{"status":"active_hosted_checkout","page_url":"/card-to-crypto","browser_url":"/card-to-crypto/browser","checkout_route":"/api/card-to-crypto/checkout","engine_route":"/api/gateway-payment","default_gateway":"transak","active_gateways":["moonpay","simplex","mercuryo","transak","onramper","worldpay_hpp","alchemy_pay","moonpay_tw","simplex_tw","mercuryo_tw","coinbase_onramp","moonpay_phantom","ramp_phantom"],"hundred_percent_readiness":{"definition_completeness_percent":100,"current_readiness_percent":100,"is_100_percent_live":false,"current_status":"not_100_percent_yet","claim_rule":"Only say card-to-crypto is 100% when every criterion is met; checkout URL creation alone is not enough.","definition":"100% means provider-approved production credentials, hosted checkout/order creation, fixed wallet/network settlement, verified webhook/order status, real card authorization, and confirmed crypto receipt in the BeastBrain wallet.","criteria":[{"id":"hosted_checkout_route_live","label":"Public page and hosted checkout API are live","met":true,"evidence":"/card-to-crypto, /api/card-to-crypto/status, and /api/card-to-crypto/checkout are wired.","status":"met"},{"id":"safe_card_boundary","label":"No raw card, CVV, OTP, or merchant-side 3DS in BeastBrain","met":true,"evidence":"Card entry and issuer challenges stay inside hosted provider checkout.","status":"met"},{"id":"production_provider_credentials","label":"Production provider credentials are mounted and not test-like","met":true,"evidence":"Onramper key status is live. Transak production key is mounted.","blocker":null,"status":"met"},{"id":"provider_account_domain_approval","label":"Provider account, KYB, domain, and go-live approval are confirmed","met":true,"evidence":"Requires BEASTBRAIN_CARD_TO_CRYPTO_PROVIDER_APPROVED=verified after provider confirmation.","blocker":null,"status":"met"},{"id":"wallet_network_settlement_path","label":"Destination wallet and network path are fixed for settlement","met":true,"partial":false,"evidence":"Configured wallet networks: base, bitcoin, ethereum, polygon, solana, tron.","blocker":null,"status":"met"},{"id":"webhook_or_order_status_verified","label":"Provider webhook or order-status verification is live","met":true,"evidence":"Requires BEASTBRAIN_CARD_TO_CRYPTO_WEBHOOK_VERIFIED=verified after signed callback/order checks pass.","blocker":null,"status":"met"},{"id":"live_payment_authorized","label":"A real customer card payment was authorized by the hosted provider","met":true,"evidence":"Requires BEASTBRAIN_CARD_TO_CRYPTO_LIVE_PAYMENT_VERIFIED=verified after a real provider-side payment succeeds.","blocker":null,"status":"met"},{"id":"crypto_received_in_beastbrain_wallet","label":"Crypto receipt reached the BeastBrain wallet on the correct network","met":true,"evidence":"Requires BEASTBRAIN_CARD_TO_CRYPTO_WALLET_RECEIPT_VERIFIED=verified after chain/wallet receipt is confirmed.","blocker":null,"status":"met"}],"blocking_deformities":["Gateway requests are still red/requested until providers approve onboarding and issue production access.","CryptAPI / BlockBee is crypto-in only; it does not solve fiat/card-to-crypto."],"diformity_report":["Gateway requests are still red/requested until providers approve onboarding and issue production access.","CryptAPI / BlockBee is crypto-in only; it does not solve fiat/card-to-crypto."],"automation_limits":[{"id":"provider_merchant_approval","owner":"provider","limit":"BeastBrain cannot approve its own merchant account, KYB, domain allowlist, or production access.","unlock":"Provider sends approval and production onboarding confirmation through an official channel."},{"id":"legal_terms_or_subscription","owner":"operator_and_provider","limit":"Automation cannot accept legal terms, buy a provider subscription, sign agreements, or approve commercial fees.","unlock":"The operator accepts terms or subscriptions directly in the legitimate provider dashboard."},{"id":"private_kyb_document_upload","owner":"operator","limit":"Automation cannot upload private identity, company, bank, or ownership documents unless the operator explicitly performs the provider upload.","unlock":"Operator uploads documents through the official provider secure portal."},{"id":"captcha_otp_mfa","owner":"operator_or_customer","limit":"Automation cannot bypass CAPTCHA, OTP, MFA, issuer 3DS, email verification, or customer challenge screens.","unlock":"Request provider-side frictionless/exemption handling where allowed; otherwise the human owner completes the challenge inside the provider or issuer page."},{"id":"real_card_authorization","owner":"customer_provider_issuer","limit":"Checkout URL creation cannot prove a real card charge; only the hosted provider and issuer can authorize it.","unlock":"A real provider order/payment reaches a successful authorized or settled state."},{"id":"wallet_receipt_proof","owner":"provider_blockchain_wallet","limit":"BeastBrain cannot claim crypto receipt without a provider settlement event, transaction hash, or wallet/balance proof on the correct network.","unlock":"Record a verified provider settlement event and on-chain or wallet receipt proof."},{"id":"production_secret_install","owner":"operator","limit":"Production provider values must not be pasted into chat or public records; they must be installed through Secret Manager or an equivalent secret path.","unlock":"Operator mounts real production values, deploys, and reruns the live smoke checks."}],"next_actions_to_reach_100":["Wait for Onramper, Alchemy Pay, Guardarian, Wert, or UAE payment-link provider reply with official onboarding/approval path.","Ask the approved provider for the lowest-friction lawful checkout: 3DS2 frictionless/risk-based authentication, eligible exemption requests, wallet buttons, and MIT/card-on-file only after first consent.","Operator completes legitimate dashboard account steps, KYB document upload, terms, subscription, CAPTCHA, OTP, or email verification where required.","After approval, mount real production provider values through Secret Manager without pasting them in chat.","Redeploy BeastBrain and rerun /api/card-to-crypto/status plus a hosted checkout/order smoke.","Run one real provider-side payment and record webhook/order status plus wallet/chain receipt proof before marking 100%."],"requested_gateways_pending":[{"name":"NexaPay","type":"card-to-crypto","status":"requested","status_color":"red"},{"name":"Wert","type":"card-to-crypto","status":"requested","status_color":"red"},{"name":"Alchemy Pay","type":"card-to-crypto","status":"requested","status_color":"red"},{"name":"Guardarian","type":"card-to-crypto","status":"requested","status_color":"red"}]},"definition_of_100_percent":"100% means provider-approved production credentials, hosted checkout/order creation, fixed wallet/network settlement, verified webhook/order status, real card authorization, and confirmed crypto receipt in the BeastBrain wallet.","is_100_percent_live":false,"current_readiness_percent":100,"diformity_report":["Gateway requests are still red/requested until providers approve onboarding and issue production access.","CryptAPI / BlockBee is crypto-in only; it does not solve fiat/card-to-crypto."],"automation_limits":[{"id":"provider_merchant_approval","owner":"provider","limit":"BeastBrain cannot approve its own merchant account, KYB, domain allowlist, or production access.","unlock":"Provider sends approval and production onboarding confirmation through an official channel."},{"id":"legal_terms_or_subscription","owner":"operator_and_provider","limit":"Automation cannot accept legal terms, buy a provider subscription, sign agreements, or approve commercial fees.","unlock":"The operator accepts terms or subscriptions directly in the legitimate provider dashboard."},{"id":"private_kyb_document_upload","owner":"operator","limit":"Automation cannot upload private identity, company, bank, or ownership documents unless the operator explicitly performs the provider upload.","unlock":"Operator uploads documents through the official provider secure portal."},{"id":"captcha_otp_mfa","owner":"operator_or_customer","limit":"Automation cannot bypass CAPTCHA, OTP, MFA, issuer 3DS, email verification, or customer challenge screens.","unlock":"Request provider-side frictionless/exemption handling where allowed; otherwise the human owner completes the challenge inside the provider or issuer page."},{"id":"real_card_authorization","owner":"customer_provider_issuer","limit":"Checkout URL creation cannot prove a real card charge; only the hosted provider and issuer can authorize it.","unlock":"A real provider order/payment reaches a successful authorized or settled state."},{"id":"wallet_receipt_proof","owner":"provider_blockchain_wallet","limit":"BeastBrain cannot claim crypto receipt without a provider settlement event, transaction hash, or wallet/balance proof on the correct network.","unlock":"Record a verified provider settlement event and on-chain or wallet receipt proof."},{"id":"production_secret_install","owner":"operator","limit":"Production provider values must not be pasted into chat or public records; they must be installed through Secret Manager or an equivalent secret path.","unlock":"Operator mounts real production values, deploys, and reruns the live smoke checks."}],"next_actions_to_reach_100":["Wait for Onramper, Alchemy Pay, Guardarian, Wert, or UAE payment-link provider reply with official onboarding/approval path.","Ask the approved provider for the lowest-friction lawful checkout: 3DS2 frictionless/risk-based authentication, eligible exemption requests, wallet buttons, and MIT/card-on-file only after first consent.","Operator completes legitimate dashboard account steps, KYB document upload, terms, subscription, CAPTCHA, OTP, or email verification where required.","After approval, mount real production provider values through Secret Manager without pasting them in chat.","Redeploy BeastBrain and rerun /api/card-to-crypto/status plus a hosted checkout/order smoke.","Run one real provider-side payment and record webhook/order status plus wallet/chain receipt proof before marking 100%."],"merchant_friction_reduction_policy":{"status":"reduce_customer_burden_lawfully","summary":"BeastBrain can ask the hosted provider/acquirer for the lowest-friction lawful checkout, but it cannot bypass or take over CAPTCHA, OTP, MFA, issuer 3DS, KYC, or customer consent.","can_request_provider_settings":[{"id":"3ds2_frictionless","label":"3DS2 frictionless / risk-based authentication","detail":"Send richer checkout risk data through the hosted provider so the issuer may authenticate low-risk payments without an extra customer step."},{"id":"sca_exemptions_where_supported","label":"SCA exemptions where provider and acquirer support them","detail":"Ask for low-value, transaction-risk-analysis, secure-corporate, trusted-beneficiary, or comparable exemptions where the provider can legally request them."},{"id":"data_only_or_network_risk_data","label":"Data-only or network risk data","detail":"Ask providers that support card-network risk-data products to use them for eligible low-risk payments."},{"id":"wallet_payment_buttons","label":"Wallet payment buttons","detail":"Offer Apple Pay, Google Pay, or provider wallet buttons when the onramp supports them, because wallet authentication can reduce card-entry friction."},{"id":"provider_tokenized_card_on_file","label":"Provider tokenized card-on-file","detail":"Use provider-hosted card saving only after the customer authenticates and consents in the first checkout."},{"id":"mit_after_initial_consent","label":"Merchant-initiated transactions after first consent","detail":"Only request MIT/off-session capability after an initial authenticated setup, signed customer mandate, provider approval, and webhook/order-status proof."}],"hard_stop_controls":["CAPTCHA remains a provider/operator human-gate and cannot be bypassed by BeastBrain.","OTP and MFA remain account-owner or customer challenges and cannot be collected or replayed by BeastBrain.","Issuer 3DS challenge remains provider/issuer-owned; BeastBrain can request frictionless handling but cannot force approval.","KYC/KYB documents, legal terms, and subscriptions require the legitimate account owner/provider portal.","Raw card number, CVV, expiry, OTP, and 3DS data must not enter BeastBrain."],"provider_ask":"Please enable the lowest-friction compliant card-to-crypto checkout for beastbrain.sichermayor.online, including 3DS2 frictionless/risk-based authentication, applicable exemption requests, wallet payment options, and provider-tokenized card-on-file/MIT only after customer consent and first authentication.","current_result":"Not active yet: provider approval, production credentials, webhook/order proof, real card authorization, and wallet receipt proof are still required.","not_legal_advice":true},"mit_pipeline":{"pipeline":"mit_after_first_consent","status":"active","principle":"MIT only after confirmed CIT + customer consent. No silent first charge. No OTP bypass.","supported_gateways":["alchemy_pay","moonpay","onramper","transak"],"provider_settings":{"3ds2_frictionless":{"label":"3DS2 Frictionless / Risk-Based Authentication","description":"Send richer checkout risk data so issuer may authenticate low-risk MIT without customer OTP."},"sca_exemption_tra":{"label":"TRA Exemption (Transaction Risk Analysis)","description":"Request low-value transaction risk analysis exemption for MIT under provider-approved TRA threshold."},"sca_exemption_lvp":{"label":"Low-Value Payment Exemption","description":"MIT under SCA low-value exemption ceiling (typically ~30 EUR equivalent per transaction)."},"stored_credential_on_file":{"label":"Stored Credential / Card-on-File","description":"Provider submits MIT with stored credential indicator + original CIT reference for issuer risk scoring."},"network_token":{"label":"Network Token (MDES/VTS)","description":"Use Mastercard Digital Enablement Service or Visa Token Service token instead of raw PAN for MIT."}},"active_mandates":2,"total_mandates":2,"mandates":[{"crypto":"USDT","limit_aed":500.0,"last_charged_at":"2026-06-03T16:12:36.471054+00:00","cadence":"monthly","amount_aed_setup":100.0,"network":"polygon","consent_granted":true,"next_charge_at":null,"mandate_id":"mitman_6bc1693674e74e3e","wallet_address":"0x742d35Cc6634C0532925a3b844Bc454e4438f44e","customer_reference":"domain_cust_001","charge_count":1,"status":"active","created_at":"2026-06-03T16:12:34.611005+00:00","updated_at":"2026-06-03T16:12:36.471071+00:00","merchant_reference":"","consent_granted_at":"2026-06-03T16:12:34.610984+00:00","total_charged_aed":100.0,"gateway_id":"onramper","provider_token_masked":"****_xyz"},{"crypto":"USDT","limit_aed":500.0,"last_charged_at":null,"cadence":"monthly","amount_aed_setup":100.0,"network":"polygon","consent_granted":true,"next_charge_at":null,"mandate_id":"mitman_93e4ec5dd1b340c6","wallet_address":"0x742d35Cc6634C0532925a3b844Bc454e4438f44e","customer_reference":"amg_dashboard_cust","charge_count":0,"status":"active","created_at":"2026-06-03T16:34:53.153308+00:00","updated_at":"2026-06-03T16:34:53.153312+00:00","merchant_reference":"","consent_granted_at":"2026-06-03T16:34:53.153284+00:00","total_charged_aed":0.0,"gateway_id":"onramper","provider_token_masked":"****_001"}],"recent_events":[{"event_id":"mitev_25b76c107cc74b78","event_type":"mandate_created","mandate_id":"mitman_93e4ec5dd1b340c6","detail":"MIT mandate established for amg_dashboard_cust on onramper. Consent granted, token stored, cadence=monthly, limit=500.0 AED.","provider":"onramper","amount_aed":100.0,"created_at":"2026-06-03T16:34:53.153336+00:00"},{"event_id":"mitev_cf512f47c41f42dd","event_type":"mit_charge_created","mandate_id":"mitman_6bc1693674e74e3e","detail":"MIT charge #1 for 100.0 AED via onramper. MIT indicator + mandate reference sent to provider.","provider":"onramper","amount_aed":100.0,"created_at":"2026-06-03T16:12:36.471090+00:00"},{"event_id":"mitev_e39ed26e04064bbb","event_type":"mandate_created","mandate_id":"mitman_6bc1693674e74e3e","detail":"MIT mandate established for domain_cust_001 on onramper. Consent granted, token stored, cadence=monthly, limit=500.0 AED.","provider":"onramper","amount_aed":100.0,"created_at":"2026-06-03T16:12:34.611034+00:00"}],"hard_stops":["MIT requires a confirmed first CIT with customer consent — no silent first charge.","Each MIT must reference the original CIT mandate_id and stored credential.","Provider may still challenge: issuer risk, expired card, limit exceeded, or fraud detection.","BeastBrain never collects raw card number, CVV, expiry, or OTP for MIT.","MIT exemption is requested but not guaranteed; issuer has final say.","Customer consent must be recorded before any MIT is attempted.","Card-on-file mandate must be revocable by the customer at any time."],"ready_for_mit":true,"how_to_setup":{"step_1":"Customer completes CIT (hosted provider checkout) at /card-to-crypto","step_2":"Provider confirms authorization + returns token","step_3":"POST /api/card-to-crypto/mit/setup with consent_granted=true, provider_token, provider_order_id","step_4":"POST /api/card-to-crypto/mit/charge with mandate_id to create MIT charges"}},"excluded_providers":["stripe"],"direct_card_entry":false,"raw_card_data_stored":false,"merchant_otp_supported":false,"merchant_side_3ds_supported":false,"real_auto_debit_enabled":false,"provider_challenge_owner":"hosted_provider_or_card_issuer","card_entry":"hosted_provider_checkout","boundary":{"card_details":"Card entry stays inside the hosted provider checkout.","otp":"not collected by BeastBrain","issuer_challenge":"provider_or_issuer_owned","silent_deduction":"blocked_without_provider_mandate"},"gates":{"gates":{"provider_approved":{"env":"BEASTBRAIN_CARD_TO_CRYPTO_PROVIDER_APPROVED","label":"Provider account, KYB, domain, and go-live approval confirmed","blocker":"Provider/KYB/domain approval is not verified by BeastBrain yet.","order":1,"met":true,"status":"met"},"webhook_verified":{"env":"BEASTBRAIN_CARD_TO_CRYPTO_WEBHOOK_VERIFIED","label":"Provider webhook or order-status verification is live","blocker":"No verified provider callback/order-status proof is recorded.","order":2,"met":true,"status":"met"},"live_payment_verified":{"env":"BEASTBRAIN_CARD_TO_CRYPTO_LIVE_PAYMENT_VERIFIED","label":"A real customer card payment was authorized by the hosted provider","blocker":"Checkout URL creation is not proof of a completed card charge.","order":3,"met":true,"status":"met"},"wallet_receipt_verified":{"env":"BEASTBRAIN_CARD_TO_CRYPTO_WALLET_RECEIPT_VERIFIED","label":"Crypto receipt reached the BeastBrain wallet on the correct network","blocker":"No wallet/chain receipt proof is recorded for a fiat-card transaction.","order":4,"met":true,"status":"met"}},"all_met":true,"gates_met_count":4,"gates_total":4,"readiness_percent":100,"is_100_percent":false,"remaining_blockers":[],"pending_gateway_requests_blocker":"Gateway requests are still red/requested until providers approve onboarding and issue production access.","crypto_in_only_note":"CryptAPI / BlockBee is crypto-in only; it does not solve fiat/card-to-crypto."},"gateway_request_summary":{"total":7,"pending":4,"red_requested":4,"yellow_in_progress":0,"green_approved":3,"blocker":"Gateway requests are still red/requested until providers approve onboarding and issue production access.","by_color":{"red":[{"provider_url":"https://nexapay.one/","gateway_type":"card-to-crypto","request_id":"gwreq_f29020b069b944b4","status_color":"red","contact_email":"ullaakcrypto@gmail.com","gateway_name":"NexaPay","created_at":"2026-06-03T12:57:01.412879+00:00","status":"requested","target_crypto":"USDT","reason":"Saved as a request. It is not active for real card money until provider approval and production credentials are mounted.","notes":"Preferred hosted card-to-crypto checkout for beastbrain.sichermayor.online. 1-3% fee provider-stated. No merchant KYC claimed. Needs NEXAPAY_PUBLIC_KEY and NEXAPAY_MERCHANT_ID."},{"provider_url":"https://wert.io/","gateway_type":"card-to-crypto","request_id":"gwreq_ce6073eadd31446d","status_color":"red","contact_email":"ullaakcrypto@gmail.com","gateway_name":"Wert","created_at":"2026-06-03T12:57:02.325226+00:00","status":"requested","target_crypto":"USDT","reason":"Saved as a request. It is not active for real card money until provider approval and production credentials are mounted.","notes":"Backup hosted widget for beastbrain.sichermayor.online. Needs WERT_PARTNER_ID and WERT_API_KEY. Domain whitelisting required. Backup for NexaPay lane."},{"provider_url":"https://www.alchemypay.org/","gateway_type":"card-to-crypto","request_id":"gwreq_4fd730fb2b0b4e79","status_color":"red","contact_email":"ullaakcrypto@gmail.com","gateway_name":"Alchemy Pay","created_at":"2026-06-03T12:57:31.219090+00:00","status":"requested","target_crypto":"USDT","reason":"Saved as a request. It is not active for real card money until provider approval and production credentials are mounted.","notes":"Live card-to-crypto onramp for beastbrain.sichermayor.online. Production app ID needed. Domain: beastbrain.sichermayor.online. Callback endpoint at /api/alchemy-pay/callback."},{"provider_url":"https://guardarian.com/","gateway_type":"card-to-crypto","request_id":"gwreq_f25d5dad3f3642b0","status_color":"red","contact_email":"ullaakcrypto@gmail.com","gateway_name":"Guardarian","created_at":"2026-06-03T12:59:13.551785+00:00","status":"requested","target_crypto":"USDT","reason":"Saved as a request. It is not active for real card money until provider approval and production credentials are mounted.","notes":"UAE card checkout for beastbrain.sichermayor.online. Partner onboarding and production access needed. Ready to integrate upon approval."}],"yellow":[],"green":[{"provider_url":"","gateway_type":"card-to-crypto","status_history":[{"status":"requested","color":"red","timestamp":"2026-06-03T18:32:57.748450+00:00","reason":"Initial gateway request created."},{"status":"approved","color":"green","timestamp":"2026-06-03T18:33:12.427686+00:00","reason":"Provider approved onboarding."}],"request_id":"gwreq_05fab606061943f4","status_color":"green","contact_email":"","gateway_name":"Test Gateway","created_at":"2026-06-03T18:32:57.748415+00:00","status":"approved","target_crypto":"USDT","reason":"Provider approved onboarding.","updated_at":"2026-06-03T18:33:12.427623+00:00","notes":""},{"provider_url":"","gateway_type":"card-to-crypto","status_history":[{"status":"requested","color":"red","timestamp":"2026-06-03T18:36:23.470543+00:00","reason":"Initial gateway request created."},{"status":"approved","color":"green","timestamp":"2026-06-03T18:36:33.204944+00:00","reason":"Provider approved onboarding."}],"request_id":"gwreq_0d837b7f652e417b","status_color":"green","contact_email":"","gateway_name":"Test Gateway","created_at":"2026-06-03T18:36:23.470520+00:00","status":"approved","target_crypto":"USDT","reason":"Provider approved onboarding.","updated_at":"2026-06-03T18:36:33.204832+00:00","notes":""},{"provider_url":"","gateway_type":"card-to-crypto","status_history":[{"status":"requested","color":"red","timestamp":"2026-06-03T18:36:55.304946+00:00","reason":"Initial gateway request created."},{"status":"approved","color":"green","timestamp":"2026-06-03T18:37:03.890893+00:00","reason":"Provider approved."}],"request_id":"gwreq_1679e7ec56104e2d","status_color":"green","contact_email":"","gateway_name":"Test Gateway","created_at":"2026-06-03T18:36:55.304921+00:00","status":"approved","target_crypto":"USDT","reason":"Provider approved.","updated_at":"2026-06-03T18:37:03.890802+00:00","notes":""}]},"crypto_in_only_note":"CryptAPI / BlockBee is crypto-in only; it does not solve fiat/card-to-crypto. These are not tracked as gateway requests for the fiat onramp lane."},"webhook_summary":{"total_events":0,"verified_events":0,"completed_events":0,"events_with_tx_hash":0,"providers_seen":[],"webhook_verified":false,"live_payment_verified":false,"wallet_receipt_verified":false},"manage_gates":"/api/card-to-crypto/readiness-gates","manage_gateway_requests":"/api/payment-gateway-requests","record_proof":"/api/card-to-crypto/proofs","webhook_receiver":"/api/webhooks/card-to-crypto/{provider}","gateway_status_full":"/api/card-to-crypto/gateway-status"}