@waiaas/daemon 2.6.0-rc.1 → 2.6.0-rc.3

package/dist/api/routes/admin.d.ts

@@ -1,5 +1,5 @@
 /**
- * Admin route handlers: 22 daemon administration endpoints.
+ * Admin route handlers: 24 daemon administration endpoints.
  *
  * GET    /admin/status              - Daemon health/uptime/version (masterAuth)
  * POST   /admin/kill-switch         - Activate kill switch (masterAuth)
@@ -21,6 +21,8 @@
  * GET    /admin/telegram-users          - List Telegram bot users (masterAuth)
  * PUT    /admin/telegram-users/:chatId  - Update Telegram user role (masterAuth)
  * DELETE /admin/telegram-users/:chatId  - Delete Telegram user (masterAuth)
+ * GET    /admin/transactions        - Cross-wallet transaction list with filters (masterAuth)
+ * GET    /admin/incoming            - Cross-wallet incoming transaction list with filters (masterAuth)
  *
  * @see docs/37-rest-api-complete-spec.md
  * @see docs/36-killswitch-evm-freeze.md
@@ -97,6 +99,8 @@ export interface AdminRouteDeps {
  * GET    /admin/telegram-users          - List Telegram bot users (masterAuth)
  * PUT    /admin/telegram-users/:chatId  - Update Telegram user role (masterAuth)
  * DELETE /admin/telegram-users/:chatId  - Delete Telegram user (masterAuth)
+ * GET    /admin/transactions        - Cross-wallet transaction list (masterAuth)
+ * GET    /admin/incoming            - Cross-wallet incoming tx list (masterAuth)
  */
 export declare function adminRoutes(deps: AdminRouteDeps): OpenAPIHono;
 //# sourceMappingURL=admin.d.ts.map

package/dist/api/routes/admin.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"admin.d.ts","sourceRoot":"","sources":["../../../src/api/routes/admin.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAEhE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGjE,OAAO,KAAK,EAAyE,YAAY,EAAE,iBAAiB,EAAgB,MAAM,cAAc,CAAC;AAEzJ,OAAO,KAAK,EAAE,gBAAgB,EAAc,MAAM,gDAAgD,CAAC;AAInG,OAAO,KAAK,KAAK,MAAM,MAAM,yCAAyC,CAAC;AACvE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,6CAA6C,CAAC;AACvF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wCAAwC,CAAC;AAE9E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AAExE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8CAA8C,CAAC;AAChF,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,yDAAyD,CAAC;AACtG,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAC/E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,uDAAuD,CAAC;AA+BjG,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC;IACzC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,kBAAkB,EAAE,MAAM,eAAe,CAAC;IAC1C,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;IAClE,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAC1C,kBAAkB,CAAC,EAAE,YAAY,CAAC,eAAe,CAAC,CAAC;IACnD,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,iBAAiB,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,IAAI,CAAC;IACpD,WAAW,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjC,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,YAAY,CAAC,EAAE;QAAE,yBAAyB,EAAE,OAAO,CAAC;QAAC,wBAAwB,EAAE,MAAM,CAAA;KAAE,CAAC;IACxF,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,mBAAmB,GAAG,IAAI,CAAC;CAClD;AAkhBD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,cAAc,GAAG,WAAW,CA2vC7D"}
+{"version":3,"file":"admin.d.ts","sourceRoot":"","sources":["../../../src/api/routes/admin.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAEhE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAGjE,OAAO,KAAK,EAAyE,YAAY,EAAE,iBAAiB,EAAgB,MAAM,cAAc,CAAC;AAEzJ,OAAO,KAAK,EAAE,gBAAgB,EAAc,MAAM,gDAAgD,CAAC;AAInG,OAAO,KAAK,KAAK,MAAM,MAAM,yCAAyC,CAAC;AACvE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,6CAA6C,CAAC;AACvF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wCAAwC,CAAC;AAE9E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AAExE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8CAA8C,CAAC;AAChF,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,yDAAyD,CAAC;AACtG,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAC/E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,uDAAuD,CAAC;AA+BjG,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC;IACzC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,kBAAkB,EAAE,MAAM,eAAe,CAAC;IAC1C,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;IAClE,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,eAAe,CAAC,EAAE,MAAM,IAAI,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAC1C,kBAAkB,CAAC,EAAE,YAAY,CAAC,eAAe,CAAC,CAAC;IACnD,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,iBAAiB,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,IAAI,CAAC;IACpD,WAAW,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjC,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,YAAY,CAAC,EAAE;QAAE,yBAAyB,EAAE,OAAO,CAAC;QAAC,wBAAwB,EAAE,MAAM,CAAA;KAAE,CAAC;IACxF,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,mBAAmB,GAAG,IAAI,CAAC;CAClD;AAmoBD;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,cAAc,GAAG,WAAW,CAq8C7D"}

package/dist/api/routes/admin.js

@@ -1,5 +1,5 @@
 /**
- * Admin route handlers: 22 daemon administration endpoints.
+ * Admin route handlers: 24 daemon administration endpoints.
  *
  * GET    /admin/status              - Daemon health/uptime/version (masterAuth)
  * POST   /admin/kill-switch         - Activate kill switch (masterAuth)
@@ -21,16 +21,18 @@
  * GET    /admin/telegram-users          - List Telegram bot users (masterAuth)
  * PUT    /admin/telegram-users/:chatId  - Update Telegram user role (masterAuth)
  * DELETE /admin/telegram-users/:chatId  - Delete Telegram user (masterAuth)
+ * GET    /admin/transactions        - Cross-wallet transaction list with filters (masterAuth)
+ * GET    /admin/incoming            - Cross-wallet incoming transaction list with filters (masterAuth)
  *
  * @see docs/37-rest-api-complete-spec.md
  * @see docs/36-killswitch-evm-freeze.md
  */
 import { OpenAPIHono, createRoute, z } from '@hono/zod-openapi';
-import { sql, desc, eq, and, isNull, gt, count as drizzleCount } from 'drizzle-orm';
+import { sql, desc, eq, and, isNull, gt, gte, lte, count as drizzleCount } from 'drizzle-orm';
 import { createHash } from 'node:crypto';
 import { WAIaaSError, getDefaultNetwork, getNetworksForEnvironment } from '@waiaas/core';
 import { CurrencyCodeSchema, formatRatePreview } from '@waiaas/core';
-import { wallets, sessions, sessionWallets, notificationLogs, policies, transactions } from '../../infrastructure/database/schema.js';
+import { wallets, sessions, sessionWallets, notificationLogs, policies, transactions, incomingTransactions } from '../../infrastructure/database/schema.js';
 import { generateId } from '../../infrastructure/database/id.js';
 import { buildConnectInfoPrompt } from './connect-info.js';
 import { getSettingDefinition } from '../../infrastructure/settings/index.js';
@@ -168,6 +170,9 @@ const notificationLogQuerySchema = z.object({
     pageSize: z.string().optional().default('20'),
     channel: z.string().optional(),
     status: z.string().optional(),
+    eventType: z.string().optional(),
+    since: z.string().optional(),
+    until: z.string().optional(),
 });
 const notificationsLogRoute = createRoute({
     method: 'get',
@@ -369,6 +374,7 @@ const adminWalletTransactionsRoute = createRoute({
         params: z.object({ id: z.string().uuid() }),
         query: z.object({
             limit: z.coerce.number().int().min(1).max(100).default(20).optional(),
+            offset: z.coerce.number().int().min(0).default(0).optional(),
         }),
     },
     responses: {
@@ -416,6 +422,7 @@ const adminWalletBalanceRoute = createRoute({
                                 .object({
                                 balance: z.string(),
                                 symbol: z.string(),
+                                usd: z.number().nullable().optional(),
                             })
                                 .nullable(),
                             tokens: z.array(z.object({
@@ -516,6 +523,105 @@ const telegramUserDeleteRoute = createRoute({
     },
 });
 // ---------------------------------------------------------------------------
+// Cross-wallet admin transaction route definitions
+// ---------------------------------------------------------------------------
+const adminTransactionsQuerySchema = z.object({
+    offset: z.coerce.number().int().min(0).default(0).optional(),
+    limit: z.coerce.number().int().min(1).max(100).default(20).optional(),
+    wallet_id: z.string().uuid().optional(),
+    type: z.string().optional(),
+    status: z.string().optional(),
+    network: z.string().optional(),
+    since: z.coerce.number().optional(),
+    until: z.coerce.number().optional(),
+    search: z.string().optional(),
+});
+const adminTransactionsRoute = createRoute({
+    method: 'get',
+    path: '/admin/transactions',
+    tags: ['Admin'],
+    summary: 'List cross-wallet transactions with filters and pagination',
+    request: {
+        query: adminTransactionsQuerySchema,
+    },
+    responses: {
+        200: {
+            description: 'Paginated cross-wallet transaction list',
+            content: {
+                'application/json': {
+                    schema: z.object({
+                        items: z.array(z.object({
+                            id: z.string(),
+                            walletId: z.string(),
+                            walletName: z.string().nullable(),
+                            type: z.string(),
+                            status: z.string(),
+                            tier: z.string().nullable(),
+                            toAddress: z.string().nullable(),
+                            amount: z.string().nullable(),
+                            amountUsd: z.number().nullable(),
+                            network: z.string().nullable(),
+                            txHash: z.string().nullable(),
+                            chain: z.string(),
+                            createdAt: z.number().nullable(),
+                        })),
+                        total: z.number().int(),
+                        offset: z.number().int(),
+                        limit: z.number().int(),
+                    }),
+                },
+            },
+        },
+    },
+});
+const adminIncomingQuerySchema = z.object({
+    offset: z.coerce.number().int().min(0).default(0).optional(),
+    limit: z.coerce.number().int().min(1).max(100).default(20).optional(),
+    wallet_id: z.string().uuid().optional(),
+    chain: z.string().optional(),
+    status: z.string().optional(),
+    suspicious: z.enum(['true', 'false']).optional(),
+});
+const adminIncomingRoute = createRoute({
+    method: 'get',
+    path: '/admin/incoming',
+    tags: ['Admin'],
+    summary: 'List cross-wallet incoming transactions with filters and pagination',
+    request: {
+        query: adminIncomingQuerySchema,
+    },
+    responses: {
+        200: {
+            description: 'Paginated cross-wallet incoming transaction list',
+            content: {
+                'application/json': {
+                    schema: z.object({
+                        items: z.array(z.object({
+                            id: z.string(),
+                            txHash: z.string(),
+                            walletId: z.string(),
+                            walletName: z.string().nullable(),
+                            fromAddress: z.string(),
+                            amount: z.string(),
+                            tokenAddress: z.string().nullable(),
+                            chain: z.string(),
+                            network: z.string(),
+                            status: z.string(),
+                            blockNumber: z.number().nullable(),
+                            detectedAt: z.number().nullable(),
+                            confirmedAt: z.number().nullable(),
+                            suspicious: z.boolean(),
+                        })),
+                        total: z.number().int(),
+                        offset: z.number().int(),
+                        limit: z.number().int(),
+                    }),
+                },
+            },
+        },
+    },
+});
+// ---------------------------------------------------------------------------
 // Route factory
 // ---------------------------------------------------------------------------
 /**
@@ -543,6 +649,8 @@ const telegramUserDeleteRoute = createRoute({
  * GET    /admin/telegram-users          - List Telegram bot users (masterAuth)
  * PUT    /admin/telegram-users/:chatId  - Update Telegram user role (masterAuth)
  * DELETE /admin/telegram-users/:chatId  - Delete Telegram user (masterAuth)
+ * GET    /admin/transactions        - Cross-wallet transaction list (masterAuth)
+ * GET    /admin/incoming            - Cross-wallet incoming tx list (masterAuth)
  */
 export function adminRoutes(deps) {
     const router = new OpenAPIHono({ defaultHook: openApiValidationHook });
@@ -599,6 +707,7 @@ export function adminRoutes(deps) {
             amount: transactions.amount,
             amountUsd: transactions.amountUsd,
             network: transactions.network,
+            txHash: transactions.txHash,
             createdAt: transactions.createdAt,
         })
             .from(transactions)
@@ -616,6 +725,7 @@ export function adminRoutes(deps) {
             amount: tx.amount ?? null,
             amountUsd: tx.amountUsd ?? null,
             network: tx.network ?? null,
+            txHash: tx.txHash ?? null,
             createdAt: tx.createdAt instanceof Date
                 ? Math.floor(tx.createdAt.getTime() / 1000)
                 : (typeof tx.createdAt === 'number' ? tx.createdAt : null),
@@ -890,6 +1000,21 @@ export function adminRoutes(deps) {
         if (query.status) {
             conditions.push(eq(notificationLogs.status, query.status));
         }
+        if (query.eventType) {
+            conditions.push(eq(notificationLogs.eventType, query.eventType));
+        }
+        if (query.since) {
+            const sinceTs = parseInt(query.since, 10);
+            if (!isNaN(sinceTs)) {
+                conditions.push(gte(notificationLogs.createdAt, new Date(sinceTs * 1000)));
+            }
+        }
+        if (query.until) {
+            const untilTs = parseInt(query.until, 10);
+            if (!isNaN(untilTs)) {
+                conditions.push(lte(notificationLogs.createdAt, new Date(untilTs * 1000)));
+            }
+        }
         const whereClause = conditions.length > 0 ? and(...conditions) : undefined;
         // Query total count
         const totalResult = deps.db
@@ -1149,6 +1274,7 @@ export function adminRoutes(deps) {
         const { id } = c.req.valid('param');
         const query = c.req.valid('query');
         const limit = query.limit ?? 20;
+        const offset = query.offset ?? 0;
         // Verify wallet exists
         const wallet = deps.db.select().from(wallets).where(eq(wallets.id, id)).get();
         if (!wallet) {
@@ -1161,6 +1287,7 @@ export function adminRoutes(deps) {
             .where(eq(transactions.walletId, id))
             .orderBy(desc(transactions.createdAt))
             .limit(limit)
+            .offset(offset)
             .all();
         // Total count
         const totalResult = deps.db
@@ -1211,6 +1338,15 @@ export function adminRoutes(deps) {
             const adapter = await deps.adapterPool.resolve(chain, network, rpcUrl);
             const balanceInfo = await adapter.getBalance(wallet.publicKey);
             const nativeBalance = (Number(balanceInfo.balance) / 10 ** balanceInfo.decimals).toString();
+            // Resolve USD price for native token if price oracle is available
+            let nativeUsd = null;
+            if (deps.priceOracle) {
+                try {
+                    const priceInfo = await deps.priceOracle.getNativePrice(chain);
+                    nativeUsd = Number(nativeBalance) * priceInfo.usdPrice;
+                }
+                catch { /* non-critical: USD price unavailable */ }
+            }
             const assets = await adapter.getAssets(wallet.publicKey);
             const tokens = assets
                 .filter((a) => !a.isNative)
@@ -1222,7 +1358,7 @@ export function adminRoutes(deps) {
             return {
                 network,
                 isDefault: network === defaultNetwork,
-                native: { balance: nativeBalance, symbol: balanceInfo.symbol },
+                native: { balance: nativeBalance, symbol: balanceInfo.symbol, usd: nativeUsd },
                 tokens,
             };
         }));
@@ -1291,6 +1427,164 @@ export function adminRoutes(deps) {
         return c.json({ success: true }, 200);
     });
     // ---------------------------------------------------------------------------
+    // GET /admin/transactions (cross-wallet transaction list)
+    // ---------------------------------------------------------------------------
+    router.openapi(adminTransactionsRoute, async (c) => {
+        const query = c.req.valid('query');
+        const offset = query.offset ?? 0;
+        const limit = query.limit ?? 20;
+        // Build WHERE conditions
+        const conditions = [];
+        if (query.wallet_id) {
+            conditions.push(eq(transactions.walletId, query.wallet_id));
+        }
+        if (query.type) {
+            conditions.push(eq(transactions.type, query.type));
+        }
+        if (query.status) {
+            conditions.push(eq(transactions.status, query.status));
+        }
+        if (query.network) {
+            conditions.push(eq(transactions.network, query.network));
+        }
+        if (query.since !== undefined) {
+            conditions.push(sql `${transactions.createdAt} >= ${query.since}`);
+        }
+        if (query.until !== undefined) {
+            conditions.push(sql `${transactions.createdAt} <= ${query.until}`);
+        }
+        if (query.search) {
+            const pattern = `%${query.search}%`;
+            conditions.push(sql `(${transactions.txHash} LIKE ${pattern} OR ${transactions.toAddress} LIKE ${pattern})`);
+        }
+        const whereClause = conditions.length > 0 ? and(...conditions) : undefined;
+        // Count total
+        const totalResult = deps.db
+            .select({ count: drizzleCount() })
+            .from(transactions)
+            .where(whereClause)
+            .get();
+        const total = totalResult?.count ?? 0;
+        // Query with JOIN for walletName
+        const rows = deps.db
+            .select({
+            id: transactions.id,
+            walletId: transactions.walletId,
+            walletName: wallets.name,
+            type: transactions.type,
+            status: transactions.status,
+            tier: transactions.tier,
+            toAddress: transactions.toAddress,
+            amount: transactions.amount,
+            amountUsd: transactions.amountUsd,
+            network: transactions.network,
+            txHash: transactions.txHash,
+            chain: transactions.chain,
+            createdAt: transactions.createdAt,
+        })
+            .from(transactions)
+            .leftJoin(wallets, eq(transactions.walletId, wallets.id))
+            .where(whereClause)
+            .orderBy(desc(transactions.createdAt))
+            .offset(offset)
+            .limit(limit)
+            .all();
+        const items = rows.map((row) => ({
+            id: row.id,
+            walletId: row.walletId,
+            walletName: row.walletName ?? null,
+            type: row.type,
+            status: row.status,
+            tier: row.tier ?? null,
+            toAddress: row.toAddress ?? null,
+            amount: row.amount ?? null,
+            amountUsd: row.amountUsd ?? null,
+            network: row.network ?? null,
+            txHash: row.txHash ?? null,
+            chain: row.chain,
+            createdAt: row.createdAt instanceof Date
+                ? Math.floor(row.createdAt.getTime() / 1000)
+                : (typeof row.createdAt === 'number' ? row.createdAt : null),
+        }));
+        return c.json({ items, total, offset, limit }, 200);
+    });
+    // ---------------------------------------------------------------------------
+    // GET /admin/incoming (cross-wallet incoming transaction list)
+    // ---------------------------------------------------------------------------
+    router.openapi(adminIncomingRoute, async (c) => {
+        const query = c.req.valid('query');
+        const offset = query.offset ?? 0;
+        const limit = query.limit ?? 20;
+        // Build WHERE conditions (no default status filter -- admin sees all)
+        const conditions = [];
+        if (query.wallet_id) {
+            conditions.push(eq(incomingTransactions.walletId, query.wallet_id));
+        }
+        if (query.chain) {
+            conditions.push(eq(incomingTransactions.chain, query.chain));
+        }
+        if (query.status) {
+            conditions.push(eq(incomingTransactions.status, query.status));
+        }
+        if (query.suspicious !== undefined) {
+            conditions.push(eq(incomingTransactions.isSuspicious, query.suspicious === 'true'));
+        }
+        const whereClause = conditions.length > 0 ? and(...conditions) : undefined;
+        // Count total
+        const totalResult = deps.db
+            .select({ count: drizzleCount() })
+            .from(incomingTransactions)
+            .where(whereClause)
+            .get();
+        const total = totalResult?.count ?? 0;
+        // Query with JOIN for walletName
+        const rows = deps.db
+            .select({
+            id: incomingTransactions.id,
+            txHash: incomingTransactions.txHash,
+            walletId: incomingTransactions.walletId,
+            walletName: wallets.name,
+            fromAddress: incomingTransactions.fromAddress,
+            amount: incomingTransactions.amount,
+            tokenAddress: incomingTransactions.tokenAddress,
+            chain: incomingTransactions.chain,
+            network: incomingTransactions.network,
+            status: incomingTransactions.status,
+            blockNumber: incomingTransactions.blockNumber,
+            detectedAt: incomingTransactions.detectedAt,
+            confirmedAt: incomingTransactions.confirmedAt,
+            isSuspicious: incomingTransactions.isSuspicious,
+        })
+            .from(incomingTransactions)
+            .leftJoin(wallets, eq(incomingTransactions.walletId, wallets.id))
+            .where(whereClause)
+            .orderBy(desc(incomingTransactions.detectedAt))
+            .offset(offset)
+            .limit(limit)
+            .all();
+        const items = rows.map((row) => ({
+            id: row.id,
+            txHash: row.txHash,
+            walletId: row.walletId,
+            walletName: row.walletName ?? null,
+            fromAddress: row.fromAddress,
+            amount: row.amount,
+            tokenAddress: row.tokenAddress ?? null,
+            chain: row.chain,
+            network: row.network,
+            status: row.status,
+            blockNumber: row.blockNumber ?? null,
+            detectedAt: row.detectedAt instanceof Date
+                ? Math.floor(row.detectedAt.getTime() / 1000)
+                : (typeof row.detectedAt === 'number' ? row.detectedAt : null),
+            confirmedAt: row.confirmedAt instanceof Date
+                ? Math.floor(row.confirmedAt.getTime() / 1000)
+                : (typeof row.confirmedAt === 'number' ? row.confirmedAt : null),
+            suspicious: row.isSuspicious ?? false,
+        }));
+        return c.json({ items, total, offset, limit }, 200);
+    });
+    // ---------------------------------------------------------------------------
     // POST /admin/agent-prompt — Generate agent connection prompt
     // ---------------------------------------------------------------------------
     const agentPromptRoute = createRoute({