Skip to content

feat: implement automated KYC status expiry worker#132

Open
vicky4196 wants to merge 4 commits into
Pidoko257:mainfrom
vicky4196:feature/kyc-expiry-worker-clean
Open

feat: implement automated KYC status expiry worker#132
vicky4196 wants to merge 4 commits into
Pidoko257:mainfrom
vicky4196:feature/kyc-expiry-worker-clean

Conversation

@vicky4196

Copy link
Copy Markdown

KYC Status Expiry Worker Implementation

Overview

This implementation adds automated KYC expiry management to ProxyPay, enabling the system to detect KYC records approaching expiry, send renewal reminders, and automatically expire overdue verifications.

Implementation Details

Database Schema

Users Table Extensions

Two new columns added to the users table:

  • kyc_approved_at - TIMESTAMP of when KYC was approved (null for non-full users)
  • kyc_expired_at - TIMESTAMP of when KYC expired (null for active/full users)

Migration: migrations/20260630_add_kyc_expiry_fields.sql

BullMQ Queue & Worker

Queue Configuration (src/queue/kycExpiryQueue.ts)

  • Queue name: kyc-expiry
  • Job name: check-kyc-expiry
  • Repeat interval: Daily (24 hours)
  • Configurable via KYC_EXPIRY_ATTEMPTS and KYC_EXPIRY_BACKOFF_MS env vars

Worker (src/queue/kycExpiryWorker.ts)

  • Processes check-kyc-expiry jobs
  • Handles completed/failed events with logging
  • Prevents duplicate worker instances

Expiry Job Logic (src/jobs/kycExpiryJob.ts)

  1. Expiry Reminders (30 days before expiry)

    • Finds users with kyc_level = 'full' where kyc_approved_at + 1 year is within 30 days
    • Sends email via SendGrid using SENDGRID_KYC_EXPIRY_TEMPLATE_ID
    • Includes days until expiry, expiry date, and re-verification URL
  2. KYC Expiration (past expiry)

    • Finds users with kyc_level = 'full' where kyc_approved_at + 1 year has passed
    • Downgrades kyc_level to 'basic'
    • Sets kyc_expired_at to NOW()
    • Sends expiration email via SendGrid using SENDGRID_KYC_EXPIRED_TEMPLATE_ID

Email Templates

Variables available in SendGrid templates:

  • daysUntilExpiry - Number of days until expiry (reminder emails)
  • expiryDate - Date of expiry
  • expiredDate - Date of expiry (expiration emails)
  • reverifyUrl - URL for re-verification
  • locale - User locale
  • year - Current year

Configuration

Required environment variables:

  • SENDGRID_KYC_EXPIRY_TEMPLATE_ID - SendGrid template ID for expiry reminders
  • SENDGRID_KYC_EXPIRED_TEMPLATE_ID - SendGrid template ID for expiration notices
  • APP_URL - Base URL for generating re-verification links (default: https://app.proxypay.com)

Optional environment variables:

  • KYC_EXPIRY_ATTEMPTS - Number of retry attempts (default: 3)
  • KYC_EXPIRY_BACKOFF_MS - Backoff delay in ms (default: 5000)

Acceptance Criteria

  • Daily job identifies KYC records expiring within 30 days and sends renewal reminder emails
  • KYC records past expiry are automatically set to expired status
  • Expired KYC accounts are downgraded to Basic tier transaction limits
  • Account owners receive an email when KYC expires with re-verification instructions

Integration

The worker is automatically started during application initialization in src/index.ts alongside other BullMQ workers. It's also registered in src/queue/index.ts for proper shutdown handling.

Closes #118

- Implement GET /sep38/prices endpoint returning supported asset pairs and indicative exchange rates
- Implement GET /sep38/price endpoint for indicative rate queries with sell_amount/buy_amount
- Implement POST /sep38/quote endpoint returning firm quote with signed JWT token
- Quotes stored in Redis with 60-second expiry
- Quote tokens validated at payment initiation in SEP-31 transactions
- Add QUOTE_EXPIRED error code for expired/invalid quote handling
- Add comprehensive test suite for SEP-38 endpoints
Enable strict: true in tsconfig.json and resolve all resulting TypeScript errors.

Key changes:
- Enable all strict mode compiler options
- Fix nullable type checks across multiple service files
- Fix type safety in oauth.ts and 2fa.ts for possibly null values
- Add ambient declarations for untyped modules in module-ambient.d.ts
- Fix export type issue in sep38.ts for isolated modules compatibility

All TypeScript compilation passes with zero errors, no ts-ignore suppressions added, and runtime behavior unchanged.

Closes Pidoko257#116
Add security anomaly detection for unusual account activity:
- New country logins trigger immediate security email with approve/revoke links
- New IP API key usage sends notification without blocking
- Bulk operations during unusual hours (2-5 AM) are flagged
- All anomaly events stored in security_events table for audit
- Background job builds baseline from 30 days of activity per account

Changes:
- Add security_events and account_activity_baseline database tables
- Add SecurityAnomalyService for detection logic
- Integrate anomaly detection into authenticateToken middleware
- Add /security routes for approval/revoke endpoints
- Schedule anomaly detection job in scheduler

Closes Pidoko257#117
Add daily BullMQ job to manage KYC lifecycle:
- Identifies KYC records expiring within 30 days
- Sends renewal reminder emails via SendGrid
- Automatically expires overdue KYC records (downgrades to basic tier)
- Sends expiration notification emails with re-verification instructions
- Adds kyc_approved_at and kyc_expired_at columns to users table

Closes Pidoko257#118
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Create Automated KYC Status Expiry Worker

1 participant