d-bis/CurrenciCombo
4
0
Fork 0
Code Issues Pull Requests 9 Actions Packages Projects Releases Wiki Activity

PR E: SWIFT gateway (MT760, pacs.009, MT202, camt.025/054) #9

Merged
nsatoshi merged 2 commits from devin/1776875929-swift-gateway into main 2026-04-22 17:17:52 +00:00
Conversation 0 Commits 2 Files Changed 12 +1096 -1

2 Commits

Author SHA1 Message Date
Devin
632f309ffc PR E: SWIFT gateway (MT760, pacs.009, MT202, camt.025/054) — arch step 6
Some checks failed
CI / Frontend Lint (pull_request) Failing after 5s
Details
CI / Frontend Type Check (pull_request) Failing after 7s
Details
CI / Frontend Build (pull_request) Failing after 6s
Details
CI / Frontend E2E Tests (pull_request) Failing after 8s
Details
CI / Orchestrator Build (pull_request) Failing after 6s
Details
CI / Contracts Compile (pull_request) Failing after 7s
Details
CI / Contracts Test (pull_request) Failing after 6s
Details
Code Quality / SonarQube Analysis (pull_request) Failing after 19s
Details
Code Quality / Code Quality Checks (pull_request) Failing after 5s
Details
Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 5s
Details
Security Scan / OWASP ZAP Scan (pull_request) Failing after 4s
Details 
Outbound generators:
- swift/mt760.ts: SBLC issuance (FIN Cat-7). 12-tag message built from
  InstrumentTerms with deterministic messageHash() for planHash
  anchoring. URDG 758 / UCP 600 aware.
- swift/pacs009.ts: FI-to-FI credit transfer (ISO 20022 XML,
  pacs.009.001.08). Fixes the pacs.008 mis-routing flagged in the
  gap-analysis (pacs.008 is customer-to-bank; pacs.009 is bank-to-bank).
  BIC validation on all four agents.
- swift/mt202.ts: FIN equivalent of pacs.009 for non-migrated corridors.
  32A amount formatted with SWIFT decimal comma.

Inbound parsers:
- swift/camt.ts: parseCamt025 (receipt / status), parseCamt054
  (credit/debit notification), reconcileCamt054 (diffs amount, ccy,
  direction, endToEndId so VALIDATING can feed mismatches into
  Data.valueMismatch()), parseCamt dispatcher on xmlns marker.

Public surface in swift/index.ts documents channel selection:
pacs.008 stays on the PSP customer leg; pacs.009/MT202 is the
interbank leg; COMMIT requires camt.025 ACSC or camt.054 CRDT
(arch §9.2 accepted !== settled).

Tests: swift.test.ts — 14 cases covering the happy path, validation
errors (bad BIC, malformed date, negative amount, missing pay step),
determinism of messageHash, camt parser + reconciliation.

tsc clean. 74 tests pass across 6 suites.
 2026-04-22 17:17:19 +00:00
Devin
f177f6f375 PR D: typed + signed event bus + events table + SSE (arch step 5) 
- db/migrations/003_events.ts: append-only events table with
  payload_hash, prev_hash, HMAC signature, indexed by plan_id + type
- services/eventBus.ts: EVENT_TYPES union (all 15 arch §7.2
  categories), publish() with hash-chain + HMAC signing, verifyChain()
  for tamper detection, subscribe() via in-process EventEmitter
- api/plans.ts:
    - GET /api/plans/:planId/events (?verify=1 returns chain_valid)
    - GET /api/plans/:planId/events/stream (SSE with history replay +
      live push, 15s keep-alive, clean unsubscribe on client disconnect)
- index.ts: register the two new endpoints
- tests/unit/eventBus.test.ts: 9 tests covering publish, hash chain,
  per-plan isolation, and three tamper-detection scenarios (payload,
  signature, prev_hash)

60 tests pass. tsc clean.
 2026-04-22 17:17:19 +00:00