Merge Develop into Main

.biomeignore

@@ -0,0 +1,29 @@
+# External libraries and dependencies
+packages/contracts/lib/
+packages/indexer/
+**/node_modules/
+**/generated/
+**/*.generated.*
+**/*.bs.js
+
+# Build outputs
+**/dist/
+**/build/
+**/out/
+**/cache/
+**/broadcast/
+**/coverage/
+
+# CSS files (handled by other tools)
+**/*.css
+
+# Environment and config files
+**/*.env
+**/*.log
+**/.DS_Store
+**/.pnp.*
+**/bun.lockb
+**/lcov.info
+**/package-lock.json
+**/pnpm-lock.yaml
+**/yarn.lock 

.cursor/rules/rules.mdc

@@ -0,0 +1,38 @@
+---
+description: Green Goods — project-wide engineering principles, tooling, DX, and repo workflow.
+alwaysApply: false
+---
+# Green Goods — Project-Wide Rules
+
+## Monorepo & Packages
+- This is a pnpm workspace monorepo with packages: `client` (PWA), `api` (backend), `contracts` (Foundry), `indexer` (Envio), `mcp` (Model Context Protocol server). Keep inter-package boundaries clean; share via published interfaces, not deep imports.
+
+## Tooling & Quality Gates
+- Use **TypeScript strict** everywhere. Generate small, focused modules with explicit exports.
+- **Formatting/Linting:** use **Biome** for formatting and **oxlint (0xlint)** for linting; do not add Prettier/ESLint. Ensure staged changes pass hooks (Husky runs format/lint/tests).
+- Keep CI fast: write tests that are deterministic and parallel-safe. Prefer unit tests at package level; add E2E in `/tests` for cross-package flows.
+
+## Secrets & Env
+- Never commit secrets. Provide `.env.example` in each package with doc comments. Read from `process.env` at the edge; validate via Zod (or package-native schema).
+
+## Git & PRs
+- Conventional commits. Small PRs with: summary, screenshots/GIFs for UI, checklist (lint/type/tests), and notes on DX/ops impact.
+- When adding features, update relevant READMEs and runbooks in `/docs`.
+
+## Observability & Errors
+- Standardize error shapes (`{ code, message, details? }`) across API/client. In UI, surface friendly copy + a “Copy error details” affordance.
+
+## Accessibility & i18n
+- Follow WCAG AA, keyboard navigability, focus rings, ARIA where needed. All user-facing copy in i18n dictionaries; avoid hard-coded strings.
+
+# Lifecycle & PR Expectations
+
+## Stage-gated deliverables
+- **Seedling/Alpha:** ship 1–2 core features, a landing page, brand kit basics, ToS/Privacy, basic QA notes.
+- **Beta:** refine flows, add user guide, GTM notes, app metrics (active users, task completion, photo doc rate).
+- **Release:** perf budgets, error budgets, observability, and scale/readiness items documented.
+
+## Every Feature PR Must Include
+- Update to `.env.example` if new env vars introduced.
+- Tests: unit (touched files ≥80% coverage) + at least one E2E happy path if user-critical.
+- Migration/rollback notes if data or contracts change.

.env.example

@@ -0,0 +1,107 @@
+# ==========================================
+# GREEN GOODS MONOREPO ENVIRONMENT CONFIG
+# ==========================================
+# Copy this file to .env and fill in your actual values
+# This root .env file is used by all packages when running the full development environment
+#
+# Quick Setup:
+#   1. cp .env.example .env
+#   2. Edit .env with your actual values
+#   3. pnpm i (installs dependencies)
+#   4. pnpm dev (starts all services)
+#
+# For package isolation, see individual package .env.example files
+
+# ==========================================
+# ANALYTICS & MONITORING 📈
+# ==========================================
+# Get from: https://posthog.com
+VITE_PUBLIC_POSTHOG_KEY="your-posthog-key"         # 📱 Client: Analytics tracking
+VITE_PUBLIC_POSTHOG_HOST="your-posthog-host"       # 📱 Client: Analytics host (e.g., https://app.posthog.com)
+
+# ==========================================
+# PRIVY AUTHENTICATION 🔐
+# ==========================================
+# Get these from: https://console.privy.io
+VITE_PRIVY_APP_ID="your-privy-app-id"              # 📱 Client: Public Privy app ID
+PRIVY_APP_ID="your-privy-app-id"                   # 🖥️  API: Same as above for server-side
+PRIVY_APP_SECRET_ID="your-privy-app-secret"        # 🔑 API: Server-side Privy secret
+PRIVY_CLIENT_ID="your-privy-client-id"             # 🔗 Contracts: Alternative client ID
+
+# WalletConnect/Reown AppKit
+VITE_WALLETCONNECT_PROJECT_ID=your_walletconnect_project_id_here
+
+# Privy Test Accounts (for E2E testing) 🧪
+# Dashboard: User management > Authentication > Advanced > Enable test accounts
+PRIVY_TEST_EMAIL="[email protected]"              # 📧 Replace with your test email
+PRIVY_TEST_PHONE="+1 555 555 3487"                 # 📱 Replace with your test phone  
+PRIVY_TEST_OTP="123456"                            # 🔢 Replace with your test OTP
+
+# ==========================================
+# TESTING CONFIGURATION 🧪
+# ==========================================
+SKIP_WEBSERVER="true"                              # �� Tests: Skip Playwright web server startup
+VITE_DESKTOP_DEV="true"                            # 📱 Client: Allow desktop development
+
+# ==========================================
+# FILE STORAGE (Pinata) 📁
+# ==========================================
+# Get from: https://pinata.cloud
+VITE_PINATA_JWT="your-pinata-jwt"                  # 📱 Client: Public file uploads
+PINATA_JWT="your-pinata-jwt"                       # 📜 Contracts: Can be the same as above or different
+
+# ==========================================
+# INDEXER
+# ==========================================
+VITE_ENVIO_INDEXER_URL="your-indexer-url"          # 📱 Client: GraphQL indexer endpoint
+ENVIO_API_TOKEN="your-envio-api-token"             # 🔍 Indexer: Get from https://envio.dev/app/api-tokens
+
+# ==========================================
+# API CONFIGURATION 🖥️
+# ==========================================
+PORT="3000"                                        # 🚪 API: Server port
+
+# Database URLs 🗄️
+POSTGRES_URL="your-postgres-url"                   # 🐘 API: Main database
+REDIS_URL="your-redis-url"                         # 🔴 API: Cache/sessions
+
+# ==========================================
+# BLOCKCHAIN CONFIGURATION ⛓️
+# ==========================================
+VITE_CHAIN_ID="42161"                              # 📱 Client: Current chain (42161=Arbitrum, 84532=Base Sepolia, 42220=Celo)
+NODE_ENV="development"                              # 🌍 All: Environment mode
+
+# Private Keys (KEEP SECURE!) 🔐
+PRIVATE_KEY="your-deployment-private-key"          # 🔑 Contracts/API: Without 0x prefix
+ALCHEMY_API_KEY="your-alchemy-api-key"             # 🔗 API: For blockchain interactions
+
+# Network RPC URLs 🌐
+LOCALHOST_RPC_URL="http://localhost:8545"
+SEPOLIA_RPC_URL="https://sepolia.infura.io/v3/YOUR_INFURA_KEY"
+ARBITRUM_RPC_URL="https://arbitrum-mainnet.infura.io/v3/YOUR_INFURA_KEY"
+BASE_RPC_URL="https://base-mainnet.infura.io/v3/YOUR_INFURA_KEY"
+BASE_SEPOLIA_RPC_URL="https://sepolia.base.org"
+OPTIMISM_RPC_URL="https://optimism-mainnet.infura.io/v3/YOUR_INFURA_KEY"
+CELO_RPC_URL="https://forno.celo.org"
+
+# ==========================================
+# CONTRACT DEPLOYMENT ⚙️
+# ==========================================
+# Block Explorer API Keys 🔍
+ETHERSCAN_API_KEY="your-etherscan-api-key"         # 📜 Contracts: For verification
+
+# Deployment Configuration 🚀
+DEPLOY_WITH_SAMPLE_DATA="false"                    # 📜 Contracts: Include test data
+DEPLOYMENT_SALT="0x6551655165516551655165516551655165516551655165516551655165516551"
+GUARDIAN_ADDRESS=""                                # 📜 Contracts: Defaults to deployer
+
+# Gas Configuration (optional) ⛽
+GAS_PRICE_GWEI=""                                  # 📜 Contracts: Manual gas price
+GAS_LIMIT=""                                       # 📜 Contracts: Manual gas limit
+
+# Fork Configuration (optional) 🍴
+FORK_BLOCK_NUMBER=""                               # 📜 Contracts: For testing
+FORK_CHAIN_ID=""                                   # 📜 Contracts: For testing
+
+# External Services (optional) 🌐
+BLOCKNATIVE_API_KEY=""                             # 📜 Contracts: Gas optimization

.github/workflows/admin-tests.yml

@@ -0,0 +1,113 @@
+name: Admin Dashboard Tests
+
+on:
+  push:
+    branches: [ main, develop, 'cursor/implement-admin-dashboard-package-*' ]
+    paths: 
+      - 'packages/admin/**'
+  pull_request:
+    branches: [ main, develop ]
+    paths: 
+      - 'packages/admin/**'
+
+jobs:
+  unit-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 8
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run unit tests
+        run: |
+          cd packages/admin
+          pnpm test:unit
+        env:
+          CI: true
+
+      - name: Generate coverage report
+        run: |
+          cd packages/admin
+          pnpm test:coverage
+        env:
+          CI: true
+
+      - name: Upload coverage reports
+        uses: codecov/codecov-action@v4
+        with:
+          directory: packages/admin/coverage
+          flags: admin-dashboard
+
+  integration-tests:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 8
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run integration tests
+        run: |
+          cd packages/admin
+          pnpm test:integration
+        env:
+          CI: true
+          VITEST_INTEGRATION: true
+          VITE_BASE_SEPOLIA_RPC: ${{ secrets.BASE_SEPOLIA_RPC }}
+          TEST_PRIVATE_KEY: ${{ secrets.TEST_PRIVATE_KEY }}
+
+  lint-and-format:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 8
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run linting
+        run: |
+          cd packages/admin
+          pnpm lint
+
+      - name: Check formatting
+        run: |
+          cd packages/admin
+          pnpm format --check

.gitignore

@@ -92,6 +92,9 @@ out
 .nuxt
 dist
 
+# Vite dev build output
+dev-dist
+
 # Gatsby files
 .cache/
 # Comment in the public line in if your project uses Gatsby and not Next.js
@@ -130,3 +133,7 @@ dist
 .yarn/install-state.gz
 .pnp.*
 .vercel
+
+# Playwright test results
+test-results/
+playwright-report/

.husky/pre-commit

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Ensure nvm is available and use Node 22 if possible
+export NVM_DIR="${NVM_DIR:-$HOME/.nvm}"
+[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"
+# Try to use project Node version (22) silently; ignore errors if nvm is missing
+nvm use --silent 22 >/dev/null 2>&1 || true
+
+# Ensure pnpm is available (via corepack if needed)
+if ! command -v pnpm >/dev/null 2>&1; then
+  if command -v corepack >/dev/null 2>&1; then
+    corepack enable >/dev/null 2>&1 || true
+    corepack prepare pnpm@latest --activate >/dev/null 2>&1 || true
+  fi
+fi
+
+# Run lint-staged using pnpm if present, otherwise fall back to npx
+if command -v pnpm >/dev/null 2>&1; then
+  pnpm lint-staged
+else
+  npx --no-install lint-staged
+fi
+

.husky/pre-push

@@ -0,0 +1,11 @@
+#!/usr/bin/env sh
+
+echo "🔍 Running format check and linting before push..."
+
+# Run format check first
+npx pnpm format:check
+
+# Run linting
+npx pnpm lint
+
+echo "✅ Pre-push checks passed!" 

.nvmrc

@@ -1 +1 @@
-v20
+v22

.oxlintrc.json

@@ -0,0 +1,41 @@
+{
+  "$schema": "https://raw.githubusercontent.com/oxc-project/oxc/main/crates/oxc_linter/src/config/oxlintrc.schema.json",
+  "plugins": ["react", "typescript", "jsx-a11y"],
+  "env": {
+    "browser": true,
+    "es2021": true,
+    "node": true
+  },
+  "ignorePatterns": [
+    "api/**",
+    "dev-dist/**",
+    "dist/**",
+    "node_modules/**",
+    "**/*.test.ts",
+    "**/*.test.tsx",
+    "**/__tests__/**"
+  ],
+  "rules": {
+    "react/react-in-jsx-scope": "off",
+    "react/prop-types": "off",
+    "react/jsx-uses-react": "error",
+    "react/jsx-uses-vars": "error",
+    "react/no-unescaped-entities": "warn",
+    "react/no-unknown-property": "error",
+    "@typescript-eslint/no-unused-vars": "warn",
+    "@typescript-eslint/no-explicit-any": "warn",
+    "@typescript-eslint/prefer-const": "error",
+    "no-console": "warn",
+    "no-debugger": "error",
+    "no-unused-vars": "warn",
+    "prefer-const": "error",
+    "no-var": "error",
+    "eqeqeq": "error",
+    "no-duplicate-imports": "error"
+  },
+  "settings": {
+    "react": {
+      "version": "detect"
+    }
+  }
+}