Accounts

account-service
Pick an account via Use in Accounts

Platform developer console

Pick an account under Accounts (Use) to set the session context for wallet APIs, backoffice transaction filters, and swaps. Grant permissions once under Services Health if you hit “permission denied”. Open the ⌗ Log drawer (bottom-right) to debug API calls.

Total Deposits
all time
Credited Deposits
successfully processed
Total Withdrawals
all time
Completed Withdrawals
on-chain confirmed
Pending / In-Flight
deposits + withdrawals
Failed / Rejected
needs attention

Quick Lookup

Wallet (selected account)
Load an account to see its wallet summary.
Recent Deposits
Enter an account ID above
Recent Withdrawals
Enter an account ID above

Create Account

Accounts
Loading accounts…

Get / Create Deposit Address POST /api/wallet/deposits/address

List Deposit Addresses GET /api/wallet/deposits/addresses

Fill in account ID and click Load

List Deposits GET /api/wallet/deposits

Get Deposit by ID GET /api/wallet/deposits/{id}

Fill in account ID and click Load

List Withdrawals GET /api/wallet/withdrawals

Get Withdrawal by ID GET /api/wallet/withdrawals/{id}

Fill in account ID and click Load

Withdrawal trace across services/databases

End-to-end evidence for one withdrawal: wallet record, Fireblocks history, transaction-service records, ledger entries, ledger balances, and account balances.

Choose a withdrawal and load full trace.

Rolling 24 hours, same as ensure_withdrawal_limit in wallet-service: statuses pending_approvalcompleted count toward the cap (failed / cancelled / rejected do not). Spent is the sum of usdt_cost (Binance USDT-equivalent notional — same numeric scale as a USD daily cap for stable pricing; not a different “currency” from USD). The daily cap is read from WITHDRAWAL_DAILY_LIMIT_USDT or WITHDRAWAL_DAILY_LIMIT_USD (must match wallet-service; if unset, 1000 — same as lib-limits).

Withdrawal limit usage GET /api/withdrawal-limit-usage

Click Load to aggregate from the wallet DB

List Swaps GET /api/wallet/swaps

Fill in account ID and click Load

Create Swap POST /api/wallet/swaps

Get Swap Quote GET /api/wallet/swaps/quote

Binance Orders GET /api/swap/orders

Click Load to fetch Binance orders (optionally filter by Swap ID)

Ledger Entries GET /api/ledger

Click Load to list ledger entries
Live Balances

Shows one row per (account, coin, reserve) that has ledger entries. Leave filter empty to include every account (e.g. operational 00000000…).

Click "Load all balances" (or set an account filter)

Transaction service — transactions table

Direct read from the transaction-service Postgres database (same rows the service persists). Use TRANSACTION_DATABASE_URL if your DB name differs from transaction_service.

Open this tab to load rows from transactions.

Project databases — tables and columns

Full schema read from configured backoffice DB connections. Column names are shown exactly as they exist in Postgres (no display formatting).

Open this tab to load full DB catalog.

Table data preview for testing

Load sample rows from any table using its real identifier names. This helps verify migrations and data shape quickly during manual testing.

Choose database/schema/table and click Load preview.

List Coins GET /api/coin/list

Get Coin GET /api/coin/get

Resolve Coin ID GET /api/coin/resolve

Resolve by Slug GET /api/coin/resolve-by-slug

Admin: Save Coin (Create or Update) POST /api/coin/admin/update

Uses name + network as key: updates existing coin when found, creates a new one when not found.

Optional fields (expand)

Create Withdrawal POST /api/wallet/withdrawals

Treasury vault (withdrawals)

Fireblocks vault withdrawals are sourced from this vault. Ledger ffffffff…ffff is the treasury ledger mirror.

Fireblocks vault ID
Treasury deposit address

On-chain address optional: set BACKOFFICE_TREASURY_DEPOSIT_ADDRESS in backoffice env (same process as FIREBLOCKS_TREASURY_VAULT_ID).

Treasury ledger account ID
Ledger balances (treasury)
Loading…
Operational account (ledger custody)

Company aggregate custody (debit-normal). Withdrawal balance checks use this ledger account.

Operational ledger account ID
Ledger balances (operational)
Loading…
Live Quote
Price (USDT/token)
USDT equivalent

Get Withdrawal Quote GET /api/wallet/withdrawals/quote

Fireblocks webhook log

Rows come from webhook_events in the wallet-service database — every payload received on POST /webhooks/fireblocks is stored for audit and replay (see wallet-service persist_webhook_event).

Open this tab to load saved webhooks.

User Management

Create passwordless users, list existing users, and manage MFA via user-service (port 50058). Dev creation uses the OTP bypass token.

Create Passwordless User

User Actions

User List (from DB)

Click Load to fetch users from user_service DB.

Account Management (Admin)

BackofficeAccountService (account-service :50052) — list, inspect, lock/suspend/reset PIN on accounts.

List Accounts

Account Actions

Reset PIN

Special Accounts

Click "Load Operational & Treasury" above
Click Load Accounts above.

All Transactions (Backoffice)

BackofficeTransactionService — list, review, approve, cancel transactions. Review/Approve/Cancel require OTP (use "000000" in dev).

Click Load.

Account Transactions

Enter account ID and click Load.

Review Transaction

Approve Transaction

Cancel Transaction

Treasury & Operational

Treasury Transactions

Requires dev operator permissions. If you get "permission denied", go to and click "Grant All Permissions to Dev Operator".

Click Load.

Operational Transactions

Click Load.

BCR Institutions (config-service)

BCR participant banks for LBTR. config-service port 50060.

Click List to load institutions.

Create Institution

Get / Update Institution

Services Health

Live TCP + DB pool check for every service. Auto-refreshes every 15 s.

gRPC Services

Loading…

Databases

Loading…

Infrastructure

Loading…

Dev Operator Permissions

Grant all backoffice permissions to the dev operator (00000000-0000-0000-0000-000000000001). Required to access Treasury, Operational, and other permission-gated endpoints. Safe to run multiple times — auth-service is idempotent on grants.

LBTR / BCR Mock Producer

Injects messages into Kafka to simulate the BCR network. transaction-service consumes lbtr.transfer.received and creates transactions.
Kafka broker: localhost:9093  ·  BCR REST mock: http://127.0.0.1:8088/api/bcr

① Inject Incoming Transfer (BCR → us)

Publishes to lbtr.transfer.received. transaction-service creates a new transaction and credits the account.

② Inject Status Update (BCR → us)

Publishes to lbtr.status.incoming. Simulates BCR confirming or returning a transaction.

Quick Scenarios

③ Track Resulting Transaction & All State Changes

After injecting a transfer, see the created transaction, its status progression, ledger entries (debit/credit), and account balance changes. Auto-refreshes on status inject.

Inject a transfer above — the result will appear here automatically.

④ BCR Gateway — Outgoing Instructions Received

When lbtr-service processes an outgoing payment (e.g. a LBTR transfer our users send), it calls the BCR Java gateway at POST /api/lbtr/instrucciones. In dev, the backoffice mocks that gateway — all instructions land here.

Click Refresh to load.

Transfer365 Mock Producer

Injects messages into Kafka to simulate the Transfer365 network. transaction-service consumes transfer365.received and creates transactions.
Kafka broker: localhost:9093

Inject Received Transfer (transfer365.received)

Simulates Transfer365 sending an incoming payment. transaction-service will process and credit the account.

Inject Status Update (transfer365.received.status)

Updates the transaction status in transaction-service via Kafka.

Expected behaviour: transfer365-service will log an error for mock-injected transactions because they bypass its internal file engine (redb has no record). This is harmless — transaction-service correctly processes the status update.

Quick Scenarios

③ Track Resulting Transaction & All State Changes

After injecting a transfer above, see the transaction created, its current status, ledger entries, and account balance. Auto-refreshes when you inject a status update.

Inject a transfer above — the result will appear here automatically.
📂

Transfer365 File Gateway Simulator

DEV ONLY

Simulates the BCR gateway side so you can test transfer365-service end-to-end locally. Real services are used — the full stack runs (Kafka, ledger, transactions, balances). Requires T365_APP_DIR = same path as transfer365-service's APP_DIR (default /tmp/transfer365).

⚡ After inject, the browser auto-polls every 400ms for 5s then 1.5s for 15s to show file movements in real time.

📥
output/
BCR→T365 queue
← you inject here
processed/
T365 success archive
T365 moves here ✓
or
error/
T365 error archive
parse / processing fail
📤
input/ T365→BCR outbox — T365 writes outbound XML here. Auto-archived to inputarchive/ after ~1.5s (simulates the Montran Gateway).
🗄️ input/inputarchive/ Montran Gateway archives processed input/ files here (by date)
① Inject into output/
🗂

② File Browser

Load overview to see files.
📋

③ T365 Service Logs

— transfer365-service log (last 200 lines, today)
Click Refresh to load logs
📡

④ File Flow Steps

file drop → T365 engine → Kafka → tx-service → ledger → ACK. Auto-starts on inject or trace click.

Inject a pacs.008 or click a transaction in the Trace panel — the flow appears here automatically.
🔬

⑤ Flow Tracer — Transaction · Ledger · Balance

Auto-fills after pacs.008 inject. Tracks the full downstream chain: file writtenKafka eventtransaction createdledger creditedbalance updated

🔬
Inject a pacs.008 above — the creditor account auto-fills and the full trace appears here.

BCR Gateway Mock

This backoffice replaces the external Java lbtr-gateway app. lbtr-service calls POST /api/bcr/lbtr/instrucciones here when processing outgoing payments. Click ↓ JSON on any row to download the exact payload sent to the gateway.

Loading…
BCR Test Environment Reference (from docs/BCR_CONTEXT.md — for lbtr-gateway Java app, not this mock)

SOAP Endpoints (test)

Instruccioneslbtrdes.bcr.gob.sv/lbtr-ws/InstruccionServiceSoapHttpPort
Lotelbtrdes.bcr.gob.sv/lbtr-ws/LoteServiceSoapHttpPort
SPM (T365)lbtrdes.bcr.gob.sv/lbtr-ws/ServicioPagoServiceSoapHttpPort
Server IP192.168.11.56
Notif servernotificacioneslbtrdes.bcr.gob.sv (192.168.11.69)

⚠ BCR internal network only — VPN / dedicated line required

WS-Security & Certificates

ProtocolSOAP/WSDL Document/Wrapped
SecurityOASIS WS-Security V1.2 · X.509
PolicyWssp1.2-2007-Wss1.1-X509-Basic256Sha256
Keystorelbtrcliente.jks (pw: lbtrcliente)
Truststorelbtrcliente_truststore.jks
Key aliaslbtrcliente

TraceableReference format (25 chars)

YYYYMMDD{entity:03}{correlative:05}{internal_ref:09}

Entity 089 = our participant. Date must match today — BCR rejects mismatches.
Auto-generated in LBTR mock above. Implemented in lib-bcr::lbtr::types::TraceableReference.

Full specs → docs/BCR_CONTEXT.md in repo · Also see dev/console/TEAM_REVIEW_BACKLOG.md §8

Create Internal Transfer

Transfer between two eNor accounts via transaction-service gRPC — InitiateTransferConfirmTransfer. The recipient is resolved by transfer key (phone, email, or account UUID) via the identity/keys service.

💳 Sender
🎯 Recipient
💰 Amount & Coin

External Transfer (Outbound)

Send from an eNor account to an external bank via InitiateTransferConfirmTransfer. Confirm triggers ledger debit → outbox → Transfer365/LBTR routing.

① Sender — eNor Account
② Recipient — External Bank
③ Amount & Coin

Quick Setup Wizard

One-click flow to create a test user, create an account, fund it, and create a deposit address. Eliminates the multi-tab dance.

Setup Parameters

Run the setup to see results.

Add Balance (AccountTestService)

Directly credit an account without going through the full transfer flow. Dev-only service, not available in production.

After adding balance

Verify the balance was credited in the account service DB:

QR Code Testing (QrCodeService on transaction-service)

Generate QR

Get QR Details

Scan / Initiate Payment

Outbox Health

Shows pending entries in each service's outbox table — a non-zero count means Kafka is behind or blocked.

Loading…

Scheduled Payments (TransactionService)

Enter an account ID and click Load.

KYC Management (UserService)

Get and set KYC levels for users. Requires a valid user session (user_id + auth-service running).

Get KYC Level

Finish KYC (Complete onboarding)

Permission Profiles (BackofficePermissionService on auth-service)

Click Reload.

Create Profile

Assign / Remove Profile from User

Contract Management (BackofficeComplianceService on compliance-service)

Click List Contracts.

Upload Contract PDF

Select a PDF file — it will be base64 encoded and uploaded.

Activate Contract Version

Sets this contract as the current active version users must accept.

🔗 Fireblocks Webhook Simulator

Sends a properly HMAC-signed Fireblocks webhook to wallet-service. Set FIREBLOCKS_WEBHOOK_SECRET env var in both services to match.

🕵️ Multi-Service Tracer

One UUID — full picture across transactions, ledger, deposits, withdrawals, accounts, and swaps.

🔐 Session Manager

🛡 Permission Debugger

Check if a user is authorized for a specific permission.

⚖️ Balance Reconciliation

Compares account-service reported balances vs. sum of ledger entries for an account.

📦 Migration Status

Shows applied migrations per service DB.

💸 Internal Transfer Flow

Preview → Initiate → Confirm a transfer on behalf of any account. Server mints a dev session automatically.

📡 Kafka Activity Monitor

Shows the 10 most recently updated rows in each service's core tables — a proxy for live Kafka activity.

📜 Service Log Viewer

Tails the last N lines from /tmp/<service>.log

Request Log Click any row to expand request/response · method · status · path · latency