felixfoertsch/whattoplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
whattoplay/features/keycrow/README.md
Felix Förtsch f29332f3dd add keycrow feature ideas, exclude features/ from biome 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 17:03:13 +01:00

81 lines
3.9 KiB
Markdown
Raw Permalink Blame History

# KeyCrow - Steam Key Trading Platform with Escrow
Technical foundation for a automated Steam key trading platform with escrow system.
## Architecture Overview
```
┌─────────────────────────────────────────────────────────────┐
│ Client/App │
└──────────────────────────┬──────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Backend API (Express) │
├─────────────────────────────────────────────────────────────┤
│ Routes: auth | listings | transactions | theoretical │
└──────┬──────────────┬──────────────────┬───────────────────┘
│ │ │
▼ ▼ ▼
┌──────────────┐ ┌──────────────┐ ┌──────────────────────────┐
│ Store │ │ Encryption │ │ Services │
│ (In-Memory) │ │ Service │ │ - PaymentProvider (Mock) │
│ │ │ (AES) │ │ - KeyActivationProvider │
└──────────────┘ └──────────────┘ └──────────────────────────┘
```
## What's Implemented
### Realistic Flow (Production-Ready Pattern)
1. **Seller** creates a listing with encrypted Steam key
2. **Buyer** purchases via escrow (payment held)
3. **Platform** delivers decrypted key to buyer
4. **Buyer** confirms key works → money released to seller
5. **Buyer** reports failure → dispute, refund initiated
### Theoretica/Ideal Flow (Mock Only)
- Automated server-side key activation on buyer's Steam account
- **DISABLED by default** - requires `ALLOW_THEORETICAL_ACTIVATION=true`
- Clearly marked as potentially violating Steam ToS
## API Endpoints
### Authentication
- `POST /auth/register` - Register user
- `GET /auth/me` - Get current user
- `POST /auth/auth/steam/login` - Steam login (mock)
### Listings
- `POST /listings` - Create listing
- `GET /listings` - Get active listings
- `GET /listings/:id` - Get listing by ID
- `GET /listings/seller/me` - Get seller's listings
- `DELETE /listings/:id` - Cancel listing
### Transactions
- `POST /transactions` - Create purchase (escrow hold)
- `GET /transactions/:id` - Get transaction
- `GET /transactions/:id/key` - Get decrypted key (buyer only)
- `POST /transactions/:id/confirm` - Confirm key works/failed
- `GET /transactions/buyer/me` - Buyer's transactions
- `GET /transactions/seller/me` - Seller's transactions
### Theoretical (Mock)
- `POST /theoretical/activate` - Attempt automated activation
## Environment Variables
```bash
PORT=3000
ENCRYPTION_KEY=your-256-bit-key
STEAM_API_KEY=your-steam-api-key
STEAM_REDIRECT_URI=http://localhost:3000/auth/steam/callback
ALLOW_THEORETICAL_ACTIVATION=false
```
## Legal Notice
This implementation is a **technical proof-of-concept**. Automated Steam key activation is likely to violate Steam's Terms of Service unless you have an official partnership with Valve.
The "theoretical" module is clearly marked and disabled by default. Use at your own risk.
Reference in New Issue View Git Blame Copy Permalink