npm - @seasonkoh/webaz - Versions diffs - 0.1.7 → 0.1.9 - Mend

@seasonkoh/webaz 0.1.7 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (153) hide show

package/LICENSE +48 -0
package/README.md +156 -20
package/dist/layer0-foundation/L0-1-database/schema.js +5 -4
package/dist/layer0-foundation/L0-2-state-machine/engine.js +228 -7
package/dist/layer0-foundation/L0-2-state-machine/order-chain.js +156 -0
package/dist/layer0-foundation/L0-2-state-machine/transitions.js +53 -12
package/dist/layer0-foundation/L0-5-manifest/manifest.js +14 -1
package/dist/layer1-agent/L1-1-mcp-server/auth.js +1 -1
package/dist/layer1-agent/L1-1-mcp-server/server.js +3691 -714
package/dist/layer1-agent/L1-2-external-anchor/anchor-engine.js +324 -0
package/dist/layer1-agent/L1-2-identity/agent-passport.js +100 -0
package/dist/layer2-business/L2-6-notifications/notification-engine.js +72 -5
package/dist/layer2-business/L2-7-snf/snf-engine.js +287 -0
package/dist/layer2-business/L2-anchor-registry/anchor-registry.js +396 -0
package/dist/layer2-business/L2-notes/note-photo-storage.js +133 -0
package/dist/layer3-trust/L3-1-dispute-engine/dispute-engine.js +6 -6
package/dist/layer3-trust/L3-1-dispute-engine/evidence-storage.js +246 -0
package/dist/layer4-economics/L4-3-reputation/reputation-engine.js +95 -1
package/dist/layer4-economics/L4-4-skill-market/skill-engine.js +31 -2
package/dist/layer4-economics/L4-4-skill-market/skill-listing-engine.js +358 -0
package/dist/pwa/public/app.js +31947 -0
package/dist/pwa/public/i18n.js +5751 -0
package/dist/pwa/public/icon.svg +11 -0
package/dist/pwa/public/index.html +21 -0
package/dist/pwa/public/manifest.json +48 -0
package/dist/pwa/public/openapi.json +5946 -0
package/dist/pwa/public/style.css +535 -0
package/dist/pwa/public/sw.js +63 -0
package/dist/pwa/public/vendor/jsQR.js +10102 -0
package/dist/pwa/public/webaz-logo.png +0 -0
package/dist/pwa/routes/account-deletion.js +53 -0
package/dist/pwa/routes/addresses.js +105 -0
package/dist/pwa/routes/admin-admins.js +151 -0
package/dist/pwa/routes/admin-analytics.js +253 -0
package/dist/pwa/routes/admin-atomic.js +21 -0
package/dist/pwa/routes/admin-catalog.js +64 -0
package/dist/pwa/routes/admin-editor-picks.js +45 -0
package/dist/pwa/routes/admin-events.js +60 -0
package/dist/pwa/routes/admin-health.js +66 -0
package/dist/pwa/routes/admin-moderation.js +120 -0
package/dist/pwa/routes/admin-ops.js +179 -0
package/dist/pwa/routes/admin-protocol-params.js +79 -0
package/dist/pwa/routes/admin-reports.js +154 -0
package/dist/pwa/routes/admin-tokenomics.js +113 -0
package/dist/pwa/routes/admin-users-lifecycle.js +237 -0
package/dist/pwa/routes/admin-users-query.js +390 -0
package/dist/pwa/routes/admin-verifier-flow.js +126 -0
package/dist/pwa/routes/admin-verifier-whitelist.js +111 -0
package/dist/pwa/routes/admin-wallet-ops.js +66 -0
package/dist/pwa/routes/agent-buy.js +215 -0
package/dist/pwa/routes/agent-governance.js +341 -0
package/dist/pwa/routes/agent-reputation.js +34 -0
package/dist/pwa/routes/ai.js +101 -0
package/dist/pwa/routes/analytics.js +272 -0
package/dist/pwa/routes/anchors.js +169 -0
package/dist/pwa/routes/announcements.js +110 -0
package/dist/pwa/routes/arbitrator.js +117 -0
package/dist/pwa/routes/auction.js +436 -0
package/dist/pwa/routes/auth-login.js +40 -0
package/dist/pwa/routes/auth-read.js +66 -0
package/dist/pwa/routes/auth-register.js +138 -0
package/dist/pwa/routes/auth-sessions.js +62 -0
package/dist/pwa/routes/blocklist.js +60 -0
package/dist/pwa/routes/buyer-feeds.js +224 -0
package/dist/pwa/routes/cart.js +155 -0
package/dist/pwa/routes/charity.js +816 -0
package/dist/pwa/routes/chat.js +318 -0
package/dist/pwa/routes/checkin-tasks.js +122 -0
package/dist/pwa/routes/checkout-helpers.js +85 -0
package/dist/pwa/routes/claim-initiators.js +88 -0
package/dist/pwa/routes/claim-verify.js +615 -0
package/dist/pwa/routes/claim-voting.js +114 -0
package/dist/pwa/routes/claim-withdrawals.js +20 -0
package/dist/pwa/routes/coupons.js +165 -0
package/dist/pwa/routes/dashboards.js +99 -0
package/dist/pwa/routes/dispute-cases.js +267 -0
package/dist/pwa/routes/disputes-read.js +358 -0
package/dist/pwa/routes/disputes-write.js +475 -0
package/dist/pwa/routes/evidence.js +86 -0
package/dist/pwa/routes/external-anchors.js +107 -0
package/dist/pwa/routes/feedback.js +270 -0
package/dist/pwa/routes/flash-sales.js +130 -0
package/dist/pwa/routes/follows.js +103 -0
package/dist/pwa/routes/group-buys.js +208 -0
package/dist/pwa/routes/growth.js +199 -0
package/dist/pwa/routes/import-product.js +153 -0
package/dist/pwa/routes/kyc.js +40 -0
package/dist/pwa/routes/leaderboard.js +149 -0
package/dist/pwa/routes/listings.js +281 -0
package/dist/pwa/routes/logistics.js +35 -0
package/dist/pwa/routes/manifests.js +126 -0
package/dist/pwa/routes/me-data.js +101 -0
package/dist/pwa/routes/notifications.js +48 -0
package/dist/pwa/routes/offers.js +96 -0
package/dist/pwa/routes/orders-action.js +285 -0
package/dist/pwa/routes/orders-create.js +339 -0
package/dist/pwa/routes/orders-read.js +180 -0
package/dist/pwa/routes/p2p-products.js +178 -0
package/dist/pwa/routes/payments-governance.js +311 -0
package/dist/pwa/routes/peers.js +34 -0
package/dist/pwa/routes/pin-receipts.js +39 -0
package/dist/pwa/routes/products-aliases.js +119 -0
package/dist/pwa/routes/products-claims.js +60 -0
package/dist/pwa/routes/products-create.js +206 -0
package/dist/pwa/routes/products-crud.js +73 -0
package/dist/pwa/routes/products-links.js +129 -0
package/dist/pwa/routes/products-list.js +424 -0
package/dist/pwa/routes/products-meta.js +155 -0
package/dist/pwa/routes/products-update.js +125 -0
package/dist/pwa/routes/profile-credentials.js +105 -0
package/dist/pwa/routes/profile-identity.js +174 -0
package/dist/pwa/routes/profile-location.js +35 -0
package/dist/pwa/routes/profile-placement.js +70 -0
package/dist/pwa/routes/profile-prefs.js +93 -0
package/dist/pwa/routes/promoter.js +208 -0
package/dist/pwa/routes/public-utils.js +170 -0
package/dist/pwa/routes/push.js +54 -0
package/dist/pwa/routes/ratings.js +220 -0
package/dist/pwa/routes/recover-key.js +100 -0
package/dist/pwa/routes/referral.js +58 -0
package/dist/pwa/routes/reputation.js +34 -0
package/dist/pwa/routes/returns.js +493 -0
package/dist/pwa/routes/reviews.js +81 -0
package/dist/pwa/routes/rfqs.js +443 -0
package/dist/pwa/routes/search.js +172 -0
package/dist/pwa/routes/secondhand.js +278 -0
package/dist/pwa/routes/seller-quota.js +225 -0
package/dist/pwa/routes/share-redirects.js +164 -0
package/dist/pwa/routes/shareables-interactions.js +212 -0
package/dist/pwa/routes/shareables.js +470 -0
package/dist/pwa/routes/shops.js +98 -0
package/dist/pwa/routes/signaling.js +43 -0
package/dist/pwa/routes/skill-market.js +173 -0
package/dist/pwa/routes/skills.js +174 -0
package/dist/pwa/routes/snf.js +126 -0
package/dist/pwa/routes/tags.js +47 -0
package/dist/pwa/routes/trial.js +333 -0
package/dist/pwa/routes/trusted-kpi.js +87 -0
package/dist/pwa/routes/url-claim.js +113 -0
package/dist/pwa/routes/users-public.js +317 -0
package/dist/pwa/routes/variants.js +156 -0
package/dist/pwa/routes/verifier-user.js +107 -0
package/dist/pwa/routes/verify-tasks.js +120 -0
package/dist/pwa/routes/waitlist.js +65 -0
package/dist/pwa/routes/wallet-read.js +218 -0
package/dist/pwa/routes/wallet-write.js +273 -0
package/dist/pwa/routes/webauthn.js +188 -0
package/dist/pwa/routes/webhooks.js +162 -0
package/dist/pwa/routes/welcome.js +226 -0
package/dist/pwa/routes/wishlist-qa.js +135 -0
package/dist/pwa/security/ssrf.js +110 -0
package/dist/pwa/server.js +9679 -698
package/package.json +11 -4

package/dist/pwa/routes/charity.js ADDED Viewed

@@ -0,0 +1,816 @@
+import { createHash, createHmac, randomBytes } from 'node:crypto';
+// ─── 域常量 ───────────────────────────────────────────────
+const CHARITY_CATEGORIES = ['medical', 'education', 'daily', 'elderly', 'disaster', 'tech', 'other'];
+const CHARITY_CATEGORY_LABEL = {
+    medical: '医疗救助', education: '教育求学', daily: '生活物资',
+    elderly: '助老', disaster: '灾害互助', tech: '科技/设备', other: '其它',
+};
+const CHARITY_MAX_CASH_WAZ = 500;
+const CHARITY_MONTHLY_WISH_CAP = 5;
+const CHARITY_MONTHLY_FULFILL_CAP = 10;
+const CHARITY_WINDOW_MIN_HOURS = 24;
+const CHARITY_WINDOW_MAX_HOURS = 30 * 24;
+const CHARITY_CLAIM_TIMEOUT_HOURS = 48;
+const CHARITY_AUTO_CONFIRM_DAYS = 14; // P1.4: cash wish 兜底自动确认
+const CHARITY_REPAY_MIN = 0.1;
+const CHARITY_REPAY_AUTO_ACCEPT_DAYS = 7;
+const CHARITY_DONATION_MIN = 0.1;
+const CHARITY_DONATION_DAILY_HONOR_CAP = 50;
+function isCharityCategory(s) {
+    return CHARITY_CATEGORIES.includes(s);
+}
+function charityBadgeTier(prestige) {
+    if (prestige >= 1000)
+        return 'diamond';
+    if (prestige >= 200)
+        return 'gold';
+    if (prestige >= 50)
+        return 'silver';
+    if (prestige >= 10)
+        return 'bronze';
+    return 'none';
+}
+// P2.6 修复：独立 ANON_SEED；MASTER_SEED 单独泄露 ≠ 全员去匿名化
+// 模块加载时读 env（与 server.ts MASTER_SEED 用同源 env 变量）
+const CHARITY_ANON_SEED = process.env.CHARITY_ANON_SEED
+    || ((process.env.WALLET_MASTER_SEED ?? 'webaz-dev-seed-changeme') + ':charity:anon:v1');
+function charityAnonHandle(userId, wishId, role) {
+    return createHmac('sha256', CHARITY_ANON_SEED).update(`charity:${role}:${userId}:${wishId}`).digest('hex').slice(0, 12);
+}
+// ─── 模块级 db-taking helpers（供 cron + 路由共用）──────────
+// exported because server.ts order-creation path (B5 下单捐赠) 仍引用
+export function ensureCharityRep(db, userId) {
+    db.prepare(`INSERT OR IGNORE INTO charity_reputation (user_id) VALUES (?)`).run(userId);
+}
+function isCharityBlocked(db, userId) {
+    const row = db.prepare("SELECT reason, until FROM charity_blocklist WHERE user_id = ? AND until > datetime('now')").get(userId);
+    if (row)
+        return { blocked: true, reason: row.reason, until: row.until };
+    return { blocked: false };
+}
+// 自动过期清理（仅 runEnforcement 调用；GET 端点不再触发写）
+export function expireCharityWishes(db) {
+    // 超时未认领 → expired，释放托管
+    const expired = db.prepare(`
+    SELECT id, user_id, escrow_locked FROM wishes
+    WHERE status = 'open' AND expires_at <= datetime('now')
+  `).all();
+    for (const w of expired) {
+        db.transaction(() => {
+            db.prepare("UPDATE wishes SET status = 'expired' WHERE id = ?").run(w.id);
+            if (w.escrow_locked > 0) {
+                db.prepare('UPDATE wallets SET balance = balance + ?, staked = staked - ? WHERE user_id = ?').run(w.escrow_locked, w.escrow_locked, w.user_id);
+            }
+        })();
+    }
+    // P1.3 修复：48h 仅指 claim 后 *零证据* 的情况；如果已提交 proof_pending wf 则不强 reset
+    // 改判定：NOT EXISTS ANY wf at all（含 proof_pending）。已交证据的 fulfiller 不被回收
+    const stale = db.prepare(`
+    SELECT w.id, w.fulfiller_user_id FROM wishes w
+    WHERE w.status = 'claimed' AND w.claimed_at <= datetime('now', '-${CHARITY_CLAIM_TIMEOUT_HOURS} hours')
+      AND NOT EXISTS (SELECT 1 FROM wish_fulfillments wf WHERE wf.wish_id = w.id)
+  `).all();
+    for (const w of stale) {
+        db.transaction(() => {
+            db.prepare("UPDATE wishes SET status = 'open', fulfiller_user_id = NULL, claimed_at = NULL WHERE id = ?").run(w.id);
+            if (w.fulfiller_user_id) {
+                ensureCharityRep(db, w.fulfiller_user_id);
+                db.prepare("UPDATE charity_reputation SET prestige_score = MAX(0, prestige_score - 1) WHERE user_id = ?").run(w.fulfiller_user_id);
+            }
+        })();
+    }
+    // P1.4 修复：fulfiller 兜底 — wisher 14 天不 confirm → 自动确认（防止 cash wish escrow 永久锁）
+    // 仅 proof_pending 的 wf 才参与
+    const orphans = db.prepare(`
+    SELECT w.id as wid, w.user_id as wuid, w.fulfiller_user_id as fuid,
+           w.target_kind, w.escrow_locked, wf.id as wfid, wf.proof_hash
+    FROM wishes w JOIN wish_fulfillments wf ON wf.wish_id = w.id
+    WHERE w.status = 'claimed' AND wf.status = 'proof_pending'
+      AND wf.created_at <= datetime('now', '-${CHARITY_AUTO_CONFIRM_DAYS} days')
+  `).all();
+    for (const o of orphans) {
+        db.transaction(() => {
+            // 不签名（许愿人未参与），仅记录 auto_confirmed
+            const upd = db.prepare(`UPDATE wish_fulfillments SET status='confirmed', wisher_sig='AUTO_CONFIRM', confirmed_at=datetime('now')
+                              WHERE id = ? AND status='proof_pending'`).run(o.wfid);
+            if (upd.changes === 0)
+                return;
+            db.prepare(`UPDATE wishes SET status='completed', completed_at=datetime('now') WHERE id = ? AND status='claimed'`).run(o.wid);
+            if (o.target_kind === 'cash' && Number(o.escrow_locked) > 0) {
+                db.prepare('UPDATE wallets SET staked = staked - ? WHERE user_id = ?').run(o.escrow_locked, o.wuid);
+                db.prepare('UPDATE wallets SET balance = balance + ? WHERE user_id = ?').run(o.escrow_locked, o.fuid);
+            }
+            ensureCharityRep(db, o.fuid);
+            db.prepare(`UPDATE charity_reputation SET wishes_fulfilled = wishes_fulfilled + 1,
+                  prestige_score = prestige_score + 10, last_active = datetime('now') WHERE user_id = ?`).run(o.fuid);
+            const s = db.prepare('SELECT prestige_score FROM charity_reputation WHERE user_id = ?').get(o.fuid).prestige_score;
+            db.prepare(`UPDATE charity_reputation SET badge_tier = ? WHERE user_id = ?`).run(charityBadgeTier(s), o.fuid);
+        })();
+    }
+}
+// 自动接受过期还愿（每 5 分钟 enforcement 调用）
+export function autoAcceptExpiredRepayments(db) {
+    const rows = db.prepare(`SELECT * FROM wish_repayments WHERE status = 'offered' AND auto_expire_at <= datetime('now')`).all();
+    for (const r of rows) {
+        const amount = Number(r.amount);
+        db.transaction(() => {
+            // P0.3 修复：UPDATE 带 status 守门；与手动 respond 撞车时 changes=0 直接跳过
+            const upd = db.prepare(`UPDATE wish_repayments SET status='expired_auto_accept', responded_at=datetime('now'), locked=0
+                              WHERE id = ? AND status='offered'`).run(r.id);
+            if (upd.changes === 0)
+                return;
+            db.prepare(`UPDATE wallets SET staked = staked - ? WHERE user_id = ?`).run(amount, r.wisher_user_id);
+            db.prepare(`UPDATE wallets SET balance = balance + ? WHERE user_id = ?`).run(amount, r.fulfiller_user_id);
+            ensureCharityRep(db, r.fulfiller_user_id);
+            db.prepare(`UPDATE charity_reputation SET repay_honor = repay_honor + 5, prestige_score = prestige_score + 5 WHERE user_id = ?`).run(r.fulfiller_user_id);
+        })();
+    }
+}
+export function registerCharityRoutes(app, deps) {
+    const { db, auth, generateId, rateLimitOk, getUser, isTrustedRole, requireContentAdmin, requireProtocolAdmin, fireWebhooks } = deps;
+    // POST /api/wishes — 发布愿望
+    app.post('/api/wishes', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 10, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const blocked = isCharityBlocked(db, user.id);
+        if (blocked.blocked)
+            return void res.json({ error: `已被暂时禁言：${blocked.reason}（${blocked.until} 解除）`, blocklist_reason: blocked.reason, blocklist_until: blocked.until });
+        const body = req.body;
+        const title = String(body.title || '').trim();
+        if (title.length < 4 || title.length > 100)
+            return void res.json({ error: '标题 4-100 字' });
+        const content = String(body.content || '').trim();
+        if (content.length < 10 || content.length > 1000)
+            return void res.json({ error: '描述 10-1000 字' });
+        const cat = String(body.category || 'other');
+        if (!isCharityCategory(cat))
+            return void res.json({ error: '类目无效' });
+        const targetKind = String(body.target_kind || 'item');
+        if (!['item', 'service', 'cash'].includes(targetKind))
+            return void res.json({ error: 'target_kind 无效' });
+        const windowHours = Math.max(CHARITY_WINDOW_MIN_HOURS, Math.min(CHARITY_WINDOW_MAX_HOURS, Math.floor(Number(body.window_hours || 168))));
+        const allowPublic = body.allow_public ? 1 : 0;
+        // 月度上限
+        const monthly = db.prepare("SELECT COUNT(1) as n FROM wishes WHERE user_id = ? AND created_at > datetime('now','-30 days')").get(user.id).n;
+        if (monthly >= CHARITY_MONTHLY_WISH_CAP)
+            return void res.json({ error: `月度许愿上限 ${CHARITY_MONTHLY_WISH_CAP} 个，请下月再来` });
+        // 现金类需托管
+        let targetWaz = null;
+        let escrow = 0;
+        if (targetKind === 'cash') {
+            targetWaz = Number(body.target_waz);
+            if (!Number.isFinite(targetWaz) || targetWaz <= 0)
+                return void res.json({ error: 'cash 类型需 target_waz > 0' });
+            if (targetWaz > CHARITY_MAX_CASH_WAZ)
+                return void res.json({ error: `单愿金额上限 ${CHARITY_MAX_CASH_WAZ} WAZ` });
+            // 卖家承诺托管：可选 — 锁仓 0 表示纯协调（不推荐），>0 表示真托管
+            const lockSelf = body.escrow_self ? Number(body.target_waz) : 0;
+            if (lockSelf > 0) {
+                const w = db.prepare('SELECT balance FROM wallets WHERE user_id = ?').get(user.id);
+                if (!w || w.balance < lockSelf)
+                    return void res.json({ error: '余额不足以自托管' });
+                escrow = lockSelf;
+            }
+        }
+        const id = generateId('wish');
+        // P2.1 修复：去掉 secret_keep_safe（无 reveal 端点用不上，节省一次握手）
+        const commitHash = createHash('sha256').update(`${user.id}|${randomBytes(16).toString('hex')}|${id}|${Date.now()}`).digest('hex');
+        const wisherHandle = charityAnonHandle(user.id, id, 'wisher');
+        db.transaction(() => {
+            db.prepare(`INSERT INTO wishes (id, user_id, wisher_handle, category, title, content, target_kind, target_waz, escrow_locked, commit_hash, allow_public, expires_at)
+                  VALUES (?,?,?,?,?,?,?,?,?,?,?, datetime('now', '+' || ? || ' hours'))`).run(id, user.id, wisherHandle, cat, title, content, targetKind, targetWaz, escrow, commitHash, allowPublic, windowHours);
+            if (escrow > 0) {
+                db.prepare('UPDATE wallets SET balance = balance - ?, staked = staked + ? WHERE user_id = ?').run(escrow, escrow, user.id);
+            }
+            ensureCharityRep(db, user.id);
+            db.prepare("UPDATE charity_reputation SET wishes_made = wishes_made + 1, last_active = datetime('now') WHERE user_id = ?").run(user.id);
+        })();
+        res.json({ id, wisher_handle: wisherHandle, escrow_locked: escrow });
+    });
+    // GET /api/wishes — 浏览（匿名可访问）
+    app.get('/api/wishes', (req, res) => {
+        const where = ["status IN ('open','claimed')"];
+        const args = [];
+        if (req.query.category && isCharityCategory(String(req.query.category))) {
+            where.push('category = ?');
+            args.push(String(req.query.category));
+        }
+        if (req.query.target_kind) {
+            const k = String(req.query.target_kind);
+            if (['item', 'service', 'cash'].includes(k)) {
+                where.push('target_kind = ?');
+                args.push(k);
+            }
+        }
+        if (req.query.status) {
+            where[0] = 'status = ?';
+            args.unshift(String(req.query.status));
+        }
+        if (req.query.q && typeof req.query.q === 'string' && req.query.q.trim()) {
+            const qE = req.query.q.trim().replace(/[\\%_]/g, '\\$&');
+            where.push("(title LIKE ? ESCAPE '\\' OR content LIKE ? ESCAPE '\\')");
+            args.push('%' + qE + '%', '%' + qE + '%');
+        }
+        const limit = Math.min(100, Math.max(1, Number(req.query.limit) || 30));
+        const rows = db.prepare(`
+      SELECT id, wisher_handle, category, title,
+             substr(content, 1, 120) as content_preview,
+             target_kind, target_waz, escrow_locked, status, allow_public,
+             expires_at, created_at, claimed_at
+      FROM wishes
+      WHERE ${where.join(' AND ')}
+      ORDER BY created_at DESC
+      LIMIT ?
+    `).all(...args, limit);
+        res.json({ items: rows, categories: CHARITY_CATEGORIES, category_labels: CHARITY_CATEGORY_LABEL });
+    });
+    // GET /api/wishes/:id — 详情
+    app.get('/api/wishes/:id', (req, res) => {
+        const id = req.params.id;
+        const w = db.prepare(`SELECT * FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        const me = getUser(req);
+        const isWisher = !!me && me.id === w.user_id;
+        const isFulfiller = !!me && me.id === w.fulfiller_user_id;
+        const fulfillments = db.prepare(`
+      SELECT id, fulfiller_handle, proof_hash, proof_note, status,
+             confirmed_at, disclose_wisher, disclose_fulfiller, disclosed_at, created_at
+      FROM wish_fulfillments WHERE wish_id = ?
+      ORDER BY created_at DESC
+    `).all(id);
+        const repayments = db.prepare(`
+      SELECT id, fulfillment_id, amount, note, status, responded_at, auto_expire_at, created_at
+      FROM wish_repayments WHERE wish_id = ?
+      ORDER BY created_at DESC
+    `).all(id);
+        res.json({
+            id: w.id, wisher_handle: w.wisher_handle, category: w.category, title: w.title,
+            content: w.content, target_kind: w.target_kind, target_waz: w.target_waz,
+            escrow_locked: w.escrow_locked, commit_hash: w.commit_hash, allow_public: w.allow_public,
+            status: w.status, claimed_at: w.claimed_at, completed_at: w.completed_at,
+            expires_at: w.expires_at, created_at: w.created_at,
+            fulfillments, repayments,
+            is_wisher: isWisher, is_fulfiller: isFulfiller,
+        });
+    });
+    // POST /api/wishes/:id/fulfill — 圆梦人认领
+    // #1018 改名：原 /claim path 与 claim-initiators 的 wish_claim_task (fraud claim) 冲突
+    // /claim 让 fraud-claim 独占（与 secondhand/auctions 三垂类对称）
+    app.post('/api/wishes/:id/fulfill', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 30, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const id = req.params.id;
+        const blocked = isCharityBlocked(db, user.id);
+        if (blocked.blocked)
+            return void res.json({ error: `已被暂时禁言：${blocked.reason}`, blocklist_reason: blocked.reason, blocklist_until: blocked.until });
+        const w = db.prepare(`SELECT user_id, status FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        if (w.status !== 'open')
+            return void res.json({ error: '该愿望已被认领或已结束' });
+        if (w.user_id === user.id) {
+            // 反自施善（防自己给自己许愿圆满，套取威望）：直接封锁 30 天
+            db.prepare("INSERT OR REPLACE INTO charity_blocklist (user_id, reason, until) VALUES (?, 'self_fulfill_fraud', datetime('now','+30 days'))").run(user.id);
+            return void res.json({ error: '禁止圆自己的愿。已封锁 30 天。' });
+        }
+        const monthly = db.prepare("SELECT COUNT(1) as n FROM wishes WHERE fulfiller_user_id = ? AND claimed_at > datetime('now','-30 days')").get(user.id).n;
+        if (monthly >= CHARITY_MONTHLY_FULFILL_CAP)
+            return void res.json({ error: `月度施善上限 ${CHARITY_MONTHLY_FULFILL_CAP} 次` });
+        const claimRes = db.prepare(`UPDATE wishes SET status='claimed', fulfiller_user_id=?, claimed_at=datetime('now')
+                WHERE id = ? AND status='open'`).run(user.id, id);
+        if (claimRes.changes === 0)
+            return void res.json({ error: '该愿望已被他人认领，请刷新' });
+        // P2.4 通知：许愿人收到"你的愿望被认领"
+        try {
+            const t = db.prepare('SELECT title FROM wishes WHERE id = ?').get(id).title;
+            db.prepare(`INSERT INTO notifications (id, user_id, wish_id, type, title, body, created_at)
+                  VALUES (?,?,?,'wish_claimed',?,?,datetime('now'))`)
+                .run(generateId('ntf'), w.user_id, id, '🤝 你的愿望被认领', `「${t}」 施善人已开始行动，请等待证据`);
+        }
+        catch (e) {
+            console.error('[charity notify claim]', e);
+        }
+        res.json({ ok: true, claim_timeout_hours: CHARITY_CLAIM_TIMEOUT_HOURS });
+    });
+    // POST /api/wishes/:id/proof — 提交证据
+    app.post('/api/wishes/:id/proof', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 30, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const id = req.params.id;
+        const w = db.prepare(`SELECT user_id, fulfiller_user_id, status FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        if (w.fulfiller_user_id !== user.id)
+            return void res.json({ error: '仅施善人可提交证据' });
+        if (w.status !== 'claimed')
+            return void res.json({ error: '当前状态不可提交证据' });
+        const body = req.body;
+        const proofHash = String(body.proof_hash || '').trim();
+        if (proofHash.length < 16 || proofHash.length > 128)
+            return void res.json({ error: 'proof_hash 长度无效（16-128 hex）' });
+        const proofNote = body.proof_note ? String(body.proof_note).slice(0, 500) : null;
+        // 施善人签名 = HMAC(api_key, wish_id||proof_hash)
+        const sig = createHmac('sha256', user.api_key).update(`${id}|${proofHash}`).digest('hex');
+        const fid = generateId('wf');
+        const handle = charityAnonHandle(user.id, id, 'fulfiller');
+        db.prepare(`INSERT INTO wish_fulfillments (id, wish_id, fulfiller_user_id, fulfiller_handle, proof_hash, proof_note, fulfiller_sig)
+                VALUES (?,?,?,?,?,?,?)`).run(fid, id, user.id, handle, proofHash, proofNote, sig);
+        // P2.4 通知：许愿人收到"施善证据已提交，请确认"
+        try {
+            const t = db.prepare('SELECT title FROM wishes WHERE id = ?').get(id).title;
+            db.prepare(`INSERT INTO notifications (id, user_id, wish_id, type, title, body, created_at)
+                  VALUES (?,?,?,'wish_proof',?,?,datetime('now'))`)
+                .run(generateId('ntf'), w.user_id, id, '📤 施善证据已提交', `「${t}」 请尽快确认（14 天不响应会自动确认）`);
+        }
+        catch (e) {
+            console.error('[charity notify proof]', e);
+        }
+        res.json({ id: fid, fulfiller_handle: handle, signature: sig });
+    });
+    // POST /api/wishes/:id/confirm — 许愿人确认
+    app.post('/api/wishes/:id/confirm', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 30, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const id = req.params.id;
+        const w = db.prepare(`SELECT * FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        if (w.user_id !== user.id)
+            return void res.json({ error: '仅许愿人可确认' });
+        if (w.status !== 'claimed')
+            return void res.json({ error: '当前状态不可确认' });
+        const fid = String(req.body.fulfillment_id || '');
+        const wf = db.prepare(`SELECT * FROM wish_fulfillments WHERE id = ? AND wish_id = ?`).get(fid, id);
+        if (!wf)
+            return void res.json({ error: '证据不存在' });
+        if (wf.status !== 'proof_pending')
+            return void res.json({ error: '该证据已处理' });
+        const wisherSig = createHmac('sha256', user.api_key).update(`${id}|${wf.proof_hash}|confirm`).digest('hex');
+        let raceLost = false;
+        db.transaction(() => {
+            // P0.1 修复：原子状态推进 — 仅 status='proof_pending' 时 update；双击/重放只有一次生效
+            const upd = db.prepare(`UPDATE wish_fulfillments SET status='confirmed', wisher_sig=?, confirmed_at=datetime('now')
+                              WHERE id = ? AND status='proof_pending'`).run(wisherSig, fid);
+            if (upd.changes === 0) {
+                raceLost = true;
+                return;
+            }
+            db.prepare(`UPDATE wishes SET status='completed', completed_at=datetime('now') WHERE id = ? AND status='claimed'`).run(id);
+            // cash 模式释放托管给施善人
+            if (w.target_kind === 'cash' && Number(w.escrow_locked) > 0) {
+                const amt = Number(w.escrow_locked);
+                db.prepare('UPDATE wallets SET staked = staked - ? WHERE user_id = ?').run(amt, w.user_id);
+                db.prepare('UPDATE wallets SET balance = balance + ? WHERE user_id = ?').run(amt, w.fulfiller_user_id);
+            }
+            // prestige：施善人 +10，许愿人 +1（鼓励确认）
+            ensureCharityRep(db, w.fulfiller_user_id);
+            db.prepare(`UPDATE charity_reputation SET wishes_fulfilled = wishes_fulfilled + 1,
+                  prestige_score = prestige_score + 10, last_active = datetime('now') WHERE user_id = ?`).run(w.fulfiller_user_id);
+            const newScore = db.prepare('SELECT prestige_score FROM charity_reputation WHERE user_id = ?').get(w.fulfiller_user_id).prestige_score;
+            db.prepare(`UPDATE charity_reputation SET badge_tier = ? WHERE user_id = ?`).run(charityBadgeTier(newScore), w.fulfiller_user_id);
+            ensureCharityRep(db, user.id);
+            db.prepare(`UPDATE charity_reputation SET prestige_score = prestige_score + 1, last_active = datetime('now') WHERE user_id = ?`).run(user.id);
+        })();
+        if (raceLost)
+            return void res.json({ error: '该证据已被处理，请刷新' });
+        // P2.4 通知：施善人收到"许愿人已确认"
+        try {
+            db.prepare(`INSERT INTO notifications (id, user_id, wish_id, type, title, body, created_at)
+                  VALUES (?,?,?,'wish_confirmed',?,?,datetime('now'))`)
+                .run(generateId('ntf'), w.fulfiller_user_id, id, '✓ 许愿人已确认圆梦', `「${w.title}」 +10 威望已入账`);
+        }
+        catch (e) {
+            console.error('[charity notify confirm]', e);
+        }
+        // 📡 Webhook fire — 通知双方 (异步不 await)
+        fireWebhooks('wish.confirmed', { wish_id: id, wisher_handle: w.wisher_handle, title: w.title }, [w.user_id, w.fulfiller_user_id]).catch(e => console.error('[webhook]', e));
+        res.json({ ok: true, wisher_sig: wisherSig });
+    });
+    // POST /api/wishes/:id/disclose — 申请公开（双方同意才公开）
+    app.post('/api/wishes/:id/disclose', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const id = req.params.id;
+        const w = db.prepare(`SELECT user_id, fulfiller_user_id, status, allow_public FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        if (w.status !== 'completed')
+            return void res.json({ error: '仅完成后可申请公开' });
+        if (!w.allow_public)
+            return void res.json({ error: '该愿望已声明保持匿名，不可公开' });
+        const wf = db.prepare(`SELECT id, disclose_wisher, disclose_fulfiller FROM wish_fulfillments WHERE wish_id = ? AND status='confirmed' ORDER BY created_at DESC LIMIT 1`).get(id);
+        if (!wf)
+            return void res.json({ error: '未找到对应证据' });
+        let update = null;
+        if (user.id === w.user_id)
+            update = 'disclose_wisher = 1';
+        else if (user.id === w.fulfiller_user_id)
+            update = 'disclose_fulfiller = 1';
+        else
+            return void res.json({ error: '非当事人不可申请公开' });
+        db.prepare(`UPDATE wish_fulfillments SET ${update} WHERE id = ?`).run(wf.id);
+        // 双方都同意 → 标记 disclosed_at
+        const both = db.prepare(`SELECT disclose_wisher, disclose_fulfiller FROM wish_fulfillments WHERE id = ?`).get(wf.id);
+        let disclosed = false;
+        if (both.disclose_wisher && both.disclose_fulfiller) {
+            db.prepare(`UPDATE wish_fulfillments SET disclosed_at = datetime('now') WHERE id = ?`).run(wf.id);
+            disclosed = true;
+        }
+        res.json({ ok: true, disclosed, wisher_agreed: !!both.disclose_wisher, fulfiller_agreed: !!both.disclose_fulfiller });
+    });
+    // POST /api/wishes/:id/cancel — 许愿人取消（仅 open 状态）
+    app.post('/api/wishes/:id/cancel', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        const id = req.params.id;
+        const w = db.prepare(`SELECT user_id, status, escrow_locked FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        if (w.user_id !== user.id)
+            return void res.json({ error: '仅许愿人可取消' });
+        if (w.status !== 'open')
+            return void res.json({ error: '已认领或已完成的愿望不可取消' });
+        db.transaction(() => {
+            db.prepare("UPDATE wishes SET status='cancelled' WHERE id = ?").run(id);
+            if (w.escrow_locked > 0) {
+                db.prepare('UPDATE wallets SET balance = balance + ?, staked = staked - ? WHERE user_id = ?').run(w.escrow_locked, w.escrow_locked, user.id);
+            }
+        })();
+        res.json({ ok: true });
+    });
+    // GET /api/charity/me — 我的慈善档案
+    app.get('/api/charity/me', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        ensureCharityRep(db, user.id);
+        const rep = db.prepare(`SELECT * FROM charity_reputation WHERE user_id = ?`).get(user.id);
+        const myWishes = db.prepare(`SELECT id, wisher_handle, category, title, status, target_kind, target_waz, expires_at, created_at, completed_at
+                                 FROM wishes WHERE user_id = ? ORDER BY created_at DESC LIMIT 50`).all(user.id);
+        const myFulfilled = db.prepare(`
+      SELECT w.id, w.title, w.category, w.target_kind, w.target_waz, w.status, w.completed_at, wf.fulfiller_handle, wf.status as wf_status
+      FROM wish_fulfillments wf JOIN wishes w ON w.id = wf.wish_id
+      WHERE wf.fulfiller_user_id = ? ORDER BY wf.created_at DESC LIMIT 50
+    `).all(user.id);
+        // 待我响应的还愿
+        const pendingRepays = db.prepare(`
+      SELECT r.id, r.wish_id, r.amount, r.note, r.auto_expire_at, w.title
+      FROM wish_repayments r JOIN wishes w ON w.id = r.wish_id
+      WHERE r.fulfiller_user_id = ? AND r.status = 'offered'
+      ORDER BY r.created_at DESC
+    `).all(user.id);
+        res.json({ reputation: rep, my_wishes: myWishes, my_fulfillments: myFulfilled, pending_repayments: pendingRepays });
+    });
+    // GET /api/charity/stories — 公开披露的故事板
+    app.get('/api/charity/stories', (req, res) => {
+        const limit = Math.min(100, Math.max(1, Number(req.query.limit) || 30));
+        const rows = db.prepare(`
+      SELECT w.id, w.category, w.title, w.content, w.target_kind, w.target_waz, w.completed_at,
+             wf.disclosed_at, wf.proof_note,
+             uw.handle as wisher_name, uw.region as wisher_region,
+             uf.handle as fulfiller_name, uf.region as fulfiller_region
+      FROM wish_fulfillments wf
+      JOIN wishes w  ON w.id = wf.wish_id
+      JOIN users uw  ON uw.id = w.user_id
+      JOIN users uf  ON uf.id = wf.fulfiller_user_id
+      WHERE wf.disclosed_at IS NOT NULL
+      ORDER BY wf.disclosed_at DESC
+      LIMIT ?
+    `).all(limit);
+        res.json({ items: rows });
+    });
+    // 还愿：许愿人发起
+    app.post('/api/wishes/:id/repay', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 20, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const id = req.params.id;
+        const body = req.body;
+        const amount = Number(body.amount);
+        if (!Number.isFinite(amount) || amount < CHARITY_REPAY_MIN)
+            return void res.json({ error: `金额需 ≥ ${CHARITY_REPAY_MIN} WAZ` });
+        const w = db.prepare(`SELECT user_id, fulfiller_user_id, status FROM wishes WHERE id = ?`).get(id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        if (w.user_id !== user.id)
+            return void res.json({ error: '仅许愿人可发起还愿' });
+        if (w.status !== 'completed')
+            return void res.json({ error: '仅已施善完成的愿望可还愿' });
+        const fid = String(body.fulfillment_id || '');
+        const wf = db.prepare(`SELECT id, status FROM wish_fulfillments WHERE id = ? AND wish_id = ?`).get(fid, id);
+        if (!wf || wf.status !== 'confirmed')
+            return void res.json({ error: '证据不存在或未确认' });
+        // 已发起的等待中还愿不可重复
+        const existing = db.prepare(`SELECT id FROM wish_repayments WHERE wish_id = ? AND status = 'offered'`).get(id);
+        if (existing)
+            return void res.json({ error: '已有进行中的还愿，请等待对方响应' });
+        // 余额检查 + 锁仓
+        const wallet = db.prepare(`SELECT balance FROM wallets WHERE user_id = ?`).get(user.id);
+        if (!wallet || wallet.balance < amount)
+            return void res.json({ error: '余额不足' });
+        const rid = generateId('repay');
+        db.transaction(() => {
+            db.prepare(`INSERT INTO wish_repayments (id, wish_id, fulfillment_id, wisher_user_id, fulfiller_user_id, amount, note, locked, auto_expire_at)
+                  VALUES (?,?,?,?,?,?,?,?, datetime('now', '+${CHARITY_REPAY_AUTO_ACCEPT_DAYS} days'))`).run(rid, id, fid, user.id, w.fulfiller_user_id, amount, body.note ? String(body.note).slice(0, 300) : null, amount);
+            db.prepare(`UPDATE wallets SET balance = balance - ?, staked = staked + ? WHERE user_id = ?`).run(amount, amount, user.id);
+        })();
+        // P2.4 通知：施善人收到"有人向你还愿"
+        try {
+            const t = db.prepare('SELECT title FROM wishes WHERE id = ?').get(id).title;
+            db.prepare(`INSERT INTO notifications (id, user_id, wish_id, type, title, body, created_at)
+                  VALUES (?,?,?,'wish_repay',?,?,datetime('now'))`)
+                .run(generateId('ntf'), w.fulfiller_user_id, id, `🙏 有人向你还愿 ${amount} WAZ`, `「${t}」 可接受或谢绝转入慈善基金（7 天不响应自动接受）`);
+        }
+        catch (e) {
+            console.error('[charity notify repay]', e);
+        }
+        res.json({ id: rid, auto_accept_in_days: CHARITY_REPAY_AUTO_ACCEPT_DAYS });
+    });
+    // 施善人响应还愿（accept / decline_to_fund）
+    app.post('/api/wishes/:id/repay/:rid/respond', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 20, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const id = req.params.id;
+        const rid = req.params.rid;
+        const choice = String(req.body.choice || '');
+        if (!['accept', 'decline_to_fund'].includes(choice))
+            return void res.json({ error: 'choice 必须是 accept 或 decline_to_fund' });
+        const r = db.prepare(`SELECT * FROM wish_repayments WHERE id = ? AND wish_id = ?`).get(rid, id);
+        if (!r)
+            return void res.json({ error: '还愿不存在' });
+        if (r.fulfiller_user_id !== user.id)
+            return void res.json({ error: '仅施善人可响应' });
+        if (r.status !== 'offered')
+            return void res.json({ error: '已处理' });
+        const amount = Number(r.amount);
+        let raceLost = false;
+        db.transaction(() => {
+            const newStatus = choice === 'accept' ? 'accepted' : 'declined_to_fund';
+            const upd = db.prepare(`UPDATE wish_repayments SET status=?, responded_at=datetime('now'), locked=0
+                              WHERE id = ? AND status='offered'`).run(newStatus, rid);
+            if (upd.changes === 0) {
+                raceLost = true;
+                return;
+            }
+            if (choice === 'accept') {
+                db.prepare(`UPDATE wallets SET staked = staked - ? WHERE user_id = ?`).run(amount, r.wisher_user_id);
+                db.prepare(`UPDATE wallets SET balance = balance + ? WHERE user_id = ?`).run(amount, r.fulfiller_user_id);
+                ensureCharityRep(db, user.id);
+                db.prepare(`UPDATE charity_reputation SET repay_honor = repay_honor + 5, prestige_score = prestige_score + 5, last_active = datetime('now') WHERE user_id = ?`).run(user.id);
+            }
+            else {
+                // decline_to_fund：钱转入基金，双方都得荣誉
+                db.prepare(`UPDATE wallets SET staked = staked - ? WHERE user_id = ?`).run(amount, r.wisher_user_id);
+                db.prepare(`UPDATE charity_fund SET balance = balance + ?, total_redirected = total_redirected + ?, updated_at = datetime('now') WHERE id = 'main'`).run(amount, amount);
+                db.prepare(`INSERT INTO charity_fund_txns (id, kind, from_user_id, to_user_id, amount, related_wish_id, related_repay_id, note)
+                    VALUES (?, 'repay_redirect', ?, NULL, ?, ?, ?, ?)`).run(generateId('cft'), r.wisher_user_id, amount, id, rid, r.note || null);
+                // 许愿人：还愿 5 + 转捐额外 3
+                ensureCharityRep(db, r.wisher_user_id);
+                db.prepare(`UPDATE charity_reputation SET redirect_honor = redirect_honor + 3, prestige_score = prestige_score + 8, last_active = datetime('now') WHERE user_id = ?`).run(r.wisher_user_id);
+                // 施善人：谢绝接受荣誉 +2
+                ensureCharityRep(db, user.id);
+                db.prepare(`UPDATE charity_reputation SET grace_honor = grace_honor + 2, prestige_score = prestige_score + 2, last_active = datetime('now') WHERE user_id = ?`).run(user.id);
+            }
+            // 重算徽章
+            for (const uid of [r.wisher_user_id, r.fulfiller_user_id]) {
+                const s = db.prepare('SELECT prestige_score FROM charity_reputation WHERE user_id = ?').get(uid)?.prestige_score || 0;
+                db.prepare('UPDATE charity_reputation SET badge_tier = ? WHERE user_id = ?').run(charityBadgeTier(s), uid);
+            }
+        })();
+        if (raceLost)
+            return void res.json({ error: '该还愿已被处理（可能 auto-accept 或重复点击），请刷新' });
+        // P2.4 通知：许愿人收到响应
+        try {
+            const label = choice === 'accept' ? '已接受你的还愿' : '谢绝接受 · 已转入慈善基金';
+            const t = db.prepare('SELECT title FROM wishes WHERE id = ?').get(id).title;
+            db.prepare(`INSERT INTO notifications (id, user_id, wish_id, type, title, body, created_at)
+                  VALUES (?,?,?,'wish_repay_resp',?,?,datetime('now'))`)
+                .run(generateId('ntf'), r.wisher_user_id, id, `🌸 ${label}`, `「${t}」 ${choice === 'accept' ? '施善人已接受还愿' : '+8 威望已入账（含 +3 转捐荣誉）'}`);
+        }
+        catch (e) {
+            console.error('[charity notify repay resp]', e);
+        }
+        res.json({ ok: true, choice });
+    });
+    // 任何人捐款给慈善基金
+    app.post('/api/charity/fund/donate', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        // P0 fix: 受信角色不可捐款（无钱包）— 鼓励中立治理
+        if (isTrustedRole(user))
+            return void res.status(403).json({ error: '受信角色无钱包', error_code: 'TRUSTED_ROLE_NO_WALLET' });
+        if (!rateLimitOk(req.ip || '', 20, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const body = req.body;
+        const amount = Number(body.amount);
+        if (!Number.isFinite(amount) || amount < CHARITY_DONATION_MIN)
+            return void res.json({ error: `捐款需 ≥ ${CHARITY_DONATION_MIN} WAZ` });
+        const wallet = db.prepare(`SELECT balance FROM wallets WHERE user_id = ?`).get(user.id);
+        if (!wallet || wallet.balance < amount)
+            return void res.json({ error: '余额不足' });
+        // 当日已得荣誉上限
+        const todayHonor = db.prepare(`SELECT IFNULL(SUM(amount),0) as s FROM charity_fund_txns WHERE kind='donation' AND from_user_id = ? AND created_at > datetime('now','-1 day')`).get(user.id).s;
+        const remain = Math.max(0, CHARITY_DONATION_DAILY_HONOR_CAP - todayHonor);
+        const honor = Math.min(amount, remain); // 1 WAZ = 1 honor，封顶 50/日
+        db.transaction(() => {
+            db.prepare(`UPDATE wallets SET balance = balance - ? WHERE user_id = ?`).run(amount, user.id);
+            db.prepare(`UPDATE charity_fund SET balance = balance + ?, total_donated = total_donated + ?, updated_at = datetime('now') WHERE id = 'main'`).run(amount, amount);
+            db.prepare(`INSERT INTO charity_fund_txns (id, kind, from_user_id, to_user_id, amount, note)
+                  VALUES (?, 'donation', ?, NULL, ?, ?)`).run(generateId('cft'), user.id, amount, body.note ? String(body.note).slice(0, 300) : null);
+            ensureCharityRep(db, user.id);
+            db.prepare(`UPDATE charity_reputation SET donation_total = donation_total + ?, donation_honor = donation_honor + ?, prestige_score = prestige_score + ?, last_active = datetime('now') WHERE user_id = ?`).run(amount, honor, honor, user.id);
+            const s = db.prepare('SELECT prestige_score FROM charity_reputation WHERE user_id = ?').get(user.id).prestige_score;
+            db.prepare('UPDATE charity_reputation SET badge_tier = ? WHERE user_id = ?').run(charityBadgeTier(s), user.id);
+        })();
+        // 📡 Webhook fire — 通知 donor 自己（可订阅自己的捐款历史）
+        fireWebhooks('charity.donation', { amount, note: body.note || null, honor_earned: honor }, [user.id]).catch(e => console.error('[webhook]', e));
+        res.json({ ok: true, amount, honor_earned: honor, daily_cap_remaining: Math.max(0, remain - honor) });
+    });
+    // GET 基金概况 + 最近流水
+    app.get('/api/charity/fund', (_req, res) => {
+        const fund = db.prepare(`SELECT * FROM charity_fund WHERE id = 'main'`).get();
+        const recent = db.prepare(`
+      SELECT cft.id, cft.kind, cft.amount, cft.note, cft.created_at,
+             u.handle as donor_handle, u.region as donor_region
+      FROM charity_fund_txns cft
+      LEFT JOIN users u ON u.id = cft.from_user_id
+      ORDER BY cft.created_at DESC LIMIT 50
+    `).all();
+        const topDonors = db.prepare(`
+      SELECT u.handle, u.region, cr.donation_total, cr.donation_honor
+      FROM charity_reputation cr JOIN users u ON u.id = cr.user_id
+      WHERE cr.donation_total > 0
+      ORDER BY cr.donation_total DESC LIMIT 20
+    `).all();
+        res.json({ fund, recent, top_donors: topDonors });
+    });
+    // P2.3 — 举报愿望
+    app.post('/api/wishes/:id/report', (req, res) => {
+        const user = auth(req, res);
+        if (!user)
+            return;
+        if (!rateLimitOk(req.ip || '', 10, 60_000))
+            return void res.status(429).json({ error: '请求过于频繁' });
+        const id = req.params.id;
+        const body = req.body;
+        const reason = String(body.reason || '');
+        if (!['spam', 'fraud', 'inappropriate', 'other'].includes(reason))
+            return void res.json({ error: 'reason 无效' });
+        const note = body.note ? String(body.note).slice(0, 300) : null;
+        const exists = db.prepare('SELECT 1 FROM wishes WHERE id = ?').get(id);
+        if (!exists)
+            return void res.json({ error: '愿望不存在' });
+        try {
+            db.prepare(`INSERT INTO wish_reports (id, wish_id, reporter_id, reason, note) VALUES (?,?,?,?,?)`)
+                .run(generateId('wr'), id, user.id, reason, note);
+        }
+        catch {
+            return void res.json({ error: '你已举报过此愿望' });
+        }
+        // 3 个不同举报人 → 自动隐藏（status='disputed'）
+        const cnt = db.prepare("SELECT COUNT(1) as n FROM wish_reports WHERE wish_id = ? AND status = 'pending'").get(id).n;
+        if (cnt >= 3) {
+            db.prepare("UPDATE wishes SET status = 'disputed' WHERE id = ? AND status IN ('open','claimed')").run(id);
+        }
+        res.json({ ok: true, total_reports: cnt, auto_hidden: cnt >= 3 });
+    });
+    // ─── admin 慈善管理 ─────────────────────────────────────────
+    app.get('/api/admin/wish-reports', (req, res) => {
+        const admin = requireContentAdmin(req, res);
+        if (!admin)
+            return;
+        const status = String(req.query.status || 'pending');
+        const where = status === 'all' ? '1=1' : 'wr.status = ?';
+        const args = status === 'all' ? [] : [status];
+        const rows = db.prepare(`
+      SELECT wr.id, wr.wish_id, wr.reporter_id, wr.reason, wr.note, wr.status, wr.created_at,
+             w.title as wish_title, w.user_id as wish_owner_id, w.status as wish_status,
+             u.handle as reporter_handle
+      FROM wish_reports wr
+      JOIN wishes w ON w.id = wr.wish_id
+      LEFT JOIN users u ON u.id = wr.reporter_id
+      WHERE ${where}
+      ORDER BY wr.created_at DESC LIMIT 200
+    `).all(...args);
+        res.json({ items: rows });
+    });
+    app.patch('/api/admin/wish-reports/:id', (req, res) => {
+        const admin = requireContentAdmin(req, res);
+        if (!admin)
+            return;
+        const action = String(req.body.action || '');
+        if (!['dismiss', 'actioned'].includes(action))
+            return void res.json({ error: 'action 必须是 dismiss 或 actioned' });
+        const r = db.prepare(`UPDATE wish_reports SET status = ? WHERE id = ?`).run(action === 'dismiss' ? 'dismissed' : 'actioned', req.params.id);
+        if (r.changes === 0)
+            return void res.json({ error: '举报不存在' });
+        try {
+            db.prepare(`INSERT INTO admin_audit_log (id, admin_id, action, target_type, target_id, detail) VALUES (?,?,?,?,?,?)`)
+                .run(generateId('audit'), admin.id, 'wish_report_' + action, 'wish_report', req.params.id, null);
+        }
+        catch { }
+        res.json({ ok: true, status: action === 'dismiss' ? 'dismissed' : 'actioned' });
+    });
+    app.post('/api/admin/wishes/:id/takedown', (req, res) => {
+        const admin = requireContentAdmin(req, res);
+        if (!admin)
+            return;
+        const reason = String(req.body.reason || '').trim();
+        if (!reason)
+            return void res.json({ error: '必须填写下架原因' });
+        const w = db.prepare(`SELECT user_id, status, escrow_locked FROM wishes WHERE id = ?`).get(req.params.id);
+        if (!w)
+            return void res.json({ error: '愿望不存在' });
+        db.transaction(() => {
+            db.prepare(`UPDATE wishes SET status='cancelled' WHERE id = ?`).run(req.params.id);
+            if (w.escrow_locked > 0) {
+                db.prepare(`UPDATE wallets SET balance = balance + ?, staked = staked - ? WHERE user_id = ?`).run(w.escrow_locked, w.escrow_locked, w.user_id);
+            }
+            db.prepare(`INSERT INTO admin_audit_log (id, admin_id, action, target_type, target_id, detail) VALUES (?,?,?,?,?,?)`)
+                .run(generateId('audit'), admin.id, 'wish_takedown', 'wish', req.params.id, JSON.stringify({ reason }));
+        })();
+        res.json({ ok: true });
+    });
+    app.post('/api/admin/charity/fund/disburse', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const body = req.body;
+        const amount = Number(body.amount);
+        const toUserId = String(body.to_user_id || '').trim();
+        const note = String(body.note || '').trim();
+        if (!Number.isFinite(amount) || amount <= 0)
+            return void res.json({ error: 'amount 无效' });
+        if (!toUserId)
+            return void res.json({ error: 'to_user_id 必填' });
+        if (!note)
+            return void res.json({ error: '必须填写拨款用途（写入审计）' });
+        const targetUser = db.prepare(`SELECT id, name FROM users WHERE id = ?`).get(toUserId);
+        if (!targetUser)
+            return void res.json({ error: '收款用户不存在' });
+        const fund = db.prepare(`SELECT balance FROM charity_fund WHERE id = 'main'`).get();
+        if (fund.balance < amount)
+            return void res.json({ error: `基金余额不足 (当前 ${fund.balance})` });
+        db.transaction(() => {
+            db.prepare(`UPDATE charity_fund SET balance = balance - ?, total_disbursed = total_disbursed + ?, updated_at = datetime('now') WHERE id = 'main'`).run(amount, amount);
+            db.prepare(`UPDATE wallets SET balance = balance + ? WHERE user_id = ?`).run(amount, toUserId);
+            db.prepare(`INSERT INTO charity_fund_txns (id, kind, from_user_id, to_user_id, amount, note) VALUES (?, 'disburse', NULL, ?, ?, ?)`)
+                .run(generateId('cft'), toUserId, amount, note);
+            db.prepare(`INSERT INTO admin_audit_log (id, admin_id, action, target_type, target_id, detail) VALUES (?,?,?,?,?,?)`)
+                .run(generateId('audit'), admin.id, 'charity_disburse', 'user', toUserId, JSON.stringify({ amount, note }));
+            try {
+                db.prepare(`INSERT INTO notifications (id, user_id, type, title, body, created_at) VALUES (?,?,'charity_disburse',?,?,datetime('now'))`)
+                    .run(generateId('ntf'), toUserId, `💰 慈善基金拨款 +${amount} WAZ`, note);
+            }
+            catch { }
+        })();
+        res.json({ ok: true, amount, to_user: targetUser.name });
+    });
+    app.get('/api/admin/charity/fund', (req, res) => {
+        const admin = requireProtocolAdmin(req, res);
+        if (!admin)
+            return;
+        const fund = db.prepare(`SELECT * FROM charity_fund WHERE id = 'main'`).get();
+        const recent = db.prepare(`
+      SELECT cft.*, uf.name as from_name, ut.name as to_name
+      FROM charity_fund_txns cft
+      LEFT JOIN users uf ON uf.id = cft.from_user_id
+      LEFT JOIN users ut ON ut.id = cft.to_user_id
+      ORDER BY cft.created_at DESC LIMIT 100
+    `).all();
+        res.json({ fund, recent });
+    });
+    // 慈善排行
+    app.get('/api/charity/leaderboard', (_req, res) => {
+        const rows = db.prepare(`
+      SELECT cr.prestige_score, cr.wishes_fulfilled, cr.wishes_made, cr.badge_tier,
+             u.handle, u.region
+      FROM charity_reputation cr JOIN users u ON u.id = cr.user_id
+      WHERE cr.prestige_score > 0
+      ORDER BY cr.prestige_score DESC, cr.wishes_fulfilled DESC
+      LIMIT 50
+    `).all();
+        res.json({ items: rows });
+    });
+}