsg := ethereum.CallMsg{
+		From:     fromAddr,
+		To:       &tokenAddr,
+		GasPrice: gasPrice,
+		Data:     input,
+	}
+	gasLimit, err := client.EstimateGas(timeoutCtx, callMsg)
+	if err != nil {
+		return nil, merrors.Internal("failed to estimate gas: " + err.Error())
+	}
+
+	fee := new(big.Int).Mul(gasPrice, new(big.Int).SetUint64(gasLimit))
+	feeDec := decimal.NewFromBigInt(fee, 0)
+
+	currency := strings.ToUpper(strings.TrimSpace(network.NativeToken))
+	if currency == "" {
+		currency = strings.ToUpper(network.Name)
+	}
+
+	return &moneyv1.Money{
+		Currency: currency,
+		Amount:   feeDec.String(),
+	}, nil
+}
+
+func erc20Decimals(ctx context.Context, client *ethclient.Client, tokenABI abi.ABI, token common.Address) (uint8, error) {
+	callData, err := tokenABI.Pack("decimals")
+	if err != nil {
+		return 0, merrors.Internal("failed to encode decimals call: " + err.Error())
+	}
+	msg := ethereum.CallMsg{
+		To:   &token,
+		Data: callData,
+	}
+	output, err := client.CallContract(ctx, msg, nil)
+	if err != nil {
+		return 0, merrors.Internal("decimals call failed: " + err.Error())
+	}
+	values, err := tokenABI.Unpack("decimals", output)
+	if err != nil {
+		return 0, merrors.Internal("failed to unpack decimals: " + err.Error())
+	}
+	if len(values) == 0 {
+		return 0, merrors.Internal("decimals call returned no data")
+	}
+	decimals, ok := values[0].(uint8)
+	if !ok {
+		return 0, merrors.Internal("decimals call returned unexpected type")
+	}
+	return decimals, nil
+}
+
+func toBaseUnits(amount string, decimals uint8) (*big.Int, error) {
+	value, err := decimal.NewFromString(strings.TrimSpace(amount))
+	if err != nil {
+		return nil, merrors.InvalidArgument("invalid amount " + amount + ": " + err.Error())
+	}
+	if value.IsNegative() {
+		return nil, merrors.InvalidArgument("amount must be positive")
+	}
+	multiplier := decimal.NewFromInt(1).Shift(int32(decimals))
+	scaled := value.Mul(multiplier)
+	if !scaled.Equal(scaled.Truncate(0)) {
+		return nil, merrors.InvalidArgument("amount " + amount + " exceeds token precision")
+	}
+	return scaled.BigInt(), nil
+}
+
+const erc20TransferABI = `
+[
+	{
+		"constant": true,
+		"inputs": [],
+		"name": "decimals",
+		"outputs": [{ "name": "", "type": "uint8" }],
+		"payable": false,
+		"stateMutability": "view",
+        "type": "function"
+	},
+	{
+		"constant": false,
+		"inputs": [
+			{ "name": "_to", "type": "address" },
+			{ "name": "_value", "type": "uint256" }
+		],
+		"name": "transfer",
+		"outputs": [{ "name": "", "type": "bool" }],
+		"payable": false,
+		"stateMutability": "nonpayable",
+		"type": "function"
+	}
+]`

api/gateway/chain/internal/service/gateway/commands/transfer/get.go

@@ -0,0 +1,47 @@
+package transfer
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mservice"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type getTransferCommand struct {
+	deps Deps
+}
+
+func NewGetTransfer(deps Deps) *getTransferCommand {
+	return &getTransferCommand{deps: deps}
+}
+
+func (c *getTransferCommand) Execute(ctx context.Context, req *chainv1.GetTransferRequest) gsresponse.Responder[chainv1.GetTransferResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.GetTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if req == nil {
+		c.deps.Logger.Warn("nil request")
+		return gsresponse.InvalidArgument[chainv1.GetTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("nil request"))
+	}
+	transferRef := strings.TrimSpace(req.GetTransferRef())
+	if transferRef == "" {
+		c.deps.Logger.Warn("transfer_ref missing")
+		return gsresponse.InvalidArgument[chainv1.GetTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("transfer_ref is required"))
+	}
+	transfer, err := c.deps.Storage.Transfers().Get(ctx, transferRef)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("not found", zap.String("transfer_ref", transferRef))
+			return gsresponse.NotFound[chainv1.GetTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("storage get failed", zap.Error(err), zap.String("transfer_ref", transferRef))
+		return gsresponse.Auto[chainv1.GetTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	return gsresponse.Success(&chainv1.GetTransferResponse{Transfer: toProtoTransfer(transfer)})
+}

api/gateway/chain/internal/service/gateway/commands/transfer/list.go

@@ -0,0 +1,58 @@
+package transfer
+
+import (
+	"context"
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/mservice"
+	paginationv1 "github.com/tech/sendico/pkg/proto/common/pagination/v1"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type listTransfersCommand struct {
+	deps Deps
+}
+
+func NewListTransfers(deps Deps) *listTransfersCommand {
+	return &listTransfersCommand{deps: deps}
+}
+
+func (c *listTransfersCommand) Execute(ctx context.Context, req *chainv1.ListTransfersRequest) gsresponse.Responder[chainv1.ListTransfersResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.ListTransfersResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	filter := model.TransferFilter{}
+	if req != nil {
+		filter.SourceWalletRef = strings.TrimSpace(req.GetSourceWalletRef())
+		filter.DestinationWalletRef = strings.TrimSpace(req.GetDestinationWalletRef())
+		if status := shared.TransferStatusToModel(req.GetStatus()); status != "" {
+			filter.Status = status
+		}
+		if page := req.GetPage(); page != nil {
+			filter.Cursor = strings.TrimSpace(page.GetCursor())
+			filter.Limit = page.GetLimit()
+		}
+	}
+
+	result, err := c.deps.Storage.Transfers().List(ctx, filter)
+	if err != nil {
+		c.deps.Logger.Warn("storage list failed", zap.Error(err))
+		return gsresponse.Auto[chainv1.ListTransfersResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	protoTransfers := make([]*chainv1.Transfer, 0, len(result.Items))
+	for _, transfer := range result.Items {
+		protoTransfers = append(protoTransfers, toProtoTransfer(transfer))
+	}
+
+	resp := &chainv1.ListTransfersResponse{
+		Transfers: protoTransfers,
+		Page:      &paginationv1.CursorPageResponse{NextCursor: result.NextCursor},
+	}
+	return gsresponse.Success(resp)
+}

api/gateway/chain/internal/service/gateway/commands/transfer/proto.go

@@ -0,0 +1,53 @@
+package transfer
+
+import (
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"google.golang.org/protobuf/types/known/timestamppb"
+)
+
+func toProtoTransfer(transfer *model.Transfer) *chainv1.Transfer {
+	if transfer == nil {
+		return nil
+	}
+	destination := &chainv1.TransferDestination{}
+	if transfer.Destination.ManagedWalletRef != "" {
+		destination.Destination = &chainv1.TransferDestination_ManagedWalletRef{ManagedWalletRef: transfer.Destination.ManagedWalletRef}
+	} else if transfer.Destination.ExternalAddress != "" {
+		destination.Destination = &chainv1.TransferDestination_ExternalAddress{ExternalAddress: transfer.Destination.ExternalAddress}
+	}
+	destination.Memo = transfer.Destination.Memo
+
+	protoFees := make([]*chainv1.ServiceFeeBreakdown, 0, len(transfer.Fees))
+	for _, fee := range transfer.Fees {
+		protoFees = append(protoFees, &chainv1.ServiceFeeBreakdown{
+			FeeCode:     fee.FeeCode,
+			Amount:      shared.CloneMoney(fee.Amount),
+			Description: fee.Description,
+		})
+	}
+
+	asset := &chainv1.Asset{
+		Chain:           shared.ChainEnumFromName(transfer.Network),
+		TokenSymbol:     transfer.TokenSymbol,
+		ContractAddress: transfer.ContractAddress,
+	}
+
+	return &chainv1.Transfer{
+		TransferRef:     transfer.TransferRef,
+		IdempotencyKey:  transfer.IdempotencyKey,
+		OrganizationRef: transfer.OrganizationRef,
+		SourceWalletRef: transfer.SourceWalletRef,
+		Destination:     destination,
+		Asset:           asset,
+		RequestedAmount: shared.CloneMoney(transfer.RequestedAmount),
+		NetAmount:       shared.CloneMoney(transfer.NetAmount),
+		Fees:            protoFees,
+		Status:          shared.TransferStatusToProto(transfer.Status),
+		TransactionHash: transfer.TxHash,
+		FailureReason:   transfer.FailureReason,
+		CreatedAt:       timestamppb.New(transfer.CreatedAt.UTC()),
+		UpdatedAt:       timestamppb.New(transfer.UpdatedAt.UTC()),
+	}
+}

api/gateway/chain/internal/service/gateway/commands/transfer/submit.go

@@ -0,0 +1,148 @@
+package transfer
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	"github.com/shopspring/decimal"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mservice"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type submitTransferCommand struct {
+	deps Deps
+}
+
+func NewSubmitTransfer(deps Deps) *submitTransferCommand {
+	return &submitTransferCommand{deps: deps}
+}
+
+func (c *submitTransferCommand) Execute(ctx context.Context, req *chainv1.SubmitTransferRequest) gsresponse.Responder[chainv1.SubmitTransferResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if req == nil {
+		c.deps.Logger.Warn("nil request")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("nil request"))
+	}
+
+	idempotencyKey := strings.TrimSpace(req.GetIdempotencyKey())
+	if idempotencyKey == "" {
+		c.deps.Logger.Warn("missing idempotency key")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("idempotency_key is required"))
+	}
+	organizationRef := strings.TrimSpace(req.GetOrganizationRef())
+	if organizationRef == "" {
+		c.deps.Logger.Warn("missing organization ref")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("organization_ref is required"))
+	}
+	sourceWalletRef := strings.TrimSpace(req.GetSourceWalletRef())
+	if sourceWalletRef == "" {
+		c.deps.Logger.Warn("missing source wallet ref")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("source_wallet_ref is required"))
+	}
+	amount := req.GetAmount()
+	if amount == nil {
+		c.deps.Logger.Warn("missing amount")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("amount is required"))
+	}
+	amountCurrency := strings.ToUpper(strings.TrimSpace(amount.GetCurrency()))
+	if amountCurrency == "" {
+		c.deps.Logger.Warn("missing amount currency")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("amount.currency is required"))
+	}
+	amountValue := strings.TrimSpace(amount.GetAmount())
+	if amountValue == "" {
+		c.deps.Logger.Warn("missing amount value")
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("amount.amount is required"))
+	}
+
+	sourceWallet, err := c.deps.Storage.Wallets().Get(ctx, sourceWalletRef)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("source wallet not found", zap.String("source_wallet_ref", sourceWalletRef))
+			return gsresponse.NotFound[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("storage get wallet failed", zap.Error(err), zap.String("source_wallet_ref", sourceWalletRef))
+		return gsresponse.Auto[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if !strings.EqualFold(sourceWallet.OrganizationRef, organizationRef) {
+		c.deps.Logger.Warn("organization mismatch", zap.String("wallet_org", sourceWallet.OrganizationRef), zap.String("req_org", organizationRef))
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("organization_ref mismatch with wallet"))
+	}
+	networkKey := strings.ToLower(strings.TrimSpace(sourceWallet.Network))
+	networkCfg, ok := c.deps.Networks[networkKey]
+	if !ok {
+		c.deps.Logger.Warn("unsupported chain", zap.String("network", networkKey))
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("unsupported chain for wallet"))
+	}
+
+	destination, err := resolveDestination(ctx, c.deps, req.GetDestination(), sourceWallet)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("destination not found", zap.String("destination_wallet_ref", req.GetDestination().GetManagedWalletRef()))
+			return gsresponse.NotFound[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("invalid destination", zap.Error(err))
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	fees, feeSum, err := convertFees(req.GetFees(), amountCurrency)
+	if err != nil {
+		c.deps.Logger.Warn("fee conversion failed", zap.Error(err))
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	amountDec, err := decimal.NewFromString(amountValue)
+	if err != nil {
+		c.deps.Logger.Warn("invalid amount", zap.Error(err))
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("invalid amount"))
+	}
+	netDec := amountDec.Sub(feeSum)
+	if netDec.IsNegative() {
+		c.deps.Logger.Warn("fees exceed amount", zap.String("amount", amountValue), zap.String("fee_sum", feeSum.String()))
+		return gsresponse.InvalidArgument[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("fees exceed amount"))
+	}
+
+	netAmount := shared.CloneMoney(amount)
+	netAmount.Amount = netDec.String()
+
+	transfer := &model.Transfer{
+		IdempotencyKey:  idempotencyKey,
+		TransferRef:     shared.GenerateTransferRef(),
+		OrganizationRef: organizationRef,
+		SourceWalletRef: sourceWalletRef,
+		Destination:     destination,
+		Network:         sourceWallet.Network,
+		TokenSymbol:     sourceWallet.TokenSymbol,
+		ContractAddress: sourceWallet.ContractAddress,
+		RequestedAmount: shared.CloneMoney(amount),
+		NetAmount:       netAmount,
+		Fees:            fees,
+		Status:          model.TransferStatusPending,
+		ClientReference: strings.TrimSpace(req.GetClientReference()),
+		LastStatusAt:    c.deps.Clock.Now().UTC(),
+	}
+
+	saved, err := c.deps.Storage.Transfers().Create(ctx, transfer)
+	if err != nil {
+		if errors.Is(err, merrors.ErrDataConflict) {
+			c.deps.Logger.Debug("transfer already exists", zap.String("transfer_ref", transfer.TransferRef), zap.String("idempotency_key", idempotencyKey))
+			return gsresponse.Success(&chainv1.SubmitTransferResponse{Transfer: toProtoTransfer(saved)})
+		}
+		c.deps.Logger.Warn("storage create failed", zap.Error(err), zap.String("transfer_ref", transfer.TransferRef))
+		return gsresponse.Auto[chainv1.SubmitTransferResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	if c.deps.LaunchExecution != nil {
+		c.deps.LaunchExecution(saved.TransferRef, sourceWalletRef, networkCfg)
+	}
+
+	return gsresponse.Success(&chainv1.SubmitTransferResponse{Transfer: toProtoTransfer(saved)})
+}

api/gateway/chain/internal/service/gateway/commands/wallet/balance.go

@@ -0,0 +1,77 @@
+package wallet
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mservice"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+	"google.golang.org/protobuf/types/known/timestamppb"
+)
+
+type getWalletBalanceCommand struct {
+	deps Deps
+}
+
+func NewGetWalletBalance(deps Deps) *getWalletBalanceCommand {
+	return &getWalletBalanceCommand{deps: deps}
+}
+
+func (c *getWalletBalanceCommand) Execute(ctx context.Context, req *chainv1.GetWalletBalanceRequest) gsresponse.Responder[chainv1.GetWalletBalanceResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if req == nil {
+		c.deps.Logger.Warn("nil request")
+		return gsresponse.InvalidArgument[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("nil request"))
+	}
+	walletRef := strings.TrimSpace(req.GetWalletRef())
+	if walletRef == "" {
+		c.deps.Logger.Warn("wallet_ref missing")
+		return gsresponse.InvalidArgument[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("wallet_ref is required"))
+	}
+	wallet, err := c.deps.Storage.Wallets().Get(ctx, walletRef)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("not found", zap.String("wallet_ref", walletRef))
+			return gsresponse.NotFound[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("storage get failed", zap.Error(err), zap.String("wallet_ref", walletRef))
+		return gsresponse.Auto[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	balance, chainErr := onChainWalletBalance(ctx, c.deps, wallet)
+	if chainErr != nil {
+		c.deps.Logger.Warn("on-chain balance fetch failed, falling back to stored balance", zap.Error(chainErr), zap.String("wallet_ref", walletRef))
+		stored, err := c.deps.Storage.Wallets().GetBalance(ctx, walletRef)
+		if err != nil {
+			if errors.Is(err, merrors.ErrNoData) {
+				c.deps.Logger.Warn("stored balance not found", zap.String("wallet_ref", walletRef))
+				return gsresponse.NotFound[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, err)
+			}
+			return gsresponse.Auto[chainv1.GetWalletBalanceResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		return gsresponse.Success(&chainv1.GetWalletBalanceResponse{Balance: toProtoWalletBalance(stored)})
+	}
+
+	return gsresponse.Success(&chainv1.GetWalletBalanceResponse{Balance: onChainBalanceToProto(balance)})
+}
+
+func onChainBalanceToProto(balance *moneyv1.Money) *chainv1.WalletBalance {
+	if balance == nil {
+		return nil
+	}
+	zero := &moneyv1.Money{Currency: balance.Currency, Amount: "0"}
+	return &chainv1.WalletBalance{
+		Available:       balance,
+		PendingInbound:  zero,
+		PendingOutbound: zero,
+		CalculatedAt:    timestamppb.Now(),
+	}
+}

api/gateway/chain/internal/service/gateway/commands/wallet/create.go

@@ -0,0 +1,123 @@
+package wallet
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mservice"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type createManagedWalletCommand struct {
+	deps Deps
+}
+
+func NewCreateManagedWallet(deps Deps) *createManagedWalletCommand {
+	return &createManagedWalletCommand{deps: deps}
+}
+
+func (c *createManagedWalletCommand) Execute(ctx context.Context, req *chainv1.CreateManagedWalletRequest) gsresponse.Responder[chainv1.CreateManagedWalletResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if req == nil {
+		c.deps.Logger.Warn("nil request")
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("nil request"))
+	}
+
+	idempotencyKey := strings.TrimSpace(req.GetIdempotencyKey())
+	if idempotencyKey == "" {
+		c.deps.Logger.Warn("missing idempotency key")
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("idempotency_key is required"))
+	}
+	organizationRef := strings.TrimSpace(req.GetOrganizationRef())
+	if organizationRef == "" {
+		c.deps.Logger.Warn("missing organization ref")
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("organization_ref is required"))
+	}
+	ownerRef := strings.TrimSpace(req.GetOwnerRef())
+	if ownerRef == "" {
+		c.deps.Logger.Warn("missing owner ref")
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("owner_ref is required"))
+	}
+
+	asset := req.GetAsset()
+	if asset == nil {
+		c.deps.Logger.Warn("missing asset")
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("asset is required"))
+	}
+
+	chainKey, _ := shared.ChainKeyFromEnum(asset.GetChain())
+	if chainKey == "" {
+		c.deps.Logger.Warn("unsupported chain", zap.Any("chain", asset.GetChain()))
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("unsupported chain"))
+	}
+	networkCfg, ok := c.deps.Networks[chainKey]
+	if !ok {
+		c.deps.Logger.Warn("unsupported chain in config", zap.String("chain", chainKey))
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("unsupported chain"))
+	}
+
+	tokenSymbol := strings.ToUpper(strings.TrimSpace(asset.GetTokenSymbol()))
+	if tokenSymbol == "" {
+		c.deps.Logger.Warn("missing token symbol")
+		return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("asset.token_symbol is required"))
+	}
+	contractAddress := strings.ToLower(strings.TrimSpace(asset.GetContractAddress()))
+	if contractAddress == "" {
+		contractAddress = shared.ResolveContractAddress(networkCfg.TokenConfigs, tokenSymbol)
+		if contractAddress == "" {
+			c.deps.Logger.Warn("unsupported token", zap.String("token", tokenSymbol), zap.String("chain", chainKey))
+			return gsresponse.InvalidArgument[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("unsupported token for chain"))
+		}
+	}
+
+	walletRef := shared.GenerateWalletRef()
+	if c.deps.KeyManager == nil {
+		c.deps.Logger.Warn("key manager missing")
+		return gsresponse.Internal[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.Internal("key manager not configured"))
+	}
+
+	keyInfo, err := c.deps.KeyManager.CreateManagedWalletKey(ctx, walletRef, chainKey)
+	if err != nil {
+		c.deps.Logger.Warn("key manager error", zap.Error(err))
+		return gsresponse.Auto[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if keyInfo == nil || strings.TrimSpace(keyInfo.Address) == "" {
+		c.deps.Logger.Warn("key manager returned empty address")
+		return gsresponse.Internal[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.Internal("key manager returned empty address"))
+	}
+
+	wallet := &model.ManagedWallet{
+		IdempotencyKey:  idempotencyKey,
+		WalletRef:       walletRef,
+		OrganizationRef: organizationRef,
+		OwnerRef:        ownerRef,
+		Network:         chainKey,
+		TokenSymbol:     tokenSymbol,
+		ContractAddress: contractAddress,
+		DepositAddress:  strings.ToLower(keyInfo.Address),
+		KeyReference:    keyInfo.KeyID,
+		Status:          model.ManagedWalletStatusActive,
+		Metadata:        shared.CloneMetadata(req.GetMetadata()),
+	}
+
+	created, err := c.deps.Storage.Wallets().Create(ctx, wallet)
+	if err != nil {
+		if errors.Is(err, merrors.ErrDataConflict) {
+			c.deps.Logger.Debug("wallet already exists", zap.String("wallet_ref", walletRef), zap.String("idempotency_key", idempotencyKey))
+			return gsresponse.Success(&chainv1.CreateManagedWalletResponse{Wallet: toProtoManagedWallet(created)})
+		}
+		c.deps.Logger.Warn("storage create failed", zap.Error(err), zap.String("wallet_ref", walletRef))
+		return gsresponse.Auto[chainv1.CreateManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	return gsresponse.Success(&chainv1.CreateManagedWalletResponse{Wallet: toProtoManagedWallet(created)})
+}

api/gateway/chain/internal/service/gateway/commands/wallet/deps.go

@@ -0,0 +1,25 @@
+package wallet
+
+import (
+	"context"
+
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/pkg/mlogger"
+)
+
+type Deps struct {
+	Logger           mlogger.Logger
+	Networks         map[string]shared.Network
+	KeyManager       keymanager.Manager
+	Storage          storage.Repository
+	EnsureRepository func(context.Context) error
+}
+
+func (d Deps) WithLogger(name string) Deps {
+	if d.Logger != nil {
+		d.Logger = d.Logger.Named(name)
+	}
+	return d
+}

api/gateway/chain/internal/service/gateway/commands/wallet/get.go

@@ -0,0 +1,47 @@
+package wallet
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mservice"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type getManagedWalletCommand struct {
+	deps Deps
+}
+
+func NewGetManagedWallet(deps Deps) *getManagedWalletCommand {
+	return &getManagedWalletCommand{deps: deps}
+}
+
+func (c *getManagedWalletCommand) Execute(ctx context.Context, req *chainv1.GetManagedWalletRequest) gsresponse.Responder[chainv1.GetManagedWalletResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.GetManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	if req == nil {
+		c.deps.Logger.Warn("nil request")
+		return gsresponse.InvalidArgument[chainv1.GetManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("nil request"))
+	}
+	walletRef := strings.TrimSpace(req.GetWalletRef())
+	if walletRef == "" {
+		c.deps.Logger.Warn("wallet_ref missing")
+		return gsresponse.InvalidArgument[chainv1.GetManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, merrors.InvalidArgument("wallet_ref is required"))
+	}
+	wallet, err := c.deps.Storage.Wallets().Get(ctx, walletRef)
+	if err != nil {
+		if errors.Is(err, merrors.ErrNoData) {
+			c.deps.Logger.Warn("not found", zap.String("wallet_ref", walletRef))
+			return gsresponse.NotFound[chainv1.GetManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, err)
+		}
+		c.deps.Logger.Warn("storage get failed", zap.Error(err), zap.String("wallet_ref", walletRef))
+		return gsresponse.Auto[chainv1.GetManagedWalletResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	return gsresponse.Success(&chainv1.GetManagedWalletResponse{Wallet: toProtoManagedWallet(wallet)})
+}

api/gateway/chain/internal/service/gateway/commands/wallet/list.go

@@ -0,0 +1,59 @@
+package wallet
+
+import (
+	"context"
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	"github.com/tech/sendico/pkg/mservice"
+	paginationv1 "github.com/tech/sendico/pkg/proto/common/pagination/v1"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.uber.org/zap"
+)
+
+type listManagedWalletsCommand struct {
+	deps Deps
+}
+
+func NewListManagedWallets(deps Deps) *listManagedWalletsCommand {
+	return &listManagedWalletsCommand{deps: deps}
+}
+
+func (c *listManagedWalletsCommand) Execute(ctx context.Context, req *chainv1.ListManagedWalletsRequest) gsresponse.Responder[chainv1.ListManagedWalletsResponse] {
+	if err := c.deps.EnsureRepository(ctx); err != nil {
+		c.deps.Logger.Warn("repository unavailable", zap.Error(err))
+		return gsresponse.Unavailable[chainv1.ListManagedWalletsResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+	filter := model.ManagedWalletFilter{}
+	if req != nil {
+		filter.OrganizationRef = strings.TrimSpace(req.GetOrganizationRef())
+		filter.OwnerRef = strings.TrimSpace(req.GetOwnerRef())
+		if asset := req.GetAsset(); asset != nil {
+			filter.Network, _ = shared.ChainKeyFromEnum(asset.GetChain())
+			filter.TokenSymbol = strings.TrimSpace(asset.GetTokenSymbol())
+		}
+		if page := req.GetPage(); page != nil {
+			filter.Cursor = strings.TrimSpace(page.GetCursor())
+			filter.Limit = page.GetLimit()
+		}
+	}
+
+	result, err := c.deps.Storage.Wallets().List(ctx, filter)
+	if err != nil {
+		c.deps.Logger.Warn("storage list failed", zap.Error(err))
+		return gsresponse.Auto[chainv1.ListManagedWalletsResponse](c.deps.Logger, mservice.ChainGateway, err)
+	}
+
+	protoWallets := make([]*chainv1.ManagedWallet, 0, len(result.Items))
+	for _, wallet := range result.Items {
+		protoWallets = append(protoWallets, toProtoManagedWallet(wallet))
+	}
+
+	resp := &chainv1.ListManagedWalletsResponse{
+		Wallets: protoWallets,
+		Page:    &paginationv1.CursorPageResponse{NextCursor: result.NextCursor},
+	}
+	return gsresponse.Success(resp)
+}

api/gateway/chain/internal/service/gateway/commands/wallet/onchain_balance.go

@@ -0,0 +1,124 @@
+package wallet
+
+import (
+	"context"
+	"math/big"
+	"strings"
+	"time"
+
+	"github.com/ethereum/go-ethereum"
+	"github.com/ethereum/go-ethereum/accounts/abi"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/ethclient"
+	"github.com/shopspring/decimal"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+)
+
+func onChainWalletBalance(ctx context.Context, deps Deps, wallet *model.ManagedWallet) (*moneyv1.Money, error) {
+	network := deps.Networks[strings.ToLower(strings.TrimSpace(wallet.Network))]
+	rpcURL := strings.TrimSpace(network.RPCURL)
+	if rpcURL == "" {
+		return nil, merrors.Internal("network rpc url is not configured")
+	}
+	contract := strings.TrimSpace(wallet.ContractAddress)
+	if contract == "" || !common.IsHexAddress(contract) {
+		return nil, merrors.InvalidArgument("invalid contract address")
+	}
+	if wallet.DepositAddress == "" || !common.IsHexAddress(wallet.DepositAddress) {
+		return nil, merrors.InvalidArgument("invalid wallet address")
+	}
+
+	client, err := ethclient.DialContext(ctx, rpcURL)
+	if err != nil {
+		return nil, merrors.Internal("failed to connect rpc: " + err.Error())
+	}
+	defer client.Close()
+
+	timeoutCtx, cancel := context.WithTimeout(ctx, 10*time.Second)
+	defer cancel()
+
+	tokenABI, err := abi.JSON(strings.NewReader(erc20ABIJSON))
+	if err != nil {
+		return nil, merrors.Internal("failed to parse erc20 abi: " + err.Error())
+	}
+	tokenAddr := common.HexToAddress(contract)
+	walletAddr := common.HexToAddress(wallet.DepositAddress)
+
+	decimals, err := readDecimals(timeoutCtx, client, tokenABI, tokenAddr)
+	if err != nil {
+		return nil, err
+	}
+
+	bal, err := readBalanceOf(timeoutCtx, client, tokenABI, tokenAddr, walletAddr)
+	if err != nil {
+		return nil, err
+	}
+
+	dec := decimal.NewFromBigInt(bal, 0).Shift(-int32(decimals))
+	return &moneyv1.Money{Currency: wallet.TokenSymbol, Amount: dec.String()}, nil
+}
+
+func readDecimals(ctx context.Context, client *ethclient.Client, tokenABI abi.ABI, token common.Address) (uint8, error) {
+	data, err := tokenABI.Pack("decimals")
+	if err != nil {
+		return 0, merrors.Internal("failed to encode decimals call: " + err.Error())
+	}
+	msg := ethereum.CallMsg{To: &token, Data: data}
+	out, err := client.CallContract(ctx, msg, nil)
+	if err != nil {
+		return 0, merrors.Internal("decimals call failed: " + err.Error())
+	}
+	values, err := tokenABI.Unpack("decimals", out)
+	if err != nil || len(values) == 0 {
+		return 0, merrors.Internal("failed to unpack decimals")
+	}
+	if val, ok := values[0].(uint8); ok {
+		return val, nil
+	}
+	return 0, merrors.Internal("decimals returned unexpected type")
+}
+
+func readBalanceOf(ctx context.Context, client *ethclient.Client, tokenABI abi.ABI, token common.Address, wallet common.Address) (*big.Int, error) {
+	data, err := tokenABI.Pack("balanceOf", wallet)
+	if err != nil {
+		return nil, merrors.Internal("failed to encode balanceOf: " + err.Error())
+	}
+	msg := ethereum.CallMsg{To: &token, Data: data}
+	out, err := client.CallContract(ctx, msg, nil)
+	if err != nil {
+		return nil, merrors.Internal("balanceOf call failed: " + err.Error())
+	}
+	values, err := tokenABI.Unpack("balanceOf", out)
+	if err != nil || len(values) == 0 {
+		return nil, merrors.Internal("failed to unpack balanceOf")
+	}
+	raw, ok := values[0].(*big.Int)
+	if !ok {
+		return nil, merrors.Internal("balanceOf returned unexpected type")
+	}
+	return decimal.NewFromBigInt(raw, 0).BigInt(), nil
+}
+
+const erc20ABIJSON = `
+[
+	{
+		"constant": true,
+		"inputs": [],
+		"name": "decimals",
+		"outputs": [{ "name": "", "type": "uint8" }],
+		"payable": false,
+		"stateMutability": "view",
+        "type": "function"
+	},
+	{
+		"constant": true,
+		"inputs": [{ "name": "_owner", "type": "address" }],
+		"name": "balanceOf",
+		"outputs": [{ "name": "balance", "type": "uint256" }],
+		"payable": false,
+		"stateMutability": "view",
+		"type": "function"
+	}
+]`

api/gateway/chain/internal/service/gateway/commands/wallet/proto.go

@@ -0,0 +1,42 @@
+package wallet
+
+import (
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"google.golang.org/protobuf/types/known/timestamppb"
+)
+
+func toProtoManagedWallet(wallet *model.ManagedWallet) *chainv1.ManagedWallet {
+	if wallet == nil {
+		return nil
+	}
+	asset := &chainv1.Asset{
+		Chain:           shared.ChainEnumFromName(wallet.Network),
+		TokenSymbol:     wallet.TokenSymbol,
+		ContractAddress: wallet.ContractAddress,
+	}
+	return &chainv1.ManagedWallet{
+		WalletRef:       wallet.WalletRef,
+		OrganizationRef: wallet.OrganizationRef,
+		OwnerRef:        wallet.OwnerRef,
+		Asset:           asset,
+		DepositAddress:  wallet.DepositAddress,
+		Status:          shared.ManagedWalletStatusToProto(wallet.Status),
+		Metadata:        shared.CloneMetadata(wallet.Metadata),
+		CreatedAt:       timestamppb.New(wallet.CreatedAt.UTC()),
+		UpdatedAt:       timestamppb.New(wallet.UpdatedAt.UTC()),
+	}
+}
+
+func toProtoWalletBalance(balance *model.WalletBalance) *chainv1.WalletBalance {
+	if balance == nil {
+		return nil
+	}
+	return &chainv1.WalletBalance{
+		Available:       shared.CloneMoney(balance.Available),
+		PendingInbound:  shared.CloneMoney(balance.PendingInbound),
+		PendingOutbound: shared.CloneMoney(balance.PendingOutbound),
+		CalculatedAt:    timestamppb.New(balance.CalculatedAt.UTC()),
+	}
+}

api/gateway/chain/internal/service/gateway/executor.go

@@ -0,0 +1,386 @@
+package gateway
+
+import (
+	"context"
+	"errors"
+	"math/big"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/ethereum/go-ethereum"
+	"github.com/ethereum/go-ethereum/accounts/abi"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/ethereum/go-ethereum/ethclient"
+	"github.com/shopspring/decimal"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"go.uber.org/zap"
+
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+)
+
+// TransferExecutor handles on-chain submission of transfers.
+type TransferExecutor interface {
+	SubmitTransfer(ctx context.Context, transfer *model.Transfer, source *model.ManagedWallet, destinationAddress string, network shared.Network) (string, error)
+	AwaitConfirmation(ctx context.Context, network shared.Network, txHash string) (*types.Receipt, error)
+}
+
+// NewOnChainExecutor constructs a TransferExecutor that talks to an EVM-compatible chain.
+func NewOnChainExecutor(logger mlogger.Logger, keyManager keymanager.Manager) TransferExecutor {
+	return &onChainExecutor{
+		logger:     logger.Named("executor"),
+		keyManager: keyManager,
+		clients:    map[string]*ethclient.Client{},
+	}
+}
+
+type onChainExecutor struct {
+	logger     mlogger.Logger
+	keyManager keymanager.Manager
+
+	mu      sync.Mutex
+	clients map[string]*ethclient.Client
+}
+
+func (o *onChainExecutor) SubmitTransfer(ctx context.Context, transfer *model.Transfer, source *model.ManagedWallet, destinationAddress string, network shared.Network) (string, error) {
+	if o.keyManager == nil {
+		o.logger.Error("key manager not configured")
+		return "", executorInternal("key manager is not configured", nil)
+	}
+	rpcURL := strings.TrimSpace(network.RPCURL)
+	if rpcURL == "" {
+		o.logger.Error("network rpc url missing", zap.String("network", network.Name))
+		return "", executorInvalid("network rpc url is not configured")
+	}
+	if source == nil || transfer == nil {
+		o.logger.Error("transfer context missing")
+		return "", executorInvalid("transfer context missing")
+	}
+	if strings.TrimSpace(source.KeyReference) == "" {
+		o.logger.Error("source wallet missing key reference", zap.String("wallet_ref", source.WalletRef))
+		return "", executorInvalid("source wallet missing key reference")
+	}
+	if strings.TrimSpace(source.DepositAddress) == "" {
+		o.logger.Error("source wallet missing deposit address", zap.String("wallet_ref", source.WalletRef))
+		return "", executorInvalid("source wallet missing deposit address")
+	}
+	if !common.IsHexAddress(destinationAddress) {
+		o.logger.Error("invalid destination address", zap.String("transfer_ref", transfer.TransferRef), zap.String("address", destinationAddress))
+		return "", executorInvalid("invalid destination address " + destinationAddress)
+	}
+
+	o.logger.Info("submitting transfer",
+		zap.String("transfer_ref", transfer.TransferRef),
+		zap.String("source_wallet_ref", source.WalletRef),
+		zap.String("network", network.Name),
+		zap.String("destination", strings.ToLower(destinationAddress)),
+	)
+
+	client, err := o.getClient(ctx, rpcURL)
+	if err != nil {
+		o.logger.Warn("failed to initialise rpc client",
+			zap.String("network", network.Name),
+			zap.String("rpc_url", rpcURL),
+			zap.Error(err),
+		)
+		return "", err
+	}
+
+	sourceAddress := common.HexToAddress(source.DepositAddress)
+	destination := common.HexToAddress(destinationAddress)
+
+	ctx, cancel := context.WithTimeout(ctx, 60*time.Second)
+	defer cancel()
+
+	nonce, err := client.PendingNonceAt(ctx, sourceAddress)
+	if err != nil {
+		o.logger.Warn("failed to fetch nonce",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.String("wallet_ref", source.WalletRef),
+			zap.Error(err),
+		)
+		return "", executorInternal("failed to fetch nonce", err)
+	}
+
+	gasPrice, err := client.SuggestGasPrice(ctx)
+	if err != nil {
+		o.logger.Warn("failed to suggest gas price",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.String("network", network.Name),
+			zap.Error(err),
+		)
+		return "", executorInternal("failed to suggest gas price", err)
+	}
+
+	var tx *types.Transaction
+	var txHash string
+
+	chainID := new(big.Int).SetUint64(network.ChainID)
+
+	if strings.TrimSpace(transfer.ContractAddress) == "" {
+		o.logger.Warn("native token transfer requested but not supported", zap.String("transfer_ref", transfer.TransferRef))
+		return "", merrors.NotImplemented("executor: native token transfers not yet supported")
+	}
+
+	if !common.IsHexAddress(transfer.ContractAddress) {
+		o.logger.Warn("invalid token contract address",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.String("contract", transfer.ContractAddress),
+		)
+		return "", executorInvalid("invalid token contract address " + transfer.ContractAddress)
+	}
+	tokenAddress := common.HexToAddress(transfer.ContractAddress)
+
+	decimals, err := erc20Decimals(ctx, client, tokenAddress)
+	if err != nil {
+		o.logger.Warn("failed to read token decimals",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.String("contract", transfer.ContractAddress),
+			zap.Error(err),
+		)
+		return "", err
+	}
+
+	amount := transfer.NetAmount
+	if amount == nil || strings.TrimSpace(amount.Amount) == "" {
+		o.logger.Warn("transfer missing net amount", zap.String("transfer_ref", transfer.TransferRef))
+		return "", executorInvalid("transfer missing net amount")
+	}
+	amountInt, err := toBaseUnits(amount.Amount, decimals)
+	if err != nil {
+		o.logger.Warn("failed to convert amount to base units",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.String("amount", amount.Amount),
+			zap.Error(err),
+		)
+		return "", err
+	}
+
+	input, err := erc20ABI.Pack("transfer", destination, amountInt)
+	if err != nil {
+		o.logger.Warn("failed to encode transfer call",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.Error(err),
+		)
+		return "", executorInternal("failed to encode transfer call", err)
+	}
+
+	callMsg := ethereum.CallMsg{
+		From:     sourceAddress,
+		To:       &tokenAddress,
+		GasPrice: gasPrice,
+		Data:     input,
+	}
+	gasLimit, err := client.EstimateGas(ctx, callMsg)
+	if err != nil {
+		o.logger.Warn("failed to estimate gas",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.Error(err),
+		)
+		return "", executorInternal("failed to estimate gas", err)
+	}
+
+	tx = types.NewTransaction(nonce, tokenAddress, big.NewInt(0), gasLimit, gasPrice, input)
+
+	signedTx, err := o.keyManager.SignTransaction(ctx, source.KeyReference, tx, chainID)
+	if err != nil {
+		o.logger.Warn("failed to sign transaction",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.String("wallet_ref", source.WalletRef),
+			zap.Error(err),
+		)
+		return "", err
+	}
+
+	if err := client.SendTransaction(ctx, signedTx); err != nil {
+		o.logger.Warn("failed to send transaction",
+			zap.String("transfer_ref", transfer.TransferRef),
+			zap.Error(err),
+		)
+		return "", executorInternal("failed to send transaction", err)
+	}
+
+	txHash = signedTx.Hash().Hex()
+	o.logger.Info("transaction submitted",
+		zap.String("transfer_ref", transfer.TransferRef),
+		zap.String("tx_hash", txHash),
+		zap.String("network", network.Name),
+	)
+
+	return txHash, nil
+}
+
+func (o *onChainExecutor) getClient(ctx context.Context, rpcURL string) (*ethclient.Client, error) {
+	o.mu.Lock()
+	client, ok := o.clients[rpcURL]
+	o.mu.Unlock()
+	if ok {
+		return client, nil
+	}
+
+	c, err := ethclient.DialContext(ctx, rpcURL)
+	if err != nil {
+		return nil, executorInternal("failed to connect to rpc "+rpcURL, err)
+	}
+
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	if existing, ok := o.clients[rpcURL]; ok {
+		// Another routine initialised it in the meantime; prefer the existing client and close the new one.
+		c.Close()
+		return existing, nil
+	}
+	o.clients[rpcURL] = c
+	return c, nil
+}
+
+func (o *onChainExecutor) AwaitConfirmation(ctx context.Context, network shared.Network, txHash string) (*types.Receipt, error) {
+	if strings.TrimSpace(txHash) == "" {
+		o.logger.Warn("missing transaction hash for confirmation", zap.String("network", network.Name))
+		return nil, executorInvalid("tx hash is required")
+	}
+	rpcURL := strings.TrimSpace(network.RPCURL)
+	if rpcURL == "" {
+		o.logger.Warn("network rpc url missing while awaiting confirmation", zap.String("tx_hash", txHash))
+		return nil, executorInvalid("network rpc url is not configured")
+	}
+
+	client, err := o.getClient(ctx, rpcURL)
+	if err != nil {
+		return nil, err
+	}
+
+	hash := common.HexToHash(txHash)
+	ticker := time.NewTicker(3 * time.Second)
+	defer ticker.Stop()
+
+	for {
+		receipt, err := client.TransactionReceipt(ctx, hash)
+		if err != nil {
+			if errors.Is(err, ethereum.NotFound) {
+				select {
+				case <-ticker.C:
+					o.logger.Debug("transaction not yet mined",
+						zap.String("tx_hash", txHash),
+						zap.String("network", network.Name),
+					)
+					continue
+				case <-ctx.Done():
+					o.logger.Warn("context cancelled while awaiting confirmation",
+						zap.String("tx_hash", txHash),
+						zap.String("network", network.Name),
+					)
+					return nil, ctx.Err()
+				}
+			}
+			o.logger.Warn("failed to fetch transaction receipt",
+				zap.String("tx_hash", txHash),
+				zap.String("network", network.Name),
+				zap.Error(err),
+			)
+			return nil, executorInternal("failed to fetch transaction receipt", err)
+		}
+		o.logger.Info("transaction confirmed",
+			zap.String("tx_hash", txHash),
+			zap.String("network", network.Name),
+			zap.Uint64("block_number", receipt.BlockNumber.Uint64()),
+			zap.Uint64("status", receipt.Status),
+		)
+		return receipt, nil
+	}
+}
+
+var (
+	erc20ABI abi.ABI
+)
+
+func init() {
+	var err error
+	erc20ABI, err = abi.JSON(strings.NewReader(erc20ABIJSON))
+	if err != nil {
+		panic("executor: failed to parse erc20 abi: " + err.Error())
+	}
+}
+
+const erc20ABIJSON = `
+[
+	{
+		"constant": false,
+		"inputs": [
+			{ "name": "_to", "type": "address" },
+			{ "name": "_value", "type": "uint256" }
+		],
+		"name": "transfer",
+		"outputs": [{ "name": "", "type": "bool" }],
+		"payable": false,
+		"stateMutability": "nonpayable",
+		"type": "function"
+	},
+	{
+		"constant": true,
+		"inputs": [],
+		"name": "decimals",
+		"outputs": [{ "name": "", "type": "uint8" }],
+		"payable": false,
+		"stateMutability": "view",
+        "type": "function"
+	}
+]`
+
+func erc20Decimals(ctx context.Context, client *ethclient.Client, token common.Address) (uint8, error) {
+	callData, err := erc20ABI.Pack("decimals")
+	if err != nil {
+		return 0, executorInternal("failed to encode decimals call", err)
+	}
+	msg := ethereum.CallMsg{
+		To:   &token,
+		Data: callData,
+	}
+	output, err := client.CallContract(ctx, msg, nil)
+	if err != nil {
+		return 0, executorInternal("decimals call failed", err)
+	}
+	values, err := erc20ABI.Unpack("decimals", output)
+	if err != nil {
+		return 0, executorInternal("failed to unpack decimals", err)
+	}
+	if len(values) == 0 {
+		return 0, executorInternal("decimals call returned no data", nil)
+	}
+	decimals, ok := values[0].(uint8)
+	if !ok {
+		return 0, executorInternal("decimals call returned unexpected type", nil)
+	}
+	return decimals, nil
+}
+
+func toBaseUnits(amount string, decimals uint8) (*big.Int, error) {
+	value, err := decimal.NewFromString(strings.TrimSpace(amount))
+	if err != nil {
+		return nil, executorInvalid("invalid amount " + amount + ": " + err.Error())
+	}
+	if value.IsNegative() {
+		return nil, executorInvalid("amount must be positive")
+	}
+	multiplier := decimal.NewFromInt(1).Shift(int32(decimals))
+	scaled := value.Mul(multiplier)
+	if !scaled.Equal(scaled.Truncate(0)) {
+		return nil, executorInvalid("amount " + amount + " exceeds token precision")
+	}
+	return scaled.BigInt(), nil
+}
+
+func executorInvalid(msg string) error {
+	return merrors.InvalidArgument("executor: " + msg)
+}
+
+func executorInternal(msg string, err error) error {
+	if err != nil {
+		msg = msg + ": " + err.Error()
+	}
+	return merrors.Internal("executor: " + msg)
+}

api/gateway/chain/internal/service/gateway/metrics.go

@@ -0,0 +1,65 @@
+package gateway
+
+import (
+	"errors"
+	"sync"
+	"time"
+
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promauto"
+	"github.com/tech/sendico/pkg/merrors"
+)
+
+var (
+	metricsOnce sync.Once
+
+	rpcLatency *prometheus.HistogramVec
+	rpcStatus  *prometheus.CounterVec
+)
+
+func initMetrics() {
+	metricsOnce.Do(func() {
+		rpcLatency = promauto.NewHistogramVec(prometheus.HistogramOpts{
+			Namespace: "sendico",
+			Subsystem: "chain_gateway",
+			Name:      "rpc_latency_seconds",
+			Help:      "Latency distribution for chain gateway RPC handlers.",
+			Buckets:   prometheus.DefBuckets,
+		}, []string{"method"})
+
+		rpcStatus = promauto.NewCounterVec(prometheus.CounterOpts{
+			Namespace: "sendico",
+			Subsystem: "chain_gateway",
+			Name:      "rpc_requests_total",
+			Help:      "Total number of RPC invocations grouped by method and status.",
+		}, []string{"method", "status"})
+	})
+}
+
+func observeRPC(method string, err error, duration time.Duration) {
+	if rpcLatency != nil {
+		rpcLatency.WithLabelValues(method).Observe(duration.Seconds())
+	}
+	if rpcStatus != nil {
+		rpcStatus.WithLabelValues(method, statusLabel(err)).Inc()
+	}
+}
+
+func statusLabel(err error) string {
+	switch {
+	case err == nil:
+		return "ok"
+	case errors.Is(err, merrors.ErrInvalidArg):
+		return "invalid_argument"
+	case errors.Is(err, merrors.ErrNoData):
+		return "not_found"
+	case errors.Is(err, merrors.ErrDataConflict):
+		return "conflict"
+	case errors.Is(err, merrors.ErrAccessDenied):
+		return "denied"
+	case errors.Is(err, merrors.ErrInternal):
+		return "internal"
+	default:
+		return "error"
+	}
+}

api/gateway/chain/internal/service/gateway/options.go

@@ -0,0 +1,69 @@
+package gateway
+
+import (
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	clockpkg "github.com/tech/sendico/pkg/clock"
+)
+
+// Option configures the Service.
+type Option func(*Service)
+
+// WithKeyManager configures the service key manager.
+func WithKeyManager(manager keymanager.Manager) Option {
+	return func(s *Service) {
+		s.keyManager = manager
+	}
+}
+
+// WithTransferExecutor configures the executor responsible for on-chain submissions.
+func WithTransferExecutor(executor TransferExecutor) Option {
+	return func(s *Service) {
+		s.executor = executor
+	}
+}
+
+// WithNetworks configures supported blockchain networks.
+func WithNetworks(networks []shared.Network) Option {
+	return func(s *Service) {
+		if len(networks) == 0 {
+			return
+		}
+		if s.networks == nil {
+			s.networks = make(map[string]shared.Network, len(networks))
+		}
+		for _, network := range networks {
+			if network.Name == "" {
+				continue
+			}
+			clone := network
+			if clone.TokenConfigs == nil {
+				clone.TokenConfigs = []shared.TokenContract{}
+			}
+			for i := range clone.TokenConfigs {
+				clone.TokenConfigs[i].Symbol = strings.ToUpper(strings.TrimSpace(clone.TokenConfigs[i].Symbol))
+				clone.TokenConfigs[i].ContractAddress = strings.ToLower(strings.TrimSpace(clone.TokenConfigs[i].ContractAddress))
+			}
+			clone.Name = strings.ToLower(strings.TrimSpace(clone.Name))
+			s.networks[clone.Name] = clone
+		}
+	}
+}
+
+// WithServiceWallet configures the service wallet binding.
+func WithServiceWallet(wallet shared.ServiceWallet) Option {
+	return func(s *Service) {
+		s.serviceWallet = wallet
+	}
+}
+
+// WithClock overrides the service clock.
+func WithClock(clk clockpkg.Clock) Option {
+	return func(s *Service) {
+		if clk != nil {
+			s.clock = clk
+		}
+	}
+}

api/gateway/chain/internal/service/gateway/service.go

@@ -0,0 +1,153 @@
+package gateway
+
+import (
+	"context"
+
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/commands"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/commands/transfer"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/commands/wallet"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/pkg/api/routers"
+	"github.com/tech/sendico/pkg/api/routers/gsresponse"
+	clockpkg "github.com/tech/sendico/pkg/clock"
+	msg "github.com/tech/sendico/pkg/messaging"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/mservice"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"google.golang.org/grpc"
+)
+
+type serviceError string
+
+func (e serviceError) Error() string {
+	return string(e)
+}
+
+var (
+	errStorageUnavailable = serviceError("chain_gateway: storage not initialised")
+)
+
+// Service implements the ChainGatewayService RPC contract.
+type Service struct {
+	logger   mlogger.Logger
+	storage  storage.Repository
+	producer msg.Producer
+	clock    clockpkg.Clock
+
+	networks      map[string]shared.Network
+	serviceWallet shared.ServiceWallet
+	keyManager    keymanager.Manager
+	executor      TransferExecutor
+	commands      commands.Registry
+
+	chainv1.UnimplementedChainGatewayServiceServer
+}
+
+// NewService constructs the chain gateway service skeleton.
+func NewService(logger mlogger.Logger, repo storage.Repository, producer msg.Producer, opts ...Option) *Service {
+	svc := &Service{
+		logger:   logger.Named("service"),
+		storage:  repo,
+		producer: producer,
+		clock:    clockpkg.System{},
+		networks: map[string]shared.Network{},
+	}
+
+	initMetrics()
+
+	for _, opt := range opts {
+		if opt != nil {
+			opt(svc)
+		}
+	}
+
+	if svc.clock == nil {
+		svc.clock = clockpkg.System{}
+	}
+	if svc.networks == nil {
+		svc.networks = map[string]shared.Network{}
+	}
+
+	svc.commands = commands.NewRegistry(commands.RegistryDeps{
+		Wallet:   commandsWalletDeps(svc),
+		Transfer: commandsTransferDeps(svc),
+	})
+
+	return svc
+}
+
+// Register wires the service onto the provided gRPC router.
+func (s *Service) Register(router routers.GRPC) error {
+	return router.Register(func(reg grpc.ServiceRegistrar) {
+		chainv1.RegisterChainGatewayServiceServer(reg, s)
+	})
+}
+
+func (s *Service) CreateManagedWallet(ctx context.Context, req *chainv1.CreateManagedWalletRequest) (*chainv1.CreateManagedWalletResponse, error) {
+	return executeUnary(ctx, s, "CreateManagedWallet", s.commands.CreateManagedWallet.Execute, req)
+}
+
+func (s *Service) GetManagedWallet(ctx context.Context, req *chainv1.GetManagedWalletRequest) (*chainv1.GetManagedWalletResponse, error) {
+	return executeUnary(ctx, s, "GetManagedWallet", s.commands.GetManagedWallet.Execute, req)
+}
+
+func (s *Service) ListManagedWallets(ctx context.Context, req *chainv1.ListManagedWalletsRequest) (*chainv1.ListManagedWalletsResponse, error) {
+	return executeUnary(ctx, s, "ListManagedWallets", s.commands.ListManagedWallets.Execute, req)
+}
+
+func (s *Service) GetWalletBalance(ctx context.Context, req *chainv1.GetWalletBalanceRequest) (*chainv1.GetWalletBalanceResponse, error) {
+	return executeUnary(ctx, s, "GetWalletBalance", s.commands.GetWalletBalance.Execute, req)
+}
+
+func (s *Service) SubmitTransfer(ctx context.Context, req *chainv1.SubmitTransferRequest) (*chainv1.SubmitTransferResponse, error) {
+	return executeUnary(ctx, s, "SubmitTransfer", s.commands.SubmitTransfer.Execute, req)
+}
+
+func (s *Service) GetTransfer(ctx context.Context, req *chainv1.GetTransferRequest) (*chainv1.GetTransferResponse, error) {
+	return executeUnary(ctx, s, "GetTransfer", s.commands.GetTransfer.Execute, req)
+}
+
+func (s *Service) ListTransfers(ctx context.Context, req *chainv1.ListTransfersRequest) (*chainv1.ListTransfersResponse, error) {
+	return executeUnary(ctx, s, "ListTransfers", s.commands.ListTransfers.Execute, req)
+}
+
+func (s *Service) EstimateTransferFee(ctx context.Context, req *chainv1.EstimateTransferFeeRequest) (*chainv1.EstimateTransferFeeResponse, error) {
+	return executeUnary(ctx, s, "EstimateTransferFee", s.commands.EstimateTransfer.Execute, req)
+}
+
+func (s *Service) ensureRepository(ctx context.Context) error {
+	if s.storage == nil {
+		return errStorageUnavailable
+	}
+	return s.storage.Ping(ctx)
+}
+
+func commandsWalletDeps(s *Service) wallet.Deps {
+	return wallet.Deps{
+		Logger:           s.logger.Named("command"),
+		Networks:         s.networks,
+		KeyManager:       s.keyManager,
+		Storage:          s.storage,
+		EnsureRepository: s.ensureRepository,
+	}
+}
+
+func commandsTransferDeps(s *Service) transfer.Deps {
+	return transfer.Deps{
+		Logger:           s.logger.Named("transfer_cmd"),
+		Networks:         s.networks,
+		Storage:          s.storage,
+		Clock:            s.clock,
+		EnsureRepository: s.ensureRepository,
+		LaunchExecution:  s.launchTransferExecution,
+	}
+}
+
+func executeUnary[TReq any, TResp any](ctx context.Context, svc *Service, method string, handler func(context.Context, *TReq) gsresponse.Responder[TResp], req *TReq) (*TResp, error) {
+	start := svc.clock.Now()
+	resp, err := gsresponse.Unary(svc.logger, mservice.ChainGateway, handler)(ctx, req)
+	observeRPC(method, err, svc.clock.Now().Sub(start))
+	return resp, err
+}

api/gateway/chain/internal/service/gateway/service_test.go

@@ -0,0 +1,557 @@
+package gateway
+
+import (
+	"context"
+	"fmt"
+	"math/big"
+	"sort"
+	"strings"
+	"sync"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/require"
+	ichainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.uber.org/zap"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+
+	"github.com/tech/sendico/gateway/chain/internal/keymanager"
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+	paginationv1 "github.com/tech/sendico/pkg/proto/common/pagination/v1"
+
+	"github.com/ethereum/go-ethereum/core/types"
+)
+
+const (
+	walletDefaultLimit   int64 = 50
+	walletMaxLimit       int64 = 200
+	transferDefaultLimit int64 = 50
+	transferMaxLimit     int64 = 200
+	depositDefaultLimit  int64 = 100
+	depositMaxLimit      int64 = 500
+)
+
+func TestCreateManagedWallet_Idempotent(t *testing.T) {
+	svc, repo := newTestService(t)
+
+	ctx := context.Background()
+	req := &ichainv1.CreateManagedWalletRequest{
+		IdempotencyKey:  "idem-1",
+		OrganizationRef: "org-1",
+		OwnerRef:        "owner-1",
+		Asset: &ichainv1.Asset{
+			Chain:       ichainv1.ChainNetwork_CHAIN_NETWORK_ETHEREUM_MAINNET,
+			TokenSymbol: "USDC",
+		},
+	}
+
+	resp, err := svc.CreateManagedWallet(ctx, req)
+	require.NoError(t, err)
+	require.NotNil(t, resp.GetWallet())
+	firstRef := resp.GetWallet().GetWalletRef()
+	require.NotEmpty(t, firstRef)
+
+	resp2, err := svc.CreateManagedWallet(ctx, req)
+	require.NoError(t, err)
+	require.Equal(t, firstRef, resp2.GetWallet().GetWalletRef())
+
+	// ensure stored only once
+	require.Equal(t, 1, repo.wallets.count())
+}
+
+func TestSubmitTransfer_ManagedDestination(t *testing.T) {
+	svc, repo := newTestService(t)
+	ctx := context.Background()
+
+	// create source wallet
+	srcResp, err := svc.CreateManagedWallet(ctx, &ichainv1.CreateManagedWalletRequest{
+		IdempotencyKey:  "idem-src",
+		OrganizationRef: "org-1",
+		OwnerRef:        "owner-1",
+		Asset: &ichainv1.Asset{
+			Chain:       ichainv1.ChainNetwork_CHAIN_NETWORK_ETHEREUM_MAINNET,
+			TokenSymbol: "USDC",
+		},
+	})
+	require.NoError(t, err)
+	srcRef := srcResp.GetWallet().GetWalletRef()
+
+	// destination wallet
+	dstResp, err := svc.CreateManagedWallet(ctx, &ichainv1.CreateManagedWalletRequest{
+		IdempotencyKey:  "idem-dst",
+		OrganizationRef: "org-1",
+		OwnerRef:        "owner-2",
+		Asset: &ichainv1.Asset{
+			Chain:       ichainv1.ChainNetwork_CHAIN_NETWORK_ETHEREUM_MAINNET,
+			TokenSymbol: "USDC",
+		},
+	})
+	require.NoError(t, err)
+	dstRef := dstResp.GetWallet().GetWalletRef()
+
+	transferResp, err := svc.SubmitTransfer(ctx, &ichainv1.SubmitTransferRequest{
+		IdempotencyKey:  "transfer-1",
+		OrganizationRef: "org-1",
+		SourceWalletRef: srcRef,
+		Destination: &ichainv1.TransferDestination{
+			Destination: &ichainv1.TransferDestination_ManagedWalletRef{ManagedWalletRef: dstRef},
+		},
+		Amount: &moneyv1.Money{Currency: "USDC", Amount: "100"},
+		Fees: []*ichainv1.ServiceFeeBreakdown{
+			{
+				FeeCode: "service",
+				Amount:  &moneyv1.Money{Currency: "USDC", Amount: "5"},
+			},
+		},
+	})
+	require.NoError(t, err)
+	require.NotNil(t, transferResp.GetTransfer())
+	require.Equal(t, "95", transferResp.GetTransfer().GetNetAmount().GetAmount())
+
+	stored := repo.transfers.get(transferResp.GetTransfer().GetTransferRef())
+	require.NotNil(t, stored)
+	require.Equal(t, model.TransferStatusPending, stored.Status)
+
+	// GetTransfer
+	getResp, err := svc.GetTransfer(ctx, &ichainv1.GetTransferRequest{TransferRef: stored.TransferRef})
+	require.NoError(t, err)
+	require.Equal(t, stored.TransferRef, getResp.GetTransfer().GetTransferRef())
+
+	// ListTransfers
+	listResp, err := svc.ListTransfers(ctx, &ichainv1.ListTransfersRequest{
+		SourceWalletRef: srcRef,
+		Page:            &paginationv1.CursorPageRequest{Limit: 10},
+	})
+	require.NoError(t, err)
+	require.Len(t, listResp.GetTransfers(), 1)
+	require.Equal(t, stored.TransferRef, listResp.GetTransfers()[0].GetTransferRef())
+}
+
+func TestGetWalletBalance_NotFound(t *testing.T) {
+	svc, _ := newTestService(t)
+	ctx := context.Background()
+
+	_, err := svc.GetWalletBalance(ctx, &ichainv1.GetWalletBalanceRequest{WalletRef: "missing"})
+	require.Error(t, err)
+	st, _ := status.FromError(err)
+	require.Equal(t, codes.NotFound, st.Code())
+}
+
+// ---- in-memory storage implementation ----
+
+type inMemoryRepository struct {
+	wallets   *inMemoryWallets
+	transfers *inMemoryTransfers
+	deposits  *inMemoryDeposits
+}
+
+func newInMemoryRepository() *inMemoryRepository {
+	return &inMemoryRepository{
+		wallets:   newInMemoryWallets(),
+		transfers: newInMemoryTransfers(),
+		deposits:  newInMemoryDeposits(),
+	}
+}
+
+func (r *inMemoryRepository) Ping(context.Context) error        { return nil }
+func (r *inMemoryRepository) Wallets() storage.WalletsStore     { return r.wallets }
+func (r *inMemoryRepository) Transfers() storage.TransfersStore { return r.transfers }
+func (r *inMemoryRepository) Deposits() storage.DepositsStore   { return r.deposits }
+
+// Wallets store
+
+type inMemoryWallets struct {
+	mu       sync.Mutex
+	wallets  map[string]*model.ManagedWallet
+	byIdemp  map[string]string
+	balances map[string]*model.WalletBalance
+}
+
+func newInMemoryWallets() *inMemoryWallets {
+	return &inMemoryWallets{
+		wallets:  make(map[string]*model.ManagedWallet),
+		byIdemp:  make(map[string]string),
+		balances: make(map[string]*model.WalletBalance),
+	}
+}
+
+func (w *inMemoryWallets) count() int {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	return len(w.wallets)
+}
+
+func (w *inMemoryWallets) Create(ctx context.Context, wallet *model.ManagedWallet) (*model.ManagedWallet, error) {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+
+	if wallet == nil {
+		return nil, merrors.InvalidArgument("walletsStore: nil wallet")
+	}
+	wallet.Normalize()
+	if wallet.IdempotencyKey == "" {
+		return nil, merrors.InvalidArgument("walletsStore: empty idempotencyKey")
+	}
+
+	if existingRef, ok := w.byIdemp[wallet.IdempotencyKey]; ok {
+		existing := w.wallets[existingRef]
+		return existing, merrors.ErrDataConflict
+	}
+
+	if wallet.WalletRef == "" {
+		wallet.WalletRef = primitive.NewObjectID().Hex()
+	}
+	if wallet.GetID() == nil || wallet.GetID().IsZero() {
+		wallet.SetID(primitive.NewObjectID())
+	} else {
+		wallet.Update()
+	}
+
+	w.wallets[wallet.WalletRef] = wallet
+	w.byIdemp[wallet.IdempotencyKey] = wallet.WalletRef
+	return wallet, nil
+}
+
+func (w *inMemoryWallets) Get(ctx context.Context, walletRef string) (*model.ManagedWallet, error) {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	wallet, ok := w.wallets[strings.TrimSpace(walletRef)]
+	if !ok {
+		return nil, merrors.NoData("wallet not found")
+	}
+	return wallet, nil
+}
+
+func (w *inMemoryWallets) List(ctx context.Context, filter model.ManagedWalletFilter) (*model.ManagedWalletList, error) {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+
+	items := make([]*model.ManagedWallet, 0, len(w.wallets))
+	for _, wallet := range w.wallets {
+		if filter.OrganizationRef != "" && !strings.EqualFold(wallet.OrganizationRef, filter.OrganizationRef) {
+			continue
+		}
+		if filter.OwnerRef != "" && !strings.EqualFold(wallet.OwnerRef, filter.OwnerRef) {
+			continue
+		}
+		if filter.Network != "" && !strings.EqualFold(wallet.Network, filter.Network) {
+			continue
+		}
+		if filter.TokenSymbol != "" && !strings.EqualFold(wallet.TokenSymbol, filter.TokenSymbol) {
+			continue
+		}
+		items = append(items, wallet)
+	}
+
+	sort.Slice(items, func(i, j int) bool {
+		return items[i].ID.Timestamp().Before(items[j].ID.Timestamp())
+	})
+
+	startIndex := 0
+	if cursor := strings.TrimSpace(filter.Cursor); cursor != "" {
+		if oid, err := primitive.ObjectIDFromHex(cursor); err == nil {
+			for idx, item := range items {
+				if item.ID.Timestamp().After(oid.Timestamp()) {
+					startIndex = idx
+					break
+				}
+			}
+		}
+	}
+
+	limit := int(sanitizeLimit(filter.Limit, walletDefaultLimit, walletMaxLimit))
+	end := startIndex + limit
+	hasMore := false
+	if end < len(items) {
+		hasMore = true
+		items = items[startIndex:end]
+	} else {
+		items = items[startIndex:]
+	}
+
+	nextCursor := ""
+	if hasMore && len(items) > 0 {
+		nextCursor = items[len(items)-1].ID.Hex()
+	}
+
+	return &model.ManagedWalletList{Items: items, NextCursor: nextCursor}, nil
+}
+
+func (w *inMemoryWallets) SaveBalance(ctx context.Context, balance *model.WalletBalance) error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	if balance == nil {
+		return merrors.InvalidArgument("walletsStore: nil balance")
+	}
+	balance.Normalize()
+	if balance.WalletRef == "" {
+		return merrors.InvalidArgument("walletsStore: empty walletRef for balance")
+	}
+	if balance.CalculatedAt.IsZero() {
+		balance.CalculatedAt = time.Now().UTC()
+	}
+	existing, ok := w.balances[balance.WalletRef]
+	if !ok {
+		if balance.GetID() == nil || balance.GetID().IsZero() {
+			balance.SetID(primitive.NewObjectID())
+		}
+		w.balances[balance.WalletRef] = balance
+		return nil
+	}
+	existing.Available = balance.Available
+	existing.PendingInbound = balance.PendingInbound
+	existing.PendingOutbound = balance.PendingOutbound
+	existing.CalculatedAt = balance.CalculatedAt
+	existing.Update()
+	return nil
+}
+
+func (w *inMemoryWallets) GetBalance(ctx context.Context, walletRef string) (*model.WalletBalance, error) {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	balance, ok := w.balances[strings.TrimSpace(walletRef)]
+	if !ok {
+		return nil, merrors.NoData("wallet balance not found")
+	}
+	return balance, nil
+}
+
+// Transfers store
+
+type inMemoryTransfers struct {
+	mu      sync.Mutex
+	items   map[string]*model.Transfer
+	byIdemp map[string]string
+}
+
+func newInMemoryTransfers() *inMemoryTransfers {
+	return &inMemoryTransfers{
+		items:   make(map[string]*model.Transfer),
+		byIdemp: make(map[string]string),
+	}
+}
+
+func (t *inMemoryTransfers) Create(ctx context.Context, transfer *model.Transfer) (*model.Transfer, error) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	if transfer == nil {
+		return nil, merrors.InvalidArgument("transfersStore: nil transfer")
+	}
+	transfer.Normalize()
+	if transfer.IdempotencyKey == "" {
+		return nil, merrors.InvalidArgument("transfersStore: empty idempotencyKey")
+	}
+	if ref, ok := t.byIdemp[transfer.IdempotencyKey]; ok {
+		return t.items[ref], merrors.ErrDataConflict
+	}
+	if transfer.TransferRef == "" {
+		transfer.TransferRef = primitive.NewObjectID().Hex()
+	}
+	if transfer.GetID() == nil || transfer.GetID().IsZero() {
+		transfer.SetID(primitive.NewObjectID())
+	} else {
+		transfer.Update()
+	}
+	t.items[transfer.TransferRef] = transfer
+	t.byIdemp[transfer.IdempotencyKey] = transfer.TransferRef
+	return transfer, nil
+}
+
+func (t *inMemoryTransfers) Get(ctx context.Context, transferRef string) (*model.Transfer, error) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	transfer, ok := t.items[strings.TrimSpace(transferRef)]
+	if !ok {
+		return nil, merrors.NoData("transfer not found")
+	}
+	return transfer, nil
+}
+
+func (t *inMemoryTransfers) List(ctx context.Context, filter model.TransferFilter) (*model.TransferList, error) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	items := make([]*model.Transfer, 0, len(t.items))
+	for _, transfer := range t.items {
+		if filter.SourceWalletRef != "" && !strings.EqualFold(transfer.SourceWalletRef, filter.SourceWalletRef) {
+			continue
+		}
+		if filter.DestinationWalletRef != "" && !strings.EqualFold(transfer.Destination.ManagedWalletRef, filter.DestinationWalletRef) {
+			continue
+		}
+		if filter.Status != "" && transfer.Status != filter.Status {
+			continue
+		}
+		items = append(items, transfer)
+	}
+
+	sort.Slice(items, func(i, j int) bool {
+		return items[i].ID.Timestamp().Before(items[j].ID.Timestamp())
+	})
+
+	start := 0
+	if cursor := strings.TrimSpace(filter.Cursor); cursor != "" {
+		if oid, err := primitive.ObjectIDFromHex(cursor); err == nil {
+			for idx, item := range items {
+				if item.ID.Timestamp().After(oid.Timestamp()) {
+					start = idx
+					break
+				}
+			}
+		}
+	}
+
+	limit := int(sanitizeLimit(filter.Limit, transferDefaultLimit, transferMaxLimit))
+	end := start + limit
+	hasMore := false
+	if end < len(items) {
+		hasMore = true
+		items = items[start:end]
+	} else {
+		items = items[start:]
+	}
+
+	nextCursor := ""
+	if hasMore && len(items) > 0 {
+		nextCursor = items[len(items)-1].ID.Hex()
+	}
+
+	return &model.TransferList{Items: items, NextCursor: nextCursor}, nil
+}
+
+func (t *inMemoryTransfers) UpdateStatus(ctx context.Context, transferRef string, status model.TransferStatus, failureReason string, txHash string) (*model.Transfer, error) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	transfer, ok := t.items[strings.TrimSpace(transferRef)]
+	if !ok {
+		return nil, merrors.NoData("transfer not found")
+	}
+	transfer.Status = status
+	if status == model.TransferStatusFailed {
+		transfer.FailureReason = strings.TrimSpace(failureReason)
+	} else {
+		transfer.FailureReason = ""
+	}
+	transfer.TxHash = strings.TrimSpace(txHash)
+	transfer.LastStatusAt = time.Now().UTC()
+	transfer.Update()
+	return transfer, nil
+}
+
+// helper for tests
+func (t *inMemoryTransfers) get(ref string) *model.Transfer {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	return t.items[ref]
+}
+
+// Deposits store (minimal for tests)
+
+type inMemoryDeposits struct {
+	mu    sync.Mutex
+	items map[string]*model.Deposit
+}
+
+func newInMemoryDeposits() *inMemoryDeposits {
+	return &inMemoryDeposits{items: make(map[string]*model.Deposit)}
+}
+
+func (d *inMemoryDeposits) Record(ctx context.Context, deposit *model.Deposit) error {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	if deposit == nil {
+		return merrors.InvalidArgument("depositsStore: nil deposit")
+	}
+	deposit.Normalize()
+	if deposit.DepositRef == "" {
+		return merrors.InvalidArgument("depositsStore: empty depositRef")
+	}
+	if existing, ok := d.items[deposit.DepositRef]; ok {
+		existing.Status = deposit.Status
+		existing.LastStatusAt = time.Now().UTC()
+		existing.Update()
+		return nil
+	}
+	if deposit.GetID() == nil || deposit.GetID().IsZero() {
+		deposit.SetID(primitive.NewObjectID())
+	}
+	if deposit.ObservedAt.IsZero() {
+		deposit.ObservedAt = time.Now().UTC()
+	}
+	if deposit.RecordedAt.IsZero() {
+		deposit.RecordedAt = time.Now().UTC()
+	}
+	deposit.LastStatusAt = time.Now().UTC()
+	d.items[deposit.DepositRef] = deposit
+	return nil
+}
+
+func (d *inMemoryDeposits) ListPending(ctx context.Context, network string, limit int32) ([]*model.Deposit, error) {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+	results := make([]*model.Deposit, 0)
+	for _, deposit := range d.items {
+		if deposit.Status != model.DepositStatusPending {
+			continue
+		}
+		if network != "" && !strings.EqualFold(deposit.Network, network) {
+			continue
+		}
+		results = append(results, deposit)
+	}
+	sort.Slice(results, func(i, j int) bool {
+		return results[i].ObservedAt.Before(results[j].ObservedAt)
+	})
+	limitVal := int(sanitizeLimit(limit, depositDefaultLimit, depositMaxLimit))
+	if len(results) > limitVal {
+		results = results[:limitVal]
+	}
+	return results, nil
+}
+
+// shared helpers
+
+func sanitizeLimit(requested int32, def, max int64) int64 {
+	if requested <= 0 {
+		return def
+	}
+	if requested > int32(max) {
+		return max
+	}
+	return int64(requested)
+}
+
+func newTestService(_ *testing.T) (*Service, *inMemoryRepository) {
+	repo := newInMemoryRepository()
+	logger := zap.NewNop()
+	svc := NewService(logger, repo, nil,
+		WithKeyManager(&fakeKeyManager{}),
+		WithNetworks([]shared.Network{{
+			Name: "ethereum_mainnet",
+			TokenConfigs: []shared.TokenContract{
+				{Symbol: "USDC", ContractAddress: "0xusdc"},
+			},
+		}}),
+		WithServiceWallet(shared.ServiceWallet{Network: "ethereum_mainnet", Address: "0xservice"}),
+	)
+	return svc, repo
+}
+
+type fakeKeyManager struct{}
+
+func (f *fakeKeyManager) CreateManagedWalletKey(ctx context.Context, walletRef string, network string) (*keymanager.ManagedWalletKey, error) {
+	return &keymanager.ManagedWalletKey{
+		KeyID:     fmt.Sprintf("%s/%s", strings.ToLower(network), walletRef),
+		Address:   "0x" + strings.Repeat("a", 40),
+		PublicKey: strings.Repeat("b", 128),
+	}, nil
+}
+
+func (f *fakeKeyManager) SignTransaction(ctx context.Context, keyID string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) {
+	return tx, nil
+}

api/gateway/chain/internal/service/gateway/shared/helpers.go

@@ -0,0 +1,142 @@
+package shared
+
+import (
+	"strings"
+
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
+	"go.mongodb.org/mongo-driver/bson/primitive"
+)
+
+// CloneMoney defensively copies a Money proto.
+func CloneMoney(m *moneyv1.Money) *moneyv1.Money {
+	if m == nil {
+		return nil
+	}
+	return &moneyv1.Money{Amount: m.GetAmount(), Currency: m.GetCurrency()}
+}
+
+// CloneMetadata defensively copies metadata maps.
+func CloneMetadata(input map[string]string) map[string]string {
+	if len(input) == 0 {
+		return nil
+	}
+	clone := make(map[string]string, len(input))
+	for k, v := range input {
+		clone[k] = v
+	}
+	return clone
+}
+
+// ResolveContractAddress finds a token contract for a symbol in a case-insensitive manner.
+func ResolveContractAddress(tokens []TokenContract, symbol string) string {
+	upper := strings.ToUpper(symbol)
+	for _, token := range tokens {
+		if strings.EqualFold(token.Symbol, upper) && token.ContractAddress != "" {
+			return strings.ToLower(token.ContractAddress)
+		}
+	}
+	return ""
+}
+
+func GenerateWalletRef() string {
+	return primitive.NewObjectID().Hex()
+}
+
+func GenerateTransferRef() string {
+	return primitive.NewObjectID().Hex()
+}
+
+func ChainKeyFromEnum(chain chainv1.ChainNetwork) (string, chainv1.ChainNetwork) {
+	if name, ok := chainv1.ChainNetwork_name[int32(chain)]; ok {
+		key := strings.ToLower(strings.TrimPrefix(name, "CHAIN_NETWORK_"))
+		return key, chain
+	}
+	return "", chainv1.ChainNetwork_CHAIN_NETWORK_UNSPECIFIED
+}
+
+func ChainEnumFromName(name string) chainv1.ChainNetwork {
+	if name == "" {
+		return chainv1.ChainNetwork_CHAIN_NETWORK_UNSPECIFIED
+	}
+	upper := strings.ToUpper(strings.ReplaceAll(strings.ReplaceAll(name, " ", "_"), "-", "_"))
+	key := "CHAIN_NETWORK_" + upper
+	if val, ok := chainv1.ChainNetwork_value[key]; ok {
+		return chainv1.ChainNetwork(val)
+	}
+	return chainv1.ChainNetwork_CHAIN_NETWORK_UNSPECIFIED
+}
+
+func ManagedWalletStatusToProto(status model.ManagedWalletStatus) chainv1.ManagedWalletStatus {
+	switch status {
+	case model.ManagedWalletStatusActive:
+		return chainv1.ManagedWalletStatus_MANAGED_WALLET_ACTIVE
+	case model.ManagedWalletStatusSuspended:
+		return chainv1.ManagedWalletStatus_MANAGED_WALLET_SUSPENDED
+	case model.ManagedWalletStatusClosed:
+		return chainv1.ManagedWalletStatus_MANAGED_WALLET_CLOSED
+	default:
+		return chainv1.ManagedWalletStatus_MANAGED_WALLET_STATUS_UNSPECIFIED
+	}
+}
+
+func TransferStatusToModel(status chainv1.TransferStatus) model.TransferStatus {
+	switch status {
+	case chainv1.TransferStatus_TRANSFER_PENDING:
+		return model.TransferStatusPending
+	case chainv1.TransferStatus_TRANSFER_SIGNING:
+		return model.TransferStatusSigning
+	case chainv1.TransferStatus_TRANSFER_SUBMITTED:
+		return model.TransferStatusSubmitted
+	case chainv1.TransferStatus_TRANSFER_CONFIRMED:
+		return model.TransferStatusConfirmed
+	case chainv1.TransferStatus_TRANSFER_FAILED:
+		return model.TransferStatusFailed
+	case chainv1.TransferStatus_TRANSFER_CANCELLED:
+		return model.TransferStatusCancelled
+	default:
+		return ""
+	}
+}
+
+func TransferStatusToProto(status model.TransferStatus) chainv1.TransferStatus {
+	switch status {
+	case model.TransferStatusPending:
+		return chainv1.TransferStatus_TRANSFER_PENDING
+	case model.TransferStatusSigning:
+		return chainv1.TransferStatus_TRANSFER_SIGNING
+	case model.TransferStatusSubmitted:
+		return chainv1.TransferStatus_TRANSFER_SUBMITTED
+	case model.TransferStatusConfirmed:
+		return chainv1.TransferStatus_TRANSFER_CONFIRMED
+	case model.TransferStatusFailed:
+		return chainv1.TransferStatus_TRANSFER_FAILED
+	case model.TransferStatusCancelled:
+		return chainv1.TransferStatus_TRANSFER_CANCELLED
+	default:
+		return chainv1.TransferStatus_TRANSFER_STATUS_UNSPECIFIED
+	}
+}
+
+// Network describes a supported blockchain network and known token contracts.
+type Network struct {
+	Name         string
+	RPCURL       string
+	ChainID      uint64
+	NativeToken  string
+	TokenConfigs []TokenContract
+}
+
+// TokenContract captures the metadata needed to work with a specific on-chain token.
+type TokenContract struct {
+	Symbol          string
+	ContractAddress string
+}
+
+// ServiceWallet captures the managed service wallet configuration.
+type ServiceWallet struct {
+	Network    string
+	Address    string
+	PrivateKey string
+}

api/gateway/chain/internal/service/gateway/transfer_execution.go

@@ -0,0 +1,101 @@
+package gateway
+
+import (
+	"context"
+	"errors"
+	"strings"
+	"time"
+
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/merrors"
+	"go.uber.org/zap"
+
+	"github.com/tech/sendico/gateway/chain/internal/service/gateway/shared"
+)
+
+func (s *Service) launchTransferExecution(transferRef, sourceWalletRef string, network shared.Network) {
+	if s.executor == nil {
+		return
+	}
+
+	go func(ref, walletRef string, net shared.Network) {
+		ctx, cancel := context.WithTimeout(context.Background(), 15*time.Minute)
+		defer cancel()
+
+		if err := s.executeTransfer(ctx, ref, walletRef, net); err != nil {
+			s.logger.Error("failed to execute transfer", zap.String("transfer_ref", ref), zap.Error(err))
+		}
+	}(transferRef, sourceWalletRef, network)
+}
+
+func (s *Service) executeTransfer(ctx context.Context, transferRef, sourceWalletRef string, network shared.Network) error {
+	transfer, err := s.storage.Transfers().Get(ctx, transferRef)
+	if err != nil {
+		return err
+	}
+
+	sourceWallet, err := s.storage.Wallets().Get(ctx, sourceWalletRef)
+	if err != nil {
+		return err
+	}
+
+	if _, err := s.storage.Transfers().UpdateStatus(ctx, transferRef, model.TransferStatusSigning, "", ""); err != nil {
+		s.logger.Warn("failed to update transfer status to signing", zap.String("transfer_ref", transferRef), zap.Error(err))
+	}
+
+	destinationAddress, err := s.destinationAddress(ctx, transfer.Destination)
+	if err != nil {
+		_, _ = s.storage.Transfers().UpdateStatus(ctx, transferRef, model.TransferStatusFailed, err.Error(), "")
+		return err
+	}
+
+	txHash, err := s.executor.SubmitTransfer(ctx, transfer, sourceWallet, destinationAddress, network)
+	if err != nil {
+		_, _ = s.storage.Transfers().UpdateStatus(ctx, transferRef, model.TransferStatusFailed, err.Error(), "")
+		return err
+	}
+
+	if _, err := s.storage.Transfers().UpdateStatus(ctx, transferRef, model.TransferStatusSubmitted, "", txHash); err != nil {
+		s.logger.Warn("failed to update transfer status to submitted", zap.String("transfer_ref", transferRef), zap.Error(err))
+	}
+
+	receiptCtx, cancel := context.WithTimeout(ctx, 10*time.Minute)
+	defer cancel()
+	receipt, err := s.executor.AwaitConfirmation(receiptCtx, network, txHash)
+	if err != nil {
+		if !errors.Is(err, context.DeadlineExceeded) && !errors.Is(err, context.Canceled) {
+			s.logger.Warn("failed to await transfer confirmation", zap.String("transfer_ref", transferRef), zap.Error(err))
+		}
+		return err
+	}
+
+	if receipt != nil && receipt.Status == types.ReceiptStatusSuccessful {
+		if _, err := s.storage.Transfers().UpdateStatus(ctx, transferRef, model.TransferStatusConfirmed, "", txHash); err != nil {
+			s.logger.Warn("failed to update transfer status to confirmed", zap.String("transfer_ref", transferRef), zap.Error(err))
+		}
+		return nil
+	}
+
+	if _, err := s.storage.Transfers().UpdateStatus(ctx, transferRef, model.TransferStatusFailed, "transaction reverted", txHash); err != nil {
+		s.logger.Warn("failed to update transfer status to failed", zap.String("transfer_ref", transferRef), zap.Error(err))
+	}
+	return nil
+}
+
+func (s *Service) destinationAddress(ctx context.Context, dest model.TransferDestination) (string, error) {
+	if ref := strings.TrimSpace(dest.ManagedWalletRef); ref != "" {
+		wallet, err := s.storage.Wallets().Get(ctx, ref)
+		if err != nil {
+			return "", err
+		}
+		if strings.TrimSpace(wallet.DepositAddress) == "" {
+			return "", merrors.Internal("destination wallet missing deposit address")
+		}
+		return wallet.DepositAddress, nil
+	}
+	if addr := strings.TrimSpace(dest.ExternalAddress); addr != "" {
+		return strings.ToLower(addr), nil
+	}
+	return "", merrors.InvalidArgument("transfer destination address not resolved")
+}

api/gateway/chain/main.go

@@ -0,0 +1,17 @@
+package main
+
+import (
+	"github.com/tech/sendico/gateway/chain/internal/appversion"
+	si "github.com/tech/sendico/gateway/chain/internal/server"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/server"
+	smain "github.com/tech/sendico/pkg/server/main"
+)
+
+func factory(logger mlogger.Logger, file string, debug bool) (server.Application, error) {
+	return si.Create(logger, file, debug)
+}
+
+func main() {
+	smain.RunServer("main", appversion.Create(), factory)
+}

api/gateway/chain/storage/model/deposit.go

@@ -0,0 +1,54 @@
+package model
+
+import (
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/pkg/db/storable"
+	"github.com/tech/sendico/pkg/mservice"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+)
+
+type DepositStatus string
+
+const (
+	DepositStatusPending   DepositStatus = "pending"
+	DepositStatusConfirmed DepositStatus = "confirmed"
+	DepositStatusFailed    DepositStatus = "failed"
+)
+
+// Deposit records an inbound transfer observed on-chain.
+type Deposit struct {
+	storable.Base `bson:",inline" json:",inline"`
+
+	DepositRef      string         `bson:"depositRef" json:"depositRef"`
+	WalletRef       string         `bson:"walletRef" json:"walletRef"`
+	Network         string         `bson:"network" json:"network"`
+	TokenSymbol     string         `bson:"tokenSymbol" json:"tokenSymbol"`
+	ContractAddress string         `bson:"contractAddress" json:"contractAddress"`
+	Amount          *moneyv1.Money `bson:"amount" json:"amount"`
+	SourceAddress   string         `bson:"sourceAddress" json:"sourceAddress"`
+	TxHash          string         `bson:"txHash" json:"txHash"`
+	BlockID         string         `bson:"blockId,omitempty" json:"blockId,omitempty"`
+	Status          DepositStatus  `bson:"status" json:"status"`
+	ObservedAt      time.Time      `bson:"observedAt" json:"observedAt"`
+	RecordedAt      time.Time      `bson:"recordedAt" json:"recordedAt"`
+	LastStatusAt    time.Time      `bson:"lastStatusAt" json:"lastStatusAt"`
+}
+
+// Collection implements storable.Storable.
+func (*Deposit) Collection() string {
+	return mservice.ChainDeposits
+}
+
+// Normalize standardizes case-sensitive fields.
+func (d *Deposit) Normalize() {
+	d.DepositRef = strings.TrimSpace(d.DepositRef)
+	d.WalletRef = strings.TrimSpace(d.WalletRef)
+	d.Network = strings.TrimSpace(strings.ToLower(d.Network))
+	d.TokenSymbol = strings.TrimSpace(strings.ToUpper(d.TokenSymbol))
+	d.ContractAddress = strings.TrimSpace(strings.ToLower(d.ContractAddress))
+	d.SourceAddress = strings.TrimSpace(strings.ToLower(d.SourceAddress))
+	d.TxHash = strings.TrimSpace(strings.ToLower(d.TxHash))
+	d.BlockID = strings.TrimSpace(d.BlockID)
+}

api/gateway/chain/storage/model/transfer.go

@@ -0,0 +1,91 @@
+package model
+
+import (
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/pkg/db/storable"
+	"github.com/tech/sendico/pkg/mservice"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+)
+
+type TransferStatus string
+
+const (
+	TransferStatusPending   TransferStatus = "pending"
+	TransferStatusSigning   TransferStatus = "signing"
+	TransferStatusSubmitted TransferStatus = "submitted"
+	TransferStatusConfirmed TransferStatus = "confirmed"
+	TransferStatusFailed    TransferStatus = "failed"
+	TransferStatusCancelled TransferStatus = "cancelled"
+)
+
+// ServiceFee represents a fee component applied to a transfer.
+type ServiceFee struct {
+	FeeCode     string         `bson:"feeCode" json:"feeCode"`
+	Amount      *moneyv1.Money `bson:"amount" json:"amount"`
+	Description string         `bson:"description,omitempty" json:"description,omitempty"`
+}
+
+type TransferDestination struct {
+	ManagedWalletRef string `bson:"managedWalletRef,omitempty" json:"managedWalletRef,omitempty"`
+	ExternalAddress  string `bson:"externalAddress,omitempty" json:"externalAddress,omitempty"`
+	Memo             string `bson:"memo,omitempty" json:"memo,omitempty"`
+}
+
+// Transfer models an on-chain transfer orchestrated by the gateway.
+type Transfer struct {
+	storable.Base `bson:",inline" json:",inline"`
+
+	TransferRef     string              `bson:"transferRef" json:"transferRef"`
+	IdempotencyKey  string              `bson:"idempotencyKey" json:"idempotencyKey"`
+	OrganizationRef string              `bson:"organizationRef" json:"organizationRef"`
+	SourceWalletRef string              `bson:"sourceWalletRef" json:"sourceWalletRef"`
+	Destination     TransferDestination `bson:"destination" json:"destination"`
+	Network         string              `bson:"network" json:"network"`
+	TokenSymbol     string              `bson:"tokenSymbol" json:"tokenSymbol"`
+	ContractAddress string              `bson:"contractAddress" json:"contractAddress"`
+	RequestedAmount *moneyv1.Money      `bson:"requestedAmount" json:"requestedAmount"`
+	NetAmount       *moneyv1.Money      `bson:"netAmount" json:"netAmount"`
+	Fees            []ServiceFee        `bson:"fees,omitempty" json:"fees,omitempty"`
+	Status          TransferStatus      `bson:"status" json:"status"`
+	TxHash          string              `bson:"txHash,omitempty" json:"txHash,omitempty"`
+	FailureReason   string              `bson:"failureReason,omitempty" json:"failureReason,omitempty"`
+	ClientReference string              `bson:"clientReference,omitempty" json:"clientReference,omitempty"`
+	LastStatusAt    time.Time           `bson:"lastStatusAt" json:"lastStatusAt"`
+}
+
+// Collection implements storable.Storable.
+func (*Transfer) Collection() string {
+	return mservice.ChainTransfers
+}
+
+// TransferFilter describes the parameters for listing transfers.
+type TransferFilter struct {
+	SourceWalletRef      string
+	DestinationWalletRef string
+	Status               TransferStatus
+	Cursor               string
+	Limit                int32
+}
+
+// TransferList contains paginated transfer results.
+type TransferList struct {
+	Items      []*Transfer
+	NextCursor string
+}
+
+// Normalize trims strings for consistent indexes.
+func (t *Transfer) Normalize() {
+	t.TransferRef = strings.TrimSpace(t.TransferRef)
+	t.IdempotencyKey = strings.TrimSpace(t.IdempotencyKey)
+	t.OrganizationRef = strings.TrimSpace(t.OrganizationRef)
+	t.SourceWalletRef = strings.TrimSpace(t.SourceWalletRef)
+	t.Network = strings.TrimSpace(strings.ToLower(t.Network))
+	t.TokenSymbol = strings.TrimSpace(strings.ToUpper(t.TokenSymbol))
+	t.ContractAddress = strings.TrimSpace(strings.ToLower(t.ContractAddress))
+	t.Destination.ManagedWalletRef = strings.TrimSpace(t.Destination.ManagedWalletRef)
+	t.Destination.ExternalAddress = strings.TrimSpace(strings.ToLower(t.Destination.ExternalAddress))
+	t.Destination.Memo = strings.TrimSpace(t.Destination.Memo)
+	t.ClientReference = strings.TrimSpace(t.ClientReference)
+}

api/gateway/chain/storage/model/wallet.go

@@ -0,0 +1,90 @@
+package model
+
+import (
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/pkg/db/storable"
+	"github.com/tech/sendico/pkg/mservice"
+	moneyv1 "github.com/tech/sendico/pkg/proto/common/money/v1"
+)
+
+type ManagedWalletStatus string
+
+const (
+	ManagedWalletStatusActive    ManagedWalletStatus = "active"
+	ManagedWalletStatusSuspended ManagedWalletStatus = "suspended"
+	ManagedWalletStatusClosed    ManagedWalletStatus = "closed"
+)
+
+// ManagedWallet represents a user-controlled on-chain wallet managed by the service.
+type ManagedWallet struct {
+	storable.Base `bson:",inline" json:",inline"`
+
+	IdempotencyKey  string              `bson:"idempotencyKey" json:"idempotencyKey"`
+	WalletRef       string              `bson:"walletRef" json:"walletRef"`
+	OrganizationRef string              `bson:"organizationRef" json:"organizationRef"`
+	OwnerRef        string              `bson:"ownerRef" json:"ownerRef"`
+	Network         string              `bson:"network" json:"network"`
+	TokenSymbol     string              `bson:"tokenSymbol" json:"tokenSymbol"`
+	ContractAddress string              `bson:"contractAddress" json:"contractAddress"`
+	DepositAddress  string              `bson:"depositAddress" json:"depositAddress"`
+	KeyReference    string              `bson:"keyReference,omitempty" json:"keyReference,omitempty"`
+	Status          ManagedWalletStatus `bson:"status" json:"status"`
+	Metadata        map[string]string   `bson:"metadata,omitempty" json:"metadata,omitempty"`
+}
+
+// Collection implements storable.Storable.
+func (*ManagedWallet) Collection() string {
+	return mservice.ChainWallets
+}
+
+// WalletBalance captures computed wallet balances.
+type WalletBalance struct {
+	storable.Base `bson:",inline" json:",inline"`
+
+	WalletRef       string         `bson:"walletRef" json:"walletRef"`
+	Available       *moneyv1.Money `bson:"available" json:"available"`
+	PendingInbound  *moneyv1.Money `bson:"pendingInbound,omitempty" json:"pendingInbound,omitempty"`
+	PendingOutbound *moneyv1.Money `bson:"pendingOutbound,omitempty" json:"pendingOutbound,omitempty"`
+	CalculatedAt    time.Time      `bson:"calculatedAt" json:"calculatedAt"`
+}
+
+// Collection implements storable.Storable.
+func (*WalletBalance) Collection() string {
+	return mservice.ChainWalletBalances
+}
+
+// ManagedWalletFilter describes list filters.
+type ManagedWalletFilter struct {
+	OrganizationRef string
+	OwnerRef        string
+	Network         string
+	TokenSymbol     string
+	Cursor          string
+	Limit           int32
+}
+
+// ManagedWalletList contains paginated wallet results.
+type ManagedWalletList struct {
+	Items      []*ManagedWallet
+	NextCursor string
+}
+
+// Normalize trims string fields for consistent indexing.
+func (m *ManagedWallet) Normalize() {
+	m.IdempotencyKey = strings.TrimSpace(m.IdempotencyKey)
+	m.WalletRef = strings.TrimSpace(m.WalletRef)
+	m.OrganizationRef = strings.TrimSpace(m.OrganizationRef)
+	m.OwnerRef = strings.TrimSpace(m.OwnerRef)
+	m.Network = strings.TrimSpace(strings.ToLower(m.Network))
+	m.TokenSymbol = strings.TrimSpace(strings.ToUpper(m.TokenSymbol))
+	m.ContractAddress = strings.TrimSpace(strings.ToLower(m.ContractAddress))
+	m.DepositAddress = strings.TrimSpace(strings.ToLower(m.DepositAddress))
+	m.KeyReference = strings.TrimSpace(m.KeyReference)
+}
+
+// Normalize trims wallet balance identifiers.
+func (b *WalletBalance) Normalize() {
+	b.WalletRef = strings.TrimSpace(b.WalletRef)
+}

api/gateway/chain/storage/mongo/repository.go

@@ -0,0 +1,98 @@
+package mongo
+
+import (
+	"context"
+	"time"
+
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/gateway/chain/storage/mongo/store"
+	"github.com/tech/sendico/pkg/db"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+	"go.mongodb.org/mongo-driver/mongo"
+	"go.uber.org/zap"
+)
+
+// Store implements storage.Repository backed by MongoDB.
+type Store struct {
+	logger mlogger.Logger
+	conn   *db.MongoConnection
+	db     *mongo.Database
+
+	wallets   storage.WalletsStore
+	transfers storage.TransfersStore
+	deposits  storage.DepositsStore
+}
+
+// New creates a new Mongo-backed repository.
+func New(logger mlogger.Logger, conn *db.MongoConnection) (*Store, error) {
+	if conn == nil {
+		return nil, merrors.InvalidArgument("mongo connection is nil")
+	}
+	client := conn.Client()
+	if client == nil {
+		return nil, merrors.Internal("mongo client is not initialised")
+	}
+
+	result := &Store{
+		logger: logger.Named("storage").Named("mongo"),
+		conn:   conn,
+		db:     conn.Database(),
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	if err := result.Ping(ctx); err != nil {
+		result.logger.Error("mongo ping failed during repository initialisation", zap.Error(err))
+		return nil, err
+	}
+
+	walletsStore, err := store.NewWallets(result.logger, result.db)
+	if err != nil {
+		result.logger.Error("failed to initialise wallets store", zap.Error(err))
+		return nil, err
+	}
+	transfersStore, err := store.NewTransfers(result.logger, result.db)
+	if err != nil {
+		result.logger.Error("failed to initialise transfers store", zap.Error(err))
+		return nil, err
+	}
+	depositsStore, err := store.NewDeposits(result.logger, result.db)
+	if err != nil {
+		result.logger.Error("failed to initialise deposits store", zap.Error(err))
+		return nil, err
+	}
+
+	result.wallets = walletsStore
+	result.transfers = transfersStore
+	result.deposits = depositsStore
+
+	result.logger.Info("Chain gateway MongoDB storage initialised")
+	return result, nil
+}
+
+// Ping verifies the MongoDB connection.
+func (s *Store) Ping(ctx context.Context) error {
+	if s.conn == nil {
+		return merrors.InvalidArgument("mongo connection is nil")
+	}
+	return s.conn.Ping(ctx)
+}
+
+// Wallets returns the wallets store.
+func (s *Store) Wallets() storage.WalletsStore {
+	return s.wallets
+}
+
+// Transfers returns the transfers store.
+func (s *Store) Transfers() storage.TransfersStore {
+	return s.transfers
+}
+
+// Deposits returns the deposits store.
+func (s *Store) Deposits() storage.DepositsStore {
+	return s.deposits
+}
+
+var _ storage.Repository = (*Store)(nil)

api/gateway/chain/storage/mongo/store/deposits.go

@@ -0,0 +1,161 @@
+package store
+
+import (
+	"context"
+	"errors"
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/db/repository"
+	ri "github.com/tech/sendico/pkg/db/repository/index"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/mservice"
+	"go.mongodb.org/mongo-driver/mongo"
+	"go.uber.org/zap"
+)
+
+const (
+	defaultDepositPageSize int64 = 100
+	maxDepositPageSize     int64 = 500
+)
+
+type Deposits struct {
+	logger mlogger.Logger
+	repo   repository.Repository
+}
+
+// NewDeposits constructs a Mongo-backed deposits store.
+func NewDeposits(logger mlogger.Logger, db *mongo.Database) (*Deposits, error) {
+	if db == nil {
+		return nil, merrors.InvalidArgument("mongo database is nil")
+	}
+	repo := repository.CreateMongoRepository(db, mservice.ChainDeposits)
+	indexes := []*ri.Definition{
+		{
+			Keys:   []ri.Key{{Field: "depositRef", Sort: ri.Asc}},
+			Unique: true,
+		},
+		{
+			Keys: []ri.Key{{Field: "walletRef", Sort: ri.Asc}, {Field: "status", Sort: ri.Asc}},
+		},
+		{
+			Keys:   []ri.Key{{Field: "txHash", Sort: ri.Asc}},
+			Unique: true,
+		},
+	}
+	for _, def := range indexes {
+		if err := repo.CreateIndex(def); err != nil {
+			logger.Error("failed to ensure deposit index", zap.Error(err), zap.String("collection", repo.Collection()))
+			return nil, err
+		}
+	}
+
+	childLogger := logger.Named("deposits")
+	childLogger.Debug("deposits store initialised")
+
+	return &Deposits{logger: childLogger, repo: repo}, nil
+}
+
+func (d *Deposits) Record(ctx context.Context, deposit *model.Deposit) error {
+	if deposit == nil {
+		return merrors.InvalidArgument("depositsStore: nil deposit")
+	}
+	deposit.Normalize()
+	if strings.TrimSpace(deposit.DepositRef) == "" {
+		return merrors.InvalidArgument("depositsStore: empty depositRef")
+	}
+	if deposit.Status == "" {
+		deposit.Status = model.DepositStatusPending
+	}
+	if deposit.ObservedAt.IsZero() {
+		deposit.ObservedAt = time.Now().UTC()
+	}
+	if deposit.RecordedAt.IsZero() {
+		deposit.RecordedAt = time.Now().UTC()
+	}
+	if deposit.LastStatusAt.IsZero() {
+		deposit.LastStatusAt = time.Now().UTC()
+	}
+
+	existing := &model.Deposit{}
+	err := d.repo.FindOneByFilter(ctx, repository.Filter("depositRef", deposit.DepositRef), existing)
+	switch {
+	case err == nil:
+		existing.Status = deposit.Status
+		existing.ObservedAt = deposit.ObservedAt
+		existing.RecordedAt = deposit.RecordedAt
+		existing.LastStatusAt = time.Now().UTC()
+		if deposit.Amount != nil {
+			existing.Amount = deposit.Amount
+		}
+		if deposit.BlockID != "" {
+			existing.BlockID = deposit.BlockID
+		}
+		if deposit.TxHash != "" {
+			existing.TxHash = deposit.TxHash
+		}
+		if deposit.Network != "" {
+			existing.Network = deposit.Network
+		}
+		if deposit.TokenSymbol != "" {
+			existing.TokenSymbol = deposit.TokenSymbol
+		}
+		if deposit.ContractAddress != "" {
+			existing.ContractAddress = deposit.ContractAddress
+		}
+		if deposit.SourceAddress != "" {
+			existing.SourceAddress = deposit.SourceAddress
+		}
+		if err := d.repo.Update(ctx, existing); err != nil {
+			return err
+		}
+		return nil
+	case errors.Is(err, merrors.ErrNoData):
+		if err := d.repo.Insert(ctx, deposit, repository.Filter("depositRef", deposit.DepositRef)); err != nil {
+			return err
+		}
+		return nil
+	default:
+		return err
+	}
+}
+
+func (d *Deposits) ListPending(ctx context.Context, network string, limit int32) ([]*model.Deposit, error) {
+	query := repository.Query().Filter(repository.Field("status"), model.DepositStatusPending)
+	if net := strings.TrimSpace(network); net != "" {
+		query = query.Filter(repository.Field("network"), strings.ToLower(net))
+	}
+	pageSize := sanitizeDepositLimit(limit)
+	query = query.Sort(repository.Field("observedAt"), true).Limit(&pageSize)
+
+	deposits := make([]*model.Deposit, 0, pageSize)
+	decoder := func(cur *mongo.Cursor) error {
+		item := &model.Deposit{}
+		if err := cur.Decode(item); err != nil {
+			return err
+		}
+		deposits = append(deposits, item)
+		return nil
+	}
+
+	if err := d.repo.FindManyByFilter(ctx, query, decoder); err != nil && !errors.Is(err, merrors.ErrNoData) {
+		return nil, err
+	}
+
+	return deposits, nil
+}
+
+func sanitizeDepositLimit(requested int32) int64 {
+	if requested <= 0 {
+		return defaultDepositPageSize
+	}
+	if requested > int32(maxDepositPageSize) {
+		return maxDepositPageSize
+	}
+	return int64(requested)
+}
+
+var _ storage.DepositsStore = (*Deposits)(nil)

api/gateway/chain/storage/mongo/store/transfers.go

@@ -0,0 +1,200 @@
+package store
+
+import (
+	"context"
+	"errors"
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/db/repository"
+	"github.com/tech/sendico/pkg/db/repository/builder"
+	ri "github.com/tech/sendico/pkg/db/repository/index"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/mservice"
+	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/mongo"
+	"go.uber.org/zap"
+)
+
+const (
+	defaultTransferPageSize int64 = 50
+	maxTransferPageSize     int64 = 200
+)
+
+type Transfers struct {
+	logger mlogger.Logger
+	repo   repository.Repository
+}
+
+// NewTransfers constructs a Mongo-backed transfers store.
+func NewTransfers(logger mlogger.Logger, db *mongo.Database) (*Transfers, error) {
+	if db == nil {
+		return nil, merrors.InvalidArgument("mongo database is nil")
+	}
+	repo := repository.CreateMongoRepository(db, mservice.ChainTransfers)
+	indexes := []*ri.Definition{
+		{
+			Keys:   []ri.Key{{Field: "transferRef", Sort: ri.Asc}},
+			Unique: true,
+		},
+		{
+			Keys:   []ri.Key{{Field: "idempotencyKey", Sort: ri.Asc}},
+			Unique: true,
+		},
+		{
+			Keys: []ri.Key{{Field: "sourceWalletRef", Sort: ri.Asc}, {Field: "status", Sort: ri.Asc}},
+		},
+		{
+			Keys: []ri.Key{{Field: "destination.managedWalletRef", Sort: ri.Asc}},
+		},
+	}
+	for _, def := range indexes {
+		if err := repo.CreateIndex(def); err != nil {
+			logger.Error("failed to ensure transfer index", zap.Error(err), zap.String("collection", repo.Collection()))
+			return nil, err
+		}
+	}
+
+	childLogger := logger.Named("transfers")
+	childLogger.Debug("transfers store initialised")
+
+	return &Transfers{
+		logger: childLogger,
+		repo:   repo,
+	}, nil
+}
+
+func (t *Transfers) Create(ctx context.Context, transfer *model.Transfer) (*model.Transfer, error) {
+	if transfer == nil {
+		return nil, merrors.InvalidArgument("transfersStore: nil transfer")
+	}
+	transfer.Normalize()
+	if strings.TrimSpace(transfer.TransferRef) == "" {
+		return nil, merrors.InvalidArgument("transfersStore: empty transferRef")
+	}
+	if strings.TrimSpace(transfer.IdempotencyKey) == "" {
+		return nil, merrors.InvalidArgument("transfersStore: empty idempotencyKey")
+	}
+	if transfer.Status == "" {
+		transfer.Status = model.TransferStatusPending
+	}
+	if transfer.LastStatusAt.IsZero() {
+		transfer.LastStatusAt = time.Now().UTC()
+	}
+	if strings.TrimSpace(transfer.IdempotencyKey) == "" {
+		return nil, merrors.InvalidArgument("transfersStore: empty idempotencyKey")
+	}
+	if err := t.repo.Insert(ctx, transfer, repository.Filter("idempotencyKey", transfer.IdempotencyKey)); err != nil {
+		if errors.Is(err, merrors.ErrDataConflict) {
+			t.logger.Debug("transfer already exists", zap.String("transfer_ref", transfer.TransferRef), zap.String("idempotency_key", transfer.IdempotencyKey))
+			return transfer, nil
+		}
+		return nil, err
+	}
+	t.logger.Debug("transfer created", zap.String("transfer_ref", transfer.TransferRef))
+	return transfer, nil
+}
+
+func (t *Transfers) Get(ctx context.Context, transferRef string) (*model.Transfer, error) {
+	transferRef = strings.TrimSpace(transferRef)
+	if transferRef == "" {
+		return nil, merrors.InvalidArgument("transfersStore: empty transferRef")
+	}
+	transfer := &model.Transfer{}
+	if err := t.repo.FindOneByFilter(ctx, repository.Filter("transferRef", transferRef), transfer); err != nil {
+		return nil, err
+	}
+	return transfer, nil
+}
+
+func (t *Transfers) List(ctx context.Context, filter model.TransferFilter) (*model.TransferList, error) {
+	query := repository.Query()
+	if src := strings.TrimSpace(filter.SourceWalletRef); src != "" {
+		query = query.Filter(repository.Field("sourceWalletRef"), src)
+	}
+	if dst := strings.TrimSpace(filter.DestinationWalletRef); dst != "" {
+		query = query.Filter(repository.Field("destination.managedWalletRef"), dst)
+	}
+	if status := strings.TrimSpace(string(filter.Status)); status != "" {
+		query = query.Filter(repository.Field("status"), status)
+	}
+
+	if cursor := strings.TrimSpace(filter.Cursor); cursor != "" {
+		if oid, err := primitive.ObjectIDFromHex(cursor); err == nil {
+			query = query.Comparison(repository.IDField(), builder.Gt, oid)
+		} else {
+			t.logger.Warn("ignoring invalid transfer cursor", zap.String("cursor", cursor), zap.Error(err))
+		}
+	}
+
+	limit := sanitizeTransferLimit(filter.Limit)
+	fetchLimit := limit + 1
+	query = query.Sort(repository.IDField(), true).Limit(&fetchLimit)
+
+	transfers := make([]*model.Transfer, 0, fetchLimit)
+	decoder := func(cur *mongo.Cursor) error {
+		item := &model.Transfer{}
+		if err := cur.Decode(item); err != nil {
+			return err
+		}
+		transfers = append(transfers, item)
+		return nil
+	}
+
+	if err := t.repo.FindManyByFilter(ctx, query, decoder); err != nil && !errors.Is(err, merrors.ErrNoData) {
+		return nil, err
+	}
+
+	nextCursor := ""
+	if int64(len(transfers)) == fetchLimit {
+		last := transfers[len(transfers)-1]
+		nextCursor = last.ID.Hex()
+		transfers = transfers[:len(transfers)-1]
+	}
+
+	return &model.TransferList{
+		Items:      transfers,
+		NextCursor: nextCursor,
+	}, nil
+}
+
+func (t *Transfers) UpdateStatus(ctx context.Context, transferRef string, status model.TransferStatus, failureReason string, txHash string) (*model.Transfer, error) {
+	transferRef = strings.TrimSpace(transferRef)
+	if transferRef == "" {
+		return nil, merrors.InvalidArgument("transfersStore: empty transferRef")
+	}
+	transfer := &model.Transfer{}
+	if err := t.repo.FindOneByFilter(ctx, repository.Filter("transferRef", transferRef), transfer); err != nil {
+		return nil, err
+	}
+
+	transfer.Status = status
+	if status == model.TransferStatusFailed {
+		transfer.FailureReason = strings.TrimSpace(failureReason)
+	} else {
+		transfer.FailureReason = ""
+	}
+	if hash := strings.TrimSpace(txHash); hash != "" {
+		transfer.TxHash = strings.ToLower(hash)
+	}
+	transfer.LastStatusAt = time.Now().UTC()
+	if err := t.repo.Update(ctx, transfer); err != nil {
+		return nil, err
+	}
+	return transfer, nil
+}
+
+func sanitizeTransferLimit(requested int32) int64 {
+	if requested <= 0 {
+		return defaultTransferPageSize
+	}
+	if requested > int32(maxTransferPageSize) {
+		return maxTransferPageSize
+	}
+	return int64(requested)
+}
+
+var _ storage.TransfersStore = (*Transfers)(nil)

api/gateway/chain/storage/mongo/store/wallets.go

@@ -0,0 +1,236 @@
+package store
+
+import (
+	"context"
+	"errors"
+	"strings"
+	"time"
+
+	"github.com/tech/sendico/gateway/chain/storage"
+	"github.com/tech/sendico/gateway/chain/storage/model"
+	"github.com/tech/sendico/pkg/db/repository"
+	"github.com/tech/sendico/pkg/db/repository/builder"
+	ri "github.com/tech/sendico/pkg/db/repository/index"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/mservice"
+	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/mongo"
+	"go.uber.org/zap"
+)
+
+const (
+	defaultWalletPageSize int64 = 50
+	maxWalletPageSize     int64 = 200
+)
+
+type Wallets struct {
+	logger      mlogger.Logger
+	walletRepo  repository.Repository
+	balanceRepo repository.Repository
+}
+
+// NewWallets constructs a Mongo-backed wallets store.
+func NewWallets(logger mlogger.Logger, db *mongo.Database) (*Wallets, error) {
+	if db == nil {
+		return nil, merrors.InvalidArgument("mongo database is nil")
+	}
+
+	walletRepo := repository.CreateMongoRepository(db, mservice.ChainWallets)
+	walletIndexes := []*ri.Definition{
+		{
+			Keys:   []ri.Key{{Field: "walletRef", Sort: ri.Asc}},
+			Unique: true,
+		},
+		{
+			Keys:   []ri.Key{{Field: "idempotencyKey", Sort: ri.Asc}},
+			Unique: true,
+		},
+		{
+			Keys:   []ri.Key{{Field: "depositAddress", Sort: ri.Asc}},
+			Unique: true,
+		},
+		{
+			Keys: []ri.Key{{Field: "organizationRef", Sort: ri.Asc}, {Field: "ownerRef", Sort: ri.Asc}},
+		},
+	}
+	for _, def := range walletIndexes {
+		if err := walletRepo.CreateIndex(def); err != nil {
+			logger.Error("failed to ensure wallet index", zap.String("collection", walletRepo.Collection()), zap.Error(err))
+			return nil, err
+		}
+	}
+
+	balanceRepo := repository.CreateMongoRepository(db, mservice.ChainWalletBalances)
+	balanceIndexes := []*ri.Definition{
+		{
+			Keys:   []ri.Key{{Field: "walletRef", Sort: ri.Asc}},
+			Unique: true,
+		},
+	}
+	for _, def := range balanceIndexes {
+		if err := balanceRepo.CreateIndex(def); err != nil {
+			logger.Error("failed to ensure wallet balance index", zap.String("collection", balanceRepo.Collection()), zap.Error(err))
+			return nil, err
+		}
+	}
+
+	childLogger := logger.Named("wallets")
+	childLogger.Debug("wallet stores initialised")
+
+	return &Wallets{
+		logger:      childLogger,
+		walletRepo:  walletRepo,
+		balanceRepo: balanceRepo,
+	}, nil
+}
+
+func (w *Wallets) Create(ctx context.Context, wallet *model.ManagedWallet) (*model.ManagedWallet, error) {
+	if wallet == nil {
+		return nil, merrors.InvalidArgument("walletsStore: nil wallet")
+	}
+	wallet.Normalize()
+	if strings.TrimSpace(wallet.WalletRef) == "" {
+		return nil, merrors.InvalidArgument("walletsStore: empty walletRef")
+	}
+	if wallet.Status == "" {
+		wallet.Status = model.ManagedWalletStatusActive
+	}
+	if strings.TrimSpace(wallet.IdempotencyKey) == "" {
+		return nil, merrors.InvalidArgument("walletsStore: empty idempotencyKey")
+	}
+	if err := w.walletRepo.Insert(ctx, wallet, repository.Filter("idempotencyKey", wallet.IdempotencyKey)); err != nil {
+		if errors.Is(err, merrors.ErrDataConflict) {
+			w.logger.Debug("wallet already exists", zap.String("wallet_ref", wallet.WalletRef), zap.String("idempotency_key", wallet.IdempotencyKey))
+			return wallet, nil
+		}
+		return nil, err
+	}
+	w.logger.Debug("wallet created", zap.String("wallet_ref", wallet.WalletRef))
+	return wallet, nil
+}
+
+func (w *Wallets) Get(ctx context.Context, walletRef string) (*model.ManagedWallet, error) {
+	walletRef = strings.TrimSpace(walletRef)
+	if walletRef == "" {
+		return nil, merrors.InvalidArgument("walletsStore: empty walletRef")
+	}
+	wallet := &model.ManagedWallet{}
+	if err := w.walletRepo.FindOneByFilter(ctx, repository.Filter("walletRef", walletRef), wallet); err != nil {
+		return nil, err
+	}
+	return wallet, nil
+}
+
+func (w *Wallets) List(ctx context.Context, filter model.ManagedWalletFilter) (*model.ManagedWalletList, error) {
+	query := repository.Query()
+
+	if org := strings.TrimSpace(filter.OrganizationRef); org != "" {
+		query = query.Filter(repository.Field("organizationRef"), org)
+	}
+	if owner := strings.TrimSpace(filter.OwnerRef); owner != "" {
+		query = query.Filter(repository.Field("ownerRef"), owner)
+	}
+	if network := strings.TrimSpace(filter.Network); network != "" {
+		query = query.Filter(repository.Field("network"), strings.ToLower(network))
+	}
+	if token := strings.TrimSpace(filter.TokenSymbol); token != "" {
+		query = query.Filter(repository.Field("tokenSymbol"), strings.ToUpper(token))
+	}
+
+	if cursor := strings.TrimSpace(filter.Cursor); cursor != "" {
+		if oid, err := primitive.ObjectIDFromHex(cursor); err == nil {
+			query = query.Comparison(repository.IDField(), builder.Gt, oid)
+		} else {
+			w.logger.Warn("ignoring invalid wallet cursor", zap.String("cursor", cursor), zap.Error(err))
+		}
+	}
+
+	limit := sanitizeWalletLimit(filter.Limit)
+	fetchLimit := limit + 1
+	query = query.Sort(repository.IDField(), true).Limit(&fetchLimit)
+
+	wallets := make([]*model.ManagedWallet, 0, fetchLimit)
+	decoder := func(cur *mongo.Cursor) error {
+		item := &model.ManagedWallet{}
+		if err := cur.Decode(item); err != nil {
+			return err
+		}
+		wallets = append(wallets, item)
+		return nil
+	}
+
+	if err := w.walletRepo.FindManyByFilter(ctx, query, decoder); err != nil && !errors.Is(err, merrors.ErrNoData) {
+		return nil, err
+	}
+
+	nextCursor := ""
+	if int64(len(wallets)) == fetchLimit {
+		last := wallets[len(wallets)-1]
+		nextCursor = last.ID.Hex()
+		wallets = wallets[:len(wallets)-1]
+	}
+
+	return &model.ManagedWalletList{
+		Items:      wallets,
+		NextCursor: nextCursor,
+	}, nil
+}
+
+func (w *Wallets) SaveBalance(ctx context.Context, balance *model.WalletBalance) error {
+	if balance == nil {
+		return merrors.InvalidArgument("walletsStore: nil balance")
+	}
+	balance.Normalize()
+	if strings.TrimSpace(balance.WalletRef) == "" {
+		return merrors.InvalidArgument("walletsStore: empty walletRef for balance")
+	}
+	if balance.CalculatedAt.IsZero() {
+		balance.CalculatedAt = time.Now().UTC()
+	}
+
+	existing := &model.WalletBalance{}
+	err := w.balanceRepo.FindOneByFilter(ctx, repository.Filter("walletRef", balance.WalletRef), existing)
+	switch {
+	case err == nil:
+		existing.Available = balance.Available
+		existing.PendingInbound = balance.PendingInbound
+		existing.PendingOutbound = balance.PendingOutbound
+		existing.CalculatedAt = balance.CalculatedAt
+		if err := w.balanceRepo.Update(ctx, existing); err != nil {
+			return err
+		}
+		return nil
+	case errors.Is(err, merrors.ErrNoData):
+		if err := w.balanceRepo.Insert(ctx, balance, repository.Filter("walletRef", balance.WalletRef)); err != nil {
+			return err
+		}
+		return nil
+	default:
+		return err
+	}
+}
+
+func (w *Wallets) GetBalance(ctx context.Context, walletRef string) (*model.WalletBalance, error) {
+	walletRef = strings.TrimSpace(walletRef)
+	if walletRef == "" {
+		return nil, merrors.InvalidArgument("walletsStore: empty walletRef")
+	}
+	balance := &model.WalletBalance{}
+	if err := w.balanceRepo.FindOneByFilter(ctx, repository.Filter("walletRef", walletRef), balance); err != nil {
+		return nil, err
+	}
+	return balance, nil
+}
+
+func sanitizeWalletLimit(requested int32) int64 {
+	if requested <= 0 {
+		return defaultWalletPageSize
+	}
+	if requested > int32(maxWalletPageSize) {
+		return maxWalletPageSize
+	}
+	return int64(requested)
+}
+
+var _ storage.WalletsStore = (*Wallets)(nil)

api/gateway/chain/storage/storage.go

@@ -0,0 +1,53 @@
+package storage
+
+import (
+	"context"
+
+	"github.com/tech/sendico/gateway/chain/storage/model"
+)
+
+type storageError string
+
+func (e storageError) Error() string {
+	return string(e)
+}
+
+var (
+	// ErrWalletNotFound indicates that a wallet record was not found.
+	ErrWalletNotFound = storageError("chain.gateway.storage: wallet not found")
+	// ErrTransferNotFound indicates that a transfer record was not found.
+	ErrTransferNotFound = storageError("chain.gateway.storage: transfer not found")
+	// ErrDepositNotFound indicates that a deposit record was not found.
+	ErrDepositNotFound = storageError("chain.gateway.storage: deposit not found")
+)
+
+// Repository represents the root storage contract for the chain gateway module.
+type Repository interface {
+	Ping(ctx context.Context) error
+	Wallets() WalletsStore
+	Transfers() TransfersStore
+	Deposits() DepositsStore
+}
+
+// WalletsStore exposes persistence operations for managed wallets.
+type WalletsStore interface {
+	Create(ctx context.Context, wallet *model.ManagedWallet) (*model.ManagedWallet, error)
+	Get(ctx context.Context, walletRef string) (*model.ManagedWallet, error)
+	List(ctx context.Context, filter model.ManagedWalletFilter) (*model.ManagedWalletList, error)
+	SaveBalance(ctx context.Context, balance *model.WalletBalance) error
+	GetBalance(ctx context.Context, walletRef string) (*model.WalletBalance, error)
+}
+
+// TransfersStore exposes persistence operations for transfers.
+type TransfersStore interface {
+	Create(ctx context.Context, transfer *model.Transfer) (*model.Transfer, error)
+	Get(ctx context.Context, transferRef string) (*model.Transfer, error)
+	List(ctx context.Context, filter model.TransferFilter) (*model.TransferList, error)
+	UpdateStatus(ctx context.Context, transferRef string, status model.TransferStatus, failureReason string, txHash string) (*model.Transfer, error)
+}
+
+// DepositsStore exposes persistence operations for observed deposits.
+type DepositsStore interface {
+	Record(ctx context.Context, deposit *model.Deposit) error
+	ListPending(ctx context.Context, network string, limit int32) ([]*model.Deposit, error)
+}