Build, launch, and operate DigiKash {{V}} with confidence.

What's New in DigiKash {{V}}

Version {{V}} headlines an International Remittance engine, P2P order chat, a second Golden site theme with custom brand colors, and full RTL multi-language support — on top of the unified marketplace, multi-provider virtual cards, feature flags, mobile recharge, subscriptions, wallet staking, agent operations, and OTA updater introduced in 2.0. All on Laravel 11 with PHP 8.3+.

Server Requirements

Prepare the server before opening the installer. The wizard checks your PHP version, required extensions, and writable paths — and refuses to continue until everything turns green.

Minimum Software

Required PHP Extensions

Writable Directories

• .env — the installer writes app and DB settings here.
• storage/ — logs, uploads, sessions, cache, backups, generated PDFs.
• bootstrap/cache/ — optimized framework cache files.

Useful Commands

Installation Wizard

DigiKash ships with a web installer at /install. Use the wizard for every fresh deployment — it removes any need to edit .env by hand or import SQL through phpMyAdmin.

Envato License Verification

• The license is verified before the database step and re-checked during final installation.
• The installer posts the purchase code, domain, product slug, and Envato item ID to the official Coevs update server.
• No author Envato personal token is ever stored on the client website.
• After installation, your license is saved securely so future updates can be delivered to this site.
• If verification fails, confirm the purchase code, product match, domain, and outbound HTTPS access from the host.

What Happens When You Press Install

• Validates server requirements (PHP version, extensions, writable paths) before continuing.
• Verifies the Envato purchase code through /install/license-test against the Coevs update server.
• Tests the database connection through /install/database-test.
• Writes APP_NAME, APP_URL, APP_KEY, DB credentials, updater values, debug settings, and SESSION_DRIVER=file into .env.
• For MySQL / MariaDB — imports DB/digikash.sql into your empty database.
• For SQLite — runs Laravel migrations followed by the configured seeders.
• Saves your verified license so the Project Updater is already linked to this installation.
• Creates the first super-admin account from the wizard form. There is no shared default email or password.
• Writes the install lock file storage/app/installed, clears Laravel caches, and redirects you to /admin/login.

cPanel-specific Notes

• Upload core-v{{V}}.zip with File Manager → Upload, then right-click it and choose Extract.
• Use MySQL Databases to create the DB, add a user, and assign all privileges to the user on that DB.
• Use the Domains screen to set the document root to the public/ folder inside the extracted project.
• If your host blocks document-root changes, contact hosting support before relocating Laravel files.
• Use cPanel Terminal (or SSH) for cache, queue, storage-link, and recovery commands.
• After install, you can safely delete the original core-v{{V}}.zip from your server to free up space.

Post-install Checklist

After pressing Install, you'll land on the admin login. Work through this list before sending real traffic to the site.

• Sign in at /admin/login with the super-admin account you created in the wizard.
• Configure SMTP from Settings → Site Settings → Mail and send a test email.
• Add payment gateway credentials under Finance & Wallet → Payment Gateways and run a live test transaction on HTTPS.
• Start a queue worker (php artisan queue:work) so notifications, payment jobs, and updater steps actually fire.
• Add a system cron entry: * * * * * php /path/to/artisan schedule:run >> /dev/null 2>&1
• Keep APP_DEBUG=false in production. Never expose .env or storage/ publicly.
• Enable Two-Factor Authentication for every admin and high-privilege staff account.
• Review Feature Controls and disable modules you don't plan to expose to users.
• Set the platform branding: logo, favicon, brand colors, and SEO defaults.
• Delete the uploaded core-v{{V}}.zip from your server once everything works.

Updating DigiKash Safely

DigiKash includes an admin Project Updater at Settings → Project Updater. New installations are linked automatically when the installer verifies and stores the Envato license token.

Manual Update Fallback

• Put the app in maintenance mode: php artisan down.
• Back up the database, .env, and storage/ locally before swapping files.
• Replace application files only — never overwrite .env, storage/, or uploaded user content.
• Run php artisan migrate --force followed by php artisan optimize:clear.
• Bring the app back: php artisan up. Verify login, payments, notifications, and API checkout.

Tech Stack

DigiKash is built on a modern Laravel stack with clearly separated concerns for backend, frontend, payments, and integrations.

Folder Structure

DigiKash keeps Laravel's default structure and adds product-specific folders for payments, the installer, the project updater, and the bundled database import.

Core Folders

• app/ — application logic, services, jobs, events, support classes.
  • Http/Controllers/Backend/ — admin-panel controllers (60+ modules).
  • Http/Controllers/Frontend/ — user, merchant, agent surfaces.
  • Http/Controllers/Api/ — merchant checkout API.
  • Http/Controllers/Webhook/ — incoming provider callbacks.
  • Http/Middleware/ — installer guard, feature flags, IP block, 2FA, account status.
  • Http/Requests/ — Form Request validators for every action.
  • Models/ — Eloquent models for accounts, wallets, transactions, P2P, cards, licenses.
  • Services/ — provider abstractions for payments, virtual cards, recharge, phone verification.
  • Payment/ — gateway-specific payment integrations (classmap autoloaded).
  • Support/ — installer manager, helpers, infrastructure utilities.
• routes/ — web.php, admin.php, api.php, auth.php, install.php, channels.php, console.php.
• resources/views/ — Blade templates: backend/, frontend/, installer/, emails/, pwa/, components/.
• config/ — Laravel + product config: installer.php, project_updater.php, feature_catalog.php, admin_menus.php, control_panel.php, virtual_card.php, mobile_services.php.
• DB/ — bundled digikash.sql used by MySQL / MariaDB installs.
• database/ — migrations, factories, seeders (used by tests and SQLite).
• public/ — web entry point. Your domain points here. Pre-built CSS / JS assets live under public/general, public/backend, and public/frontend.
• storage/ — logs, cache, sessions, uploads, update packages, recovery backups.
• documentation/ — this docs package.
• vendor/ — Composer dependencies shipped with the release.

Important Files

Configuration Files

Most product behavior is configured from the admin UI, but these files drive what the UI can do.

Environment Variables

Most values are written by the installer and edited from the admin UI. These are the ones you may need to touch by hand.

Admin Login

The admin panel is the control center for accounts, transactions, content, settings, and maintenance. Access is gated by a separate auth guard.

User, Merchant, & Agent Login

Each audience has a dedicated entry point. Login accepts the registered email or username with the account password.

Login URLs

Shared Login Features

• Email or username + password.
• Password visibility toggle.
• Remember Me for trusted devices.
• Forgot Password — sends a reset link to the registered email.
• Sign Up link to the matching registration form.
• Protected pages redirect guests to the correct login page based on the requested area.
• Account-status checks block suspended accounts at the auth layer.
• Two-Factor Authentication is enforced when enabled on the account.

Two-Factor Authentication

TOTP-based 2FA is available for every panel and strongly recommended for admins.

• Enable from Profile → Security on any panel.
• Scan the QR code with any authenticator app (Google Authenticator, Authy, 1Password).
• Disable from the same Security screen — requires re-entering the account password.
• Every subsequent login is interrupted by a 2FA verification prompt when the feature is active.

Wallet PIN

Sensitive money operations can be gated by a secondary numeric PIN.

• Users set the PIN from Profile → Security → Wallet PIN.
• Prompted before transfers, withdrawals, and other high-risk actions when enabled.
• Resetting the PIN requires verifying the account password (and 2FA if active).

User Dashboard

After login, every user lands on a dashboard that summarizes wallet balances, recent activity, and quick actions for the most-used features.

Sidebar Navigation

• Wallet — balances, deposits, withdrawals, transfers, exchange, transaction history.
• Pay — merchant checkout, payment links, vouchers, mobile recharge.
• Earn — wallet staking plans, referral tree, ranking progress.
• Cards — virtual card requests, active cards, top-ups, withdrawals.
• P2P — marketplace offers, my orders, advertise, payment accounts.
• Account — profile, KYC, security (2FA, PIN), subscriptions, notification preferences.

Deposit Money

Top up the wallet using any active automatic gateway (card, crypto, mobile money) or a manual deposit method with proof-of-payment upload.

• Supports any currency the admin has enabled for users.
• Per-gateway fee preview before confirmation — no surprise charges.
• Manual proof uploads accept image / PDF receipts.
• Deposit history shows status, method, gateway reference, fee, and net amount.
• Failed gateway callbacks reverse pending entries automatically.

Withdraw Money

Cash out wallet balance to a linked bank account, crypto address, or mobile-money number. Automatic methods process instantly through the gateway; manual methods queue for admin review.

Scheduled Withdrawals

Admins can restrict withdrawal submissions to specific windows (e.g. Monday + Thursday). Outside the window, users see the next available time slot.

Send & Request Money

Instant wallet-to-wallet transfers between platform accounts, plus payment requests another user can approve and pay from their wallet.

Send Money

• Find the recipient by username, email, or phone number.
• Same-currency transfers settle instantly with zero conversion.
• Cross-currency transfers use the live exchange rate with a confirmed preview.
• Add a private note and an optional memo visible only to the recipient.
• Wallet PIN + 2FA enforced when configured.

Request Money

• Send a payment request to any platform user.
• Recipient sees the request in their inbox with one-tap approve / reject.
• Approved requests transfer the balance instantly and notify both parties.
• Track outstanding, approved, and rejected requests under Money Requests.

Exchange Currencies

Convert wallet balance from one supported currency to another using the live exchange-rate engine — instantly and without leaving the wallet.

• Pick source and destination currencies from your enabled wallets.
• Preview the rate, fee, and amount-you-receive before submitting.
• Conversion is instant — both wallets update immediately on confirmation.
• Every exchange is recorded as a single transaction with FX details for receipts.
• Admin can configure per-currency exchange fees and minimum trade amount.

Wallet Earn — Staking New in 2.0

Lock part of your wallet balance into an admin-defined earning plan and receive rewards automatically on a fixed schedule. The platform handles every payout and the principal return for you — there is nothing to claim manually.

How it works

Mobile Recharge New in 2.0

Top up any mobile number from wallet balance — for yourself or anyone else — through the platform's configured recharge provider.

• Supported drivers: Sandbox (testing), Reloadly (global airtime), generic HTTP API.
• Recharge history shows every top-up with operator, amount, fee, and provider reference.
• Failed recharges automatically refund the wallet.

Pay Merchants

Three ways to pay registered merchants — scan a QR code, open a payment link, or apply a voucher at checkout.

Create Payment Links

Generate shareable links to collect money from anyone — even people without a platform account.

• Choose Fixed Amount (locked) or Buyer-defined (payer chooses).
• Pick currency, optional expiry date, and a maximum number of uses.
• Share the generated link by chat, email, social, or QR.
• Payers can pay from their wallet or any active gateway — no signup required for guest gateway payments.
• Track collected payments, refunds, and link status from My Payment Links.

P2P Trading New in 2.0

Buy or sell currency directly with other platform users through escrow-protected peer-to-peer trades.

As a Buyer / Seller

• Browse the marketplace — filter offers by currency, payment method, country, and price.
• Open an order: the seller's funds are locked in escrow immediately.
• Pay (or receive payment) through the agreed off-platform method.
• Mark as paid / confirm receipt — escrow releases automatically.
• Rate the counterparty after the trade closes.

As an Advertiser

• Post offer ads with your own price, min/max trade limits, payment methods, and terms.
• Save reusable Payment Accounts (bank, mobile money, cash) for fast offer creation.
• Promote offers with paid Promotion Packages for featured placement.
• Built-in trader profile with completion rate, response time, and rating.

Disputes & Safety

• Open a dispute from inside the trade chat with proof attachments.
• Platform admins review history and rule on the verdict.
• Escrow only releases on mutual confirmation or admin verdict — funds are never at risk in transit.

Virtual Cards

Apply for a virtual card, top it up from your wallet, and use it for online payments anywhere Visa or Mastercard is accepted.

• Supports Stripe Issuing, StroWallet, and Bitnob in a single user experience.
• Per-card transaction history shows every authorization and settlement.
• Freeze a lost card in one tap (provider-dependent).
• Card top-up and withdraw fees configured per provider by admin.

Subscriptions New in 2.0

Browse available plans, subscribe to unlock platform features and quota upgrades, and manage billing from a single screen.

• Plan cards show price, billing cycle, included features, and quota limits.
• Subscribe in one tap — pays from wallet or any active gateway.
• Switch tiers anytime — proration applied automatically.
• Cancel anytime from My Subscription. Plan stays active until the period ends.
• Full transaction history with downloadable invoices.

Referral Program & Vouchers

Referral Program

• Get a unique referral code and shareable link from your profile.
• Earn configurable rewards when a referred friend signs up, completes KYC, or makes their first deposit.
• See your referral tree with each referred user, their status, and reward earned.
• Rewards credit directly to your wallet — no separate withdrawal step.

User Rankings

• Progress through ranks (Bronze → Silver → Gold → Platinum or admin-defined tiers).
• Each rank unlocks higher wallet limits, deeper referral tree depth, and reward multipliers.
• Promotion happens automatically as you cross the activity threshold.

Vouchers

• Redeem voucher codes from Wallet → Redeem Voucher.
• Codes credit the wallet instantly or apply as a discount at merchant checkout.
• Per-voucher expiry, amount, and usage limit enforced automatically.

KYC Verification

Submit identity documents to unlock KYC-gated features like withdrawals, virtual cards, P2P trading, and send-money limits.

Profile & Security

Control your personal information, account security, and notification preferences from one place.

Notifications & Support

Notification Inbox

• In-app inbox for payments, transfers, KYC, P2P, support, and system alerts.
• Channel preferences — opt in/out of email, SMS, push, and in-app per event type.
• Mark all as read or filter by unread / category.

Support Tickets

• Open a ticket from Support → New Ticket with category, subject, and message.
• Attach files (screenshots, receipts) to the ticket body.
• Reply thread shows admin responses with timestamps.
• Ticket categories drive auto-routing to the right staff role.
• Close a ticket when resolved — re-open if the issue returns.

Dashboard & Control Panel

The dashboard summarizes user growth, merchant activity, transaction totals, wallet balances, and recent movement. The Control Panel surface adds searchable shortcuts to every admin module.

Accounts & KYC

Manage users, merchants, agents, KYC submissions, account status, and support conversations with a consistent review workflow.

User Accounts

• List, filter, and search every registered user.
• Dedicated views for Active, Suspended, Unverified, and KYC-Pending users.
• Manage profile, wallet balance, features, password, and status from a single screen.
• "Login as user" for safe support sessions (audit logged).
• Bulk mail to all users from the admin panel.

Merchants & Agents

• Approve or reject merchant and agent applications after reviewing profile + documents.
• Manage active/inactive status, business profiles, and commission rules (agents).
• Convert user accounts to merchants when needed.

KYC Verification

• Define required fields per audience using KYC Templates.
• Process submissions from a Pending Reviews queue.
• Approve or reject with optional admin remarks — the user is notified automatically.
• Rejected users can resubmit a fresh KYC after correcting the flagged fields.
• Features gated by KYC (withdraw, send money, virtual cards, P2P) automatically unlock on approval.

Finance & Wallet

Configure supported currencies, manage exchange rates, and use the transactions ledger as the source of truth for money movement.

Currency Management

• Add, edit, or disable currencies with code, symbol, exchange rate, and per-role availability.
• Connect to an exchange API for live rates, or manage rates manually.
• Tag currencies as user-facing, merchant-facing, agent-facing, or all three.

Transactions Ledger

• Single, searchable list of every deposit, withdrawal, transfer, exchange, reward, voucher, and payment link transaction.
• Filter by user, type, status, date range, gateway, and currency.
• Export to CSV for finance reconciliation.

Payment Gateways

DigiKash ships with first-class integrations for 25+ payment providers covering cards, mobile money, crypto, and African / Asian regional gateways — all behind a single provider-agnostic abstraction.

Bundled providers

• Stripe, Mollie, Cryptomus, and additional gateways available out of the box.
• Enable per currency and set per-gateway minimums, maximums, fees, and surcharges.
• Test in sandbox mode before flipping to live credentials.
• Webhook callback URLs are auto-generated — copy them into the provider dashboard.
• Disabled gateways automatically hide dependent deposit / withdraw methods.

Deposits & Withdrawals

Each side of money movement supports both Automatic (gateway) and Manual (bank/cash) methods with separate review queues.

Payment Links, Merchant Payments & Mobile Recharge

Money-out products users and merchants can issue, share, and collect on.

Payment Links

• Generate shareable links that customers can pay from a wallet or supported gateway.
• Configurable amount (fixed or buyer-defined), currency, expiry, and reuse policy.
• Track payments, refunds, and link status from the admin list.

Merchant Payments

• Customers pay merchants from their wallet or any active payment gateway.
• Merchants share a unique payment QR code (printed in-store or shown on screen); customers open it to load the checkout.
• Voucher redemption is supported at the checkout step.
• WooCommerce plugin ships pre-built at public/general/woocommerce-gateway-v2.8.0/ for eCommerce integration.
• Sanctum-authenticated Merchant API with HMAC-signed webhooks (see /api-docs).

Mobile Recharge

• Top up mobile numbers from wallet balance through pluggable providers.
• Supported drivers: sandbox (testing), reloadly (global airtime), http (generic HTTP API).
• Configurable minimum, maximum, fixed fee, and percentage fee from config/mobile_services.php.
• Per-provider operator catalog managed under Mobile Recharge → Providers.

P2P Marketplace New in 2.0

Peer-to-peer trading rooms with offer ads, escrow orders, dispute handling, payment-method directory, promotions, and trader profiles.

Virtual Cards

Issue and manage virtual cards on top of multiple providers — Stripe Issuing, StroWallet, and Bitnob — with a single, provider-agnostic admin experience.

Provider Capabilities

Admin Workflows

• Awaiting Requests — review new card-issuance applications.
• Cardholders — manage issued cardholder records.
• All Requests — historical request log with status filters.
• All Cards — every issued card with provider, status, balance, and last sync.
• Fee Settings — set issuance fees per-currency and per-card-type (multi-fee: percentage + fixed).
• Provider Settings — credentials, capabilities, and provider-specific overrides.

Wallet Earn (Staking) New in 2.0

Create earning plans, let users stake their wallet balance into them, and let the platform pay rewards and return principal automatically. You stay in control of approvals and can intervene on any individual stake.

1. Build an Earning Plan

A plan is the template users stake into. Every field below is configurable per plan:

2. Automatic Payouts

• The wallet-earn:process command runs every minute via the scheduler — it credits any due payouts and returns matured principal. Keep the scheduler cron entry active.
• Each due payout credits the user's wallet, writes a reward transaction, and advances the next payout date until the term completes.
• Payouts are idempotent — each numbered payout is paid exactly once, even if the command overlaps or retries.
• When the final payout is made (or maturity is reached) the stake is marked Completed, and the principal is returned if the plan allows it.

3. Manage Stakes

The Stakes screen lists every user stake with its principal, paid vs. expected profit, payouts made / total, next payout, and maturity date. Per stake you can:

• Approve a pending stake — activates it and sets the payout schedule.
• Reject a pending stake — returns the full principal to the user's wallet.
• Cancel an active stake — stops future payouts and returns the principal.
• Complete an active stake — settles any due payouts immediately and closes it (returning principal if configured).

Subscriptions New in 2.0

Tier-based subscription plans with features, pricing cycles, and per-user lifecycle tracking.

• Plans — define tiers, features, and per-cycle prices (monthly, quarterly, yearly).
• Plan Features — bind plans to platform features with quantity/limit overrides.
• User Plans — view active and historical subscriptions, with manual override controls.
• Transactions — every subscription payment with status, plan, and renewal info.
• Users can subscribe, cancel, change tier, and view receipts from their dashboard.

Referral Program & User Rankings

Growth tooling for retention and acquisition.

Referral Program

• Unique referral codes and shareable links per user.
• Configurable reward per signup, KYC completion, first deposit, or specific event.
• Per-currency reward caps and minimum referrer requirements.
• Referral tree view in the user dashboard.

User Rankings

• Define ranks (e.g. Bronze, Silver, Gold, Platinum) with progression criteria.
• Per-rank wallet limits, referral level depth, and reward multipliers.
• Automatic rank promotion based on user activity.

Vouchers

• Single-use or multi-use redeemable vouchers for wallet balance.
• Per-voucher currency, amount, expiry, and redemption limit.
• Redeemable from the user wallet or at merchant checkout.

Notifications & Support

Reach users quickly and run a structured support backlog.

Notifications

• Send Notification — push custom notifications to all users or filtered audiences.
• Notification Logs — searchable record of every notification with channel and status.
• Templates — per-event templates with three configurable channels: Email, SMS, and Push.
• Each channel has an independent on/off toggle per template — enable email but disable SMS for low-impact events.
• An in-app inbox also receives every notification via Laravel's database notification table — independent of the channel switches above.

Email Subscribers

• Newsletter signup form on the public site captures subscribers.
• Export to CSV or send bulk announcements directly.

Support Tickets

• Status tabs: New, In Progress, Closed, History.
• Per-ticket reply thread with attachments.
• Configurable Ticket Categories with auto-routing.
• Internal notes visible only to staff.

Site Builder & CMS

Control public-facing content without touching code.

Pages & Components

• Landing Page — upload a custom HTML/CSS landing page, or use the built-in builder.
• All Pages — manage every static page with rich content.
• Page Components — reusable building blocks (heroes, feature lists, CTAs, FAQs).
• Site Navigation — header menu structure with multi-level dropdowns.
• Footer Sections — manage footer columns and links.
• Style Manager — inject custom CSS for fine-tuning the public theme.

SEO & Social

• SEO Settings — per-page title, meta description, Open Graph, and Twitter cards.
• Social Links — manage the social network footer/header icons.

Blog

• Blog Posts — title, slug, cover image, rich body, SEO fields.
• Blog Categories — taxonomy for filtering posts.

System Configuration

Platform-wide settings, integrations, languages, and background jobs.

Site Settings

• Brand, logo, favicon, login banner, currency display, time zone.
• Mail (SMTP), Security, Maintenance Mode, Cookie Consent, Captcha.
• Visitor landing behavior — redirect to login page or default landing.
• Admin URL prefix override for security through obscurity.

Integration Center

• Enable / disable plugin integrations (WooCommerce, Google Analytics, etc.).
• Each plugin exposes its own credential form.

Languages

• Manage installed languages, add new locales, edit translation strings inline.
• Set the default language and toggle the language switcher visibility.

Background Jobs

• Live view of running, failed, and recent jobs.
• Re-run failed jobs from the UI.
• Pair with a real queue worker process (queue:work) for reliable delivery.

Feature Controls New in 2.0

Toggle every revenue feature per panel (user / merchant / agent), set KYC and phone gates, and control country allow-lists. Drives the entire UI from a single screen.

Staff & Roles

Use least-privilege access for everything except the super-admin.

• Team Members — create staff accounts with assigned roles.
• Roles & Permissions — define granular permissions per role (powered by Spatie Permission).
• Every admin menu item declares the permission it requires; menu links are hidden when missing.
• Disable a staff account immediately if a member leaves the team.

Production Setup

A production-grade DigiKash install needs a queue worker, a cron entry, HTTPS, and SMTP for mail.

Cron — Laravel Scheduler

Run the scheduler every minute. It dispatches background tasks for rewards, withdraw schedules, recurring jobs, and cleanup.

* * * * * php /path/to/digikash/artisan schedule:run >> /dev/null 2>&1

Queue Worker — Supervisor

Keep a queue worker alive. Supervisor is the recommended way to auto-restart it.

[program:digikash-worker]
process_name=%(program_name)s_%(process_num)02d
command=php /path/to/digikash/artisan queue:work --tries=3 --timeout=90
autostart=true
autorestart=true
user=www-data
numprocs=2
redirect_stderr=true
stdout_logfile=/path/to/digikash/storage/logs/worker.log

Storage Symlink

php artisan storage:link

HTTPS

• Install a valid SSL certificate (Let's Encrypt is free and well-supported).
• Force HTTPS in your web server config.
• Set APP_URL to the HTTPS variant in .env.

Mail (SMTP)

• Configure SMTP under Settings → Site Settings → Mail.
• Send a test mail before enabling notification channels.
• Use a reputable transactional mail provider (Postmark, SES, Mailgun, Resend) in production.

Progressive Web App

DigiKash can be installed as a Progressive Web App on mobile and desktop, giving users a native-feeling shortcut to the wallet.

• Manifest and service worker are served by the PwaController.
• Users can install the app to the home screen on mobile and desktop browsers that support PWA.
• Customize the install banner, theme color, and icons from Settings → Site Settings → PWA.

Security & Maintenance

Keep production stable with least-privilege access, 2FA, backups, cache tools, activity logs, and the Project Updater.

• Enable 2FA for admins and staff with sensitive permissions.
• Review Activity Logs when investigating login, device, or suspicious access issues.
• Use the IP Block list to ban abusive addresses.
• Run Optimize App and Clear Cache after updates or environment changes.
• Download a recovery backup before installing updates from the Project Updater.
• Rotate API keys (Stripe, Twilio, virtual-card providers) on a regular schedule.

Safe Recovery Commands

Project Updater

Install signed releases over the air with checksum verification, recovery backups, and migration automation.

• Lives at Admin → Settings → Project Updater.
• Packages must be signed; verification uses the public key in config/project_updater.php.
• Update server URL defaults to https://updates.coevs.com — override with PROJECT_UPDATER_SERVER_URL.
• Storage paths are configurable: PROJECT_UPDATER_PACKAGES_PATH, PROJECT_UPDATER_EXTRACT_PATH, PROJECT_UPDATER_BACKUPS_PATH.
• Protected paths the updater never touches: .env, storage/, vendor/, node_modules/, .git/.
• Disable in-app installs entirely by setting PROJECT_UPDATER_INSTALL_ENABLED=false.

Troubleshooting

Use these checks when installation, assets, the database import, or updates do not behave as expected.

Changelog

[Added] - International Remittance module — cross-border money transfer with beneficiaries, country/currency corridors, live quotes, payout routing, compliance screening, and a versioned REST API
[Added] - P2P Order Chat — in-escrow buyer/seller messaging with live polling, unread tracking, and a dedicated rate-limit bucket
[Added] - P2P Demo Trading seeder — sample offers, orders, and trader profiles to preview the marketplace immediately after install
[Added] - Golden theme — a second site-wide visual theme (luxury obsidian + gold) selectable alongside Classic, each with its own layouts and asset bundle
[Added] - Theme Color customizer — override accent / brand colors with validated hex values from Site Settings
[Added] - MercadoPago payment gateway added to the gateway factory
[Added] - Payment-method seeder and automatic method-code generator for consistent deposit / withdraw provisioning
[Added] - Multiple manual deposit methods per currency
[Added] - Storage Link tool — create or repair the public/storage symlink from the admin Settings page, no SSH required
[Improved] - Multi-language UI with full RTL support and a redesigned Language Manager (add locales, inline translate, reposition the switcher)
[Improved] - Saved Withdraw Accounts with stricter validation and reusable payout details
[Improved] - Subscription plan feature types — richer per-feature limits / flags and cascade-safe plan deletion
[Improved] - StroWallet provider response handling hardened (dispatch and response-shape normalization)
[Improved] - Installer — smarter database-host parsing, extra feature checks, and a refreshed installer UI
[Improved] - Wallet service refactor for staking / earn balance operations
[Improved] - Admin payment-gateway and virtual-card management UIs
[Fixed] - Updater license card now follows the current host instead of the newest row
[Fixed] - Manual deposit transaction currency handling
[Fixed] - Notification feed now tolerant of malformed data
[Fixed] - Deposit-method compatibility and conversion-rate layout issues
[Fixed] - Numerous bug fixes and UI polish across admin, P2P, subscriptions, and withdrawals

[Added] - P2P Marketplace with offer ads, escrow orders, disputes, promotions, payment-method directory, and trader profiles
[Added] - Subscription System with tier plans, pricing cycles, proration math, renewals, cancellations, and transactions
[Added] - Wallet Earn (Staking) with configurable plans, lock periods, APY, and scheduled rewards
[Added] - Mobile Recharge module with Sandbox, Reloadly, and generic HTTP API drivers
[Added] - Agent Program with dedicated panel, commission rule engine, QR cash-out, and operations workflow
[Added] - Feature Controls to toggle every revenue module per panel with KYC and phone-verification gates
[Added] - Project Updater with signed OTA releases, SHA-256 verification, recovery backups, and automatic migrations
[Added] - Redesigned Control Panel with searchable, categorized, permission-aware shortcuts
[Added] - PWA support with installable manifest, service worker, and configurable theme color and icons
[Added] - Wallet PIN as a secondary numeric PIN for transfers, withdrawals, and other high-risk actions
[Added] - Phone Verification via Twilio with rate-limited send and verify endpoints
[Added] - KYC Templates per audience (user / merchant / agent) with resubmission flow on rejection
[Added] - Login Activity tracking (IP, country, browser, device, platform) with one-click logout of all other sessions
[Added] - IP Block list to ban abusive addresses at the middleware layer
[Added] - Admin Lock Screen for quick session lock without full sign-out
[Added] - Background Jobs dashboard with task registry, scheduler view, retry, and retry-all for failed jobs
[Added] - User-to-merchant and user-to-agent account conversion from the admin user manager
[Added] - Bulk email send to all users directly from the admin panel
[Added] - "Login as user" support sessions with full audit logging
[Added] - Scheduled Withdrawals to cap payout submissions to defined day-of-week windows
[Added] - Saved Withdraw Accounts so users can reuse bank / crypto / mobile-money payout details
[Added] - Notification Templates with three configurable channels (Email, SMS, Push) and per-template on/off toggle
[Added] - In-app notification inbox via Laravel database notifications
[Added] - Style Manager to inject custom CSS without touching source code
[Added] - Currency role-based visibility (user / merchant / agent) for per-audience wallet enablement
[Added] - Expanded to 25+ payment gateways including Stripe, PayPal, Mollie, Cryptomus, Razorpay, Paystack, Flutterwave, Paymob, Coinbase Commerce, NowPayments, Binance Pay, Bitnob, StroWallet, and more
[Added] - Merchant API with Sanctum personal-access tokens and HMAC-signed webhook delivery
[Added] - Live Merchant API documentation page at /api-docs with Prism syntax highlighting
[Improved] - Multi-provider Virtual Cards now span Stripe Issuing, StroWallet, and Bitnob with per-provider capability flags (issue, top-up, withdraw, freeze, limits, controls)
[Improved] - WooCommerce gateway plugin bundled at public/general/woocommerce-gateway-v2.8.0/ for eCommerce checkout
[Improved] - Account management with KYC status flows and suspended / unverified / KYC-pending filtered views
[Improved] - Notification system with per-channel toggles and channel-specific templates
[Improved] - Security hardening across panels — account-status middleware, IP block, throttled phone verification, 2FA on User / Merchant / Agent / Admin
[Improved] - Multi-language UI with admin-managed translation strings via joedixon/laravel-translation
[Improved] - PDF receipts via barryvdh/laravel-dompdf for transactions, payment links, and subscription invoices
[Improved] - Voucher system with single-use / multi-use codes, per-currency limits, and merchant checkout redemption
[Improved] - Payment Links with fixed or buyer-defined amount, expiry, max uses, and guest checkout
[Upgraded] - Laravel framework to v11 with streamlined bootstrap and attribute-based middleware
[Upgraded] - PHP requirement to 8.3+ (PHP 8.4 supported)
[Upgraded] - Laravel Sanctum to v4 for Merchant API token authentication
[Upgraded] - Spatie Laravel Permission to v6 for staff roles and granular admin permissions
[Upgraded] - pragmarx/google2fa to v8 for TOTP-based two-factor authentication
[Upgraded] - Stripe PHP SDK to v17 with the latest Issuing API for virtual cards
[Upgraded] - Intervention Image to v3 for upload, resize, and format conversion
[Fixed] - Carry-over deposit, withdrawal, and gateway integration issues reported during v1.x
[Fixed] - Query optimization, N+1 reductions, and general performance improvements across admin and dashboard
[Removed] - Bundled development-only dependencies (Vite / Tailwind / Alpine) from the shipped runtime; the production UI uses pre-built assets in public/

Previous Releases (v1.x)

[Added] - Merchant disable feature
[Added] - Additional currencies for the StroWallet payment gateway
[Added] - Multi-fee option (Percentage + Fixed) for the StroWallet virtual card
[Improved] - Payment gateway list now displays all supported currencies
[Fixed] - Deposit issue with StroWallet

[Added] - Initial Control Panel for improved backend management
[Added] - Advanced search system in the admin panel
[Added] - WooCommerce plugin integration
[Upgraded] - Merchant API to enterprise-grade structure
[Fixed] - Payment gateway integration issues
[Fixed] - Various bugs and overall site performance optimization

[Added] - User and merchant account delete functionality
[Added] - Option to redirect visitors to login page instead of default landing
[Added] - User-to-merchant account conversion
[Added] - Separate withdrawal and deposit fee settings for users and merchants
[Fixed] - Currency management API
[Fixed] - Activity log display issues

[Added] - Custom landing page uploader
[Added] - Exchange API config in the admin currency section
[Added] - Site preloader management
[Improved] - Currency exchange error UI redesigned
[Improved] - Auto-disable deposit / withdraw methods when the underlying gateway is disabled

[Added] - New payment methods
[Added] - Initial multi-provider virtual card support
[Added] - Virtual card placeholder application flow
[Added] - Card top-up and withdrawal endpoints
[Improved] - Replaced static values with dynamic config options

[Added] - Merchant payment via QR code
[Added] - Payment using merchant payment link
[Added] - Voucher payment at checkout
[Added] - Advanced virtual card system (multi-provider support)
[Fixed] - Google reCAPTCHA integration issues
[Fixed] - General bug fixes and performance improvements

Support

Need help? Reach out — we read every message.