Feature: Implemented Dynamic Admin Settings for Platform Addresses and Security Guidelines for Private Keys

app/api/admin/settings/route.ts

@@ -0,0 +1,54 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { db } from '@/lib/db';
+
+export async function GET() {
+    try {
+        // Ensure table exists (Safe initialization)
+        await db.query(`
+            CREATE TABLE IF NOT EXISTS system_settings (
+                key TEXT PRIMARY KEY,
+                value TEXT NOT NULL,
+                updated_at TIMESTAMPTZ DEFAULT NOW()
+            )
+        `);
+
+        const result = await db.query('SELECT * FROM system_settings');
+        
+        // Convert to key-value object
+        const settings: Record<string, string> = {};
+        result.rows.forEach(row => {
+            settings[row.key] = row.value;
+        });
+
+        // Fill defaults if empty
+        if (!settings.sol_platform_address) settings.sol_platform_address = process.env.SOL_PLATFORM_ADDRESS || '';
+        if (!settings.evm_platform_address) settings.evm_platform_address = process.env.EVM_PLATFORM_ADDRESS || '';
+
+        return NextResponse.json(settings);
+    } catch (err: any) {
+        return NextResponse.json({ error: err.message }, { status: 500 });
+    }
+}
+
+export async function POST(req: NextRequest) {
+    try {
+        const body = await req.json();
+        const { sol_platform_address, evm_platform_address } = body;
+
+        const queries = [
+            { key: 'sol_platform_address', value: sol_platform_address },
+            { key: 'evm_platform_address', value: evm_platform_address }
+        ];
+
+        for (const q of queries) {
+            await db.query(
+                'INSERT INTO system_settings (key, value, updated_at) VALUES ($1, $2, NOW()) ON CONFLICT (key) DO UPDATE SET value = $2, updated_at = NOW()',
+                [q.key, q.value]
+            );
+        }
+
+        return NextResponse.json({ success: true });
+    } catch (err: any) {
+        return NextResponse.json({ error: err.message }, { status: 500 });
+    }
+}

app/api/crypto-sweep/route.ts

@@ -45,10 +45,18 @@ export async function POST(request: Request) {
             return NextResponse.json({ success: false, error: `No temporary wallet found for ${walletType}` }, { status: 500 });
         }
 
-        // 3. Define Platform Address (In production, load from env/settings)
-        const platformAddress = selectedNetwork === 'SOLANA'
-            ? process.env.SOL_PLATFORM_ADDRESS || "5pLH1tqZhx8p8WpZ18yr28N42KXB3FXVPzZ9ceCtpBVe"
-            : process.env.EVM_PLATFORM_ADDRESS || "0x70997970C51812dc3A010C7d01b50e0d17dc79C8";
+        // 3. Define Platform Address (Fetch from dynamic settings)
+        const platformAddresses = await (async () => {
+            const result = await db.query('SELECT key, value FROM system_settings WHERE key IN (\'sol_platform_address\', \'evm_platform_address\')');
+            const map: Record<string, string> = {};
+            result.rows.forEach(r => map[r.key] = r.value);
+            return {
+                sol: map.sol_platform_address || process.env.SOL_PLATFORM_ADDRESS || "5pLH1tqZhx8p8WpZ18yr28N42KXB3FXVPzZ9ceCtpBVe",
+                evm: map.evm_platform_address || process.env.EVM_PLATFORM_ADDRESS || "0x70997970C51812dc3A010C7d01b50e0d17dc79C8"
+            };
+        })();
+
+        const platformAddress = selectedNetwork === 'SOLANA' ? platformAddresses.sol : platformAddresses.evm;
 
         // 4. Define Merchant Address (Fetch from transaction's merchant)
         const merchantResult = await db.query('SELECT * FROM merchants WHERE id = $1', [transaction.merchant_id]);