SecureTransact API

Enterprise-grade secure transaction processing with Event Sourcing

---

Overview

SecureTransact is a reference implementation demonstrating enterprise patterns for secure transaction processing in regulated industries. Built with Clean Architecture, CQRS, and Event Sourcing.

Key Features

• Clean Architecture — Domain-centric design with zero infrastructure dependencies
• CQRS — Separate read/write models for optimized performance
• Event Sourcing — Complete audit trail with hash-chained events
• Cryptographic Security — HMAC-SHA256 signing, CSPRNG tokens, AES-256-GCM
• Compliance Ready — Designed for fintech, healthcare, and gaming regulations
• Observable — OpenTelemetry integration for distributed tracing

Architecture

┌─────────────────────────────────────────────────────────────┐
│                         API Layer                           │
│   Endpoints  │  Middleware  │  Filters  │  Authentication   │
└─────────────────────────────────────────────────────────────┘
                              │
┌─────────────────────────────────────────────────────────────┐
│                     Application Layer                       │
│      Commands  │  Queries  │  Handlers  │  Validators       │
└─────────────────────────────────────────────────────────────┘
                              │
┌─────────────────────────────────────────────────────────────┐
│                       Domain Layer                          │
│    Aggregates  │  Events  │  Value Objects  │  Interfaces   │
└─────────────────────────────────────────────────────────────┘
                              │
┌─────────────────────────────────────────────────────────────┐
│                    Infrastructure Layer                     │
│     Event Store  │  Repositories  │  Caching  │  Crypto     │
└─────────────────────────────────────────────────────────────┘

Quick Start

# Clone the repository
git clone https://github.com/MancoMen-Software-Studio/Secure-Transact-API.git
cd Secure-Transact-API

# Start dependencies (PostgreSQL, Redis)
docker-compose up -d

# Run the API
dotnet run --project src/SecureTransact.Api

# API is now running at https://localhost:5001

Prerequisites

• .NET 9 SDK
• Docker (for PostgreSQL and Redis)
• PostgreSQL 17 (or use Docker)
• Redis 7.4 (or use Docker)

Installation

Using Docker (Recommended)

# Build and run everything
docker-compose -f docker-compose.full.yml up --build

Manual Setup

1. Clone and restore

   git clone https://github.com/MancoMen-Software-Studio/Secure-Transact-API.git
   cd Secure-Transact-API
   dotnet restore

2. Configure environment

   cp src/SecureTransact.Api/appsettings.Development.example.json \
      src/SecureTransact.Api/appsettings.Development.json
   # Edit the file with your settings

3. Run database migrations

   dotnet ef database update --project src/SecureTransact.Infrastructure

4. Start the API

   dotnet run --project src/SecureTransact.Api

Usage

Process a Transaction

POST /api/v1/transactions
Content-Type: application/json
Authorization: Bearer <token>

{
  "sourceAccountId": "acc_123",
  "destinationAccountId": "acc_456",
  "amount": {
    "value": 100.00,
    "currency": "USD"
  },
  "reference": "INV-2024-001"
}

Query Transaction History

GET /api/v1/accounts/acc_123/transactions?from=2024-01-01&to=2024-12-31
Authorization: Bearer <token>

Verify Event Chain Integrity

POST /api/v1/audit/verify-chain
Content-Type: application/json

{
  "streamId": "account-acc_123",
  "fromVersion": 1,
  "toVersion": 100
}

Configuration

Variable	Description	Default
ConnectionStrings__Database	PostgreSQL connection string	—
ConnectionStrings__Redis	Redis connection string	localhost:6379
Jwt__Secret	JWT signing key (min 32 chars)	—
Jwt__Issuer	JWT issuer	SecureTransact
Jwt__ExpirationMinutes	Token expiration	15
Cryptography__HmacKey	HMAC signing key	—

Testing

# Run all tests
dotnet test

# Run with coverage
dotnet test --collect:"XPlat Code Coverage"

# Run specific test project
dotnet test tests/SecureTransact.Domain.Tests

Test Coverage Requirements

Layer	Minimum Coverage
Domain	90%
Application	85%
Infrastructure	70%
API	60%

Project Structure

SecureTransact/
├── src/
│   ├── SecureTransact.Domain/          # Business logic, zero dependencies
│   ├── SecureTransact.Application/     # Use cases, CQRS handlers
│   ├── SecureTransact.Infrastructure/  # Database, external services
│   └── SecureTransact.Api/             # HTTP endpoints
├── tests/
│   ├── SecureTransact.Domain.Tests/
│   ├── SecureTransact.Application.Tests/
│   ├── SecureTransact.Infrastructure.Tests/
│   ├── SecureTransact.Api.Tests/
│   └── SecureTransact.Architecture.Tests/
└── infra/
    ├── terraform/
    ├── docker/
    └── k8s/

Deployment

Deployed via GitHub Actions to Azure Container Apps.

Azure Container Apps

az containerapp up \
  --name securetransact-api \
  --resource-group mancomen-rg \
  --environment mancomen-env \
  --source .

Contributing

We welcome contributions! Please see CONTRIBUTING.md for guidelines.

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'feat: add amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file.

Acknowledgments

• MediatR by Jimmy Bogard
• FluentValidation by Jeremy Skinner

---

Built by MancoMen Software Studio