fix(trading-service): exclude prisma from tsconfig to fix build output path

feat(mining-app): add share pool balance display on contribution page
Display real-time share pool balance (积分股池实时余量) in the total contribution card on the contribution page. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-15 04:46:01 -08:00 · 2026-01-15 04:27:48 -08:00 · 2026-01-15 04:27:14 -08:00 · 2026-01-15 03:39:18 -08:00 · 2026-01-15 02:55:23 -08:00 · 2026-01-15 02:20:45 -08:00
1703 changed files with 317923 additions and 20700 deletions
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@ -186,7 +186,596 @@
      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x132883f6d80786109cf64004f6b5c4de99c1b3db'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  const amount = BigInt(1000000) * BigInt(1000000);\n  \n  console.log(''Transferring 1,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x14fcc4cad17f65ed4060ac6e89dd6dcbe8464b70'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  const amount = BigInt(1000000) * BigInt(1000000);\n  \n  console.log(''Transferring 1,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
      "Bash(dir /s /b c:UsersdongDesktoprwadurianbackend*.env*)",
-      "Bash(echo:*)"
+      "Bash(echo:*)",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(profile): 添加市团队/省团队/市区域/省区域权益考核显示\n\n在\"我的\"页面社区权益考核下方，根据用户拥有的角色显示对应的权益考核组件：\n- 市团队：每新增认种1棵可获得30 USDT\n- 省团队：每新增认种1棵可获得10 USDT  \n- 市区域：每新增认种1棵可获得20 USDT\n- 省区域：每新增认种1棵可获得10 USDT\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfix(guide): 修复向导页5导入助记词按钮导航问题\n\n将 Navigator.of(context).pushNamed() 改为 context.push()，\n使用 go_router 进行页面导航，与 onboarding_page 保持一致。\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(profile): 添加我的伞下功能 - 展示下级用户树形结构\n\n- 后端新增 GET /referral/user/:accountSequence/direct-referrals API\n- 前端新增伞下树组件，支持懒加载、缓存、展开/收起\n- 使用 CustomPaint 绘制父子节点连接线\n- 超出屏幕宽度时显示省略号，点击弹出底部列表\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git tag -a v1.0.0-beta1 -m \"$(cat <<''EOF''\nv1.0.0-beta1: 用户首次测试通过\n\n主要修复:\n- fix(reward): 修复 accountSequence 转 userId 时字母前缀导致的 BigInt 转换失败\n- fix(authorization): 修复下级团队认种数重复减去自己认种数的 BUG\n- fix(frontend): 修正权益金额显示与后端实际配置一致\n\n功能完善:\n- 社区权益激活正常\n- 市团队/省团队/市区域/省区域权益考核显示\n- 我的伞下功能 - 展示下级用户树形结构\n\n此版本可作为回滚基准点\nEOF\n)\")",
+      "Bash(ls -la \"c:\\Users\\dong\\Desktop\\rwadurian\\frontend\\mobile-app\\assets\\images\\splash_frames\"\" 2>/dev/null || dir \"c:UsersdongDesktoprwadurianfrontendmobile-appassetsimagessplash_frames\" 2>nul || echo \"目录不存在 \")",
+      "Bash(ls -la \"c:\\Users\\dong\\Desktop\\rwadurian\\frontend\\mobile-app\\lib\\features\"\" | grep -E \"^d \")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(telemetry): 将userId改为userSerialNum字符串格式并完善遥测追踪\n\nBackend (presence-service):\n- 将EventLog.userId从BigInt改为String类型,存储userSerialNum(如D25121400005)\n- 更新Prisma schema,userId字段改为VarChar(20)并添加索引\n- 更新心跳相关命令和事件,统一使用userSerialNum字符串\n- 添加数据库迁移文件\n- 更新相关单元测试和集成测试\n\nFrontend (mobile-app):\n- TelemetryEvent新增toServerJson()方法,格式化为后端API期望的格式\n- AccountService登录/恢复时设置TelemetryService的userId\n- MultiAccountService切换账号时同步更新TelemetryService的userId\n- 退出登录时清除TelemetryService的userId\n- AuthProvider初始化时设置userId\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(mkdir:*)",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(sentry): 集成 Sentry 自建崩溃收集与错误追踪系统\n\nBackend (infrastructure/sentry):\n- 添加 Sentry 自建部署 Docker Compose 配置\n- 包含 PostgreSQL, Redis, Kafka, ClickHouse, Snuba 等组件\n- 添加 Relay (事件网关) 和 Symbolicator (符号化服务) 配置\n- 添加部署脚本 deploy.sh 和配置文件\n- 更新 infrastructure README 文档\n\nFrontend (mobile-app):\n- 添加 sentry_flutter SDK 依赖\n- 创建 SentryService 封装类，统一管理崩溃收集\n- 创建 SentryConfig 配置类，支持开发/生产环境配置\n- 创建 SentryNavigationObserver 自动追踪页面导航\n- 创建 SentryDioInterceptor 自动追踪 HTTP 请求\n- 在 bootstrap.dart 中集成 Sentry 初始化\n- 支持 Flutter 错误和异步错误捕获\n- 自动过滤敏感信息 (密码、助记词、私钥等)\n- 在登录/登出/切换账号时同步 Sentry 用户信息\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(flutter pub get:*)",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfix(sentry): 修复 Flutter 代码分析错误\n\n- 修复 bootstrap.dart 中 deviceModel 属性访问错误 (使用 brand + model)\n- 移除 sentry_navigation_observer.dart 中未使用的 _previousRouteName 字段\n- 更新 sentry_service.dart 使用新版 Sentry API (captureFeedback)\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(go build:*)",
+      "Bash(docker-compose up:*)",
+      "Bash(bash deploy.sh:*)",
+      "Bash(bash:*)",
+      "Bash(MPC_JWT_SECRET='change_this_jwt_secret_key_to_random_value_min_32_chars' bash init-hot-wallet.sh --username wallet-hot-001 --threshold-n 3 --threshold-t 2)",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xA09b4117be00Da78E8699599e9472884E8624307'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  const amount = BigInt(1000000) * BigInt(1000000);\n  \n  console.log(''Transferring 1,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(python -m json.tool:*)",
+      "Bash(docker-compose exec -T message-router sh -c 'echo \"\"{\\\"\"session_id\\\"\":\\\"\"test-sign-fix-001\\\"\",\\\"\"account_id\\\"\":\\\"\"wallet-c0d57ea8\\\"\",\\\"\"message_hash\\\"\":\\\"\"0xaabbccdd11223344aabbccdd11223344aabbccdd11223344aabbccdd11223344\\\"\",\\\"\"requested_at\\\"\":\\\"\"$(date -u +%Y-%m-%dT%H:%M:%SZ)\\\"\"}\"\" | nats pub mpc.signing.requested --server=nats://localhost:4222')",
+      "Bash(docker run:*)",
+      "Bash(python3:*)",
+      "Bash(ACCESS_TOKEN=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIxIiwiYWNjb3VudFNlcXVlbmNlIjoiRDI1MTIxNjAwMDAwIiwiZGV2aWNlSWQiOiJ0ZXN0LWRldmljZS0wMDEiLCJ0eXBlIjoiYWNjZXNzIiwiaWF0IjoxNzY1ODUzMzQ3LCJleHAiOjE3NjU4NjA1NDd9.NjhXZ7v2cxX0rgEb_NHDC1ecvWEc7HoijqACogmw0VE\")",
+      "Bash(__NEW_LINE__ curl -s -X POST http://localhost:3001/api/v1/wallet/withdraw )",
+      "Bash(docker-compose exec:*)",
+      "Bash(docker-compose restart:*)",
+      "Bash(DATABASE_URL=\"postgresql://rwa_user:rwa_password@localhost:5432/rwa_wallet\" npx prisma generate:*)",
+      "Bash(dart analyze:*)",
+      "Bash(flutter clean:*)",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xdf2e862f222f8b1586361b63c63fbed9aafd8202'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  const amount = BigInt(1000000) * BigInt(1000000);\n  \n  console.log(''Transferring 1,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(for service in identity-service leaderboard-service reward-service referral-service wallet-service planting-service presence-service reporting-service)",
+      "Bash(do echo '=== $service ===' if [ -d c:/Users/dong/Desktop/rwadurian/backend/services/$service/prisma/migrations ])",
+      "Bash(then grep -r version c:/Users/dong/Desktop/rwadurian/backend/services/$service/prisma/migrations/)",
+      "Bash(docker-compose logs:*)",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xfb852080346fa0996c28b250e0bbb5e27de7e9ca'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  // 30,000,000 USDT = 30000000 * 1e6 (6 decimals)\n  const amount = BigInt(30000000) * BigInt(1000000);\n  \n  console.log(''Transferring 30,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(git restore:*)",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xfb852080346fa0996c28b250e0bbb5e27de7e9ca'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  const amount = BigInt(30000000) * BigInt(1000000);\n  \n  console.log(''Transferring 30,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x431649949E38e52fcc7C9A581b47025EA1A10dC9'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  // 100,000,000 USDT = 100000000 * 1e6 (6 decimals)\n  const amount = BigInt(100000000) * BigInt(1000000);\n  \n  console.log(''Transferring 100,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfix(admin-service): 添加缺失的 uuid 依赖\n\nnotification.controller.ts 使用了 uuid 生成 ID，但 package.json 缺少依赖\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(npm install)",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xa3da257b76c4816e651b6d4e99d1577eb3bfe1d8'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  // 100,000,000 USDT = 100000000 * 1e6 (6 decimals)\n  const amount = BigInt(100000000) * BigInt(1000000);\n  \n  console.log(''Transferring 100,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x61745e6fe29eb3839c479d2a07b0a3ae1d962cc4'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  // 9,000,000 USDT = 9000000 * 1e6 (6 decimals)\n  const amount = BigInt(9000000) * BigInt(1000000);\n  \n  console.log(''Transferring 9,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(git fetch:*)",
+      "Bash(node -e \"\nconst { ethers } = require(''ethers'');\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x68dadb766c33f1db47e4821919c795ea19a0f282'';\n\nasync function transfer() {\n  const provider = new ethers.JsonRpcProvider(KAVA_TESTNET_RPC);\n  const wallet = new ethers.Wallet(privateKey, provider);\n  \n  const abi = [''function transfer(address to, uint256 amount) returns (bool)'', ''function balanceOf(address) view returns (uint256)''];\n  const contract = new ethers.Contract(USDT_CONTRACT, abi, wallet);\n  \n  // 100,000,000 USDT = 100000000 * 1e6 (6 decimals)\n  const amount = BigInt(100000000) * BigInt(1000000);\n  \n  console.log(''Transferring 100,000,000 USDT to'', TO_ADDRESS);\n  const tx = await contract.transfer(TO_ADDRESS, amount, { gasLimit: 100000 });\n  console.log(''TX Hash:'', tx.hash);\n  await tx.wait();\n  \n  const newBalance = await contract.balanceOf(TO_ADDRESS);\n  console.log(''New balance:'', Number(newBalance) / 1e6, ''USDT'');\n}\n\ntransfer().catch(e => console.error(''Error:'', e.message));\n\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfix(authorization): 修正省区域角色唯一性检查逻辑\n\n将省区域角色从\"全系统唯一\"改为\"按省份唯一\"：\n- 修改 grantProvinceCompany 使用 findProvinceCompanyByRegion 检查\n- 删除废弃的 findAnyProvinceCompany 方法\n- 现在不同省份可以分别授权给不同账户\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(flutter pub:*)",
+      "Bash(dir /s /b \"c:\\Users\\dong\\Desktop\\rwadurian\\frontend\\mobile-app\\publish\")",
+      "Bash(keytool:*)",
+      "Bash(git tag -a \"v2.0.0-new-identity\" -m \"$(cat <<''EOF''\n更换包名和签名证书\n\n原因：华为应用市场 13.2+ 版本对未上架应用检测更严格，\n原包名 com.rwadurian.rwa_android_app 被标记为\"风险应用\"。\n\n更改：\n- 包名: com.rwadurian.rwa_android_app → com.durianqueen.app\n- 签名证书: 新的 durianqueen-release.keystore\n- MethodChannel 前缀更新\n\n注意：用户需要卸载旧版本重新安装\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfix(ui): 优化\"我的\"页面已过期和结算栏的显示格式\n\n将绿积分和贡献值的数字改为跟在标签后面显示：\n- 已过期栏：绿积分：xxx，贡献值：xxx\n- 可结算栏：可结算 (绿积分)：xxx\n- 已结算栏：已结算 (绿积分)：xxx\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfix(authorization): 省区域和市区域授权即激活，无需初始考核\n\n修改 createProvinceCompany 和 createCityCompany 方法：\n- 授权后立即激活权益 (benefitActive: true)\n- 从第1个月开始考核 (currentMonthIndex: 1)\n- 省区域月度目标：150, 300, 600, 1200, 2400, 4800, 9600, 19200, 11750\n- 市区域月度目标：30, 60, 120, 240, 480, 960, 1920, 3840, 2350\n- 保留 skipAssessment 参数兼容性\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(reward): 可结算列表改为从 reward-service 读取\n\n将前端可结算奖励列表的数据源从 wallet-service 改为 reward-service：\n- 后端：在 reward-service 添加 GET /rewards/settleable 接口\n- 前端：修改 getSettleableRewards() 调用 /rewards/settleable\n- 前端：更新 SettleableRewardItem 字段映射 (rightType, claimedAt, sourceOrderNo, memo)\n\n解决权益收益（社区权益、市区域权益）无法在可结算列表显示的问题。\n遵循单一数据源原则，reward-service 是奖励的权威数据源。\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(authorization): 实现软删除支持撤销后重新授权\n\n- 添加 deletedAt 字段到 AuthorizationRole 聚合根和 Prisma schema\n- revoke() 方法同时设置 deletedAt，使撤销的记录被软删除\n- Repository 所有查询添加 deletedAt: null 过滤条件\n- 创建部分唯一索引，只对未删除记录生效 (大厂通用做法)\n- 支持撤销授权后重新创建相同角色\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(authorization): 添加审计查询方法支持查询已删除记录\n\n- findAllByUserIdIncludeDeleted: 按用户ID查询所有记录(含已删除)\n- findAllByAccountSequenceIncludeDeleted: 按账号序列查询所有记录(含已删除)\n- findByIdIncludeDeleted: 按ID查询记录(含已删除)\n\n确保撤销的授权记录可审计追溯\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(npm run lint:*)",
+      "Bash(npx next lint)",
+      "Bash(./deploy.sh:*)",
+      "Bash(backend/services/reporting-service/prisma/schema.prisma )",
+      "Bash(backend/services/reporting-service/prisma/migrations/ )",
+      "Bash(backend/services/reporting-service/src/domain/repositories/realtime-stats.repository.interface.ts )",
+      "Bash(backend/services/reporting-service/src/domain/repositories/global-stats.repository.interface.ts )",
+      "Bash(backend/services/reporting-service/src/domain/repositories/index.ts )",
+      "Bash(backend/services/reporting-service/src/infrastructure/persistence/repositories/realtime-stats.repository.impl.ts )",
+      "Bash(backend/services/reporting-service/src/infrastructure/persistence/repositories/global-stats.repository.impl.ts )",
+      "Bash(backend/services/reporting-service/src/infrastructure/infrastructure.module.ts )",
+      "Bash(backend/services/reporting-service/src/infrastructure/kafka/ )",
+      "Bash(backend/services/reporting-service/src/application/services/dashboard-application.service.ts )",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(reporting): 实现事件驱动的仪表板统计架构\n\n## 概述\n将 reporting-service Dashboard 从 HTTP API 调用改为事件驱动架构，\n通过消费 Kafka 事件在本地维护统计数据，实现微服务间解耦。\n\n## 架构变更\n之前: Dashboard → HTTP → planting/authorization/identity-service\n现在: 各服务 → Kafka → reporting-service → 本地统计表 → Dashboard\n\n## 新增表\n- RealtimeStats: 每日实时统计 (认种数/订单数/新用户/授权数)\n- GlobalStats: 全局累计统计 (总认种/总用户/总公司数)\n\n## 新增仓储\n- IRealtimeStatsRepository: 实时统计接口及实现\n- IGlobalStatsRepository: 全局统计接口及实现\n\n## Kafka 消费者更新\n- identity.UserAccountCreated: 累加用户统计\n- identity.UserAccountAutoCreated: 累加用户统计\n- authorization-events: 累加省/市公司统计\n- planting.order.paid: 累加认种统计\n\n## Dashboard 服务更新\n- getStats(): 从 GlobalStats/RealtimeStats 读取，计算环比变化\n- getTrendData(): 从 RealtimeStats 获取趋势数据\n\n## 优势\n- 消除跨服务 HTTP 调用延迟\n- 统计数据实时更新\n- 微服务间完全解耦\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(identity): 实现 Outbox 模式事件发布\n\n## 概述\n为 identity-service 实现 Outbox 模式，确保数据库事务和 Kafka 事件发布的原子性。\n\n## 新增表\n- OutboxEvent: 事件暂存表，用于事务性事件发布\n\n## 新增组件\n- OutboxRepository: Outbox 事件持久化\n- OutboxPublisherService: 轮询发布未处理事件到 Kafka\n\n## 支持的事件\n- identity.UserAccountCreated: 用户注册事件\n- identity.UserAccountAutoCreated: 自动创建用户事件\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(authorization): 实现 Outbox 模式事件发布\n\n## 概述\n为 authorization-service 实现 Outbox 模式，确保数据库事务和 Kafka 事件发布的原子性。\n\n## 新增表\n- OutboxEvent: 事件暂存表，用于事务性事件发布\n\n## 新增组件\n- OutboxRepository: Outbox 事件持久化\n- OutboxPublisherService: 轮询发布未处理事件到 Kafka\n\n## 支持的事件\n- authorization-events: 授权角色创建/更新事件（省公司、市公司授权）\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(reporting): 实现 Dashboard API 完整功能\n\n## 概述\n为 reporting-service 实现完整的 Dashboard API 端点，支持统计卡片、趋势图表、\n区域分布和最近活动等功能。\n\n## API 端点\n- GET /dashboard/stats: 获取统计卡片数据\n- GET /dashboard/charts: 获取趋势图表数据 (支持 7d/30d/90d 周期)\n- GET /dashboard/region: 获取区域分布数据\n- GET /dashboard/activities: 获取最近活动列表\n\n## 新增 DTO\n- DashboardStatsResponseDto: 统计卡片响应\n- DashboardTrendResponseDto: 趋势数据响应\n- DashboardRegionResponseDto: 区域分布响应\n- DashboardActivitiesResponseDto: 活动列表响应\n\n## Repository 层\n- IDashboardStatsSnapshotRepository: 统计快照接口\n- IDashboardTrendDataRepository: 趋势数据接口\n- ISystemActivityRepository: 系统活动接口\n\n## External Clients (已弃用)\n- AuthorizationServiceClient: 授权服务客户端\n- IdentityServiceClient: 身份服务客户端\n注：已改为事件驱动架构，这些客户端仅作为备用\n\n<><6E> Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(git commit -m \"$(cat <<''EOF''\nfeat(admin-web): 实现 Dashboard 页面真实 API 接入\n\n## 概述\n将 admin-web Dashboard 页面从模拟数据改为真实 API 调用，\n使用 React Query 实现数据获取、缓存和自动刷新。\n\n## 新增文件\n- dashboardService.ts: Dashboard API 服务封装\n- useDashboard.ts: React Query hooks\n- dashboard.types.ts: Dashboard 类型定义\n\n## API 接入\n- /dashboard/stats: 统计卡片（总认种量、总用户数、省/市公司数）\n- /dashboard/charts: 趋势图表（支持 7d/30d/90d 周期切换）\n- /dashboard/region: 区域分布\n- /dashboard/activities: 最近活动\n\n## UI 优化\n- 添加加载骨架屏\n- 添加错误重试机制\n- 添加空数据提示\n- 优化图表周期切换交互\n\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n)\")",
+      "Bash(npx next:*)",
+      "Bash(npx prisma validate:*)",
+      "Bash(dir /s /b \"c:\\Users\\dong\\Desktop\\rwadurian\\backend\\services\\admin-service\\Dockerfile*\")",
+      "Bash(dir /b \"c:\\Users\\dong\\Desktop\\rwadurian\\frontend\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(reporting-service\\): 启动 Kafka 微服务消费者以记录真实活动\n\n- 在 main.ts 添加 Kafka 微服务连接配置\n- 调用 startAllMicroservices\\(\\) 启动事件消费\n- 支持消费 identity/authorization/planting 服务的事件\n- 实现仪表板\"最近活动\"显示真实数据\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-web\\): 添加 redux-persist 实现登录状态持久化\n\n- 安装 redux-persist 依赖\n- 配置 persistReducer 持久化 auth slice 到 localStorage\n- 添加 PersistGate 确保 rehydration 完成后再渲染\n- 处理 REHYDRATE action 恢复认证状态\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 修复 deposit_usdt_page 中未定义的 _loadWalletData 方法\n\n将错误的方法名 _loadWalletData 改为正确的 _loadData\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(admin-web\\): 修复 authSlice 的 REHYDRATE 类型错误\n\n使用 addMatcher 替代 addCase 处理 REHYDRATE action\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(docker compose logs:*)",
+      "Bash(set:*)",
+      "Bash(npx prisma migrate:*)",
+      "Bash($env:DATABASE_URL=\"postgresql://postgres:password@localhost:5432/rwa_identity?schema=public\")",
+      "Bash(docker cp:*)",
+      "Bash(timeout 120 docker compose:*)",
+      "Bash(docker network create:*)",
+      "Bash(find backend/services -type d -name migrations -exec sh -c 'echo \"\"=== {} ===\"\" && ls -1 \"\"$1\"\" | wc -l' _ {} ;)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nrefactor: 简化启动流程和优化向导页文案\n\n- 简化 splash 页面跳转逻辑：账号已创建直接进主页，首次启动进向导页\n- 优化向导页第5页文案：更亲切的标题和更清晰的说明\n- 改进推荐码输入框和扫码图标颜色：黑色文字与白色底色形成更好对比\n- 简化\"恢复账号\"按钮文字\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(timeout 30 git push:*)",
+      "Bash(ping:*)",
+      "Bash(ipconfig:*)",
+      "Bash(flutter run:*)",
+      "Bash(flutter devices:*)",
+      "Bash(npx qrcode:*)",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xbfade3806321b7caa958fbc5f6c23d1b88861611'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  const amount = BigInt\\(1000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 1,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-service\\): 添加 seed 脚本同步系统账户到 user_query_view\n\n问题：admin-web 用户管理页面无数据，因为 user_query_view 表是空的\n原因：identity-service 的 seed 创建的系统账户不会触发 Kafka 事件\n\n解决方案：\n- 创建 admin-service 的 seed.ts，直接同步系统账户到 user_query_view\n- 配置 package.json 的 prisma.seed\n\n运行方式：\ncd backend/services/admin-service && npx prisma db seed\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(admin-service\\): 修复 Kafka topic 订阅不匹配问题\n\n问题：admin-web 用户管理页面无数据\n原因：admin-service 订阅的是 ''identity.events''，\n     但 identity-service 发送到的是具体的 topic 如 ''identity.UserAccountCreated''\n\n修复：将订阅的 topics 改为与 identity-service 的 IDENTITY_TOPICS 一致：\n- identity.UserAccountCreated\n- identity.UserAccountAutoCreated\n- identity.PhoneBound\n- identity.KYCSubmitted\n- identity.KYCVerified\n- identity.KYCRejected\n- identity.UserAccountFrozen\n- identity.UserAccountDeactivated\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x5b25ae3ac4ad6291ef67aceaf657b62a200d8bf8'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  const amount = BigInt\\(1000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 1,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xe9f7dafeb225bd3c88bcad2cce35c6512c9b2987'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 100,000,000 USDT = 100000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(100000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 100,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x631c1c09c5d481d6d2c4a75461a8b46af54eb846'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  const amount = BigInt\\(1000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 1,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xa00ac1347f045676F8fc9791595e603810994d67'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 100,000,000 USDT = 100000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(100000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 100,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(npx tsc --noEmit)",
+      "Bash(backend/services/authorization-service/src/api/dto/request/self-apply-authorization.dto.ts )",
+      "Bash(backend/services/authorization-service/src/application/services/authorization-application.service.ts )",
+      "Bash(backend/services/identity-service/src/api/controllers/user-account.controller.ts )",
+      "Bash(backend/services/identity-service/src/api/dto/index.ts )",
+      "Bash(backend/services/identity-service/src/api/dto/request/verify-sms-code.dto.ts )",
+      "Bash(backend/services/identity-service/src/application/commands/index.ts )",
+      "Bash(backend/services/identity-service/src/application/services/user-application.service.ts )",
+      "Bash(backend/services/wallet-service/prisma/schema.prisma )",
+      "Bash(backend/services/wallet-service/prisma/migrations/20241222000000_add_withdrawal_fee_config/ )",
+      "Bash(backend/services/wallet-service/src/api/controllers/wallet.controller.ts )",
+      "Bash(backend/services/wallet-service/src/api/dto/response/index.ts )",
+      "Bash(backend/services/wallet-service/src/api/dto/response/fee-config.dto.ts )",
+      "Bash(backend/services/wallet-service/src/application/services/wallet-application.service.ts )",
+      "Bash(backend/services/wallet-service/src/domain/aggregates/withdrawal-order.aggregate.ts )",
+      "Bash(backend/services/wallet-service/src/infrastructure/infrastructure.module.ts )",
+      "Bash(backend/services/wallet-service/src/infrastructure/persistence/repositories/index.ts )",
+      "Bash(backend/services/wallet-service/src/infrastructure/persistence/repositories/fee-config.repository.impl.ts )",
+      "Bash(frontend/mobile-app/lib/core/services/account_service.dart )",
+      "Bash(frontend/mobile-app/lib/core/services/authorization_service.dart )",
+      "Bash(frontend/mobile-app/lib/core/services/wallet_service.dart )",
+      "Bash(frontend/mobile-app/lib/features/auth/presentation/pages/guide_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/auth/presentation/pages/phone_login_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/auth/presentation/pages/forgot_password_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/authorization/presentation/pages/authorization_apply_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/mining/presentation/pages/mining_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/withdraw/presentation/pages/withdraw_confirm_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/withdraw/presentation/pages/withdraw_usdt_page.dart )",
+      "Bash(frontend/mobile-app/lib/routes/app_router.dart )",
+      "Bash(frontend/mobile-app/lib/routes/route_names.dart )",
+      "Bash(frontend/mobile-app/lib/routes/route_paths.dart)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat: 多项业务功能增强\n\n- 动态提取手续费配置：支持固定/百分比两种费率类型，默认2绿积分/笔\n- 找回密码功能：新增手机号+短信验证码重置密码流程\n- 授权申请优化：自助申请时验证团队链授权状态\n- UI文案调整：登录账号、监控页待开启等\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x323AA5bd8101Ad97B724dc1584479219c7660628'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 200,000,000 USDT = 200000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(200000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 200,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(admin-service\\): 修复用户事件消费时 payload 嵌套层级错误\n\nidentity-service 发布的消息结构为 { eventId, eventType, payload: {...} }，\n但 admin-service 消费时直接使用 eventData 而不是 eventData.payload，\n导致 payload.userId 为 undefined，BigInt\\(undefined\\) 抛出异常被静默吞掉，\n用户数据无法同步到 UserQueryView。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 修复提款页面 _feeRate 未定义错误\n\n将 _feeRate 改为 _feeConfig?.feeValue ?? 0.02，\n使用 FeeConfig 对象中的 feeValue 字段。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x0ec001ed6233b7959d7a251e2792621e4707c35f'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 100,000,000 USDT = 100000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(100000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 100,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 调整账本明细流水类型筛选顺序和标签\n\n- REWARD_SETTLED 标签从\"提取\"改为\"结算\"\n- 调整筛选选项顺序：转入/转出放到全部后面，充值绿积分放到最后\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(blockchain-service\\): 过滤热钱包发出的转账避免内部转账重复入账\n\n内部转账时，wallet-service 已经处理了接收方入账，\n需要过滤掉 blockchain-service 扫描到的热钱包转出交易，\n避免将其当作充值重复处理导致双倍入账\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\n\nasync function mint\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function mint\\(uint256 amount\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)'', ''function totalSupply\\(\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 2,000,000,000,000 USDT \\(2万亿\\) = 2000000000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(2000000000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Minting 2,000,000,000,000 USDT \\(2万亿\\)...''\\);\n  const tx = await contract.mint\\(amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const totalSupply = await contract.totalSupply\\(\\);\n  const balance = await contract.balanceOf\\(wallet.address\\);\n  console.log\\(''New Total Supply:'', Number\\(totalSupply\\) / 1e6, ''USDT''\\);\n  console.log\\(''Deployer Balance:'', Number\\(balance\\) / 1e6, ''USDT''\\);\n}\n\nmint\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(npx prisma migrate diff:*)",
+      "Bash(git revert:*)",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x0ec001ed6233b7959d7a251e2792621e4707c35f'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 1,020,000,000 USDT \\(10亿2千万\\) = 1020000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(1020000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 1,020,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x323AA5bd8101Ad97B724dc1584479219c7660628'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 2,000,000,000 USDT \\(20亿\\) = 2000000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(2000000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 2,000,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(unzip:*)",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x97Da65a7eCC4bC3EEF8473369b68a1cCda7cDE3f'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 10,000,000,000 USDT \\(100亿\\) = 10000000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(10000000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 10,000,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 优化数字显示组件防止自动换行\n\n使用 FittedBox\\(fit: BoxFit.scaleDown\\) 包装所有可变数字显示组件，\n确保当数字位数多时自动缩小字号而不是换行，提升用户视觉体验。\n\n优化的页面和组件：\n- stickman_race_widget: 火柴人标签、排名列表数量、进度百分比\n- team_tree_widget: 节点认种数、省略节点数量、详情弹窗\n- ranking_page: 龙虎榜团队认种量\n- trading_page: DST余额、绿积分余额\n- profile_page: 各类收益金额、奖励项金额\n- withdraw_usdt_page: 提款页余额\n- deposit_usdt_page: 充值页余额\n- ledger_detail_page: 净收益、收支概览、流水金额\n- authorization_apply_page: 累计认种数\n- planting_quantity_page: 可用余额\n- mining_page: 用户序列号\n- account_switch_page: 账号用户名、序列号\n- wallet_created_page: 钱包地址信息\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" status)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" diff backend/services/identity-service/src/application/commands/index.ts)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" log --oneline -5)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add backend/services/identity-service/src/api/dto/request/change-password.dto.ts backend/services/identity-service/src/api/dto/request/index.ts backend/services/identity-service/src/api/controllers/user-account.controller.ts backend/services/identity-service/src/application/commands/index.ts backend/services/identity-service/src/application/services/user-application.service.ts frontend/mobile-app/lib/core/services/auth_event_service.dart frontend/mobile-app/lib/app.dart frontend/mobile-app/lib/core/network/api_client.dart frontend/mobile-app/lib/core/services/account_service.dart frontend/mobile-app/lib/core/services/multi_account_service.dart frontend/mobile-app/lib/features/auth/presentation/pages/splash_page.dart frontend/mobile-app/lib/features/security/presentation/pages/change_password_page.dart frontend/mobile-app/lib/routes/app_router.dart)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfeat\\(auth\\): 实现修改密码API和Token过期自动跳转登录\n\n后端:\n- 新增 ChangePasswordCommand 和 ChangePasswordDto\n- 新增 POST /user/change-password 接口\n- 实现 changePassword\\(\\) 方法，验证旧密码后更新新密码\n\n前端:\n- 新增 AuthEventService 认证事件服务，处理 token 过期事件\n- api_client 在 token 刷新失败时发送过期事件\n- App 监听认证事件，token 过期时清除账号状态并跳转登录页\n- splash_page 优化路由逻辑：退出登录后跳转手机登录页而非向导页\n- change_password_page 调用真实 API 修改密码\n- account_service 新增 changePassword\\(\\) 方法\n- multi_account_service 退出登录时清除 phoneNumber 和 isPasswordSet\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" push)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(email\\): 实现邮箱绑定/解绑功能\n\n后端:\n- 新增 EmailService 邮件发送服务，支持 Gmail SMTP\n- 新增 EmailCode 数据模型用于存储邮箱验证码\n- UserAccount 添加 email 字段\n- 新增 API 接口:\n  - GET /user/email-status 获取邮箱绑定状态\n  - POST /user/send-email-code 发送邮箱验证码\n  - POST /user/bind-email 绑定邮箱\n  - POST /user/unbind-email 解绑邮箱\n- 新增 DTOs: SendEmailCodeDto, BindEmailDto, UnbindEmailDto\n- 新增 Commands: SendEmailCodeCommand, BindEmailCommand, UnbindEmailCommand\n\n前端:\n- account_service 新增邮箱相关方法和 EmailStatus 类\n- bind_email_page 更新为使用真实 API:\n  - 绑定/更换邮箱功能\n  - 独立的解绑验证码输入和倒计时\n  - 解绑确认对话框\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" diff backend/services/identity-service/src/infrastructure/external/sms/sms.service.ts)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add backend/services/identity-service/src/infrastructure/external/sms/sms.service.ts)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(sms\\): 增强短信发送重试机制\n\n- 最大重试次数从 2 次增加到 4 次\n- 基础延迟从 3 秒增加到 6 秒\n- 最大延迟从 10 秒增加到 30 秒\n\n这些调整提高了短信发送在网络不稳定情况下的成功率\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" diff --stat)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" log --oneline -3)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfeat\\(authorization\\): 实现火柴人排名用户详情查看功能\n\n后端:\n- identity-service: 新增内部API获取用户详情\\(手机号、邮箱、KYC等\\)\n- referral-service: 新增内部API获取用户团队统计\\(直推人数、伞下用户数、认种数量\\)\n- authorization-service: \n  - 新增用户公开资料和私密资料API\n  - 聚合identity-service和referral-service数据\n  - 省团队以上权限可查看私密信息\\(脱敏处理\\)\n\n前端:\n- 新增UserProfileDialog弹窗组件，支持查看用户详情\n- stickman_race_widget: 排名列表项可点击查看用户详情\n- authorization_service: 新增getUserProfile/getUserPrivateProfile方法\n\n用户详情包括:\n- 基本信息: 用户ID、昵称、头像、注册时间、所在地区\n- 团队数据: 推荐人、直推人数、伞下用户数、个人/团队认种数\n- 授权信息: 授权类型、权益激活状态\n- 联系信息\\(特权用户可见\\): 手机号、邮箱、真实姓名\\(脱敏\\)\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add backend/services/authorization-service/src/application/services/authorization-application.service.ts)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(authorization\\): 暂时禁止所有用户查看私密资料\n\n由于系统尚未实现权限管理功能，暂时将 checkPrivateProfileAccess\n始终返回 false，禁止所有用户查看其他用户的手机号、邮箱等隐私信息。\n\n后续实现权限系统后可恢复原有逻辑。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" status --short)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add backend/services/identity-service/src/api/controllers/internal.controller.ts)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(identity\\): 使用Prisma直接查询用户详情\n\ngetUserDetailBySequence 方法改用 Prisma 直接查询数据库，\n以获取 email 和 realName 等领域模型中未暴露的字段。\n\n之前的实现通过领域模型 UserAccount 访问这些字段会导致编译错误，\n因为领域模型没有直接暴露这些属性。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add backend/api-gateway/kong.yml frontend/mobile-app/lib/core/services/notification_service.dart)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(notification\\): 修复通知中心API路径\n\n问题: 前端调用 /admin-service/mobile/notifications 路径不存在于Kong网关\n\n修复:\n1. Kong网关添加 /api/v1/mobile/notifications 路由到 admin-service\n2. 前端 NotificationService 修正 API 路径:\n   - /admin-service/mobile/notifications -> /mobile/notifications\n   - /admin-service/mobile/notifications/unread-count -> /mobile/notifications/unread-count\n   - /admin-service/mobile/notifications/mark-read -> /mobile/notifications/mark-read\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(set DATABASE_URL=postgresql://postgres:postgres@localhost:5432/rwadurian_planting?schema=public:*)",
+      "Bash($env:DATABASE_URL=\"postgresql://postgres:postgres@localhost:5432/rwadurian_planting?schema=public\")",
+      "Bash(python -c:*)",
+      "Bash(pip install:*)",
+      "Bash(backend/services/planting-service/package.json )",
+      "Bash(backend/services/planting-service/prisma/schema.prisma )",
+      "Bash(backend/services/planting-service/prisma/migrations/20241224000000_add_contract_signing/ )",
+      "Bash(backend/services/planting-service/prisma/seed.ts )",
+      "Bash(backend/services/planting-service/src/api/api.module.ts )",
+      "Bash(backend/services/planting-service/src/api/controllers/index.ts )",
+      "Bash(backend/services/planting-service/src/api/controllers/contract-signing.controller.ts )",
+      "Bash(backend/services/planting-service/src/application/application.module.ts )",
+      "Bash(backend/services/planting-service/src/application/services/index.ts )",
+      "Bash(backend/services/planting-service/src/application/services/planting-application.service.ts )",
+      "Bash(backend/services/planting-service/src/application/services/contract-signing.service.ts )",
+      "Bash(backend/services/planting-service/src/application/jobs/ )",
+      "Bash(backend/services/planting-service/src/domain/aggregates/index.ts )",
+      "Bash(backend/services/planting-service/src/domain/aggregates/contract-signing-task.aggregate.ts )",
+      "Bash(backend/services/planting-service/src/domain/aggregates/contract-template.aggregate.ts )",
+      "Bash(backend/services/planting-service/src/domain/repositories/index.ts )",
+      "Bash(backend/services/planting-service/src/domain/repositories/contract-signing-task.repository.interface.ts )",
+      "Bash(backend/services/planting-service/src/domain/repositories/contract-template.repository.interface.ts )",
+      "Bash(backend/services/planting-service/src/domain/value-objects/index.ts )",
+      "Bash(backend/services/planting-service/src/domain/value-objects/contract-signing-status.enum.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/infrastructure.module.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/kafka/event-publisher.service.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/kafka/index.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/kafka/contract-signing-event.consumer.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/persistence/repositories/index.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/persistence/repositories/contract-signing-task.repository.impl.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/persistence/repositories/contract-template.repository.impl.ts )",
+      "Bash(backend/services/planting-service/src/main.ts )",
+      "Bash(backend/services/referral-service/src/application/event-handlers/index.ts )",
+      "Bash(backend/services/referral-service/src/application/event-handlers/planting-created.handler.ts )",
+      "Bash(backend/services/referral-service/src/application/event-handlers/contract-signing.handler.ts )",
+      "Bash(backend/services/referral-service/src/infrastructure/external/index.ts )",
+      "Bash(backend/services/referral-service/src/infrastructure/external/wallet-service.client.ts )",
+      "Bash(backend/services/referral-service/src/modules/application.module.ts )",
+      "Bash(backend/services/referral-service/src/modules/infrastructure.module.ts )",
+      "Bash(backend/services/reward-service/src/application/services/reward-application.service.ts )",
+      "Bash(backend/services/reward-service/src/domain/services/reward-calculation.service.ts )",
+      "Bash(backend/services/reward-service/src/infrastructure/external/wallet-service/wallet-service.client.ts )",
+      "Bash(backend/services/reward-service/src/infrastructure/kafka/event-consumer.controller.ts)",
+      "Bash(frontend/mobile-app/lib/core/di/injection_container.dart )",
+      "Bash(frontend/mobile-app/lib/core/services/contract_check_service.dart )",
+      "Bash(frontend/mobile-app/lib/core/services/contract_signing_service.dart )",
+      "Bash(frontend/mobile-app/lib/features/contract_signing/ )",
+      "Bash(frontend/mobile-app/lib/features/home/presentation/pages/home_shell_page.dart )",
+      "Bash(git branch:*)",
+      "Bash(echo \"docker exec rwa-planting-service npx prisma db execute --stdin <<< \"\"SELECT template_id, version, title, is_active FROM contract_templates;\"\"\")",
+      "Bash(npm uninstall:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(contract\\): 使用合同编号代替订单号\n\n合同编号格式: accountSequence-yyyyMMddHHmm\n例如: 10001-202512251003\n\n修改内容:\n- 数据库: 添加 contract_no 字段\n- 后端: 聚合根、Repository、Service、PDF生成器支持 contractNo\n- 前端: 显示合同编号代替订单号\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(npx ts-node:*)",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0xab2ecb00ef473cfbbf3df13faa7ed3ff84eea229'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  const amount = BigInt\\(1000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 1,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x17e9109ac3d2921c7731f3e72749bc13043a076c'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  const amount = BigInt\\(1000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 1,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(powershell -Command \"\\(Get-Content ''reward-application.service.ts''\\) -replace \"\"this\\\\.logger\\\\.log\\\\\\(\\\\`Distributing rewards for order \\\\$\\\\{params\\\\.sourceOrderNo\\\\}, accountSequence=\\\\$\\\\{params\\\\.sourceAccountSequence\\\\}\\\\`\\\\\\);\\\\r?\\\\n\\\\r?\\\\n    // 1\\\\. 计算所有奖励\"\", \"\"this.logger.log\\(\\\\`Distributing rewards for order \\\\$\\\\{params.sourceOrderNo\\\\}, accountSequence=\\\\$\\\\{params.sourceAccountSequence\\\\}\\\\`\\);\\\\`n\\\\`n    // 幂等性检查：如果该订单已经分配过奖励，跳过处理\\\\`n    const existingRewards = await this.rewardLedgerEntryRepository.findBySourceOrderNo\\(params.sourceOrderNo\\);\\\\`n    if \\(existingRewards.length > 0\\) {\\\\`n      this.logger.warn\\(\\\\`Order \\\\$\\\\{params.sourceOrderNo\\\\} already has \\\\$\\\\{existingRewards.length\\\\} rewards distributed, skipping \\(idempotent\\)\\\\`\\);\\\\`n      return;\\\\`n    }\\\\`n\\\\`n    // 1. 计算所有奖励\"\" | Set-Content ''reward-application.service.ts'' -Encoding UTF8\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(reward-service\\): 添加奖励分配幂等性检查\n\n- distributeRewards 方法添加幂等性检查，防止同一订单重复分配奖励\n- distributeRewardsForExpiredContract 方法同样添加幂等性检查\n- 通过 findBySourceOrderNo 检查订单是否已分配过奖励\n\n修复问题：recovery job 重复触发导致同一订单奖励被多次分配\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x184571959d74a6e771ad4e5b2fbe006951dd29ec'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 10,000,000 USDT = 10000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(10000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 10,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x184571959d74a6e771ad4e5b2fbe006951dd29ec'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 10,000,000,000 USDT \\(100亿\\) = 10000000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(10000000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 10,000,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(node -e \"\nconst { ethers } = require\\(''ethers''\\);\n\nconst KAVA_TESTNET_RPC = ''https://evm.testnet.kava.io'';\nconst privateKey = ''0xd42a6e6021ebd884f3f179d3793a32e97b9f1001db6ff44441ec455d748b9aa6'';\nconst USDT_CONTRACT = ''0xc12f6A4A7Fd0965085B044A67a39CcA2ff7fe0dF'';\nconst TO_ADDRESS = ''0x25bc2f6cebb902cb51f7b51bff81e0f776b07b14'';\n\nasync function transfer\\(\\) {\n  const provider = new ethers.JsonRpcProvider\\(KAVA_TESTNET_RPC\\);\n  const wallet = new ethers.Wallet\\(privateKey, provider\\);\n  \n  const abi = [''function transfer\\(address to, uint256 amount\\) returns \\(bool\\)'', ''function balanceOf\\(address\\) view returns \\(uint256\\)''];\n  const contract = new ethers.Contract\\(USDT_CONTRACT, abi, wallet\\);\n  \n  // 2,000,000,000 USDT \\(20亿\\) = 2000000000 * 1e6 \\(6 decimals\\)\n  const amount = BigInt\\(2000000000\\) * BigInt\\(1000000\\);\n  \n  console.log\\(''Transferring 2,000,000,000 USDT to'', TO_ADDRESS\\);\n  const tx = await contract.transfer\\(TO_ADDRESS, amount, { gasLimit: 100000 }\\);\n  console.log\\(''TX Hash:'', tx.hash\\);\n  await tx.wait\\(\\);\n  \n  const newBalance = await contract.balanceOf\\(TO_ADDRESS\\);\n  console.log\\(''New balance:'', Number\\(newBalance\\) / 1e6, ''USDT''\\);\n}\n\ntransfer\\(\\).catch\\(e => console.error\\(''Error:'', e.message\\)\\);\n\")",
+      "Bash(dir /s /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\blockchain-service\\\\*.prisma\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): 添加钱包乐观锁防止并发修改\n\n- WalletAccount aggregate 添加 version 字段\n- WalletAccountRepositoryImpl 使用 updateMany + version 检查实现乐观锁\n- requestWithdrawal 添加重试机制处理乐观锁冲突\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): 添加一次性修复脚本 D25122600004->D25122600006 转账\n\n- 修复因并发修改导致的冻结余额不足问题\n- 自动完成内部转账、记录流水、更新订单状态\n- 幂等执行，可安全重启\n- 部署成功后请删除 otp/ 目录和相关引用\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(authorization-service\\): 使用 accountSequence 替代 userId 查询团队统计\n\n问题：planting-service 发送的 PlantingOrderPaid 事件中的 userId 是\n订单表的自增主键（如 15），而不是 referral-service 中的真实 user_id\n（如 25122600006）。这导致 handleTreePlanted 方法查询团队统计时\n返回 null，社区权益无法被自动激活。\n\n修复：改用事件中的 accountSequence 字段查询团队统计，因为\naccountSequence 是跨服务一致的用户标识。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(authorization-service\\): 添加社区权益激活一次性修复任务\n\n问题：由于 planting-service 发送的 userId 是订单主键而非用户真实 ID，\n导致部分已达标的社区权益未被自动激活。\n\n修复：添加 BenefitActivationFixOTP 一次性任务，在服务启动时：\n1. 查找所有状态为 AUTHORIZED 但 benefitActive=false 的社区授权\n2. 检查每个社区的 subordinateTeamPlantingCount 是否 >= 10\n3. 满足条件则激活权益\n\n使用方式：\n1. 部署此代码，服务启动后自动执行修复\n2. 确认修复完成后，删除 OTP 文件并重新部署\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 修复合同签署页面定时检查仍弹窗的问题\n\n使用 GoRouter.of\\(context\\).routerDelegate.currentConfiguration 获取全局路由状态，\n而不是 GoRouterState.of\\(context\\)，因为后者只能获取 ShellRoute 内部的路由状态，\n当用户在顶级路由（如 /contract-signing/:orderNo）时无法正确检测。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 使用 appRouterProvider 获取全局路由状态\n\n改用 ref.read\\(appRouterProvider\\) 替代 GoRouter.of\\(context\\)，\n确保能正确获取到当前的全局路由路径。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 首次检查也加入路由判断，避免在KYC页面弹窗\n\n_checkContractsAndKyc\\(\\) 方法之前没有调用 _shouldSkipContractCheck\\(\\)，\n导致用户在合同/KYC页面时首次检查仍会弹窗。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 遍历路由栈检测当前页面，修复push导航检测问题\n\n之前只检查 currentConfiguration.uri.path，对于 push 导航的页面无法正确检测。\n现在遍历整个 matches 路由栈，只要栈中有合同/KYC页面就跳过弹窗。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(planting-service\\): 修复跨服务调用使用错误标识符导致的500错误\n\n问题根源：\n- getBalance 调用使用 userId.toString\\(\\) \\(纯数字如 \"14\"\\)\n- wallet-service 按 accountSequence 查找钱包失败后尝试创建新钱包\n- 但 userId 已存在，触发唯一约束冲突导致500错误\n\n修复内容：\n1. planting-application.service.ts:\n   - createOrder: getBalance\\(userId.toString\\(\\)\\) → getBalance\\(accountSequence\\)\n   - payOrder: getBalance\\(userId.toString\\(\\)\\) → getBalance\\(walletIdentifier\\)\n\n2. payment-compensation.service.ts:\n   - 注入 IPlantingOrderRepository 获取订单的 accountSequence\n   - handleUnfreeze/handleRetryConfirm 添加 accountSequence 参数\n\n3. wallet-service.client.ts:\n   - ensureRegionAccounts 接口添加 provinceTeamAccount/cityTeamAccount 字段\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 流水明细支持显示权益类型和详情\n\n- 后端 wallet-service: getMyLedger API 返回 allocationType 字段\n- 前端流水明细: 显示权益类型名称（分享权益、省/市区域权益等）\n- 新增权益详情弹窗，点击权益记录可查看详细信息\n- 兑换页面: \"RMB/CNY提现\" 改为 \"提现\"\n- 我的团队: \"暂无下级成员\" 改为 \"暂无团队成员\"\n- 自助申请授权: 隐藏团队链占用区域提示\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(dir /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(reward-service\\): 权益分配memo显示触发用户ID\n\n所有权益类型的memo现在统一显示\"来自用户xxx的认种\"格式：\n- 省团队权益：来自用户xxx的认种\n- 省区域权益：来自用户xxx的认种\n- 市团队权益：来自用户xxx的认种\n- 市区域权益：来自用户xxx的认种\n- 社区权益：来自用户xxx的认种\n\n修改前只显示\"xx权益已激活\"，现在与分享权益格式保持一致\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(echo \"请运行以下命令查看 D25122600005 的认种记录：\n\ndocker exec -it rwa-postgres psql -U rwa_user -d rwa_planting -c \"\"\nSELECT order_no, account_sequence, tree_count, status, created_at\nFROM planting_orders\nWHERE account_sequence = ''D25122600005''\nORDER BY created_at DESC;\n\"\"\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): 修复社区权益根据 targetId 正确分配\n\n问题：社区权益\\(COMMUNITY_RIGHT\\)无论 targetId 是什么，都强制分配到\n总部账户 S0000000001，导致社区授权人无法在流水明细中看到社区权益。\n\n修复：\n- 将 allocateToHeadquartersCommunity 方法重命名为 allocateCommunityRight\n- 根据 targetId 判断分配目标：\n  - D 开头（用户账户）: 分配到社区授权人账户\n  - S 开头或 ''1''（系统账户）: 分配到总部社区账户\n- 更新流水备注以区分用户分配和总部分配\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 优化流水明细筛选选项\n\n- 将\"奖励转可结算\"改为\"分享收益\"，更准确描述分享权益\n- 新增\"权益收入\"筛选项\\(SYSTEM_ALLOCATION\\)，用于筛选：\n  - 社区权益\n  - 市/省团队权益\n  - 市/省区域权益\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(chcp 65001)",
+      "Bash(cmd /c \"chcp 65001 && python -c \"\"import openpyxl; import sys; sys.stdout.reconfigure\\(encoding=''utf-8''\\); wb = openpyxl.load_workbook\\(r''c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\榴莲皇后数据.xlsx''\\); print\\(''Sheets:'', wb.sheetnames\\); sheet = wb.active; print\\(''Rows:'', sheet.max_row, ''Cols:'', sheet.max_column\\); [print\\(f''Row {i}:'', row\\) for i, row in enumerate\\(sheet.iter_rows\\(max_row=5, values_only=True\\), 1\\)]\"\"\")",
+      "Bash(node scripts/batch-register.js:*)",
+      "Bash(node batch-register.js:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 隐藏\"我的团队\"功能，需秘密点击解锁\n\n- 默认隐藏\"我的团队\"树形组件\n- 在\"团队种植数\"区域连续点击19次后显示\n- 点击间隔超过1秒自动重置计数器\n- 退出页面后状态自动重置\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nrefactor\\(mobile-app\\): 修改\"我的\"页面文案\n\n- \"直推人数\" → \"引荐\"\n- \"个人种植数\" → \"个人种植树\"\n- \"团队种植数\" → \"团队种植树\"\n- \"直推列表\" → \"引荐列表\"\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nrefactor\\(mobile-app\\): 修改\"我的团队\"文案为\"我的同僚\"\n\n- \"我的团队\" → \"我的同僚\"\n- \"暂无团队成员\" → \"暂无同僚\"\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(npx jest --testPathPattern=\"referral\" --passWithNoTests)",
+      "Bash(npx jest --testPathPattern=\"wallet\" --passWithNoTests)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nrefactor\\(mobile-app\\): 修改\"我的\"页面文案\n\n- \"个人种植树\" → \"本人种植树\"\n- 引荐列表中 \"个人/团队\" → \"本人/同僚\"\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(identity-service\\): 增强钱包生成可靠性，确保100%生成成功\n\n核心改进：\n- 基于数据库扫描代替Redis扫描，防止状态丢失后无法重试\n- 指数退避策略\\(1分钟→60分钟\\)，无时间限制持续重试\n- 分布式锁保护，防止多实例/并发重复触发\n- getWalletStatus API 检测失败状态并自动触发重试\n\n修改内容：\n- RedisService: 添加 tryLock/unlock 分布式锁方法\n- UserAccountRepository: 添加 findUsersWithIncompleteWallets 查询\n- getWalletStatus: 增强状态检测，失败/超时时自动触发重试\n- WalletRetryTask: 完全重写，基于数据库驱动+指数退避\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(xargs ls:*)",
+      "Bash(tree:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(co-managed-wallet\\): 添加分布式多方共管钱包创建功能\n\n## 功能概述\n实现分布式多方共管钱包创建功能，包括 Admin-Web 扩展和 Service-Party 桌面应用。\n\n## 主要变更\n\n### 1. Admin-Web 扩展 \\(前端\\)\n- 新增 CoManagedWalletSection 组件 \\(frontend/admin-web/src/components/features/co-managed-wallet/\\)\n- 在授权管理页面添加共管钱包入口卡片\n- 实现创建钱包向导: 配置 → 邀请 → 生成 → 完成\n- 包含组件: ThresholdConfig, InviteQRCode, ParticipantList, SessionProgress, WalletResult\n\n### 2. Admin-Service 后端 API\n- 新增共管钱包领域实体和枚举 \\(domain/entities/co-managed-wallet.entity.ts\\)\n- 新增 REST 控制器 \\(api/controllers/co-managed-wallet.controller.ts\\)\n- 新增服务层 \\(application/services/co-managed-wallet.service.ts\\)\n- 新增 Prisma 模型: CoManagedWalletSession, CoManagedWallet\n- 更新 app.module.ts 注册新模块\n\n### 3. Session Coordinator 扩展 \\(Go\\)\n- 新增会话类型: SessionTypeCoManagedKeygen \\(\"co_managed_keygen\"\\)\n- 扩展 MPCSession 实体添加 WalletName 和 InviteCode 字段\n- 更新 PostgreSQL 和 Redis 适配器支持新字段\n- 新增数据库迁移: 008_add_co_managed_wallet_fields\n\n### 4. Service-Party 桌面应用 \\(新项目\\)\n- 位置: backend/mpc-system/services/service-party-app/\n- 技术栈: Electron + React + TypeScript + Vite\n- 包含模块:\n  - gRPC 客户端 \\(连接 Message Router\\)\n  - TSS 处理器 \\(子进程方式运行 Go TSS 协议\\)\n  - 本地加密存储 \\(AES-256-GCM\\)\n- 页面: Home, Join, Create, Session, Settings\n\n## 修改的现有文件 \\(便于回滚\\)\n\n1. backend/mpc-system/services/session-coordinator/domain/entities/mpc_session.go\n   - 添加 SessionTypeCoManagedKeygen 常量\n   - 添加 IsKeygen\\(\\) 方法\n   - 添加 WalletName, InviteCode 字段\n   - 更新 ReconstructSession, ToDTO, SessionDTO\n\n2. backend/mpc-system/services/session-coordinator/adapters/output/postgres/session_postgres_repo.go\n   - 更新 SQL 查询包含 wallet_name, invite_code\n   - 更新 Save, FindByUUID, FindByStatus 等方法\n   - 更新 scanSessions, sessionRow\n\n3. backend/mpc-system/services/session-coordinator/adapters/output/redis/session_cache_adapter.go\n   - 更新 sessionCacheEntry 结构\n   - 更新 sessionToCacheEntry, cacheEntryToSession\n\n4. backend/services/admin-service/prisma/schema.prisma\n   - 新增 WalletSessionStatus 枚举\n   - 新增 CoManagedWalletSession, CoManagedWallet 模型\n\n5. backend/services/admin-service/src/app.module.ts\n   - 导入并注册共管钱包相关组件\n\n6. frontend/admin-web/src/app/\\(dashboard\\)/authorization/page.tsx\n   - 导入并添加 CoManagedWalletSection\n\n7. frontend/admin-web/src/infrastructure/api/endpoints.ts\n   - 添加 CO_MANAGED_WALLETS API 端点\n\n## 回滚说明\n\n如需回滚此功能:\n1. 回滚数据库迁移: 运行 008_add_co_managed_wallet_fields.down.sql\n2. 删除新增文件夹:\n   - backend/mpc-system/services/service-party-app/\n   - frontend/admin-web/src/components/features/co-managed-wallet/\n   - backend/services/admin-service/src/**/co-managed-wallet*\n3. 恢复修改的文件到前一个版本\n4. 运行 prisma generate 重新生成 Prisma 客户端\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(go mod tidy:*)",
+      "Bash(protoc:*)",
+      "Bash(backend/services/admin-service/prisma/schema.prisma )",
+      "Bash(backend/services/admin-service/src/app.module.ts )",
+      "Bash(backend/services/admin-service/src/api/controllers/system-maintenance.controller.ts )",
+      "Bash(backend/services/admin-service/src/api/dto/request/system-maintenance.dto.ts )",
+      "Bash(backend/services/admin-service/src/api/dto/response/system-maintenance.dto.ts )",
+      "Bash(backend/services/admin-service/src/api/interceptors/ )",
+      "Bash(backend/services/admin-service/src/domain/entities/system-maintenance.entity.ts )",
+      "Bash(backend/services/admin-service/src/domain/repositories/system-maintenance.repository.ts )",
+      "Bash(backend/services/admin-service/src/infrastructure/persistence/repositories/system-maintenance.repository.impl.ts )",
+      "Bash(frontend/admin-web/src/components/layout/Sidebar/Sidebar.tsx )",
+      "Bash(frontend/admin-web/src/infrastructure/api/endpoints.ts )",
+      "Bash(frontend/admin-web/src/services/maintenanceService.ts )",
+      "Bash(\"frontend/admin-web/src/app/\\(dashboard\\)/maintenance/\" )",
+      "Bash(frontend/mobile-app/lib/app.dart )",
+      "Bash(frontend/mobile-app/lib/core/providers/ )",
+      "Bash(frontend/mobile-app/lib/core/services/maintenance_service.dart )",
+      "Bash(frontend/mobile-app/lib/features/auth/presentation/pages/splash_page.dart)",
+      "Bash(frontend/mobile-app/lib/features/home/presentation/widgets/bottom_nav_bar.dart )",
+      "Bash(frontend/mobile-app/lib/features/notification/presentation/pages/notification_inbox_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/profile/presentation/pages/profile_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/account/presentation/pages/account_switch_page.dart )",
+      "Bash(frontend/mobile-app/lib/features/auth/presentation/providers/auth_provider.dart)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app,admin\\): 添加系统维护功能和通知徽章功能\n\n系统维护功能:\n- 后端: 添加系统维护配置实体、仓库和控制器\n- 后端: 添加维护模式拦截器，返回503状态码\n- admin-web: 添加系统维护管理页面，支持创建/编辑/开关维护配置\n- mobile-app: 添加维护状态检查服务和阻断弹窗\n- mobile-app: 在启动页、向导页集成维护检查\n- mobile-app: 支持App从后台恢复时自动检查维护状态\n\n通知徽章功能:\n- 添加通知徽章Provider，监听登录状态自动刷新\n- 底部导航栏\"我的\"标签显示未读通知红点\n- 进入通知页面自动刷新徽章状态\n- 切换账号、退出登录自动清除徽章\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(co-managed-wallet\\): 修复向后兼容性问题并完善protobuf定义\n\n## 变更概述\n根据用户反馈，将 Session Coordinator 的函数签名改为可选参数模式，\n确保新功能 100% 不影响现有的 keygen/sign 功能。\n\n## 主要变更\n\n### 1. Session Coordinator 向后兼容修复\n- 保留原有 `ReconstructSession` 函数签名不变\n- 新增 `ReconstructSessionOptions` 结构体存放可选参数\n- 新增 `ReconstructSessionWithOptions` 函数支持新字段\n- 原函数内部调用新函数，传入 nil options\n\n### 2. Protobuf 定义更新\n- CreateSessionRequest 新增字段:\n  - wallet_name \\(field 10\\): 钱包名称\n  - invite_code \\(field 11\\): 邀请码\n- SessionInfo 新增字段:\n  - wallet_name \\(field 8\\): 钱包名称\n  - invite_code \\(field 9\\): 邀请码\n- session_type 支持 \"co_managed_keygen\"\n\n### 3. TSS Party 子进程修复\n- 修复 tss.NewPartyID 参数类型错误 \\(big.Int\\)\n- 修复 go.mod 依赖问题 \\(ed25519 replace\\)\n- 删除未使用的变量\n\n### 4. 清理错误生成的文件\n- 删除 api/proto/*.pb.go \\(错误位置\\)\n- 保留 api/grpc/coordinator/v1/*.pb.go \\(正确位置\\)\n\n## 修改的文件\n\n| 文件 | 变更类型 | 说明 |\n|------|---------|------|\n| mpc_session.go | 修改 | 添加 ReconstructSessionWithOptions |\n| session_postgres_repo.go | 修改 | 使用新函数传入 options |\n| session_cache_adapter.go | 修改 | 使用新函数传入 options |\n| session_coordinator.proto | 修改 | 添加 wallet_name, invite_code 字段 |\n| session_coordinator.pb.go | 重新生成 | 包含新 protobuf 字段 |\n| tss-party/main.go | 修复 | NewPartyID 参数和未使用变量 |\n| tss-party/go.mod | 修复 | ed25519 依赖替换 |\n\n## 向后兼容性保证\n\n- 所有现有代码调用 ReconstructSession 无需任何修改\n- 数据库使用 COALESCE 处理 NULL 值\n- Protobuf 新字段使用高序号，不影响现有消息解析\n- **影响现有功能的风险: 0%**\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nchore\\(admin-service\\): 添加系统维护和共管钱包的数据库迁移\n\n添加缺失的 migration 文件，包含:\n- system_maintenances 表 \\(系统维护公告\\)\n- WalletSessionStatus 枚举\n- co_managed_wallet_sessions 表 \\(共管钱包会话\\)\n- co_managed_wallets 表 \\(共管钱包记录\\)\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(admin-service\\): 修复共管钱包 status 类型不匹配问题\n\n使用 Prisma 生成的类型替代手动定义的接口:\n- PrismaCoManagedWalletSession -> @prisma/client\n- PrismaCoManagedWallet -> @prisma/client\n- status 字段使用 PrismaWalletSessionStatus 枚举类型\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\ndocs: 添加 Service Party App 技术文档\n\n添加分布式共管钱包桌面应用的详细技术文档，包括：\n\n- 应用概述和使用场景\n- 目录结构说明\n- 技术架构和技术栈\n- TSS 子进程架构设计\n- IPC 消息格式定义\n- 核心功能说明\n- 编译与运行指南\n- 安全考虑\n- 系统集成说明\n- 未来扩展规划\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(admin-web\\): 修复系统维护\"立即激活\"按钮不显示的问题\n\n- 修复 getStatusTag 函数逻辑，未激活状态使用 ''inactive'' 样式而不是 ''expired''\n- 添加更细化的状态判断：维护中、已过期、已计划、未激活、待激活\n- 添加 inactive 标签样式（橙色背景）\n- 现在未激活的维护计划会正确显示\"立即激活\"按钮\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(migration\\): 使数据库迁移脚本幂等化，支持重复执行\n\n将 008_add_co_managed_wallet_fields.up.sql 改为幂等脚本：\n- 使用 DO $$... IF NOT EXISTS 检查列是否存在再添加\n- 使用 CREATE INDEX IF NOT EXISTS 创建索引\n- 使用 DROP CONSTRAINT IF EXISTS 删除约束\n\n这确保迁移脚本可以安全地多次执行，不会因列/索引已存在而失败。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(service-party-app\\): 添加 Windows 一键编译脚本\n\n添加 build-windows.bat 脚本，支持：\n- 检查 Node.js 和 Go 环境\n- 编译 TSS 子进程 \\(tss-party.exe\\)\n- 安装 npm 依赖\n- 编译 Electron 应用\n\n使用方法: 双击运行 build-windows.bat\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(./node_modules/.bin/tsc:*)",
+      "Bash(npm ls:*)",
+      "Bash(npm run build:win:*)",
+      "Bash(npm run clean:*)",
+      "Bash(git cherry-pick:*)",
+      "Bash(git stash:*)",
+      "Bash(docker compose build:*)",
+      "Bash(git log:*)",
+      "Bash(git tag -a v0.3.0-pre-transfer -m \"$\\(cat <<''EOF''\nPre-transfer development checkpoint\n\nCompleted features:\n- Co-keygen: Multi-party key generation with TSS \\(GG20\\)\n- Service-party-app: Electron desktop application\n  - Create shared wallet \\(keygen initiator\\)\n  - Join wallet creation \\(keygen participant\\)\n  - Wallet management \\(list, export, delete\\)\n  - Kava network switch \\(mainnet/testnet\\)\n  - EVM address derivation and balance display\n\nNot yet implemented:\n- Co-sign: Multi-party transaction signing\n- Transfer functionality\n\nThis tag marks the stable state before transfer feature development.\nEOF\n\\)\")",
+      "Bash(tasklist:*)",
+      "Bash(docker port:*)",
+      "Bash(docker rm:*)",
+      "Bash(netstat:*)",
+      "Bash(start \"\" \"C:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\mpc-system\\\\services\\\\service-party-app\\\\release\\\\win-unpacked\\\\榴莲皇后绿积分共管账户服务.exe\")",
+      "Bash(go test:*)",
+      "Bash(./tss-party.exe sign:*)",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian log --oneline --all)",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian diff --name-only HEAD~5..HEAD)",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian log --all --oneline --grep=\"co-sign\\\\|co-managed\\\\|CoManaged\")",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian show e038f178 --stat)",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian show e114723a --stat)",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian show c457d158 -- backend/mpc-system/services/account/adapters/input/http/account_handler.go)",
+      "Bash(git -C /c/Users/dong/Desktop/rwadurian log --oneline -- backend/mpc-system/services/account/adapters/input/http/account_handler.go)",
+      "Bash(git rev-list:*)",
+      "Bash(dir /d \"C:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(service-party-app\\): implement co-sign multi-party signing\n\nAdd complete co-sign functionality for multi-party transaction signing:\n\nFrontend \\(React\\):\n- CoSignCreate.tsx: Create signing session with share selection\n- CoSignJoin.tsx: Join signing session via invite code\n- CoSignSession.tsx: Monitor signing progress and results\n- Add routes in App.tsx for new pages\n\nBackend \\(Electron\\):\n- main.ts: Add IPC handlers for co-sign operations\n- tss-handler.ts: Add participateSign\\(\\) for TSS signing\n- preload.ts: Expose cosign API to renderer\n- account-client.ts: Add sign session API types\n\nTSS Party \\(Go\\):\n- main.go: Implement ''sign'' command for GG20 signing protocol\n- integration_test.go: Add comprehensive tests for signing flow\n\nInfrastructure:\n- docker-compose.windows.yml: Expose gRPC port 50051\n\nThis is a pure additive change that does not affect existing\npersistent role keygen/sign functionality.\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(service-party-app\\): add transfer functionality with co-sign integration\n\nAdd complete KAVA transfer feature to the wallet home page:\n\nFrontend \\(React\\):\n- Home.tsx: Add transfer modal with address/amount input, transaction\n  confirmation, and co-sign session initiation\n- Home.module.css: Transfer modal styles \\(form, confirm, error states\\)\n- CoSignSession.tsx: Add transaction broadcast after signing completion,\n  with block explorer link\n\nUtils:\n- transaction.ts: EIP-1559 transaction building, RLP encoding, Keccak-256\n  hashing, nonce/gas fetching, transaction broadcast via JSON-RPC\n\nFlow: Wallet -> Transfer Modal -> Prepare TX -> Confirm -> Co-Sign ->\n      Sign Session -> Broadcast -> Block Explorer\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(powershell -Command:*)",
+      "Bash(powershell -Command \"\n$content = Get-Content ''main.ts'' -Raw\n\n# 修改 threshold 部分\n$old1 = @''\n          threshold: {\n            t: activeCoSignSession?.threshold?.t || 0,\n            n: activeCoSignSession?.threshold?.n || 0,\n          },\n''@\n\n$new1 = @''\n          threshold: {\n            // 优先使用 API 返回的阈值，回退到 activeCoSignSession\n            t: result?.threshold_t || activeCoSignSession?.threshold?.t || 0,\n            n: result?.threshold_n || activeCoSignSession?.threshold?.n || 0,\n          },\n''@\n\n$content = $content.Replace\\($old1, $new1\\)\n\n# 修改 participants 部分\n$old2 = ''participants: result?.parties?.map\\(\\(p: { party_id: string; party_index: number }, idx: number\\) => \\({''\n$new2 = ''participants: \\(\\(result as { participants?: Array<{ party_id: string; party_index: number; status: string }> }\\)?.participants || []\\).map\\(\\(p, idx\\) => \\({''\n\n$content = $content.Replace\\($old2, $new2\\)\n\n# 修改 status 部分\n$old3 = \"\"            status: ''ready'',\"\"\n$new3 = \"\"            status: p.status || ''waiting'',\"\"\n\n$content = $content.Replace\\($old3, $new3\\)\n\n# 修改结尾部分\n$old4 = ''          }\\)\\) || [],''\n$new4 = ''          }\\)\\),''\n\n$content = $content.Replace\\($old4, $new4\\)\n\nSet-Content ''main.ts'' -Value $content -NoNewline\nWrite-Output ''Done''\n\")",
+      "Bash(node fix_main.js:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(co-sign\\): add debug logs for auto-join flow in CoSignJoin\n\nAdd console.log statements to trace the auto-join logic:\n- Log loaded shares with sessionId\n- Log auto-select share matching check\n- Log auto-join conditions and share match status\n- Log validateInviteCode results including joinToken\n- Log handleJoinSession parameters\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(co-sign\\): use keygen session threshold_n for TSS signing\n\n- Query keygen session from mpc_sessions table to get correct threshold_n\n- Pass keygenThresholdN to CreateSigningSessionAuto instead of len\\(parties\\)\n- Return parties list and correct threshold values in GetSignSessionByInviteCode\n- This fixes TSS signing failure \"U doesn 't equal T\" caused by mismatched n values\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(Get-Item \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\mpc-system\\\\services\\\\service-party-app\\\\bin\\\\win32-x64\\\\tss-party.exe\")",
+      "Bash(Select-Object Name, LastWriteTime, Length)",
+      "Bash(Get-Item \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\mpc-system\\\\services\\\\service-party-app\\\\release\\\\win-unpacked\\\\resources\\\\bin\\\\tss-party.exe\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(tss\\): use BuildLocalSaveDataSubset for threshold signing with party subsets\n\nWhen signing with fewer parties than keygen \\(e.g., 2-of-3 signing with only 2 parties\\),\nthe TSS-lib requires filtered save data containing only the participating parties.\n\nWithout this fix, signing fails with \"U doesn 't equal T\" error because:\n- Keygen creates save data for all N parties \\(e.g., 3 parties with indices 0, 1, 2\\)\n- Sign uses only T parties \\(e.g., 2 parties with indices 1, 2\\)\n- TSS-lib internal index validation fails due to mismatch\n\nChanges:\n- pkg/tss/signing.go: Use len\\(sortedPartyIDs\\) for partyCount and call BuildLocalSaveDataSubset\n- tss-party/main.go: Add BuildLocalSaveDataSubset call for Electron app\n- tss-wasm/main.go: Add BuildLocalSaveDataSubset call for WASM builds\n\nThis fix is backward compatible - when all parties participate, the subset equals the original data.\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(dir \"c:\\\\Android\")",
+      "Bash(dir \"c:\\\\android-sdk\")",
+      "Bash(dir \"%LOCALAPPDATA%\\\\Android\\\\Sdk\")",
+      "Bash(cmd /c \"echo %LOCALAPPDATA%\")",
+      "Bash(powershell:*)",
+      "Bash(dir \"C:\\\\Users\\\\dong\\\\AppData\\\\Local\\\\Android\\\\Sdk\")",
+      "Bash(dir /b C: 2)",
+      "Bash(gradle --version:*)",
+      "Bash(chmod:*)",
+      "Bash(java -version:*)",
+      "Bash(./gradlew assembleDebug:*)",
+      "Bash(go version:*)",
+      "Bash(export PATH=\"$PATH:/c/Users/dong/go/bin\")",
+      "Bash(gomobile version:*)",
+      "Bash(export ANDROID_HOME=\"/c/Android\")",
+      "Bash(gomobile init:*)",
+      "Bash(go install:*)",
+      "Bash(go get:*)",
+      "Bash(cmd /c \"gradlew.bat assembleDebug --no-daemon 2>&1\")",
+      "Bash(./gradlew.bat assembleDebug:*)",
+      "Bash(wc:*)",
+      "Bash(./gradlew assembleRelease:*)",
+      "Bash(./gradlew clean:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(android\\): add Android TSS Party app with full API implementation\n\nMajor changes:\n- Add complete Android app \\(service-party-android\\) with Jetpack Compose UI\n- Implement real account-service API calls for keygen and sign sessions:\n  - POST /api/v1/co-managed/sessions \\(create keygen session\\)\n  - GET /api/v1/co-managed/sessions/by-invite-code/{code} \\(validate invite\\)\n  - POST /api/v1/co-managed/sessions/{id}/join \\(join keygen session\\)\n  - POST /api/v1/co-managed/sign \\(create sign session\\)\n  - GET /api/v1/co-managed/sign/by-invite-code/{code} \\(validate sign invite\\)\n  - POST /api/v1/co-managed/sign/{id}/join \\(join sign session\\)\n- Add QR code generation and scanning for session invites\n- Remove password requirement \\(use empty string\\)\n- Add floating action button for wallet creation\n- Add network type aware explorer links \\(mainnet/testnet\\)\n\nNetwork configuration:\n- Change default network to Kava mainnet for both Electron and Android apps\n- Electron: main.ts, transaction.ts, Settings.tsx, Layout.tsx\n- Android: Models.kt \\(NetworkType.MAINNET default\\)\n\nFeatures:\n- Full TSS keygen and sign protocol via gomobile bindings\n- gRPC message routing for multi-party communication\n- Cross-platform compatibility with service-party-app \\(Electron\\)\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(cmd /c \"build-apk.bat help\")",
+      "Bash(go clean:*)",
+      "Bash(gomobile bind:*)",
+      "Bash(GOPROXY=https://proxy.golang.org,direct go get:*)",
+      "Bash(go mod download:*)",
+      "Bash(go env:*)",
+      "Bash(cmd /c \"set GOFLAGS=-mod=mod && go get golang.org/x/mobile/bind && go mod tidy && gomobile bind -v -target=android -androidapi 21 -o ..\\\\app\\\\libs\\\\tsslib.aar .\")",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" download)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" version)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" install golang.org/x/mobile/cmd/gomobile@latest)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" install golang.org/x/mobile/cmd/gobind@latest)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" install golang.org/x/mobile/cmd/gomobile@v0.0.0-20250807114141-395d808d53cd)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" install golang.org/x/mobile/cmd/gomobile@v0.0.0-20250808145247-395d808d53cd)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" install golang.org/x/mobile/cmd/gomobile@c31d5b91ecc32c0d598b8fe8457d244ca0b4e815)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" install golang.org/x/mobile/cmd/gobind@c31d5b91ecc32c0d598b8fe8457d244ca0b4e815)",
+      "Bash(\"/c/Users/dong/go/bin/go1.22.10.exe\" mod tidy)",
+      "Bash(adb devices:*)",
+      "Bash(adb logcat:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(android\\): add 5-minute polling timeout mechanism for keygen/sign\n\nImplements Electron''s checkAndTriggerKeygen\\(\\) polling fallback:\n- Adds polling every 2 seconds with 5-minute timeout\n- Triggers keygen/sign via synthetic session_started event on in_progress status\n- Handles gRPC stream disconnection when app goes to background\n- Shows timeout error in UI via existing error mechanism\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(go list:*)",
+      "Bash(adb install:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(tss\\): add real-time round progress from msg.Type\\(\\) parsing\n\nExtract current round number from tss-lib message type string using\nregex pattern `Round\\(\\\\d+\\)`. This enables real-time progress updates\n\\(1/4, 2/4... for keygen, 1/9, 2/9... for signing\\) instead of only\nshowing completion status.\n\nChanges across all three platforms:\n- tss-wasm/main.go: Add extractRoundFromMessageType\\(\\) and call\n  OnProgress with parsed round on each outgoing message\n- service-party-android/tsslib/tsslib.go: Same implementation for\n  Android gomobile binding\n- service-party-app/tss-party/main.go: Same implementation for\n  Electron subprocess, with isKeygen parameter to distinguish\n  keygen \\(4 rounds\\) vs signing \\(9 rounds\\)\n\nSafe fallback: Returns 0 if parsing fails, which doesn''t affect\nprotocol execution - only UI display.\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(node --input-type=module -e:*)",
+      "Bash(npx solc:*)",
+      "Bash(node /c/Users/dong/Desktop/rwadurian/contracts/deploy.mjs:*)",
+      "Bash(npm init:*)",
+      "Bash(node deploy.mjs:*)",
+      "Bash(npx solcjs@0.8.19:*)",
+      "Bash(node compile.mjs:*)",
+      "Bash(node verify-sig.mjs:*)",
+      "Bash(node deploy-ethers.mjs:*)",
+      "Bash(node transfer-all.mjs:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(android\\): add share export and import functionality\n\nAdd ability to backup wallet shares to files and restore from backups:\n\n- Add ShareBackup data class in Models.kt for backup format\n- Add exportShareBackup\\(\\) and importShareBackup\\(\\) in TssRepository\n- Add export/import state and methods in MainViewModel\n- Add file picker integration in MainActivity using ActivityResultContracts\n- Add import FAB button in WalletsScreen\n- Export saves as .tss-backup file with address and timestamp in filename\n- Import validates backup format and checks for duplicate wallets\n\nThe backup file contains all necessary data to restore a wallet share:\nsessionId, publicKey, encryptedShare, threshold, partyIndex, address.\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(dir /s /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\identity-service\\\\src\\\\api\\\\controllers\\\\*.ts\")",
+      "Bash(dir /s /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\identity-service\\\\src\\\\infrastructure\\\\persistence\\\\repositories\\\\*.ts\")",
+      "Bash(head:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(pending-actions\\): add user pending actions system\n\nAdd a fully optional pending actions system that allows admins to configure\nspecific tasks that users must complete after login.\n\nBackend \\(identity-service\\):\n- Add UserPendingAction model to Prisma schema\n- Add migration for user_pending_actions table\n- Add PendingActionService with full CRUD operations\n- Add user-facing API \\(GET list, POST complete\\)\n- Add admin API \\(CRUD, batch create\\)\n\nAdmin Web:\n- Add pending actions management page\n- Support single/batch create, edit, cancel, delete\n- View action details including completion time\n- Filter by userId, actionCode, status\n\nFlutter Mobile App:\n- Add PendingActionService and PendingActionCheckService\n- Add PendingActionsPage for forced task execution\n- Integrate into splash_page login flow\n- Users must complete all pending tasks in priority order\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(npm run type-check:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(settlement\\): implement settle-to-balance with detailed source tracking\n\nAdd complete settlement-to-balance feature that transfers settleable\nearnings directly to wallet USDT balance \\(no currency swap\\). Key changes:\n\nBackend \\(wallet-service\\):\n- Add SettleToBalanceCommand for settlement operations\n- Add settleToBalance method to WalletAccountAggregate\n- Add settleToBalance application service with ledger recording\n- Add internal API endpoint POST /api/v1/wallets/settle-to-balance\n\nBackend \\(reward-service\\):\n- Add settleToBalance client method for wallet-service communication\n- Add settleRewardsToBalance application service method\n- Add user-facing API endpoint POST /rewards/settle-to-balance\n- Build detailed settlement memo with source user tracking per reward\n\nFrontend \\(mobile-app\\):\n- Add SettleToBalanceResult model class\n- Add settleToBalance\\(\\) method to RewardService\n- Update pending_actions_page to handle SETTLE_REWARDS action\n- Add completion detection via settleableUsdt balance check\n\nSettlement memo now includes detailed breakdown by right type with\nsource user accountSequence for each reward entry, e.g.:\n  结算 1000.00 绿积分到钱包余额\n  涉及 5 笔奖励\n    - SHARE_RIGHT: 500.00 绿积分\n        来自 D2512120001: 288.00 绿积分\n        来自 D2512120002: 212.00 绿积分\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(withdrawal\\): implement fiat withdrawal with bank/alipay/wechat\n\nAdd complete fiat withdrawal feature that allows users to withdraw\ngreen credits \\(绿积分\\) to their bank card, Alipay, or WeChat account\nwith 1:1 CNY conversion. Key changes:\n\nBackend \\(wallet-service\\):\n- Update Prisma schema with fiat withdrawal fields \\(paymentMethod,\n  bankName, bankCardNo, cardHolderName, alipay*, wechat*, review fields\\)\n- Rewrite withdrawal status enum for fiat flow: PENDING → FROZEN →\n  REVIEWING → APPROVED → PAYING → COMPLETED \\(or REJECTED/FAILED\\)\n- Add PaymentMethod enum: BANK_CARD, ALIPAY, WECHAT\n- Update WithdrawalOrderAggregate with new fiat withdrawal methods\n- Add review/payment workflow methods in WalletApplicationService\n- Add internal API endpoints for admin withdrawal management\n- Remove blockchain withdrawal event handler \\(no longer needed\\)\n\nFrontend \\(admin-web\\):\n- Add withdrawal review management page at /withdrawals\n- Add tabs for reviewing/approved/paying order states\n- Add withdrawal service and React Query hooks\n- Add types for withdrawal orders and payment methods\n- Add sidebar menu item for withdrawal review\n\nFrontend \\(mobile-app\\):\n- Add withdrawFiat\\(\\) method to WalletService\n- Add PaymentMethod enum with BANK_CARD/ALIPAY/WECHAT\n- Create new WithdrawFiatPage for fiat withdrawal input\n- Create WithdrawFiatConfirmPage with SMS + password verification\n- Add routes for /withdraw/fiat and /withdraw/fiat/confirm\n- Keep existing withdraw/usdt \\(划转\\) pages unchanged\n\nNote: The existing withdraw_usdt_page.dart is for point-to-point\ntransfer \\(划转\\), which is a different feature from fiat withdrawal.\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git grep:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(fiat-withdrawal\\): add complete fiat withdrawal system\n\n实现完整的法币提现功能，支持银行卡、支付宝、微信三种收款方式。\n此功能与现有的区块链划转功能完全独立，互不影响。\n\n## 后端 \\(wallet-service\\)\n\n### 数据库\n- 新增 `fiat_withdrawal_orders` 表存储法币提现订单\n- 与现有 `withdrawal_orders` 表\\(区块链划转\\)完全分离\n- 添加完整索引支持高效查询\n\n### 领域层\n- 新增 `FiatWithdrawalStatus` 枚举（与 WithdrawalStatus 独立）\n  - 流程: PENDING -> FROZEN -> REVIEWING -> APPROVED -> PAYING -> COMPLETED\n  - 或 REJECTED / FAILED / CANCELLED\n- 新增 `PaymentMethod` 枚举: BANK_CARD / ALIPAY / WECHAT\n- 新增 `FiatWithdrawalOrder` 聚合根\n- 新增 `IFiatWithdrawalOrderRepository` 仓储接口\n- 新增 `FIAT_WITHDRAWAL` 账本流水类型\n\n### 应用层\n- 新增 `FiatWithdrawalApplicationService` 处理业务逻辑\n  - 发送短信验证码\n  - 申请法币提现（冻结余额）\n  - 提交审核\n  - 审核通过/驳回\n  - 开始打款\n  - 完成打款\n\n### API层\n- 新增 `FiatWithdrawalController` 提供用户端API\n  - POST /wallet/fiat-withdrawal/send-sms - 发送验证码\n  - POST /wallet/fiat-withdrawal - 申请提现\n  - GET /wallet/fiat-withdrawal - 获取提现记录\n- 新增内部API供管理端调用\n  - GET /api/v1/wallets/fiat-withdrawals - 查询订单\n  - POST /api/v1/wallets/fiat-withdrawals/:orderNo/review - 审核\n  - POST /api/v1/wallets/fiat-withdrawals/:orderNo/start-payment - 开始打款\n  - POST /api/v1/wallets/fiat-withdrawals/:orderNo/complete-payment - 完成打款\n\n## 前端 \\(admin-web\\)\n\n- 新增法币提现审核管理页面 `/withdrawals`\n- 支持按状态分 Tab 查看订单\n- 支持审核通过/驳回\n- 支持打款操作\n- 支持查看订单详情\n\n## 前端 \\(mobile-app\\)\n\n- 新增 `WithdrawFiatPage` 法币提现页面\n  - 支持选择银行卡/支付宝/微信\n  - 输入收款账户信息\n- 新增 `WithdrawFiatConfirmPage` 确认页面\n  - 短信验证码验证\n  - 密码验证\n- 在 `WalletService` 中添加法币提现相关方法和模型\n\n## 重要说明\n\n此功能与现有的区块链划转功能 \\(withdraw_usdt_page.dart\\) 完全独立：\n- 独立的数据库表\n- 独立的聚合根\n- 独立的状态枚举\n- 独立的API端点\n- 独立的前端页面\n\n原有的区块链划转功能保持不变，不受任何影响。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(pending-actions\\): add special deduction feature for admin-created user actions\n\n实现特殊扣减功能，允许管理员为用户创建扣减待办操作，由用户在移动端确认执行。\n\n## 后端 \\(wallet-service\\)\n\n### 领域层\n- 新增 `SPECIAL_DEDUCTION` 到 LedgerEntryType 枚举\n  用于记录特殊扣减的账本流水类型\n\n### 应用层\n- 新增 `executeSpecialDeduction` 方法\n  - 验证用户钱包存在性\n  - 检查余额是否充足\n  - 乐观锁控制并发\n  - 扣减余额并记录账本流水\n  - 返回操作结果和新余额\n\n### API层\n- 新增内部API: POST /api/v1/wallets/special-deduction/execute\n  供移动端调用执行特殊扣减操作\n\n## 前端 \\(admin-web\\)\n\n### 类型定义\n- 新增 `SPECIAL_DEDUCTION` 到 ACTION_CODES\n- 新增 `SpecialDeductionParams` 接口定义扣减参数\n  - amount: 扣减金额\n  - reason: 扣减原因\n\n### 页面\n- 更新待办操作管理页面\n  - 当选择 SPECIAL_DEDUCTION 时显示扣减金额和原因输入框\n  - 验证扣减金额必须大于0\n  - 验证扣减原因不能为空\n\n### 样式\n- 新增特殊扣减表单区域样式\n\n## 前端 \\(mobile-app\\)\n\n### 服务层\n- 新增 `executeSpecialDeduction` 方法到 WalletService\n- 新增 `SpecialDeductionResult` 结果类\n- 新增 `specialDeduction` 到 PendingActionCode 枚举\n\n### 页面\n- 新增 `SpecialDeductionPage` 特殊扣减确认页面\n  - 显示扣减金额和管理员备注\n  - 显示当前余额和扣减后余额\n  - 余额不足时禁用确认按钮\n  - 温馨提示说明操作性质\n\n- 更新 `PendingActionsPage`\n  - 处理 SPECIAL_DEDUCTION 类型的待办操作\n  - 从 actionParams 解析 amount 和 reason\n  - 导航到特殊扣减确认页面\n\n## 工作流程\n\n1. 管理员在 admin-web 创建 SPECIAL_DEDUCTION 待办操作\n   - 选择目标用户\n   - 输入扣减金额\n   - 输入扣减原因\n\n2. 用户在 mobile-app 待办操作列表看到该操作\n\n3. 用户点击后进入特殊扣减确认页面\n   - 查看扣减详情\n   - 确认余额充足\n   - 点击确认执行扣减\n\n4. 后端执行扣减并记录账本流水\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git check-ignore:*)",
+      "Bash(git hash-object:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(planting\\): draw signature directly on page instead of using form field\n\nThe PDF signature field is only 92x51 points, which causes signatures to\nappear too small or invisible. Changed to use drawImage\\(\\) directly on\nthe page at the field''s position with a larger size \\(150x80 max\\).\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(pnpm exec tsc:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): add offline settlement deduction feature\n\nAdd new functionality for admins to automatically deduct all settled\nearnings when creating special deductions with amount=0, marking\neach record to prevent duplicate deductions.\n\n- Add OfflineSettlementDeduction model to track deducted records\n- Add API endpoints for querying unprocessed settlements and executing batch deduction\n- Add mode selection UI in admin-web pending-actions\n- Add offline settlement card display in mobile-app special deduction page\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): convert BigInt to string for JSON serialization in getUnprocessedSettlements\n\nThe entry.id field is BigInt type from Prisma which cannot be JSON serialized directly.\nConvert to string for API response and back to BigInt when storing to database.\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): improve empty state display for offline settlement deduction\n\nWhen there are no settlement records to deduct, show a more informative message:\n- If user has balance from deposits/transfers: explain it''s not from earnings\n- If user has no balance: explain there are no settlement records\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(xargs:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet/blockchain\\): 热钱包余额预检查及接收方钱包自动创建\n\n1. blockchain-service: 新增热钱包 dUSDT 余额定时更新调度器\n   - 每 5 秒查询热钱包在 KAVA 链上的 dUSDT 余额\n   - 更新到 Redis DB 0，key 格式: hot_wallet:dusdt_balance:{chainType}\n   - TTL 30 秒，服务故障时缓存自动过期\n\n2. wallet-service: 新增热钱包余额缓存服务\n   - 从 Redis DB 0 读取热钱包余额缓存\n   - 严格模式：无法获取余额或余额不足时拒绝转账\n   - 提示信息：\"财务系统审计中，请稍后再试\"\n\n3. wallet-service: 转账确认时自动创建接收方钱包\n   - 解决接收方钱包不存在导致入账失败的问题\n   - 使用 upsert 避免并发创建冲突\n   - 在同一事务中完成创建和入账\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): 添加内部转账入账修复脚本\n\n新增一次性修复脚本用于补录因接收方钱包未创建导致入账失败的内部转账。\n\n脚本特性：\n- DRY_RUN 模式：默认只检查不执行，需手动改为 false 才真正修复\n- 完整验证：订单状态、类型、接收方信息、txHash\n- 幂等性检查：确认接收方没有 TRANSFER_IN 流水\n- 转出方验证：确认转出方有 TRANSFER_OUT 流水（已扣款）\n- 乐观锁：使用 version 字段防止并发修改\n- 审计追踪：payloadJson.dataFix=true 标记修复操作\n- 详细日志：每步操作都有时间戳和日志级别\n\n使用方法：\n1. 在 wallet-service 容器内执行 DRY_RUN 检查\n2. 确认无误后将 DRY_RUN 改为 false 再次执行\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 添加待办操作轮询机制\n\n解决老版本 App 升级后不重启导致无法激活待办事项的问题。\n\n- 新增 PendingActionPollingService 定时轮询服务（每4秒检查）\n- App启动时无待办则启动轮询，有待办则直接进入待办页面\n- 轮询检测到待办后自动停止并跳转，防止重入问题\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 用户资料页添加\"同伴认种\"标题和快捷标签\n\n- 在统计卡片上方添加\"同伴认种\"标题（紫色）\n- 在统计卡片下方添加\"引荐\"、\"同伴\"、\"本人\"快捷标签\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 用户资料页术语修改\n\n- 直推 → 引荐\n- 伞下 → 同伴\n- 个人认种 → 本人认种\n- 团队认种 → 同伴认种\n- 推荐人 → 引荐人\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 已结算数据改为从流水统计API获取\n\n- 从 wallet-service 的 getLedgerStatistics\\(\\) 获取 REWARD_SETTLED 类型的总金额\n- 与流水明细中的结算记录统计来自同一数据源，确保数据一致性\n- 添加调试日志对比 summary 和流水统计的数据\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(authorization\\): 火柴人排名过滤已撤销授权的考核记录\n\n- findRankingsByMonthAndRegion 和 findRankingsByMonthAndRoleType 增加过滤条件\n- 排除 authorization.status = ''REVOKED'' 的记录\n- 解决同一用户因有多条授权记录（含已撤销）而重复显示的问题\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(reward-service\\): 修复 WalletServiceClient 未正确解析 wallet-service 响应格式的 Bug\n\n问题原因:\nwallet-service 使用全局 TransformInterceptor 拦截器，会将所有响应包装成:\n{ success: true, data: { success: boolean, ... }, timestamp: \"...\" }\n\n原代码直接读取外层的 success 字段（始终为 true），导致即使业务失败\n（内层 data.success = false）也被误判为成功。\n\n具体案例:\n用户 D25122700024 点击结算时，wallet-service 因余额不足返回:\n{ success: true, data: { success: false, error: \"Insufficient...\" }, ... }\nreward-service 误读为成功，导致奖励被标记为 SETTLED 但钱包余额未变更。\n\n修复内容:\n1. settleToBalance: 解析 response_data.data 获取真实业务结果\n2. confirmPlantingDeduction: 同上\n3. allocateFunds: 同上\n\n所有方法现在会:\n- 使用 response_data.data || response_data 兼容包装和非包装格式\n- 严格检查 data.success !== true 来判断业务是否成功\n- 失败时记录详细错误日志\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): 统一奖励分配到 settleable_usdt，与 reward-service 保持一致\n\n问题原因:\nwallet-service 对不同类型奖励的分配方式不一致:\n- SHARE_RIGHT: 正确使用 addSettleableReward\\(\\) → settleable_usdt\n- CITY_TEAM_RIGHT/COMMUNITY_RIGHT: 错误使用 addAvailableBalance\\(\\) → usdt_available\n\n这导致 reward-service 记录的 SETTLEABLE 奖励总额与 wallet-service 的\nsettleable_usdt 字段不匹配。用户 D25122700024 的案例中:\n- reward-service: 3条奖励共 4464 USDT \\(SHARE_RIGHT 3600 + CITY_TEAM_RIGHT 288 + COMMUNITY_RIGHT 576\\)\n- wallet-service: settleable_usdt = 3600 \\(仅 SHARE_RIGHT\\)\n差额 864 USDT 被错误地放入了 usdt_available\n\n修复内容:\n1. allocateCommunityRight: 改用 addSettleableReward\\(\\) 替代 addAvailableBalance\\(\\)\n2. allocateToRegionAccount: 改用 addSettleableReward\\(\\) 替代 addAvailableBalance\\(\\)\n3. 流水类型统一使用 REWARD_TO_SETTLEABLE 替代 SYSTEM_ALLOCATION\n4. 日志和备注更新以反映新的分配方式\n\n设计原则:\n- reward-service 是奖励的权威来源\n- wallet-service 应跟随 reward-service 的设计\n- 所有奖励都应进入 settleable_usdt，用户主动结算后才转入 usdt_available\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ls \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\reward-service\\\\prisma\"\" 2>/dev/null || dir \"c:UsersdongDesktoprwadurianbackendservicesreward-serviceprisma\"\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): 修复 settleToBalance 方法缺少事务保护的严重 Bug\n\n问题原因:\nsettleToBalance 方法先执行 wallet.save\\(\\) 更新账户余额，再执行\nledgerRepo.save\\(\\) 写入流水记录。两个操作不在同一个事务中。\n\n当流水写入失败时（如 memo 字段超过 VarChar\\(500\\) 限制），账户余额\n已经被修改，但流水记录未写入，导致数据不一致。\n\n具体案例:\n用户 D25122700023 点击结算时，memo 内容超长（66笔奖励详情），\nwallet-service 先把 settleable_usdt 转入 usdt_available，然后\n写流水失败。账户余额被改但没有对应流水。\n\n修复内容:\n1. settleToBalance: 使用 prisma.$transaction 确保原子性\n   - 账户余额更新和流水记录在同一事务中\n   - 任一操作失败整个事务回滚\n2. schema: memo 字段从 VarChar\\(500\\) 改为 Text 类型，无长度限制\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): 实现 Unit of Work 模式保证 settleToBalance 事务原子性\n\n- 新增 UnitOfWork 接口和实现，使用 Prisma Interactive Transaction\n- 修改 IWalletAccountRepository 和 ILedgerEntryRepository 接口支持可选事务参数\n- 修改仓库实现，支持在事务中执行数据库操作\n- 修改 settleToBalance 方法使用 UnitOfWork，确保钱包更新和流水记录原子性\n- 注册 UnitOfWorkService 到 InfrastructureModule\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ls -la \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\wallet-service\\\\prisma\\\\migrations\"\" 2>/dev/null || dir \"c:UsersdongDesktoprwadurianbackendserviceswallet-serviceprismamigrations \")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-web\\): 添加系统账户收益类型汇总统计功能\n\n在数据统计-系统账户中新增5个统计Tab：\n- 手续费账户汇总：统计成本费、运营费、总部社区基础费、RWAD底池注入\n- 省团队收益汇总：统计省团队权益收益\n- 市团队收益汇总：统计市团队权益收益\n- 分享引荐收益汇总：统计分享权益收益\n- 社区收益汇总：统计社区权益收益\n\n后端变更：\n- reward-service: 添加 getRewardsSummaryByType、getAllRewardTypeSummaries 方法\n- reporting-service: 聚合收益类型汇总统计接口\n\n前端变更：\n- 添加 RewardTypeSummary、FeeAccountSummary 类型定义\n- 添加 getRewardTypeSummaries API 方法\n- 添加 FeeAccountSection、RewardTypeSummarySection 组件\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): 实现手续费归集账户功能\n\n- 新增系统账户 S0000000006 \\(user_id=-6\\) 用于归集提现手续费\n- 新增 FEE_COLLECTION 流水类型记录手续费归集\n- 区块链提现完成时使用 UnitOfWork 事务归集手续费\n- 法币提现完成时在事务中归集手续费\n- WithdrawalOrderRepository 添加事务支持\n- 所有手续费归集操作使用乐观锁保护\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(backend/services/blockchain-service/src/application/application.module.ts )",
+      "Bash(backend/services/blockchain-service/src/application/event-handlers/system-withdrawal-requested.handler.ts )",
+      "Bash(backend/services/blockchain-service/src/infrastructure/kafka/withdrawal-event-consumer.service.ts )",
+      "Bash(backend/services/wallet-service/src/api/api.module.ts )",
+      "Bash(backend/services/wallet-service/src/api/controllers/index.ts )",
+      "Bash(backend/services/wallet-service/src/api/controllers/system-withdrawal.controller.ts )",
+      "Bash(backend/services/wallet-service/src/application/services/index.ts )",
+      "Bash(backend/services/wallet-service/src/application/services/system-withdrawal-application.service.ts )",
+      "Bash(backend/services/wallet-service/src/application/event-handlers/system-withdrawal-status.handler.ts )",
+      "Bash(backend/services/wallet-service/src/infrastructure/external/identity/identity-client.service.ts )",
+      "Bash(backend/services/wallet-service/src/infrastructure/kafka/withdrawal-event-consumer.service.ts)",
+      "Bash(backend/services/planting-service/src/api/controllers/planting-stats.controller.ts )",
+      "Bash(backend/services/planting-service/src/api/dto/response/planting-stats.response.ts )",
+      "Bash(backend/services/planting-service/src/domain/repositories/planting-order.repository.interface.ts )",
+      "Bash(backend/services/planting-service/src/infrastructure/persistence/repositories/planting-order.repository.impl.ts )",
+      "Bash(frontend/admin-web/src/app/\\\\\\(dashboard\\\\\\)/statistics/page.tsx )",
+      "Bash(frontend/admin-web/src/app/\\\\\\(dashboard\\\\\\)/statistics/statistics.module.scss )",
+      "Bash(frontend/admin-web/src/services/dashboardService.ts )",
+      "Bash(frontend/admin-web/src/types/dashboard.types.ts)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet/blockchain/identity\\): implement system account withdrawal feature\n\n- Add SystemWithdrawalApplicationService to handle system account transfers\n- Add SystemWithdrawalController with endpoints for request, query, and account listing\n- Add SystemWithdrawalStatusHandler to process blockchain confirmation/failure events\n- Add SystemWithdrawalRequestedHandler in blockchain-service to execute ERC20 transfers\n- Add getUserByAccountSequence endpoint in identity-service for user lookup\n- Support dynamic memo generation based on actual source account name\n- Dual-sided ledger entries for system account transfers\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(frontend/admin-web/src/hooks/index.ts )",
+      "Bash(frontend/admin-web/src/hooks/useSystemWithdrawal.ts )",
+      "Bash(frontend/admin-web/src/services/systemWithdrawalService.ts )",
+      "Bash(frontend/admin-web/src/types/system-withdrawal.types.ts )",
+      "Bash(\"frontend/admin-web/src/app/\\(dashboard\\)/system-transfer/\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-web\\): add system account transfer management page\n\n- Add system-transfer page with transfer form and order history\n- Add SystemWithdrawalService for API calls\n- Add useSystemWithdrawal hooks for React Query integration\n- Add system-withdrawal types definitions\n- Add navigation menu item for system transfer\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(PGPASSWORD=rwa_dev_password psql:*)",
+      "Bash(where psql:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(reporting-service\\): 修复面对面结算数据解包问题\n\nwallet-service 返回 { success, data, timestamp } 包装格式，\ngetOfflineSettlementSummary 需要用 response.data.data 解包才能获取真正的数据。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet/reporting\\): 修复手续费归集统计 API 的数据库表名和响应解包问题\n\n- wallet-service: 修复 getFeeCollectionSummary 中原生 SQL 使用错误表名\n  - 将 ledger_entries 改为 wallet_ledger_entries（Prisma 映射表名）\n- reporting-service: 修复 getFeeCollectionSummary/Entries 响应解包\n  - wallet-service 返回 { success, data, timestamp } 格式需要解包 data\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): 添加手续费归集统计的历史数据兼容\n\n当 FEE_COLLECTION 流水为空时，自动从提现订单表查询历史手续费：\n- getFeeCollectionSummary: 从 withdrawal_orders 和 fiat_withdrawal_orders 聚合统计\n- getFeeCollectionEntries: 从两个订单表查询明细列表，支持分页和类型筛选\n- 按月统计使用 UNION ALL 合并两种提现订单数据\n- 明细记录添加备注说明区分来源（区块链/法币）\n\n回滚方式：删除 fallback 代码块和两个私有方法\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(dir /s /b *.yml)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 添加联系客服功能\n\n在个人中心设置菜单中添加\"联系客服\"入口，点击后显示弹窗，\n用户可以查看客服的QQ号和微信号，并支持一键复制到剪贴板。\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service, admin-web\\): 修复系统账户划转金额类型问题\n\n- wallet-service: 支持 amount 为字符串或数字类型，添加类型转换\n- admin-web: 改进错误处理，正确提取 Axios 错误消息\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mobile-app\\): 更新客服联系方式\n\n- 客服微信1: liulianhuanghou1\n- 客服微信2: liulianhuanghou2\n- 客服QQ1: 1502109619\n- 客服QQ2: 2171447109\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): 添加运营1和积分股池到系统划转账户列表\n\n- 添加 S0000000002 \\(运营1\\) 和 S0000000004 \\(积分股池\\) 到允许转出白名单\n- 更新系统账户名称映射与前端保持一致\n- 为 S0000000006 手续费归集账户添加兼容逻辑，当余额为0时从提现订单表统计历史手续费\n- 优化过期奖励处理，按分配类型分别记录流水便于明细查看\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(wallet-service\\): 修复系统账户余额统计不一致问题\n\n- 账户余额改为 usdtAvailable + settleableUsdt，与累计收入统计保持一致\n- 解决社区权益进入 settleableUsdt 导致的余额与累计收入不匹配问题\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(npx eslint:*)",
+      "Bash(backend/services/admin-service/src/infrastructure/kafka/cdc-consumer.service.ts )",
+      "Bash(backend/services/admin-service/src/infrastructure/kafka/index.ts )",
+      "Bash(backend/services/admin-service/src/infrastructure/kafka/kafka.module.ts )",
+      "Bash(backend/services/deploy.sh )",
+      "Bash(backend/services/docker-compose.yml )",
+      "Bash(backend/services/scripts/init-databases.sh )",
+      "Bash(backend/services/scripts/debezium/)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-service\\): 实现 Debezium CDC 数据同步\n\n- 新增 CdcConsumerService 消费 PostgreSQL WAL 变更事件\n- 配置 Debezium Connect 服务和 PostgreSQL 逻辑复制\n- 更新 deploy.sh 支持 Debezium 启动和连接器管理\n- 新增 identity-postgres-connector 配置同步 user_accounts 表\n- 保留原有 Outbox 机制用于业务领域事件\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(referral-service\\): 修复 Kafka 消费异常被吞掉的问题\n\n- kafka.service.ts: 抛出异常让 KafkaJS 触发重试\n- user-registered.handler.ts: 传播异常到 KafkaService\n\n修复前处理失败的消息不会重试，导致推荐关系可能丢失\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(leaderboard-service\\): 修复健康检查 API 路径\n\n将 Dockerfile 和 docker-compose.yml 中的健康检查路径从\n/api/health 修改为 /api/v1/health，与实际 API 路由保持一致\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(backend/services/admin-service/prisma/migrations/20250107100000_add_referral_query_view/ )",
+      "Bash(backend/services/admin-service/src/infrastructure/kafka/referral-cdc-consumer.service.ts )",
+      "Bash(backend/services/scripts/debezium/referral-connector.json)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-service\\): 添加 referral-service CDC 数据同步\n\n- 新增 ReferralQueryView schema 和 migration\n- 新增 ReferralCdcConsumerService 消费推荐关系变更\n- 配置 referral-postgres-connector 用于 Debezium CDC\n- 更新 deploy.sh 自动注册 referral connector\n- 更新 init-databases.sh 配置 rwa_referral 逻辑复制权限\n\nCDC 同步的字段：\n- user_id, account_sequence, referrer_id\n- my_referral_code, used_referral_code\n- ancestor_path, depth\n- direct_referral_count, active_direct_count\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(admin-service\\): 添加 CDC 分类账流水同步\n\n新增 wallet/planting/authorization 服务的 CDC 数据同步：\n\n状态表同步:\n- WalletAccountQueryView: 钱包账户余额状态\n- WithdrawalOrderQueryView: 提现订单状态\n- FiatWithdrawalOrderQueryView: 法币提现订单\n- PlantingOrderQueryView: 认种订单状态\n- PlantingPositionQueryView: 持仓状态\n- ContractSigningTaskQueryView: 合同签约任务\n- AuthorizationRoleQueryView: 授权角色\n- MonthlyAssessmentQueryView: 月度考核\n- SystemAccountQueryView: 系统账户余额\n\n分类账流水同步:\n- WalletLedgerEntryView: 钱包流水分类账\n- FundAllocationView: 认种资金分配记录\n- SystemAccountLedgerView: 系统账户流水\n\n其他:\n- Debezium Connect 端口改为 8084 避免冲突\n- 更新连接器配置添加流水表\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash($env:DATABASE_URL=\"postgresql://test:test@localhost:5432/test\")",
+      "Bash(DATABASE_URL=\"postgresql://test:test@localhost:5432/test\" npx prisma validate:*)",
+      "Bash(DATABASE_URL=\"postgresql://test:test@localhost:5432/test\" npx prisma format:*)",
+      "Bash(timeout 60 npx tsc:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(wallet-service\\): 三层保护机制确保内部转账接收方钱包存在\n\n新增三层保护机制：\n1. 用户注册时：监听 identity.UserAccountCreated 事件自动创建钱包\n2. 发起转账时：检测内部转账后调用 ensureWalletExists\\(\\) 预创建钱包\n3. 链上确认时：原有 upsert 逻辑兜底（保持不变）\n\n新增文件：\n- identity-event-consumer.service.ts: 消费 identity 用户注册事件\n- user-account-created.handler.ts: 处理用户注册事件创建钱包\n\n新增 API：\n- POST /wallets/ensure-wallet: 确保单个钱包存在\n- POST /wallets/ensure-wallets: 批量确保钱包存在\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add -A)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(planting-service\\): 修复合同PDF签署日期显示为UTC时间的问题\n\n合同生成时使用 new Date\\(\\).toISOString\\(\\).split\\(''T''\\)[0] 获取日期，\n该方法返回UTC时间，导致北京时间凌晨签署的合同显示为前一天日期。\n\n修复方案：新增 getBeijingDateString\\(\\) 函数，将UTC时间转换为北京时间\\(UTC+8\\)\n\n影响范围：仅影响PDF合同上显示的签署日期，不影响数据库时间戳或业务逻辑\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" push origin main)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" tag -a v1.0.0 -m \"$\\(cat <<''EOF''\nRelease v1.0.0 - 正式发布\n\n主要功能:\n- 用户身份认证与KYC实名认证\n- 榴莲树认种与合同签署系统\n- 钱包与资产管理（USDT/绿积分/算力）\n- 推荐关系与团队管理\n- 收益分配与奖励系统\n- 排行榜系统\n- 后台管理系统\n- MPC多方计算钱包\n- 区块链服务（KAVA链）\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" push origin v1.0.0)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(admin-service\\): 修复用户数据CDC同步使用userId导致的数据不一致问题\n\n问题原因:\n- 旧的Kafka事件消费者和CDC消费者同时运行\n- 旧消费者写入的数据userId可能为0\n- CDC消费者使用userId作为upsert条件，导致唯一键冲突失败\n- 用户的nickname和kycStatus等信息没有正确同步\n\n修复方案:\n- upsert方法改用accountSequence作为唯一键\n- CDC消费者的handleUpdate使用accountSequence检查和更新\n- 更新时同时修复可能错误的userId\n- 新增existsByAccountSequence和updateKycStatusByAccountSequence方法\n\n影响范围:\n- admin-web用户管理页面现在能正确显示用户昵称和KYC状态\n- 新用户注册后数据能正确同步\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" diff backend/services/docker-compose.yml)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add backend/services/docker-compose.yml)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(admin-service\\): 添加uploads目录的volume持久化配置\n\n问题：admin-service重新部署后，上传的APK文件会丢失\n原因：主docker-compose.yml中admin-service未配置volume挂载，\n      导致容器重建时/app/uploads目录数据丢失\n\n修复：\n- 添加admin_uploads_data volume挂载到/app/uploads\n- 添加UPLOAD_DIR环境变量\n- 在volumes部分声明admin_uploads_data\n\n影响范围：仅影响admin-service的文件存储持久化\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" diff frontend/admin-web/src/app/\\\\\\(dashboard\\\\\\)/authorization/page.tsx)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add frontend/admin-web/src/app/\\\\\\(dashboard\\\\\\)/authorization/page.tsx)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(admin-web\\): 优化授权页面错误提示，显示后端真实错误信息\n\n问题：创建授权失败时只显示\"Request failed with status code 400\"\n用户无法了解失败的真实原因（如用户未种树、授权冲突等）\n\n修复：\n- handleCreate和handleRevoke的catch块优先从err.response.data.message提取后端错误\n- 后端已有完善的错误提示如\"用户尚未认种任何树，无法授权\"\n- 前端现在能正确显示这些提示帮助管理员了解真实情况\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" diff frontend/mobile-app/lib/features/pending_actions/presentation/pages/pending_actions_page.dart)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" checkout -- frontend/mobile-app/lib/features/pending_actions/presentation/pages/pending_actions_page.dart)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" add frontend/mobile-app/lib/features/pending_actions/presentation/pages/pending_actions_page.dart)",
+      "Bash(git -C \"c:/Users/dong/Desktop/rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(mobile-app\\): 修复认种向导待办操作无法正确标记完成的问题\n\n问题：用户完成认种并签署合同后，ADOPTION_WIZARD待办操作没有被标记为完成，\n导致用户被卡在待办操作页面无法进入App。\n\n原因：原来的检查逻辑只检查是否有\"待签合同\"，当用户已签署合同后，\npendingTasks为空，返回false，导致待办操作无法完成。\n\n修复方案：\n- 改为检查用户是否有已支付的认种订单（PAID/FUND_ALLOCATED状态）\n- 通过比较订单创建时间和待办操作创建时间来判断\n- 订单在待办操作之后创建 → 已完成\n- 订单在待办操作之前但相差不超过24小时 → 也认为已完成（兼容延迟）\n- 保留待签合同的备用检查逻辑\n\n影响范围：仅影响ADOPTION_WIZARD待办操作的完成检测\n\n🤖 Generated with [Claude Code]\\(https://claude.com/claude-code\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(contribution-service\\): 添加算力管理微服务\n\n## 概述\n为榴莲生态2.0添加 contribution-service 微服务，负责算力计算、分配和快照管理。\n\n## 架构设计\n- 采用 DDD + Hexagonal Architecture \\(六边形架构\\)\n- 使用 NestJS 框架 + Prisma ORM\n- 通过 Kafka CDC \\(Debezium\\) 从 user-service 同步数据\n- 使用 accountSequence \\(而非 userId\\) 进行跨服务关联\n\n## 核心功能模块\n\n### 1. Domain Layer \\(领域层\\)\n- ContributionAccountAggregate: 算力账户聚合根\n- ContributionRecordAggregate: 算力记录聚合根\n- ContributionAmount: 算力金额值对象 \\(基于 Decimal.js\\)\n- DistributionRate: 分配比例值对象\n- ContributionSourceType: 算力来源类型枚举 \\(PERSONAL/TEAM_LEVEL/TEAM_BONUS\\)\n\n### 2. Application Layer \\(应用层\\)\n- ContributionCalculationService: 算力计算核心服务\n  - 个人算力: 认种金额 × 10\n  - 团队等级奖励: 基于直推有效认种人数\n  - 团队极差奖励: 多级分销算法\n- SnapshotService: 每日算力快照服务\n- CDC Event Handlers: 处理用户、认种、引荐关系同步事件\n\n### 3. Infrastructure Layer \\(基础设施层\\)\n- Prisma Repositories: \n  - ContributionAccountRepository\n  - ContributionRecordRepository\n  - SyncedDataRepository \\(同步数据\\)\n  - OutboxRepository \\(发件箱模式\\)\n  - SystemAccountRepository\n  - UnallocatedContributionRepository\n- Kafka CDC Consumer: 消费 Debezium CDC 事件\n- Redis: 缓存支持\n- UnitOfWork: 事务管理\n\n### 4. API Layer \\(接口层\\)\n- ContributionController: 算力查询接口\n- SnapshotController: 快照管理接口\n- HealthController: 健康检查\n\n## 数据模型 \\(Prisma Schema\\)\n- ContributionAccount: 算力账户\n- ContributionRecord: 算力记录 \\(支持过期\\)\n- DailyContributionSnapshot: 每日快照\n- SyncedUser/SyncedAdoption/SyncedReferral: CDC 同步数据\n- OutboxEvent: 发件箱事件\n- SystemContributionAccount: 系统账户\n- UnallocatedContribution: 未分配算力\n\n## TypeScript 类型修复\n- 修复所有 Repository 接口与实现的类型不匹配\n- 修复 ContributionAmount.multiply\\(\\) 返回值类型\n- 修复 isZero getter vs method 问题\n- 修复 bigint vs string 类型转换\n- 统一使用 items/total 返回格式\n- 修复 Prisma schema 字段名映射 \\(unallocType, contributionBalance 等\\)\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mining-ecosystem\\): 添加挖矿生态系统完整微服务与前端\n\n## 概述\n为榴莲生态2.0添加完整的挖矿系统，包含3个后端微服务、1个管理后台和1个用户端App。\n\n---\n\n## 后端微服务\n\n### 1. mining-service \\(挖矿服务\\) - Port 3021\n**核心功能：**\n- 积分股每日分配（基于算力快照）\n- 每分钟定时销毁（进入黑洞）\n- 价格计算：价格 = 积分股池 ÷ \\(100.02亿 - 黑洞 - 流通池\\)\n- 全局状态管理（黑洞量、流通池、价格）\n\n**关键文件：**\n- src/application/services/mining-distribution.service.ts - 挖矿分配核心逻辑\n- src/application/schedulers/mining.scheduler.ts - 定时任务调度\n- src/domain/services/mining-calculator.service.ts - 分配计算\n- src/infrastructure/persistence/repositories/black-hole.repository.ts - 黑洞管理\n\n### 2. trading-service \\(交易服务\\) - Port 3022\n**核心功能：**\n- 积分股买卖撮合\n- K线数据生成\n- 手续费处理（10%买入/卖出）\n- 流通池管理\n- 卖出倍数计算：倍数 = \\(100亿 - 销毁量\\) ÷ \\(200万 - 流通池量\\)\n\n**关键文件：**\n- src/domain/services/matching-engine.service.ts - 撮合引擎\n- src/application/services/order.service.ts - 订单处理\n- src/application/services/transfer.service.ts - 划转服务\n- src/domain/aggregates/order.aggregate.ts - 订单聚合根\n\n### 3. mining-admin-service \\(挖矿管理服务\\) - Port 3023\n**核心功能：**\n- 系统配置管理（分配参数、手续费率等）\n- 老用户数据初始化\n- 系统监控仪表盘\n- 审计日志\n\n**关键文件：**\n- src/application/services/config.service.ts - 配置管理\n- src/application/services/initialization.service.ts - 数据初始化\n- src/application/services/dashboard.service.ts - 仪表盘数据\n\n---\n\n## 前端应用\n\n### 1. mining-admin-web \\(管理后台\\) - Next.js 14\n**技术栈：**\n- Next.js 14 + React 18\n- TailwindCSS + Radix UI\n- React Query + Zustand\n- ECharts 图表\n\n**功能模块：**\n- 登录认证\n- 仪表盘（实时数据、价格走势）\n- 用户查询（算力详情、挖矿记录、交易订单）\n- 系统配置管理\n- 数据初始化任务\n- 审计日志查看\n\n### 2. mining-app \\(用户端App\\) - Flutter 3.x\n**技术栈：**\n- Flutter 3.x + Dart\n- Riverpod 状态管理\n- GoRouter 路由\n- Clean Architecture \\(3层\\)\n\n**功能模块：**\n- 首页资产总览\n- 实时收益显示（每秒更新）\n- 贡献值展示（个人/团队）\n- 积分股买卖交易\n- K线图与价格显示\n- 个人中心\n\n---\n\n## 架构文档\n- docs/mining-ecosystem-architecture.md - 系统架构总览\n  - 服务职责与端口分配\n  - 数据流向图\n  - Kafka Topics 定义\n  - 跨服务关联（account_sequence）\n  - 配置参数说明\n  - 开发顺序建议\n\n---\n\n## .gitignore 更新\n- 添加 Flutter/Dart 构建文件忽略\n- 添加 iOS/Android 构建产物忽略\n- 添加 Next.js 构建目录忽略\n- 添加 TypeScript 缓存文件忽略\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mining\\): 添加 2.0 挖矿系统独立部署管理脚本\n\n添加 deploy-mining.sh 脚本用于管理 2.0 挖矿生态系统，\n该系统与 1.0 完全隔离，可随时重置而不影响 1.0。\n\n## 功能\n\n### 服务管理\n- up/down/restart - 启动/停止/重启 2.0 服务\n- status - 查看服务状态\n- logs [service] - 查看日志\n- build - 构建服务\n\n### 数据库管理\n- db-create - 创建 2.0 数据库\n- db-migrate - 运行 Prisma 迁移\n- db-reset - 删除并重建数据库（危险操作）\n- db-status - 查看数据库状态\n\n### CDC 同步管理\n- sync-reset - 重置 CDC 消费者偏移量到开始位置\n- sync-status - 查看 CDC 消费者组状态\n\n### 完整重置\n- full-reset - 完整系统重置\n  1. 停止所有 2.0 服务\n  2. 删除所有 2.0 数据库\n  3. 重建数据库\n  4. 运行迁移\n  5. 重置 CDC 偏移量\n  6. 重启服务（从 1.0 重新同步）\n\n### 健康监控\n- health - 检查所有组件健康状态\n- stats - 显示系统统计信息\n\n## 2.0 服务\n- contribution-service \\(3020\\)\n- mining-service \\(3021\\)\n- trading-service \\(3022\\)\n- mining-admin-service \\(3023\\)\n\n## 2.0 数据库\n- rwa_contribution\n- rwa_mining\n- rwa_trading\n- rwa_mining_admin\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(npx prisma format:*)",
+      "Bash(while read svc)",
+      "Bash(do echo \"=== $svc ===\")",
+      "Bash(for svc in admin-service auth-service authorization-service backup-service blockchain-service contribution-service identity-service leaderboard-service mining-admin-service mining-service mpc-service planting-service presence-service referral-service reporting-service reward-service trading-service wallet-service)",
+      "Bash(ssh ceshi@14.215.128.96 \"curl -s -o /dev/null -w ''%{http_code}'' https://madmin.szaiai.com/ --connect-timeout 10\")",
+      "Bash(curl -s -o /dev/null -w '%{http_code}' https://madmin.szaiai.com/ --connect-timeout 15)",
+      "Bash(ssh ceshi@14.215.128.96 \"docker network ls | grep rwa\")",
+      "Bash(ssh ceshi@14.215.128.96 \"cd /home/ceshi/rwadurian/backend/services && git pull && ./deploy-mining.sh rebuild mining-admin-service --no-cache\")",
+      "Bash(dir /s /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\mining-admin-service\\\\src\\\\*.ts\")",
+      "Bash(DATABASE_URL=\"postgresql://user:pass@localhost:5432/db\" npx prisma migrate:*)",
+      "Bash(ssh ceshi@103.39.231.231 \"ls -la /etc/nginx/sites-enabled/ && cat /etc/nginx/sites-available/rwaapi.szaiai.com 2>/dev/null | head -100\")",
+      "Bash(ssh ceshi@14.215.128.96 \"cd /home/ceshi/rwadurian/frontend/mining-admin-web && git pull && cat .env.production\")",
+      "Bash(ssh ceshi@14.215.128.96 \"cd /home/ceshi/rwadurian/frontend/mining-admin-web && docker compose down && docker compose build --no-cache && docker compose up -d\")",
+      "Bash(ssh ceshi@14.215.128.96 \"docker ps | grep -E ''mining-admin|rwa-mining''\")",
+      "Bash(ssh ceshi@103.39.231.231 \"cd /home/ceshi/rwadurian && git pull && grep -A10 ''mining-admin-service'' backend/api-gateway/kong.yml | head -15\")",
+      "Bash(ssh ceshi@103.39.231.231 \"cd /home/ceshi/rwadurian/backend/api-gateway && docker compose exec kong kong reload 2>/dev/null || docker exec kong kong reload\")",
+      "Bash(ssh ceshi@103.39.231.231 \"curl -s http://192.168.1.111:3023/health 2>/dev/null || echo ''Service not reachable''\")",
+      "Bash(ssh ceshi@103.39.231.231 \"curl -s http://192.168.1.111:3023/auth/login -X POST -H ''Content-Type: application/json'' -d ''{\"\"username\"\":\"\"admin\"\",\"\"password\"\":\"\"test\"\"}''\")",
+      "Bash(ssh ceshi@103.39.231.231 \"cd /home/ceshi/rwadurian && git pull && docker exec kong kong reload\")",
+      "Bash(ssh ceshi@103.39.231.231 \"docker ps | grep -i kong\")",
+      "Bash(ssh ceshi@103.39.231.231 \"curl -s http://localhost:8000/api/v2/mining-admin/auth/login -X POST -H ''Content-Type: application/json'' -d ''{\"\"username\"\":\"\"admin\"\",\"\"password\"\":\"\"admin123\"\"}''\")",
+      "Bash(ssh ceshi@103.39.231.231 \"curl -s http://localhost:8000/api/v2/mining-admin/auth/profile -H ''Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI3ODRlNTA0MS1hYTM2LTQ0ZTctYTM1NS0yY2I2ZjYwYmY1YmIiLCJ1c2VybmFtZSI6ImFkbWluIiwicm9sZSI6IlNVUEVSX0FETUlOIiwiaWF0IjoxNzY4MTIyMjc3LCJleHAiOjE3NjgyMDg2Nzd9.XL0i0_tQlybkT9ktLIP90WQZDujPbbARL20h6fLmeRE''\")",
+      "Bash(user \")",
+      "mcp__UIPro__getCodeFromUIProPlugin",
+      "Bash(flutter create:*)",
+      "Bash(DATABASE_URL=\"postgresql://postgres:postgres@localhost:5432/rwa_auth?schema=public\" npx prisma migrate dev:*)",
+      "Bash(curl -s http://103.118.40.14:8001/routes/contribution-v2-api)",
+      "Bash(curl -s http://103.118.40.14:8001/services/contribution-service-v2)",
+      "Bash(ssh ceshi@103.39.231.231 \"cd /data/rwadurian/backend/api-gateway && git pull origin main && docker-compose restart kong\")",
+      "Bash(ssh ceshi@103.39.231.231 \"ls -la /data/ 2>/dev/null || ls -la / | grep -E ''data|home|opt''\")",
+      "Bash(TOKEN=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJEMjUxMjI3MDAwMjIiLCJwaG9uZSI6IjE4OTI2NzYyNzIxIiwic291cmNlIjoiVjEiLCJpYXQiOjE3NjgxODM5NTIsImV4cCI6MTc2ODc4ODc1Mn0.Uq6TCFWHO64fD_MUP2IoBJzaXo99HDcp0H5s5A14EXQ\")",
+      "Bash(ssh ceshi@103.39.231.231 \"ssh ceshi@192.168.1.111 ''cd /home/durian/rwadurian && git pull && cd backend/services && ./deploy.sh rebuild auth-service''\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mining-admin-web\\): 复用admin-web用户管理功能\n\n- 更新用户列表：添加头像、个人/团队认种、推荐人、状态徽章\n- 更新用户详情：添加头像、KYC状态、认种统计卡片\n- 新增引荐关系Tab：展示引荐人链和直推下级树\n- 新增认种信息Tab：认种汇总和认种分类账明细\n- 新增钱包信息Tab：钱包汇总和钱包分类账明细\n- 更新类型定义和API hooks\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ssh ceshi@14.215.128.96 \"cd /home/ceshi/rwadurian/frontend/mining-admin-web && git pull && ls -la deploy.sh\")",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" diff)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" push origin main)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" add frontend/mining-admin-web/next.config.js)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(mining-admin-web\\): 修复 API rewrite 路径为 v2\n\n将 next.config.js 中的 API rewrite 从 /api/v1 改为 /api/v2，\n与 mining-admin-service 的实际 API 前缀保持一致。\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" log --oneline -3)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" add backend/services/deploy-mining.sh)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" commit -m \"$\\(cat <<''EOF''\nfeat\\(deploy\\): 添加 mining-wallet-service 到 deploy-mining.sh\n\n将 mining-wallet-service 加入 2.0 系统管理脚本：\n\n- 添加到 MINING_SERVICES 数组\n- 添加别名 wallet -> mining-wallet-service\n- 添加数据库 rwa_mining_wallet\n- 添加 SERVICE_DB 映射\n- 添加端口 3025\n- 更新帮助文档\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" commit -m \"$\\(cat <<''EOF''\nrefactor\\(deploy\\): 移除 mining-admin-web 从 deploy-mining.sh\n\nmining-admin-web 是前端项目，不应该在后端服务部署脚本中管理。\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" add backend/services/contribution-service/Dockerfile backend/services/mining-admin-service/Dockerfile)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(docker\\): 修复 contribution-service 和 mining-admin-service Dockerfile healthcheck 路径\n\n将 healthcheck 路径从 /api/v1/health 改为 /api/v2/health，\n与 main.ts 中的 API 前缀保持一致。\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" log --oneline -5)",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"cd /home/ceshi/rwadurian/backend/services && git pull origin main\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"cd /home/ceshi/rwadurian/backend/services/auth-service && npm run build 2>&1 | tail -20\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"cd /home/ceshi/rwadurian/backend/services && ./deploy-mining.sh rebuild auth-service 2>&1 | tail -50\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"cd /home/ceshi/rwadurian/backend/services && ./deploy-mining.sh rebuild contribution-service 2>&1 | tail -50\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"cd /home/ceshi/rwadurian/backend/services && ./deploy-mining.sh rebuild mining-admin-service 2>&1 | tail -50\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"cd /home/ceshi/rwadurian/backend/services && ./deploy-mining.sh status\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(auth\\): 修复 LegacyUserCdcConsumer 的 OutboxService 依赖注入\n\n- 在 ApplicationModule 中导出 OutboxService\n- 在 InfrastructureModule 中使用 forwardRef 导入 ApplicationModule\n- 解决循环依赖问题\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(deploy\\): 修正 Debezium Connect 默认端口为 8084\n\ndocker-compose 中 Debezium Connect 映射到 8084 端口\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(debezium\\): 修复 outbox connector 配置中的数据库凭证\n\n使用实际的用户名和密码替代环境变量占位符，\n因为 envsubst 不支持带默认值的变量语法\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -c \"\"\nSELECT ''synced_users'' as table_name, COUNT\\(*\\) as count FROM synced_users\nUNION ALL SELECT ''synced_contribution_accounts'', COUNT\\(*\\) FROM synced_contribution_accounts\nUNION ALL SELECT ''synced_mining_accounts'', COUNT\\(*\\) FROM synced_mining_accounts\nUNION ALL SELECT ''synced_trading_accounts'', COUNT\\(*\\) FROM synced_trading_accounts\nUNION ALL SELECT ''synced_mining_configs'', COUNT\\(*\\) FROM synced_mining_configs\nUNION ALL SELECT ''synced_circulation_pools'', COUNT\\(*\\) FROM synced_circulation_pools\nUNION ALL SELECT ''synced_system_contributions'', COUNT\\(*\\) FROM synced_system_contributions\nUNION ALL SELECT ''synced_daily_mining_stats'', COUNT\\(*\\) FROM synced_daily_mining_stats\nUNION ALL SELECT ''synced_day_klines'', COUNT\\(*\\) FROM synced_day_klines;\n\"\"\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -t -c \"\"\nSELECT ''synced_users'' as tbl, COUNT\\(*\\) FROM synced_users\nUNION ALL SELECT ''synced_contribution_accounts'', COUNT\\(*\\) FROM synced_contribution_accounts\nUNION ALL SELECT ''synced_mining_accounts'', COUNT\\(*\\) FROM synced_mining_accounts\nUNION ALL SELECT ''synced_trading_accounts'', COUNT\\(*\\) FROM synced_trading_accounts;\n\"\"\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d postgres -c \"\"SELECT count\\(*\\) FROM pg_stat_activity;\"\"\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker restart rwa-postgres && sleep 10 && docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -t -c \"\"\nSELECT ''synced_users'' as tbl, COUNT\\(*\\) FROM synced_users\nUNION ALL SELECT ''synced_contribution_accounts'', COUNT\\(*\\) FROM synced_contribution_accounts\nUNION ALL SELECT ''synced_mining_accounts'', COUNT\\(*\\) FROM synced_mining_accounts\nUNION ALL SELECT ''synced_trading_accounts'', COUNT\\(*\\) FROM synced_trading_accounts;\n\"\"\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d postgres -c \"\"SELECT datname, count\\(*\\) FROM pg_stat_activity GROUP BY datname ORDER BY count DESC;\"\"\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d postgres -c \"\"SHOW max_connections;\"\" && docker exec rwa-postgres psql -U rwa_user -d postgres -c \"\"SELECT count\\(*\\) as current_connections FROM pg_stat_activity;\"\"\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfix\\(postgres\\): 增加数据库最大连接数到 300\n\n- max_connections: 100 -> 300\n- max_replication_slots: 10 -> 20  \n- max_wal_senders: 10 -> 20\n\n支持更多服务和 Debezium connectors 同时连接\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -c ''SELECT * FROM synced_users LIMIT 2;''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -c ''SELECT * FROM synced_contribution_accounts LIMIT 2;''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_contribution -c ''SELECT account_sequence, has_adopted, direct_referral_adopted_count, unlocked_level_depth FROM contribution_accounts LIMIT 5;''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_contribution -c ''SELECT account_sequence, adopter_count FROM synced_users LIMIT 5;''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_contribution -c ''\\\\d synced_users''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_contribution -c ''SELECT * FROM synced_adoptions LIMIT 3;''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_contribution -c ''SELECT * FROM synced_referrals LIMIT 3;''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -c ''\\\\d synced_users''\")",
+      "Bash(ssh -o ProxyCommand=\"ssh -W %h:%p ceshi@103.39.231.231\" ceshi@192.168.1.111 \"docker exec rwa-postgres psql -U rwa_user -d rwa_mining_admin -c \"\"SELECT table_name FROM information_schema.tables WHERE table_schema=''public'' ORDER BY table_name;\"\"\")",
+      "Bash(dir /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\\\\contribution-service\\\\src\\\\domain\\\\events\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(sync\\): 完善 CDC 数据同步 - 添加推荐关系、认种记录和昵称字段\n\n- auth-service:\n  - SyncedLegacyUser 表添加 nickname 字段\n  - LegacyUserMigratedEvent 添加 nickname 参数\n  - CDC consumer 同步 nickname 字段\n  - SyncedLegacyUserData 接口添加 nickname\n\n- contribution-service:\n  - 新增 ReferralSyncedEvent 事件类\n  - 新增 AdoptionSyncedEvent 事件类\n  - admin.controller 添加 publish-all APIs:\n    - POST /admin/referrals/publish-all\n    - POST /admin/adoptions/publish-all\n\n- mining-admin-service:\n  - SyncedUser 表添加 nickname 字段\n  - 新增 SyncedReferral 表 \\(推荐关系\\)\n  - 新增 SyncedAdoption 表 \\(认种记录\\)\n  - handleReferralSynced 处理器\n  - handleAdoptionSynced 处理器\n  - handleLegacyUserMigrated 处理 nickname\n\n- deploy-mining.sh:\n  - full_reset 更新为 14 步\n  - Step 13: 发布推荐关系\n  - Step 14: 发布认种记录\n\n解决 mining-admin-web 缺少昵称、推荐人、认种数据的问题\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ssh -o StrictHostKeyChecking=no ceshi@103.39.231.231 \"ssh -o StrictHostKeyChecking=no ceshi@192.168.1.111 ''cd /home/ceshi/rwadurian/backend/services && git pull''\")",
+      "Bash(ssh -o StrictHostKeyChecking=no ceshi@103.39.231.231 \"ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa ceshi@192.168.1.111 ''cd /home/ceshi/rwadurian/backend/services && git pull''\")",
+      "Bash(set DATABASE_URL=postgresql://user:pass@localhost:5432/db)",
+      "Bash(cmd /c \"set DATABASE_URL=postgresql://user:pass@localhost:5432/db && npx prisma migrate dev --name add_nickname_to_synced_legacy_users --create-only\")",
+      "Bash(dir \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\frontend\")",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nfeat\\(mining-app\\): fix login bugs and connect contribution page to real API\n\nLogin fixes:\n- Add AuthEventBus for global 401 error handling with auto-logout\n- Add route guards with GoRouter redirect to protect authenticated routes\n- Remove setMockUser\\(\\) security vulnerability and legacy login\\(\\) dead code\n- Remove unused AuthInterceptor class\n\nContribution page:\n- Add ContributionRecord entity and model for records API\n- Connect contribution details card to GET /accounts/{id}/records endpoint\n- Display real team stats \\(direct referrals, unlocked levels/tiers\\)\n- Calculate expiration countdown from actual record data\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(dependency of a provider changed\" error when 401 responses triggered\nlogout during provider rebuilds.\n\nNow 401 handling is done through normal exception flow in splash page\nand route guards respond to isLoggedInProvider state changes.\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(ssh ceshi@rwa-colocation-1-lan:*)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" diff frontend/mining-app/lib/presentation/pages/)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" add frontend/mining-app/lib/presentation/pages/asset/asset_page.dart frontend/mining-app/lib/presentation/pages/auth/login_page.dart frontend/mining-app/lib/presentation/pages/auth/register_page.dart frontend/mining-app/lib/presentation/pages/contribution/contribution_page.dart frontend/mining-app/lib/presentation/pages/profile/profile_page.dart frontend/mining-app/lib/presentation/pages/trading/trading_page.dart)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(mining-app\\): unify color scheme and fix scroll issues\n\n- Update login/register pages to use orange color scheme \\(#FF6B00\\)\n  matching the navigation pages design\n- Fix SafeArea bottom: false on all navigation pages since MainShell\n  handles bottom safe area via bottomNavigationBar\n- Add AlwaysScrollableScrollPhysics to asset page for consistent scroll\n- Increase bottom padding to 100px on all navigation pages to clear\n  the navigation bar\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" push)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" add frontend/mining-app/lib/presentation/pages/splash/splash_page.dart frontend/mining-app/lib/presentation/providers/user_providers.dart)",
+      "Bash(git -C \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\" commit -m \"$\\(cat <<''EOF''\nfix\\(mining-app\\): update splash page theme and fix token refresh\n\n- Update splash_page.dart to orange theme \\(#FF6B00\\) matching other pages\n- Change app name from \"榴莲挖矿\" to \"榴莲生态\"\n- Fix refreshTokenIfNeeded to properly throw on failure instead of\n  silently calling logout \\(which caused Riverpod ref errors\\)\n- Clear local storage directly on refresh failure without remote API call\n\nCo-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>\nEOF\n\\)\")",
+      "Bash(python3 -c \" import sys content = sys.stdin.read\\(\\) old = '''''' done # 清空 processed_cdc_events 表（因为 migration 时可能已经消费了一些消息） # 这是事务性幂等消费的关键：重置 Kafka offset 后必须同时清空幂等记录 log_info \"\"Truncating processed_cdc_events tables to allow re-consumption...\"\" for db in \"\"rwa_contribution\"\" \"\"rwa_auth\"\"; do if run_psql \"\"$db\"\" \"\"TRUNCATE TABLE processed_cdc_events;\"\" 2>/dev/null; then log_success \"\"Truncated processed_cdc_events in $db\"\" else log_warn \"\"Could not truncate processed_cdc_events in $db \\(table may not exist yet\\)\"\" fi done log_step \"\"Step 9/18: Starting 2.0 services...\"\"'''''' new = '''''' done # 清空 processed_cdc_events 表（因为 migration 时可能已经消费了一些消息） # 这是事务性幂等消费的关键：重置 Kafka offset 后必须同时清空幂等记录 log_info \"\"Truncating processed_cdc_events tables to allow re-consumption...\"\" for db in \"\"rwa_contribution\"\" \"\"rwa_auth\"\"; do if run_psql \"\"$db\"\" \"\"TRUNCATE TABLE processed_cdc_events;\"\" 2>/dev/null; then log_success \"\"Truncated processed_cdc_events in $db\"\" else log_warn \"\"Could not truncate processed_cdc_events in $db \\(table may not exist yet\\)\"\" fi done log_step \"\"Step 9/18: Starting 2.0 services...\"\"'''''' print\\(content.replace\\(old, new\\)\\) \")",
+      "Bash(git rm:*)",
+      "Bash(echo \"请在服务器运行以下命令检查 outbox 事件：\n\ndocker exec -it rwa-postgres psql -U rwa_user -d rwa_contribution -c \"\"\nSELECT id, event_type, aggregate_id, \n       payload->>''sourceType'' as source_type,\n       payload->>''accountSequence'' as account_seq,\n       payload->>''sourceAccountSequence'' as source_account_seq,\n       payload->>''bonusTier'' as bonus_tier\nFROM outbox_events \nWHERE payload->>''accountSequence'' = ''D25122900007''\nORDER BY id;\n\"\"\")",
+      "Bash(ssh -o ConnectTimeout=10 ceshi@14.215.128.96 'find /home/ceshi/rwadurian/frontend/mining-admin-web -name \"\"*.tsx\"\" -o -name \"\"*.ts\"\" | xargs grep -l \"\"用户管理\\\\|users\"\" 2>/dev/null | head -10')",
+      "Bash(dir /s /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\")",
+      "Bash(dir /b \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\backend\\\\services\")",
+      "Bash(ssh -J ceshi@103.39.231.231 ceshi@192.168.1.111 \"curl -s http://localhost:3021/api/v2/admin/status\")",
+      "Bash(del \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\frontend\\\\mining-app\\\\lib\\\\domain\\\\usecases\\\\trading\\\\buy_shares.dart\")",
+      "Bash(del \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\frontend\\\\mining-app\\\\lib\\\\domain\\\\usecases\\\\trading\\\\sell_shares.dart\")",
+      "Bash(ls -la \"c:\\\\Users\\\\dong\\\\Desktop\\\\rwadurian\\\\frontend\\\\mining-app\\\\lib\\\\presentation\\\\pages\"\" 2>/dev/null || dir /b \"c:UsersdongDesktoprwadurianfrontendmining-applibpresentationpages \")",
+      "Bash(cd:*)"
    ],
    "deny": [],
    "ask": []
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,130 @@ nul

 # Claude Code settings
 .claude/
+
+# Dependencies
+node_modules/
+.pnp/
+.pnp.js
+
+# Build outputs
+dist/
+build/
+out/
+.next/
+.nuxt/
+.output/
+
+# Environment files
+.env
+.env.local
+.env.*.local
+*.env
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+*.sublime-*
+
+# OS
+.DS_Store
+Thumbs.db
+Desktop.ini
+
+# Logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+# Test coverage
+coverage/
+.nyc_output/
+
+# Cache
+.cache/
+*.cache
+.eslintcache
+.stylelintcache
+.turbo/
+
+# Prisma
+prisma/migrations/**/migration_lock.toml
+
+# TypeScript
+*.tsbuildinfo
+
+# Flutter/Dart
+.dart_tool/
+.flutter-plugins
+.flutter-plugins-dependencies
+.packages
+.pub-cache/
+.pub/
+build/
+*.iml
+*.ipr
+*.iws
+.idea/
+*.lock
+pubspec.lock
+
+# iOS
+ios/Pods/
+ios/.symlinks/
+ios/Flutter/Flutter.framework
+ios/Flutter/Flutter.podspec
+ios/Flutter/App.framework
+ios/Flutter/engine/
+ios/Flutter/Generated.xcconfig
+**/ios/Flutter/.last_build_id
+**/ios/Podfile.lock
+
+# Android
+android/.gradle/
+android/captures/
+android/gradlew
+android/gradlew.bat
+android/local.properties
+**/android/app/debug
+**/android/app/profile
+**/android/app/release
+*.apk
+*.aab
+*.dex
+*.class
+*.jks
+*.keystore
+
+# macOS
+macos/Flutter/GeneratedPluginRegistrant.swift
+macos/Flutter/ephemeral/
+
+# Windows
+windows/flutter/generated_plugin_registrant.cc
+windows/flutter/generated_plugin_registrant.h
+windows/flutter/generated_plugins.cmake
+
+# Linux
+linux/flutter/generated_plugin_registrant.cc
+linux/flutter/generated_plugin_registrant.h
+linux/flutter/generated_plugins.cmake
+
+# Web
+web/favicon.png
+web/icons/
+
+# Temporary files
+*.tmp
+*.temp
+*.swp
+*~
+
+# Package lock files (keep for reproducible builds)
+# package-lock.json
+# yarn.lock
+# pnpm-lock.yaml
--- a/SEED01-qrcode.png
+++ b/SEED01-qrcode.png
--- a/STKAITI.TTF
+++ b/STKAITI.TTF
--- a/backend/api-gateway/docker-compose.yml
+++ b/backend/api-gateway/docker-compose.yml
@ -16,6 +16,7 @@ services:
    image: docker.io/library/postgres:16-alpine
    container_name: rwa-kong-db
    environment:
+      TZ: Asia/Shanghai
      POSTGRES_USER: kong
      POSTGRES_PASSWORD: ${KONG_PG_PASSWORD:-kong_password}
      POSTGRES_DB: kong
@ -38,6 +39,7 @@ services:
    container_name: rwa-kong-migrations
    command: kong migrations bootstrap
    environment:
+      TZ: Asia/Shanghai
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
@ -57,6 +59,7 @@ services:
    image: docker.io/kong/kong-gateway:3.5
    container_name: rwa-kong
    environment:
+      TZ: Asia/Shanghai
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
--- a/backend/api-gateway/kong.yml
+++ b/backend/api-gateway/kong.yml
@ -48,6 +48,10 @@ services:
        paths:
          - /api/v1/identity/health
        strip_path: true
+      - name: identity-admin-pending-actions
+        paths:
+          - /api/v1/admin/pending-actions
+        strip_path: false

  # ---------------------------------------------------------------------------
  # Wallet Service - 钱包服务
@ -161,15 +165,23 @@ services:
  - name: reporting-service
    url: http://192.168.1.111:3008
    routes:
+      - name: reporting-dashboard
+        paths:
+          - /api/v1/dashboard
+        strip_path: false
      - name: reporting-api
        paths:
          - /api/v1/reports
-          - /api/v1/statistics
        strip_path: false
      - name: reporting-export
        paths:
          - /api/v1/export
        strip_path: false
+      # [2026-01-04] 新增：系统账户报表路由
+      - name: reporting-system-accounts
+        paths:
+          - /api/v1/system-account-reports
+        strip_path: false

  # ---------------------------------------------------------------------------
  # Authorization Service - 授权服务
@ -187,7 +199,7 @@ services:
        strip_path: false

  # ---------------------------------------------------------------------------
-  # Admin Service - 管理服务 (包含版本管理)
+  # Admin Service - 管理服务 (包含版本管理和通知)
  # ---------------------------------------------------------------------------
  - name: admin-service
    url: http://192.168.1.111:3010
@ -208,6 +220,14 @@ services:
        paths:
          - /downloads
        strip_path: false
+      - name: admin-mobile-notifications
+        paths:
+          - /api/v1/mobile/notifications
+        strip_path: false
+      - name: admin-mobile-system
+        paths:
+          - /api/v1/mobile/system
+        strip_path: false

  # ---------------------------------------------------------------------------
  # Presence Service - 在线状态服务
@ -239,6 +259,116 @@ services:
          - /api/v1/balance
        strip_path: false

+  # ---------------------------------------------------------------------------
+  # MPC Account Service - MPC 账户服务 (Go - 共管钱包)
+  # ---------------------------------------------------------------------------
+  - name: mpc-account-service
+    url: http://192.168.1.111:4000
+    routes:
+      - name: mpc-co-managed
+        paths:
+          - /api/v1/co-managed
+        strip_path: false
+
+
+  # ===========================================================================
+  # RWA 2.0 Services - 新架构微服务
+  # ===========================================================================
+
+  # ---------------------------------------------------------------------------
+  # Contribution Service 2.0 - 算力服务
+  # 前端路径: /api/v2/contribution/...
+  # 后端路径: /api/v2/contribution/... (strip_path: false, 直接透传)
+  # ---------------------------------------------------------------------------
+  - name: contribution-service-v2
+    url: http://192.168.1.111:3020
+    routes:
+      - name: contribution-v2-api
+        paths:
+          - /api/v2/contribution
+        strip_path: false
+      - name: contribution-v2-health
+        paths:
+          - /api/v2/contribution/health
+        strip_path: false
+
+  # ---------------------------------------------------------------------------
+  # Mining Service 2.0 - 挖矿服务
+  # ---------------------------------------------------------------------------
+  - name: mining-service-v2
+    url: http://192.168.1.111:3021
+    routes:
+      - name: mining-v2-api
+        paths:
+          - /api/v2/mining
+        strip_path: false
+      - name: mining-v2-health
+        paths:
+          - /api/v2/mining/health
+        strip_path: false
+
+  # ---------------------------------------------------------------------------
+  # Trading Service 2.0 - 交易服务
+  # ---------------------------------------------------------------------------
+  - name: trading-service-v2
+    url: http://192.168.1.111:3022
+    routes:
+      - name: trading-v2-api
+        paths:
+          - /api/v2/trading
+        strip_path: false
+      - name: trading-v2-health
+        paths:
+          - /api/v2/trading/health
+        strip_path: false
+
+  # ---------------------------------------------------------------------------
+  # Mining Admin Service 2.0 - 挖矿管理后台服务
+  # ---------------------------------------------------------------------------
+  - name: mining-admin-service
+    url: http://192.168.1.111:3023/api/v1
+    routes:
+      - name: mining-admin-api
+        paths:
+          - /api/v2/mining-admin
+        strip_path: true
+      - name: mining-admin-health
+        paths:
+          - /api/v2/mining-admin/health
+        strip_path: true
+
+  # ---------------------------------------------------------------------------
+  # Auth Service 2.0 - 用户认证服务
+  # 前端路径: /api/v2/auth/...
+  # 后端路径: /api/v2/auth/... (strip_path: false, 直接透传)
+  # ---------------------------------------------------------------------------
+  - name: auth-service-v2
+    url: http://192.168.1.111:3024
+    routes:
+      - name: auth-v2-api
+        paths:
+          - /api/v2/auth
+        strip_path: false
+      - name: auth-v2-health
+        paths:
+          - /api/v2/auth/health
+        strip_path: false
+
+  # ---------------------------------------------------------------------------
+  # Mining Wallet Service 2.0 - 挖矿钱包服务
+  # ---------------------------------------------------------------------------
+  - name: mining-wallet-service
+    url: http://192.168.1.111:3025
+    routes:
+      - name: mining-wallet-api
+        paths:
+          - /api/v2/mining-wallet
+        strip_path: false
+      - name: mining-wallet-health
+        paths:
+          - /api/v2/mining-wallet/health
+        strip_path: false
+
 # =============================================================================
 # Plugins - 全局插件配置
 # =============================================================================
@ -248,10 +378,12 @@ plugins:
    config:
      origins:
        - "https://rwaadmin.szaiai.com"
+        - "https://madmin.szaiai.com"
        - "https://update.szaiai.com"
        - "https://app.rwadurian.com"
        - "http://localhost:3000"
        - "http://localhost:3020"
+        - "http://localhost:3100"
      methods:
        - GET
        - POST
@ -276,8 +408,8 @@ plugins:
  # 请求限流
  - name: rate-limiting
    config:
-      minute: 100
-      hour: 5000
+      minute: 10000
+      hour: 500000
      policy: local

  # 请求日志
--- a/backend/api-gateway/nginx/install-mpc-grpc.sh
+++ b/backend/api-gateway/nginx/install-mpc-grpc.sh
@ -0,0 +1,280 @@
+#!/bin/bash
+# =============================================================================
+# MPC gRPC 代理 - Nginx 配置安装脚本
+# =============================================================================
+# 用途: 为 Service Party App 提供 gRPC 连接到 Message Router
+# 域名: mpc-grpc.szaiai.com
+#
+# 前提条件:
+#   1. Nginx 已安装并运行
+#   2. Certbot 已安装
+#   3. DNS 已配置 mpc-grpc.szaiai.com 指向此服务器
+#   4. Message Router 在后端服务器 (192.168.1.111:50051) 运行
+#
+# 此脚本完全独立，不影响现有服务
+# =============================================================================
+
+set -e
+
+DOMAIN="mpc-grpc.szaiai.com"
+DOMAIN_CONF="${DOMAIN}.conf"  # Nginx 配置文件需要 .conf 后缀
+EMAIL="admin@szaiai.com"
+BACKEND_HOST="192.168.1.111"
+BACKEND_PORT="50051"
+
+# 颜色
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
+log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
+log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
+log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
+
+# 检查 root 权限
+check_root() {
+    if [ "$EUID" -ne 0 ]; then
+        log_error "请使用 root 权限运行: sudo ./install-mpc-grpc.sh"
+        exit 1
+    fi
+}
+
+# 检查前提条件
+check_prerequisites() {
+    log_info "检查前提条件..."
+
+    # 检查 Nginx
+    if ! command -v nginx &> /dev/null; then
+        log_error "Nginx 未安装，请先安装 Nginx"
+        exit 1
+    fi
+
+    # 检查 Certbot
+    if ! command -v certbot &> /dev/null; then
+        log_error "Certbot 未安装，请先安装 Certbot"
+        exit 1
+    fi
+
+    # 检查 Nginx 是否支持 http2 和 grpc
+    if ! nginx -V 2>&1 | grep -q "http_v2_module"; then
+        log_warn "Nginx 可能不支持 HTTP/2，gRPC 需要 HTTP/2 支持"
+    fi
+
+    log_success "前提条件检查通过"
+}
+
+# 步骤 1: 创建临时 HTTP 配置用于证书申请
+configure_http() {
+    log_info "步骤 1/4: 创建临时 HTTP 配置..."
+
+    # 确保 certbot webroot 目录及子目录存在
+    mkdir -p /var/www/certbot/.well-known/acme-challenge
+    chmod -R 755 /var/www/certbot
+
+    # 创建临时 HTTP 配置 (使用 .conf 后缀以便 nginx 加载)
+    cat > /etc/nginx/sites-available/$DOMAIN_CONF << EOF
+# 临时 HTTP 配置 - 用于 Let's Encrypt 验证
+server {
+    listen 80;
+    listen [::]:80;
+    server_name $DOMAIN;
+
+    # Let's Encrypt 验证目录
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return 200 'MPC gRPC proxy - waiting for SSL certificate';
+        add_header Content-Type text/plain;
+    }
+}
+EOF
+
+    # 启用站点
+    ln -sf /etc/nginx/sites-available/$DOMAIN_CONF /etc/nginx/sites-enabled/$DOMAIN_CONF
+
+    # 测试并重载
+    nginx -t && systemctl reload nginx
+    log_success "临时 HTTP 配置完成"
+}
+
+# 步骤 2: 申请 SSL 证书
+obtain_certificate() {
+    log_info "步骤 2/4: 申请 Let's Encrypt SSL 证书..."
+
+    # 检查证书是否已存在
+    if [ -f "/etc/letsencrypt/live/$DOMAIN/fullchain.pem" ]; then
+        log_warn "证书已存在，跳过申请"
+        return 0
+    fi
+
+    # 申请证书
+    certbot certonly \
+        --webroot \
+        --webroot-path=/var/www/certbot \
+        --email $EMAIL \
+        --agree-tos \
+        --no-eff-email \
+        -d $DOMAIN
+
+    log_success "SSL 证书申请成功"
+}
+
+# 步骤 3: 配置 gRPC 代理
+configure_grpc() {
+    log_info "步骤 3/4: 配置 Nginx gRPC 代理..."
+
+    # 获取脚本所在目录
+    SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+    # 复制 gRPC 配置
+    cp "$SCRIPT_DIR/mpc-grpc.szaiai.com.conf" /etc/nginx/sites-available/$DOMAIN_CONF
+
+    # 测试并重载
+    nginx -t && systemctl reload nginx
+    log_success "gRPC 代理配置完成"
+}
+
+# 步骤 4: 验证配置
+verify_setup() {
+    log_info "步骤 4/4: 验证配置..."
+
+    # 检查 Nginx 状态
+    if systemctl is-active --quiet nginx; then
+        log_success "Nginx 运行正常"
+    else
+        log_error "Nginx 未运行"
+        exit 1
+    fi
+
+    # 检查证书
+    if [ -f "/etc/letsencrypt/live/$DOMAIN/fullchain.pem" ]; then
+        log_success "SSL 证书已就绪"
+    else
+        log_error "SSL 证书未找到"
+        exit 1
+    fi
+
+    # 检查配置语法
+    if nginx -t 2>/dev/null; then
+        log_success "Nginx 配置语法正确"
+    else
+        log_error "Nginx 配置语法错误"
+        exit 1
+    fi
+
+    log_success "验证完成"
+}
+
+# 显示完成信息
+show_completion() {
+    echo ""
+    echo -e "${GREEN}========================================${NC}"
+    echo -e "${GREEN}   MPC gRPC 代理安装完成!${NC}"
+    echo -e "${GREEN}========================================${NC}"
+    echo ""
+    echo -e "gRPC 端点: ${BLUE}mpc-grpc.szaiai.com:443${NC}"
+    echo ""
+    echo "架构:"
+    echo "  Service Party App → Nginx (SSL/gRPC) → Message Router"
+    echo "                          ↓"
+    echo "                   $DOMAIN:443"
+    echo "                          ↓"
+    echo "                   $BACKEND_HOST:$BACKEND_PORT"
+    echo ""
+    echo "Service Party App 连接配置:"
+    echo "  gRPC 地址: mpc-grpc.szaiai.com:443"
+    echo "  TLS: 启用"
+    echo ""
+    echo "常用命令:"
+    echo "  查看 Nginx 状态:  systemctl status nginx"
+    echo "  重载 Nginx:       systemctl reload nginx"
+    echo "  查看证书:         certbot certificates"
+    echo "  查看日志:         tail -f /var/log/nginx/$DOMAIN.access.log"
+    echo ""
+    echo -e "${YELLOW}注意: 确保后端 Message Router ($BACKEND_HOST:$BACKEND_PORT) 正在运行${NC}"
+    echo ""
+}
+
+# 显示使用帮助
+show_help() {
+    echo "用法: $0 [选项]"
+    echo ""
+    echo "选项:"
+    echo "  --help, -h     显示帮助信息"
+    echo "  --verify       仅验证现有配置"
+    echo "  --uninstall    卸载配置"
+    echo ""
+}
+
+# 卸载配置
+uninstall() {
+    log_info "卸载 MPC gRPC 代理配置..."
+
+    # 移除站点配置 (兼容新旧文件名)
+    rm -f /etc/nginx/sites-enabled/$DOMAIN_CONF
+    rm -f /etc/nginx/sites-available/$DOMAIN_CONF
+    rm -f /etc/nginx/sites-enabled/$DOMAIN
+    rm -f /etc/nginx/sites-available/$DOMAIN
+
+    # 重载 Nginx
+    nginx -t && systemctl reload nginx
+
+    log_success "配置已卸载"
+    log_info "注意: SSL 证书未删除，如需删除请运行: certbot delete --cert-name $DOMAIN"
+}
+
+# 主函数
+main() {
+    case "${1:-}" in
+        --help|-h)
+            show_help
+            exit 0
+            ;;
+        --verify)
+            check_prerequisites
+            verify_setup
+            exit 0
+            ;;
+        --uninstall)
+            check_root
+            uninstall
+            exit 0
+            ;;
+    esac
+
+    echo ""
+    echo "============================================"
+    echo "  MPC gRPC 代理 - Nginx 安装脚本"
+    echo "  域名: $DOMAIN"
+    echo "  后端: $BACKEND_HOST:$BACKEND_PORT"
+    echo "============================================"
+    echo ""
+
+    check_root
+    check_prerequisites
+
+    echo ""
+    log_warn "请确保以下条件已满足:"
+    echo "  1. 域名 $DOMAIN 的 DNS A 记录已指向本服务器 IP"
+    echo "  2. Message Router 已在 $BACKEND_HOST:$BACKEND_PORT 运行"
+    echo ""
+    read -p "是否继续安装? (y/n): " confirm
+
+    if [ "$confirm" != "y" ] && [ "$confirm" != "Y" ]; then
+        log_info "安装已取消"
+        exit 0
+    fi
+
+    configure_http
+    obtain_certificate
+    configure_grpc
+    verify_setup
+    show_completion
+}
+
+main "$@"
--- a/backend/api-gateway/nginx/mpc-grpc.szaiai.com.conf
+++ b/backend/api-gateway/nginx/mpc-grpc.szaiai.com.conf
@ -0,0 +1,95 @@
+# =============================================================================
+# MPC Message Router gRPC 代理配置
+# =============================================================================
+# 域名: mpc-grpc.szaiai.com
+# 用途: 为 Service Party App 提供 gRPC 连接到 Message Router
+# 后端: Message Router gRPC 服务 (端口 50051)
+#
+# 部署步骤:
+#   1. 放置到: /etc/nginx/sites-available/mpc-grpc.szaiai.com
+#   2. 启用: ln -s /etc/nginx/sites-available/mpc-grpc.szaiai.com /etc/nginx/sites-enabled/
+#   3. 申请证书: certbot certonly --nginx -d mpc-grpc.szaiai.com
+#   4. 重载: nginx -t && systemctl reload nginx
+#
+# 注意: 此配置完全独立，不影响现有服务
+# =============================================================================
+
+# HTTP 重定向到 HTTPS (gRPC 必须使用 HTTPS)
+server {
+    listen 80;
+    listen [::]:80;
+    server_name mpc-grpc.szaiai.com;
+
+    # Let's Encrypt 验证目录
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    # 重定向到 HTTPS
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+# HTTPS + gRPC 配置
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name mpc-grpc.szaiai.com;
+
+    # SSL 证书 (Let's Encrypt)
+    # 首次部署前需要先申请证书:
+    # certbot certonly --nginx -d mpc-grpc.szaiai.com
+    ssl_certificate /etc/letsencrypt/live/mpc-grpc.szaiai.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/mpc-grpc.szaiai.com/privkey.pem;
+
+    # SSL 配置优化
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:MPC_SSL:10m;
+    ssl_session_tickets off;
+
+    # 现代加密套件
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+
+    # HSTS
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    # 日志
+    access_log /var/log/nginx/mpc-grpc.szaiai.com.access.log;
+    error_log /var/log/nginx/mpc-grpc.szaiai.com.error.log;
+
+    # gRPC 代理到 Message Router
+    # 后端服务器: 192.168.1.111 (与其他服务相同)
+    # Message Router gRPC 端口: 50051
+    location / {
+        # gRPC 代理
+        grpc_pass grpc://192.168.1.111:50051;
+
+        # gRPC 超时设置
+        # 会话等待时间较长 (24小时倒计时)，需要较长超时
+        grpc_read_timeout 300s;
+        grpc_send_timeout 300s;
+        grpc_connect_timeout 60s;
+
+        # 错误处理
+        error_page 502 = /error502grpc;
+    }
+
+    # gRPC 错误处理
+    location = /error502grpc {
+        internal;
+        default_type application/grpc;
+        add_header grpc-status 14;
+        add_header grpc-message "Message Router unavailable";
+        return 204;
+    }
+
+    # HTTP 健康检查端点 (用于监控)
+    location = /health {
+        access_log off;
+        return 200 '{"status":"ok","service":"mpc-grpc-proxy"}';
+        add_header Content-Type application/json;
+    }
+}
--- a/backend/docker-compose.windows.yml
+++ b/backend/docker-compose.windows.yml
@ -159,6 +159,7 @@ services:
      dockerfile: services/message-router/Dockerfile
    container_name: mpc-message-router
    ports:
+      - "50051:50051"  # gRPC for party connections
      - "8082:8080"
    environment:
      MPC_SERVER_GRPC_PORT: 50051
@ -675,6 +676,11 @@ services:
      KAFKA_GROUP_ID: authorization-service-group
      REFERRAL_SERVICE_URL: http://referral-service:3004
      REFERRAL_SERVICE_ENABLED: "true"
+      IDENTITY_SERVICE_URL: http://identity-service:3000
+      IDENTITY_SERVICE_ENABLED: "true"
+      REWARD_SERVICE_URL: http://reward-service:3005
+      REWARD_SERVICE_ENABLED: "true"
+      # 注意：不添加 reward-service 依赖，避免循环依赖
    depends_on:
      postgres:
        condition: service_healthy
--- a/backend/infrastructure/.env
+++ b/backend/infrastructure/.env
@ -0,0 +1,94 @@
+# =============================================================================
+# RWA Infrastructure - Production Environment Configuration
+# =============================================================================
+#
+# Deployment: Server B (192.168.1.111) or separate monitoring server
+# Role: Observability stack - metrics, logs, tracing, service discovery
+#
+# Components:
+# ┌─────────────────────────────────────────────────────────────────────────┐
+# │ Observability Stack                                                     │
+# ├─────────────────────────────────────────────────────────────────────────┤
+# │ Grafana     :3030  - Dashboards and visualization                       │
+# │ Prometheus  :9090  - Metrics collection and alerting                    │
+# │ Loki        :3100  - Log aggregation                                    │
+# │ Jaeger      :16686 - Distributed tracing                                │
+# │ Consul      :8500  - Service discovery (optional)                       │
+# └─────────────────────────────────────────────────────────────────────────┘
+#
+# Network Topology:
+#   Server A (192.168.1.100): Kong API Gateway
+#   Server B (192.168.1.111): Microservices + MPC System
+#   Prometheus scrapes metrics from both servers
+#
+# Setup:
+#   1. Copy to .env: cp .env.example .env
+#   2. Update passwords and URLs
+#   3. Start: docker-compose up -d
+# =============================================================================
+
+# =============================================================================
+# Network Configuration
+# =============================================================================
+# Server A: Gateway (Kong)
+KONG_SERVER_IP=192.168.1.100
+
+# Server B: Backend services
+BACKEND_SERVER_IP=192.168.1.111
+
+# Public domain
+PUBLIC_DOMAIN=rwaapi.szaiai.com
+
+# =============================================================================
+# Consul Configuration (Service Discovery)
+# =============================================================================
+CONSUL_HTTP_PORT=8500
+CONSUL_DNS_PORT=8600
+
+# =============================================================================
+# Jaeger Configuration (Distributed Tracing)
+# =============================================================================
+JAEGER_UI_PORT=16686
+
+# =============================================================================
+# Loki Configuration (Log Aggregation)
+# =============================================================================
+LOKI_PORT=3100
+
+# =============================================================================
+# Grafana Configuration (Dashboards)
+# =============================================================================
+GRAFANA_PORT=3030
+GRAFANA_ADMIN_USER=admin
+# SECURITY: Change this in production!
+# Example command to generate: openssl rand -base64 24
+GRAFANA_ADMIN_PASSWORD=admin123
+
+# Grafana Root URL - MUST match actual access URL for CORS/auth
+# For internal access: http://192.168.1.111:3030
+# For external access with nginx: https://monitor.szaiai.com
+GRAFANA_ROOT_URL=https://monitor.szaiai.com
+GRAFANA_LOG_LEVEL=info
+
+# =============================================================================
+# Prometheus Configuration (Metrics)
+# =============================================================================
+PROMETHEUS_PORT=9090
+
+# Scrape targets (configured in prometheus.yml):
+# - Kong:                   192.168.1.100:8001/metrics
+# - identity-service:       192.168.1.111:3000/metrics
+# - wallet-service:         192.168.1.111:3001/metrics
+# - mpc-service:            192.168.1.111:3006/metrics
+# - blockchain-service:     192.168.1.111:3012/metrics
+# - mpc-system services:    192.168.1.111:4000/metrics, etc.
+
+# =============================================================================
+# PostgreSQL Configuration (for Grafana data source)
+# =============================================================================
+# Connect to main RWA database for dashboards
+POSTGRES_HOST=192.168.1.111
+POSTGRES_PORT=5432
+POSTGRES_USER=rwa_user
+# SECURITY: Use the same password as backend/services/.env
+POSTGRES_PASSWORD=your_password_here
--- a/backend/infrastructure/README.md
+++ b/backend/infrastructure/README.md
@ -69,6 +69,7 @@ cd infrastructure
 | Grafana | http://localhost:3030 | 统一仪表盘 |
 | Prometheus | http://localhost:9090 | 指标查询 |
 | Loki | http://localhost:3100 | 日志 API |
+| **Sentry** | http://localhost:9000 | **崩溃收集 & 错误追踪** |

 ## 组件说明

@ -164,6 +165,35 @@ sdk.start();
 - Loki (日志)
 - Jaeger (追踪)

+### Sentry - 崩溃收集与错误追踪 (独立部署)
+
+**功能：**
+- 崩溃收集 (Flutter + Android/iOS 原生层)
+- 错误追踪与堆栈符号化
+- 设备兼容性分析
+- 性能监控
+- Session Replay
+
+**部署方式：**
+
+Sentry 是独立部署的服务，位于 `sentry/` 目录:
+
+```bash
+cd sentry
+
+# 首次安装 (创建管理员账号)
+./deploy.sh init
+
+# 启动服务
+./deploy.sh up
+```
+
+**系统要求：**
+- 最低 4GB 内存，推荐 8GB+
+- 约 20GB 磁盘空间
+
+详细文档请参考: [sentry/README.md](sentry/README.md)
+
 ## 目录结构

 ```
@ -189,13 +219,19 @@ infrastructure/
 │   └── rules/
 │       └── rwa-alerts.yml      # 告警规则
 │
-└── grafana/
-    └── provisioning/
-        ├── datasources/
-        │   └── datasources.yml # 数据源配置
-        └── dashboards/
-            ├── dashboards.yml  # 仪表盘配置
-            └── rwa-services-overview.json
+├── grafana/
+│   └── provisioning/
+│       ├── datasources/
+│       │   └── datasources.yml # 数据源配置
+│       └── dashboards/
+│           ├── dashboards.yml  # 仪表盘配置
+│           └── rwa-services-overview.json
+│
+└── sentry/                     # 崩溃收集 (独立部署)
+    ├── docker-compose.yml      # Sentry 编排
+    ├── deploy.sh               # 部署脚本
+    ├── sentry.conf.py          # Sentry 配置
+    └── README.md               # 详细文档
 ```

 ## 常用命令
@ -227,6 +263,7 @@ infrastructure/
 | 详细指标 | - | 添加 Prometheus 中间件 |
 | 链路追踪 | - | 添加 OpenTelemetry SDK |
 | 动态配置 | - | 集成 Consul KV |
+| **崩溃收集** | - | **集成 sentry_flutter SDK** |

 ## 扩展配置

--- a/backend/infrastructure/docker-compose.yml
+++ b/backend/infrastructure/docker-compose.yml
@ -31,6 +31,7 @@ services:
    container_name: rwa-consul
    command: agent -server -bootstrap-expect=1 -ui -client=0.0.0.0 -datacenter=rwa-dc1
    environment:
+      TZ: Asia/Shanghai
      CONSUL_BIND_INTERFACE: eth0
    ports:
      - "${CONSUL_HTTP_PORT:-8500}:8500"     # HTTP API + UI
@ -65,6 +66,7 @@ services:
    image: docker.io/jaegertracing/all-in-one:1.54
    container_name: rwa-jaeger
    environment:
+      TZ: Asia/Shanghai
      COLLECTOR_ZIPKIN_HOST_PORT: :9411
      COLLECTOR_OTLP_ENABLED: true
      SPAN_STORAGE_TYPE: badger
@ -167,6 +169,7 @@ services:
    image: docker.io/grafana/grafana:10.3.1
    container_name: rwa-grafana
    environment:
+      - TZ=Asia/Shanghai
      - GF_SECURITY_ADMIN_USER=${GRAFANA_ADMIN_USER:-admin}
      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD:-admin123}
      - GF_USERS_ALLOW_SIGN_UP=false
--- a/backend/infrastructure/minio/docker-compose.yml
+++ b/backend/infrastructure/minio/docker-compose.yml
@ -32,6 +32,7 @@ services:
    container_name: rwa-minio
    command: server /data --console-address ":9001"
    environment:
+      TZ: Asia/Shanghai
      # 管理员凭证
      MINIO_ROOT_USER: ${MINIO_ROOT_USER:-admin}
      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD:-minio_secret_password}
--- a/backend/infrastructure/sentry/.env.example
+++ b/backend/infrastructure/sentry/.env.example
@ -0,0 +1,48 @@
+# =============================================================================
+# Sentry Self-Hosted 环境变量配置
+# =============================================================================
+# 使用方法: 复制为 .env 并修改以下配置
+# cp .env.example .env
+# =============================================================================
+
+# -----------------------------------------------------------------------------
+# 必须配置 - 安全相关
+# -----------------------------------------------------------------------------
+
+# Sentry 密钥 (至少 50 个随机字符)
+# 生成方法: openssl rand -hex 32
+SENTRY_SECRET_KEY=please_change_this_to_a_random_string_at_least_50_chars
+
+# PostgreSQL 数据库密码
+SENTRY_DB_PASSWORD=sentry_secret_password
+
+# -----------------------------------------------------------------------------
+# 端口配置
+# -----------------------------------------------------------------------------
+
+# Sentry Web UI 端口
+SENTRY_PORT=9000
+
+# Relay 端口 (SDK 数据接收)
+SENTRY_RELAY_PORT=3000
+
+# -----------------------------------------------------------------------------
+# 邮件配置 (可选，用于告警通知)
+# -----------------------------------------------------------------------------
+
+# SMTP 服务器
+SENTRY_EMAIL_HOST=smtp.example.com
+SENTRY_EMAIL_PORT=587
+SENTRY_EMAIL_USER=
+SENTRY_EMAIL_PASSWORD=
+SENTRY_EMAIL_USE_TLS=true
+
+# 发件人地址
+SENTRY_SERVER_EMAIL=sentry@example.com
+
+# -----------------------------------------------------------------------------
+# 系统配置
+# -----------------------------------------------------------------------------
+
+# 系统 URL (用于邮件链接等)
+SENTRY_SYSTEM_URL=http://localhost:9000
--- a/backend/infrastructure/sentry/README.md
+++ b/backend/infrastructure/sentry/README.md
@ -0,0 +1,248 @@
+# Sentry Self-Hosted - 崩溃收集与错误追踪
+
+100% 自主可控的崩溃收集与错误追踪系统。
+
+## 功能特性
+
+- **崩溃收集**: 自动捕获 Flutter + Android/iOS 原生层崩溃
+- **符号化**: 自动解析混淆后的堆栈，定位到源代码
+- **设备信息**: 收集设备型号、系统版本、内存等兼容性信息
+- **性能监控**: 页面加载、API 响应时间等性能指标
+- **Session Replay**: 重放用户操作轨迹（可选）
+- **告警通知**: 崩溃告警推送到邮件/钉钉等
+
+## 系统要求
+
+- Docker 20.10+
+- Docker Compose v2+
+- **最低 4GB 内存，推荐 8GB+**
+- 约 20GB 磁盘空间
+
+## 快速开始
+
+### 1. 首次安装
+
+```bash
+cd backend/infrastructure/sentry
+
+# 初始化 (会创建管理员账号)
+./deploy.sh init
+```
+
+按提示输入管理员邮箱和密码。
+
+### 2. 启动服务
+
+```bash
+./deploy.sh up
+```
+
+### 3. 访问 Web UI
+
+打开浏览器访问: http://localhost:9000
+
+使用初始化时创建的管理员账号登录。
+
+### 4. 创建项目
+
+1. 登录后点击 "Create Project"
+2. 选择平台: **Flutter**
+3. 记录生成的 **DSN** (Data Source Name)
+
+DSN 格式示例:
+```
+http://your_public_key@localhost:9000/project_id
+```
+
+## 目录结构
+
+```
+sentry/
+├── docker-compose.yml      # Docker 编排
+├── deploy.sh               # 部署脚本
+├── .env.example            # 环境变量模板
+├── sentry.conf.py          # Sentry 配置
+├── README.md               # 本文档
+│
+├── clickhouse/
+│   └── config.xml          # ClickHouse 配置
+│
+├── relay/
+│   ├── config.yml          # Relay 配置
+│   └── credentials.json    # Relay 凭证
+│
+└── symbolicator/
+    └── config.yml          # Symbolicator 配置
+```
+
+## 常用命令
+
+```bash
+# 启动
+./deploy.sh up
+
+# 停止
+./deploy.sh down
+
+# 查看状态
+./deploy.sh status
+
+# 查看日志
+./deploy.sh logs
+./deploy.sh logs sentry-web
+
+# 升级
+./deploy.sh upgrade
+```
+
+## 架构说明
+
+```
+                                    ┌─────────────────┐
+                                    │   Flutter App   │
+                                    │  sentry_flutter │
+                                    └────────┬────────┘
+                                             │
+                                             ▼
+┌─────────────────────────────────────────────────────────────────────┐
+│                            Sentry Relay                              │
+│                         (事件接收网关 :3000)                          │
+└────────────────────────────────┬────────────────────────────────────┘
+                                 │
+         ┌───────────────────────┼───────────────────────┐
+         │                       │                       │
+         ▼                       ▼                       ▼
+┌─────────────────┐   ┌─────────────────┐   ┌─────────────────┐
+│      Kafka      │   │   Sentry Web    │   │  Symbolicator   │
+│   (事件队列)     │   │  (Web UI :9000) │   │   (符号化服务)   │
+└────────┬────────┘   └────────┬────────┘   └─────────────────┘
+         │                     │
+         │            ┌────────┴────────┐
+         │            │                 │
+         ▼            ▼                 ▼
+┌─────────────────┐   ┌─────────────────┐
+│    ClickHouse   │   │   PostgreSQL    │
+│   (事件存储)     │   │   (元数据)       │
+└─────────────────┘   └─────────────────┘
+```
+
+## 生产环境配置
+
+### 1. 修改密钥
+
+编辑 `.env` 文件:
+
+```bash
+# 生成强密钥
+SENTRY_SECRET_KEY=$(openssl rand -hex 32)
+SENTRY_DB_PASSWORD=$(openssl rand -hex 16)
+```
+
+### 2. 配置域名
+
+如果需要公网访问，配置反向代理:
+
+```nginx
+# /etc/nginx/conf.d/sentry.conf
+server {
+    listen 443 ssl;
+    server_name sentry.your-domain.com;
+
+    ssl_certificate /path/to/cert.pem;
+    ssl_certificate_key /path/to/key.pem;
+
+    location / {
+        proxy_pass http://localhost:9000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# Relay 端口 (SDK 上报)
+server {
+    listen 443 ssl;
+    server_name sentry-relay.your-domain.com;
+
+    ssl_certificate /path/to/cert.pem;
+    ssl_certificate_key /path/to/key.pem;
+
+    location / {
+        proxy_pass http://localhost:3000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+}
+```
+
+### 3. 配置邮件告警
+
+编辑 `.env` 文件:
+
+```bash
+SENTRY_EMAIL_HOST=smtp.example.com
+SENTRY_EMAIL_PORT=587
+SENTRY_EMAIL_USER=your-email@example.com
+SENTRY_EMAIL_PASSWORD=your-password
+SENTRY_EMAIL_USE_TLS=true
+SENTRY_SERVER_EMAIL=sentry@your-domain.com
+```
+
+### 4. 数据保留策略
+
+编辑 `sentry.conf.py`:
+
+```python
+# 事件保留天数 (默认 90 天)
+SENTRY_OPTIONS["system.event-retention-days"] = 30
+```
+
+## Flutter 端集成
+
+详见 `frontend/mobile-app` 目录下的集成代码。
+
+简要步骤:
+
+1. 添加依赖:
+```yaml
+dependencies:
+  sentry_flutter: ^8.0.0
+```
+
+2. 初始化:
+```dart
+await SentryFlutter.init(
+  (options) {
+    options.dsn = 'http://your_key@your-server:9000/project_id';
+  },
+  appRunner: () => runApp(MyApp()),
+);
+```
+
+## 故障排查
+
+### 服务无法启动
+
+检查内存是否足够:
+```bash
+free -h
+docker stats
+```
+
+### 事件未上报
+
+1. 检查 DSN 是否正确
+2. 检查网络连通性
+3. 查看 Relay 日志: `./deploy.sh logs sentry-relay`
+
+### 符号化失败
+
+1. 确保上传了符号文件 (Android: mapping.txt, iOS: dSYM)
+2. 检查 Symbolicator 日志: `./deploy.sh logs sentry-symbolicator`
+
+## 参考链接
+
+- [Sentry 官方文档](https://docs.sentry.io/)
+- [Self-Hosted 安装指南](https://develop.sentry.dev/self-hosted/)
+- [sentry_flutter SDK](https://pub.dev/packages/sentry_flutter)
--- a/backend/infrastructure/sentry/clickhouse/config.xml
+++ b/backend/infrastructure/sentry/clickhouse/config.xml
@ -0,0 +1,27 @@
+<?xml version="1.0"?>
+<!-- ClickHouse Sentry 配置 -->
+<clickhouse>
+    <!-- 日志级别 -->
+    <logger>
+        <level>warning</level>
+        <console>true</console>
+    </logger>
+
+    <!-- 内存限制 -->
+    <max_server_memory_usage_to_ram_ratio>0.8</max_server_memory_usage_to_ram_ratio>
+
+    <!-- 查询限制 -->
+    <max_concurrent_queries>100</max_concurrent_queries>
+
+    <!-- 连接数限制 -->
+    <max_connections>4096</max_connections>
+
+    <!-- 压缩配置 -->
+    <compression>
+        <case>
+            <min_part_size>10000000000</min_part_size>
+            <min_part_size_ratio>0.01</min_part_size_ratio>
+            <method>lz4</method>
+        </case>
+    </compression>
+</clickhouse>
--- a/backend/infrastructure/sentry/deploy.sh
+++ b/backend/infrastructure/sentry/deploy.sh
@ -0,0 +1,174 @@
+#!/bin/bash
+# =============================================================================
+# Sentry Self-Hosted 部署脚本
+# =============================================================================
+# 使用方法:
+#   ./deploy.sh init      # 首次初始化 (创建管理员账号)
+#   ./deploy.sh up        # 启动服务
+#   ./deploy.sh down      # 停止服务
+#   ./deploy.sh logs      # 查看日志
+#   ./deploy.sh status    # 查看状态
+#   ./deploy.sh upgrade   # 升级 Sentry
+# =============================================================================
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+cd "$SCRIPT_DIR"
+
+# 颜色定义
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+# 检查 .env 文件
+check_env() {
+    if [ ! -f .env ]; then
+        echo -e "${YELLOW}未找到 .env 文件，正在从模板创建...${NC}"
+        cp .env.example .env
+
+        # 生成随机密钥
+        RANDOM_KEY=$(openssl rand -hex 32 2>/dev/null || head -c 64 /dev/urandom | base64 | tr -d '\n' | head -c 64)
+        sed -i "s/please_change_this_to_a_random_string_at_least_50_chars/$RANDOM_KEY/" .env
+
+        echo -e "${GREEN}.env 文件已创建，请检查并修改配置后重新运行${NC}"
+        echo -e "${YELLOW}特别注意修改: SENTRY_SECRET_KEY 和 SENTRY_DB_PASSWORD${NC}"
+    fi
+}
+
+# 初始化 Sentry (首次运行)
+init() {
+    echo -e "${GREEN}=== 初始化 Sentry ===${NC}"
+    check_env
+
+    echo -e "${YELLOW}1. 启动依赖服务...${NC}"
+    docker compose up -d sentry-redis sentry-postgres sentry-kafka sentry-zookeeper sentry-clickhouse
+
+    echo -e "${YELLOW}等待服务就绪...${NC}"
+    sleep 30
+
+    echo -e "${YELLOW}2. 运行数据库迁移...${NC}"
+    docker compose run --rm sentry-web upgrade --noinput
+
+    echo -e "${YELLOW}3. 创建管理员账号...${NC}"
+    echo -e "${GREEN}请按提示输入管理员邮箱和密码${NC}"
+    docker compose run --rm sentry-web createuser --superuser
+
+    echo -e "${GREEN}=== 初始化完成 ===${NC}"
+    echo -e "${YELLOW}运行 './deploy.sh up' 启动所有服务${NC}"
+}
+
+# 启动服务
+up() {
+    echo -e "${GREEN}=== 启动 Sentry ===${NC}"
+    check_env
+    docker compose up -d
+    echo -e "${GREEN}Sentry 已启动${NC}"
+    echo -e "Web UI: http://localhost:${SENTRY_PORT:-9000}"
+    echo -e "Relay:  http://localhost:${SENTRY_RELAY_PORT:-3000}"
+}
+
+# 停止服务
+down() {
+    echo -e "${YELLOW}=== 停止 Sentry ===${NC}"
+    docker compose down
+    echo -e "${GREEN}Sentry 已停止${NC}"
+}
+
+# 查看日志
+logs() {
+    SERVICE=${1:-}
+    if [ -z "$SERVICE" ]; then
+        docker compose logs -f --tail=100
+    else
+        docker compose logs -f --tail=100 "$SERVICE"
+    fi
+}
+
+# 查看状态
+status() {
+    echo -e "${GREEN}=== Sentry 服务状态 ===${NC}"
+    docker compose ps
+}
+
+# 升级
+upgrade() {
+    echo -e "${YELLOW}=== 升级 Sentry ===${NC}"
+
+    echo "1. 停止服务..."
+    docker compose down
+
+    echo "2. 拉取最新镜像..."
+    docker compose pull
+
+    echo "3. 运行数据库迁移..."
+    docker compose run --rm sentry-web upgrade --noinput
+
+    echo "4. 启动服务..."
+    docker compose up -d
+
+    echo -e "${GREEN}=== 升级完成 ===${NC}"
+}
+
+# 生成 Relay 凭证
+generate_relay_credentials() {
+    echo -e "${YELLOW}=== 生成 Relay 凭证 ===${NC}"
+    docker compose run --rm sentry-relay credentials generate --stdout > relay/credentials.json
+    echo -e "${GREEN}凭证已生成到 relay/credentials.json${NC}"
+}
+
+# 帮助信息
+help() {
+    echo "Sentry Self-Hosted 部署脚本"
+    echo ""
+    echo "用法: ./deploy.sh <命令>"
+    echo ""
+    echo "命令:"
+    echo "  init                首次初始化 (创建管理员账号)"
+    echo "  up                  启动所有服务"
+    echo "  down                停止所有服务"
+    echo "  logs [service]      查看日志 (可指定服务)"
+    echo "  status              查看服务状态"
+    echo "  upgrade             升级 Sentry"
+    echo "  generate-relay      生成 Relay 凭证"
+    echo "  help                显示此帮助信息"
+    echo ""
+    echo "示例:"
+    echo "  ./deploy.sh init              # 首次安装"
+    echo "  ./deploy.sh up                # 启动"
+    echo "  ./deploy.sh logs sentry-web   # 查看 Web 服务日志"
+}
+
+# 主入口
+case "${1:-help}" in
+    init)
+        init
+        ;;
+    up)
+        up
+        ;;
+    down)
+        down
+        ;;
+    logs)
+        logs "$2"
+        ;;
+    status)
+        status
+        ;;
+    upgrade)
+        upgrade
+        ;;
+    generate-relay)
+        generate_relay_credentials
+        ;;
+    help|--help|-h)
+        help
+        ;;
+    *)
+        echo -e "${RED}未知命令: $1${NC}"
+        help
+        exit 1
+        ;;
+esac
--- a/backend/infrastructure/sentry/docker-compose.yml
+++ b/backend/infrastructure/sentry/docker-compose.yml
@ -0,0 +1,465 @@
+# =============================================================================
+# Sentry Self-Hosted - 崩溃收集与错误追踪
+# =============================================================================
+#
+# 功能：
+#   - 崩溃收集（Flutter + Android/iOS 原生层）
+#   - 错误追踪与符号化
+#   - 性能监控
+#   - Session Replay
+#   - 设备兼容性分析
+#
+# 使用方法:
+#   ./deploy.sh up        # 首次启动（会自动初始化）
+#   ./deploy.sh down      # 停止
+#   ./deploy.sh logs      # 查看日志
+#
+# 系统要求:
+#   - Docker 20.10+
+#   - Docker Compose v2+
+#   - 最低 4GB 内存，推荐 8GB+
+#   - 约 20GB 磁盘空间
+#
+# =============================================================================
+
+services:
+  # ===========================================================================
+  # Redis - 缓存与消息队列
+  # ===========================================================================
+  sentry-redis:
+    image: redis:7-alpine
+    container_name: sentry-redis
+    volumes:
+      - sentry_redis_data:/data
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # PostgreSQL - 主数据库
+  # ===========================================================================
+  sentry-postgres:
+    image: postgres:15-alpine
+    container_name: sentry-postgres
+    environment:
+      POSTGRES_USER: sentry
+      POSTGRES_PASSWORD: ${SENTRY_DB_PASSWORD:-sentry_secret_password}
+      POSTGRES_DB: sentry
+    volumes:
+      - sentry_postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U sentry"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # Kafka + Zookeeper - 事件流处理
+  # ===========================================================================
+  sentry-zookeeper:
+    image: confluentinc/cp-zookeeper:7.5.0
+    container_name: sentry-zookeeper
+    environment:
+      ZOOKEEPER_CLIENT_PORT: 2181
+      ZOOKEEPER_TICK_TIME: 2000
+    volumes:
+      - sentry_zookeeper_data:/var/lib/zookeeper/data
+      - sentry_zookeeper_log:/var/lib/zookeeper/log
+    healthcheck:
+      test: ["CMD", "nc", "-z", "localhost", "2181"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-kafka:
+    image: confluentinc/cp-kafka:7.5.0
+    container_name: sentry-kafka
+    depends_on:
+      sentry-zookeeper:
+        condition: service_healthy
+    environment:
+      KAFKA_BROKER_ID: 1
+      KAFKA_ZOOKEEPER_CONNECT: sentry-zookeeper:2181
+      KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://sentry-kafka:9092
+      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
+      KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
+      KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
+      KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true"
+    volumes:
+      - sentry_kafka_data:/var/lib/kafka/data
+    healthcheck:
+      test: ["CMD", "kafka-broker-api-versions", "--bootstrap-server", "localhost:9092"]
+      interval: 10s
+      timeout: 10s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # ClickHouse - 事件存储（高性能分析）
+  # ===========================================================================
+  sentry-clickhouse:
+    image: clickhouse/clickhouse-server:23.8-alpine
+    container_name: sentry-clickhouse
+    volumes:
+      - sentry_clickhouse_data:/var/lib/clickhouse
+      - ./clickhouse/config.xml:/etc/clickhouse-server/config.d/sentry.xml:ro
+    ulimits:
+      nofile:
+        soft: 262144
+        hard: 262144
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:8123/ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # Snuba - 事件搜索与聚合
+  # ===========================================================================
+  sentry-snuba-api:
+    image: getsentry/snuba:24.1.0
+    container_name: sentry-snuba-api
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-clickhouse:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SNUBA_SETTINGS: docker
+      CLICKHOUSE_HOST: sentry-clickhouse
+      REDIS_HOST: sentry-redis
+      KAFKA_BROKER_HOST: sentry-kafka
+    command: api
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-snuba-consumer:
+    image: getsentry/snuba:24.1.0
+    container_name: sentry-snuba-consumer
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-clickhouse:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SNUBA_SETTINGS: docker
+      CLICKHOUSE_HOST: sentry-clickhouse
+      REDIS_HOST: sentry-redis
+      KAFKA_BROKER_HOST: sentry-kafka
+    command: consumer --storage errors --auto-offset-reset=latest --max-batch-time-ms 750
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-snuba-outcomes-consumer:
+    image: getsentry/snuba:24.1.0
+    container_name: sentry-snuba-outcomes-consumer
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-clickhouse:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SNUBA_SETTINGS: docker
+      CLICKHOUSE_HOST: sentry-clickhouse
+      REDIS_HOST: sentry-redis
+      KAFKA_BROKER_HOST: sentry-kafka
+    command: consumer --storage outcomes_raw --auto-offset-reset=earliest --max-batch-time-ms 750
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-snuba-sessions-consumer:
+    image: getsentry/snuba:24.1.0
+    container_name: sentry-snuba-sessions-consumer
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-clickhouse:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SNUBA_SETTINGS: docker
+      CLICKHOUSE_HOST: sentry-clickhouse
+      REDIS_HOST: sentry-redis
+      KAFKA_BROKER_HOST: sentry-kafka
+    command: consumer --storage sessions_raw --auto-offset-reset=latest --max-batch-time-ms 750
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-snuba-transactions-consumer:
+    image: getsentry/snuba:24.1.0
+    container_name: sentry-snuba-transactions-consumer
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-clickhouse:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SNUBA_SETTINGS: docker
+      CLICKHOUSE_HOST: sentry-clickhouse
+      REDIS_HOST: sentry-redis
+      KAFKA_BROKER_HOST: sentry-kafka
+    command: consumer --storage transactions --auto-offset-reset=latest --max-batch-time-ms 750
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-snuba-replacer:
+    image: getsentry/snuba:24.1.0
+    container_name: sentry-snuba-replacer
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-clickhouse:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SNUBA_SETTINGS: docker
+      CLICKHOUSE_HOST: sentry-clickhouse
+      REDIS_HOST: sentry-redis
+      KAFKA_BROKER_HOST: sentry-kafka
+    command: replacer --storage errors --auto-offset-reset=latest --max-batch-size 3
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # Sentry Core Services
+  # ===========================================================================
+  sentry-web:
+    image: getsentry/sentry:24.1.0
+    container_name: sentry-web
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-postgres:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+      sentry-snuba-api:
+        condition: service_started
+    ports:
+      - "${SENTRY_PORT:-9000}:9000"
+    environment:
+      SENTRY_SECRET_KEY: ${SENTRY_SECRET_KEY:-please_change_this_to_a_random_string_at_least_50_chars}
+      SENTRY_POSTGRES_HOST: sentry-postgres
+      SENTRY_DB_USER: sentry
+      SENTRY_DB_PASSWORD: ${SENTRY_DB_PASSWORD:-sentry_secret_password}
+      SENTRY_REDIS_HOST: sentry-redis
+      SNUBA: http://sentry-snuba-api:1218
+      SENTRY_KAFKA_HOST: sentry-kafka
+      # 邮件配置（可选）
+      SENTRY_EMAIL_HOST: ${SENTRY_EMAIL_HOST:-}
+      SENTRY_EMAIL_PORT: ${SENTRY_EMAIL_PORT:-587}
+      SENTRY_EMAIL_USER: ${SENTRY_EMAIL_USER:-}
+      SENTRY_EMAIL_PASSWORD: ${SENTRY_EMAIL_PASSWORD:-}
+      SENTRY_EMAIL_USE_TLS: ${SENTRY_EMAIL_USE_TLS:-true}
+      SENTRY_SERVER_EMAIL: ${SENTRY_SERVER_EMAIL:-sentry@localhost}
+      # 系统配置
+      SENTRY_SINGLE_ORGANIZATION: "true"
+    volumes:
+      - sentry_data:/data
+      - ./sentry.conf.py:/etc/sentry/sentry.conf.py:ro
+    healthcheck:
+      test: ["CMD-SHELL", "wget -qO- http://localhost:9000/_health/ || exit 1"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+      start_period: 60s
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-worker:
+    image: getsentry/sentry:24.1.0
+    container_name: sentry-worker
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-postgres:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SENTRY_SECRET_KEY: ${SENTRY_SECRET_KEY:-please_change_this_to_a_random_string_at_least_50_chars}
+      SENTRY_POSTGRES_HOST: sentry-postgres
+      SENTRY_DB_USER: sentry
+      SENTRY_DB_PASSWORD: ${SENTRY_DB_PASSWORD:-sentry_secret_password}
+      SENTRY_REDIS_HOST: sentry-redis
+      SNUBA: http://sentry-snuba-api:1218
+      SENTRY_KAFKA_HOST: sentry-kafka
+    command: run worker
+    volumes:
+      - sentry_data:/data
+      - ./sentry.conf.py:/etc/sentry/sentry.conf.py:ro
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-cron:
+    image: getsentry/sentry:24.1.0
+    container_name: sentry-cron
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-postgres:
+        condition: service_healthy
+    environment:
+      SENTRY_SECRET_KEY: ${SENTRY_SECRET_KEY:-please_change_this_to_a_random_string_at_least_50_chars}
+      SENTRY_POSTGRES_HOST: sentry-postgres
+      SENTRY_DB_USER: sentry
+      SENTRY_DB_PASSWORD: ${SENTRY_DB_PASSWORD:-sentry_secret_password}
+      SENTRY_REDIS_HOST: sentry-redis
+      SNUBA: http://sentry-snuba-api:1218
+      SENTRY_KAFKA_HOST: sentry-kafka
+    command: run cron
+    volumes:
+      - sentry_data:/data
+      - ./sentry.conf.py:/etc/sentry/sentry.conf.py:ro
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-ingest-consumer:
+    image: getsentry/sentry:24.1.0
+    container_name: sentry-ingest-consumer
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-postgres:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SENTRY_SECRET_KEY: ${SENTRY_SECRET_KEY:-please_change_this_to_a_random_string_at_least_50_chars}
+      SENTRY_POSTGRES_HOST: sentry-postgres
+      SENTRY_DB_USER: sentry
+      SENTRY_DB_PASSWORD: ${SENTRY_DB_PASSWORD:-sentry_secret_password}
+      SENTRY_REDIS_HOST: sentry-redis
+      SNUBA: http://sentry-snuba-api:1218
+      SENTRY_KAFKA_HOST: sentry-kafka
+    command: run ingest-consumer --all-consumer-types
+    volumes:
+      - sentry_data:/data
+      - ./sentry.conf.py:/etc/sentry/sentry.conf.py:ro
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  sentry-post-process-forwarder:
+    image: getsentry/sentry:24.1.0
+    container_name: sentry-post-process-forwarder
+    depends_on:
+      sentry-redis:
+        condition: service_healthy
+      sentry-postgres:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    environment:
+      SENTRY_SECRET_KEY: ${SENTRY_SECRET_KEY:-please_change_this_to_a_random_string_at_least_50_chars}
+      SENTRY_POSTGRES_HOST: sentry-postgres
+      SENTRY_DB_USER: sentry
+      SENTRY_DB_PASSWORD: ${SENTRY_DB_PASSWORD:-sentry_secret_password}
+      SENTRY_REDIS_HOST: sentry-redis
+      SNUBA: http://sentry-snuba-api:1218
+      SENTRY_KAFKA_HOST: sentry-kafka
+    command: run post-process-forwarder --commit-batch-size 1
+    volumes:
+      - sentry_data:/data
+      - ./sentry.conf.py:/etc/sentry/sentry.conf.py:ro
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # Relay - 事件接收网关
+  # ===========================================================================
+  sentry-relay:
+    image: getsentry/relay:24.1.0
+    container_name: sentry-relay
+    depends_on:
+      sentry-web:
+        condition: service_healthy
+      sentry-kafka:
+        condition: service_healthy
+    ports:
+      - "${SENTRY_RELAY_PORT:-3000}:3000"
+    volumes:
+      - ./relay/config.yml:/work/.relay/config.yml:ro
+      - ./relay/credentials.json:/work/.relay/credentials.json:ro
+    restart: unless-stopped
+    networks:
+      - sentry
+
+  # ===========================================================================
+  # Symbolicator - 符号化服务（崩溃堆栈解析）
+  # ===========================================================================
+  sentry-symbolicator:
+    image: getsentry/symbolicator:24.1.0
+    container_name: sentry-symbolicator
+    volumes:
+      - sentry_symbolicator_data:/data
+      - ./symbolicator/config.yml:/etc/symbolicator/config.yml:ro
+    command: run -c /etc/symbolicator/config.yml
+    restart: unless-stopped
+    networks:
+      - sentry
+
+# =============================================================================
+# Volumes
+# =============================================================================
+volumes:
+  sentry_redis_data:
+    driver: local
+  sentry_postgres_data:
+    driver: local
+  sentry_kafka_data:
+    driver: local
+  sentry_zookeeper_data:
+    driver: local
+  sentry_zookeeper_log:
+    driver: local
+  sentry_clickhouse_data:
+    driver: local
+  sentry_data:
+    driver: local
+  sentry_symbolicator_data:
+    driver: local
+
+# =============================================================================
+# Networks
+# =============================================================================
+networks:
+  sentry:
+    driver: bridge
+    name: sentry
--- a/backend/infrastructure/sentry/relay/config.yml
+++ b/backend/infrastructure/sentry/relay/config.yml
@ -0,0 +1,62 @@
+# =============================================================================
+# Sentry Relay 配置
+# =============================================================================
+# Relay 是 Sentry 的事件接收网关，负责：
+#   - 接收 SDK 上报的事件
+#   - 事件过滤和采样
+#   - 数据脱敏
+#   - 转发到 Sentry 服务器
+# =============================================================================
+
+relay:
+  # Relay 运行模式
+  # managed: 由 Sentry 服务器管理配置
+  # static: 使用本地配置
+  # proxy: 简单代理模式
+  mode: managed
+
+  # 上游 Sentry 服务器地址
+  upstream: "http://sentry-web:9000/"
+
+  # Relay 监听地址
+  host: 0.0.0.0
+  port: 3000
+
+# 日志配置
+logging:
+  level: info
+  format: json
+
+# 处理配置
+processing:
+  # 是否启用处理
+  enabled: true
+
+  # Redis 配置 (用于限流)
+  redis: "redis://sentry-redis:6379"
+
+  # Kafka 配置 (用于事件流)
+  kafka_config:
+    - name: bootstrap.servers
+      value: "sentry-kafka:9092"
+
+# 限流配置
+limits:
+  # 最大请求体大小 (50MB)
+  max_envelope_size: 52428800
+
+  # 最大并发连接数
+  max_concurrent_requests: 500
+
+# 缓存配置
+cache:
+  # 项目配置缓存时间
+  project_expiry: 300
+
+  # 项目配置刷新间隔
+  project_grace_period: 0
+
+# 健康检查
+health:
+  # 健康检查端点
+  enabled: true
--- a/backend/infrastructure/sentry/relay/credentials.json
+++ b/backend/infrastructure/sentry/relay/credentials.json
@ -0,0 +1,5 @@
+{
+  "secret_key": "",
+  "public_key": "",
+  "id": ""
+}
--- a/backend/infrastructure/sentry/sentry.conf.py
+++ b/backend/infrastructure/sentry/sentry.conf.py
@ -0,0 +1,78 @@
+# =============================================================================
+# Sentry Configuration
+# =============================================================================
+# 此文件包含 Sentry 的自定义配置
+# 更多配置项参考: https://develop.sentry.dev/self-hosted/
+# =============================================================================
+
+from sentry.conf.server import *  # noqa
+
+# =============================================================================
+# 基础配置
+# =============================================================================
+
+# 系统 URL (用于邮件中的链接等)
+SENTRY_OPTIONS["system.url-prefix"] = env("SENTRY_SYSTEM_URL", "http://localhost:9000")
+
+# 单组织模式 (推荐用于内部使用)
+SENTRY_SINGLE_ORGANIZATION = True
+
+# 允许注册 (首次启动后建议设为 False)
+SENTRY_FEATURES["auth:register"] = True
+
+# =============================================================================
+# 数据保留策略
+# =============================================================================
+
+# 事件保留天数 (默认 90 天，可根据存储调整)
+SENTRY_OPTIONS["system.event-retention-days"] = 90
+
+# =============================================================================
+# 性能配置
+# =============================================================================
+
+# 采样率配置 (1.0 = 100%)
+# 生产环境可以适当降低以减少数据量
+SENTRY_OPTIONS["store.symbolicator-poll-retry-limit"] = 8
+
+# =============================================================================
+# Symbolicator 配置 (崩溃堆栈符号化)
+# =============================================================================
+
+SENTRY_OPTIONS["symbolicator.enabled"] = True
+SENTRY_OPTIONS["symbolicator.options"] = {
+    "url": "http://sentry-symbolicator:3021",
+}
+
+# =============================================================================
+# Relay 配置 (事件接收网关)
+# =============================================================================
+
+SENTRY_RELAY_WHITELIST_PK = []
+SENTRY_RELAY_OPEN_REGISTRATION = True
+
+# =============================================================================
+# 功能开关
+# =============================================================================
+
+# 启用 Session Replay (会话回放)
+SENTRY_FEATURES["organizations:session-replay"] = True
+
+# 启用 Performance Monitoring (性能监控)
+SENTRY_FEATURES["organizations:performance-view"] = True
+
+# 启用 Profiling (性能分析)
+SENTRY_FEATURES["organizations:profiling"] = True
+
+# 启用 Issue 自动分组
+SENTRY_FEATURES["projects:similarity-indexing"] = True
+
+# =============================================================================
+# 安全配置
+# =============================================================================
+
+# CORS 配置 (允许移动端上报)
+SENTRY_ALLOW_ORIGIN = "*"
+
+# CSP 报告端点
+CSP_REPORT_ONLY = True
--- a/backend/infrastructure/sentry/symbolicator/config.yml
+++ b/backend/infrastructure/sentry/symbolicator/config.yml
@ -0,0 +1,60 @@
+# =============================================================================
+# Symbolicator 配置
+# =============================================================================
+# Symbolicator 负责：
+#   - 解析崩溃堆栈中的符号
+#   - 将混淆后的代码映射回原始代码
+#   - 支持 Android NDK、iOS 和 Flutter 的符号化
+# =============================================================================
+
+# 缓存目录
+cache_dir: "/data/cache"
+
+# 绑定地址
+bind: "0.0.0.0:3021"
+
+# 日志级别
+logging:
+  level: "info"
+
+# 缓存配置
+caches:
+  # 下载的符号文件缓存
+  downloaded:
+    max_unused_for: 604800  # 7 天
+    retry_misses_after: 3600  # 1 小时后重试
+
+  # 派生的符号缓存
+  derived:
+    max_unused_for: 604800
+
+  # 诊断缓存
+  diagnostics:
+    retention: 604800
+
+# 符号源配置
+sources:
+  # Sentry 内置符号源
+  - id: sentry:project
+    type: sentry
+    url: "http://sentry-web:9000/"
+
+  # Android 符号服务器
+  - id: android
+    type: http
+    url: "https://symbols.mozilla.org/"
+    filters:
+      filetypes:
+        - breakpad
+
+# 处理配置
+processing:
+  # 最大并发符号化请求
+  max_concurrent_requests: 120
+
+  # 请求超时 (秒)
+  request_timeout: 30
+
+# 指标配置
+metrics:
+  statsd: null
--- a/backend/mpc-system/api/grpc/coordinator/v1/session_coordinator.pb.go
+++ b/backend/mpc-system/api/grpc/coordinator/v1/session_coordinator.pb.go
@ -2,7 +2,7 @@
 // versions:
 // 	protoc-gen-go v1.36.10
 // 	protoc        v6.33.1
-// source: api/proto/session_coordinator.proto
+// source: session_coordinator.proto

 package coordinator

@ -24,7 +24,7 @@ const (
 // CreateSessionRequest creates a new MPC session
 type CreateSessionRequest struct {
 	state            protoimpl.MessageState `protogen:"open.v1"`
-	SessionType      string                 `protobuf:"bytes,1,opt,name=session_type,json=sessionType,proto3" json:"session_type,omitempty"`                   // "keygen" or "sign"
+	SessionType      string                 `protobuf:"bytes,1,opt,name=session_type,json=sessionType,proto3" json:"session_type,omitempty"`                   // "keygen", "sign", or "co_managed_keygen"
 	ThresholdN       int32                  `protobuf:"varint,2,opt,name=threshold_n,json=thresholdN,proto3" json:"threshold_n,omitempty"`                     // Total number of parties
 	ThresholdT       int32                  `protobuf:"varint,3,opt,name=threshold_t,json=thresholdT,proto3" json:"threshold_t,omitempty"`                     // Minimum required parties
 	Participants     []*ParticipantInfo     `protobuf:"bytes,4,rep,name=participants,proto3" json:"participants,omitempty"`                                    // Optional: if empty, coordinator selects automatically
@ -35,13 +35,16 @@ type CreateSessionRequest struct {
 	DelegateUserShare *DelegateUserShare `protobuf:"bytes,8,opt,name=delegate_user_share,json=delegateUserShare,proto3" json:"delegate_user_share,omitempty"`
 	// For sign sessions: which keygen session's shares to use
 	KeygenSessionId string `protobuf:"bytes,9,opt,name=keygen_session_id,json=keygenSessionId,proto3" json:"keygen_session_id,omitempty"`
-	unknownFields   protoimpl.UnknownFields
-	sizeCache       protoimpl.SizeCache
+	// For co_managed_keygen sessions: wallet name and invite code
+	WalletName    string `protobuf:"bytes,10,opt,name=wallet_name,json=walletName,proto3" json:"wallet_name,omitempty"` // Wallet name (for co_managed_keygen)
+	InviteCode    string `protobuf:"bytes,11,opt,name=invite_code,json=inviteCode,proto3" json:"invite_code,omitempty"` // Invite code for participants to join (for co_managed_keygen)
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
 }

 func (x *CreateSessionRequest) Reset() {
 	*x = CreateSessionRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[0]
+	mi := &file_session_coordinator_proto_msgTypes[0]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -53,7 +56,7 @@ func (x *CreateSessionRequest) String() string {
 func (*CreateSessionRequest) ProtoMessage() {}

 func (x *CreateSessionRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[0]
+	mi := &file_session_coordinator_proto_msgTypes[0]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -66,7 +69,7 @@ func (x *CreateSessionRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use CreateSessionRequest.ProtoReflect.Descriptor instead.
 func (*CreateSessionRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{0}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{0}
 }

 func (x *CreateSessionRequest) GetSessionType() string {
@ -132,6 +135,20 @@ func (x *CreateSessionRequest) GetKeygenSessionId() string {
 	return ""
 }

+func (x *CreateSessionRequest) GetWalletName() string {
+	if x != nil {
+		return x.WalletName
+	}
+	return ""
+}
+
+func (x *CreateSessionRequest) GetInviteCode() string {
+	if x != nil {
+		return x.InviteCode
+	}
+	return ""
+}
+
 // DelegateUserShare contains user's share for delegate party to use in signing
 type DelegateUserShare struct {
 	state           protoimpl.MessageState `protogen:"open.v1"`
@ -144,7 +161,7 @@ type DelegateUserShare struct {

 func (x *DelegateUserShare) Reset() {
 	*x = DelegateUserShare{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[1]
+	mi := &file_session_coordinator_proto_msgTypes[1]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -156,7 +173,7 @@ func (x *DelegateUserShare) String() string {
 func (*DelegateUserShare) ProtoMessage() {}

 func (x *DelegateUserShare) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[1]
+	mi := &file_session_coordinator_proto_msgTypes[1]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -169,7 +186,7 @@ func (x *DelegateUserShare) ProtoReflect() protoreflect.Message {

 // Deprecated: Use DelegateUserShare.ProtoReflect.Descriptor instead.
 func (*DelegateUserShare) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{1}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{1}
 }

 func (x *DelegateUserShare) GetDelegatePartyId() string {
@ -205,7 +222,7 @@ type PartyComposition struct {

 func (x *PartyComposition) Reset() {
 	*x = PartyComposition{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[2]
+	mi := &file_session_coordinator_proto_msgTypes[2]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -217,7 +234,7 @@ func (x *PartyComposition) String() string {
 func (*PartyComposition) ProtoMessage() {}

 func (x *PartyComposition) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[2]
+	mi := &file_session_coordinator_proto_msgTypes[2]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -230,7 +247,7 @@ func (x *PartyComposition) ProtoReflect() protoreflect.Message {

 // Deprecated: Use PartyComposition.ProtoReflect.Descriptor instead.
 func (*PartyComposition) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{2}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{2}
 }

 func (x *PartyComposition) GetPersistentCount() int32 {
@ -266,7 +283,7 @@ type ParticipantInfo struct {

 func (x *ParticipantInfo) Reset() {
 	*x = ParticipantInfo{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[3]
+	mi := &file_session_coordinator_proto_msgTypes[3]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -278,7 +295,7 @@ func (x *ParticipantInfo) String() string {
 func (*ParticipantInfo) ProtoMessage() {}

 func (x *ParticipantInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[3]
+	mi := &file_session_coordinator_proto_msgTypes[3]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -291,7 +308,7 @@ func (x *ParticipantInfo) ProtoReflect() protoreflect.Message {

 // Deprecated: Use ParticipantInfo.ProtoReflect.Descriptor instead.
 func (*ParticipantInfo) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{3}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{3}
 }

 func (x *ParticipantInfo) GetPartyId() string {
@ -328,7 +345,7 @@ type DeviceInfo struct {

 func (x *DeviceInfo) Reset() {
 	*x = DeviceInfo{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[4]
+	mi := &file_session_coordinator_proto_msgTypes[4]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -340,7 +357,7 @@ func (x *DeviceInfo) String() string {
 func (*DeviceInfo) ProtoMessage() {}

 func (x *DeviceInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[4]
+	mi := &file_session_coordinator_proto_msgTypes[4]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -353,7 +370,7 @@ func (x *DeviceInfo) ProtoReflect() protoreflect.Message {

 // Deprecated: Use DeviceInfo.ProtoReflect.Descriptor instead.
 func (*DeviceInfo) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{4}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{4}
 }

 func (x *DeviceInfo) GetDeviceType() string {
@ -398,7 +415,7 @@ type CreateSessionResponse struct {

 func (x *CreateSessionResponse) Reset() {
 	*x = CreateSessionResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[5]
+	mi := &file_session_coordinator_proto_msgTypes[5]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -410,7 +427,7 @@ func (x *CreateSessionResponse) String() string {
 func (*CreateSessionResponse) ProtoMessage() {}

 func (x *CreateSessionResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[5]
+	mi := &file_session_coordinator_proto_msgTypes[5]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -423,7 +440,7 @@ func (x *CreateSessionResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use CreateSessionResponse.ProtoReflect.Descriptor instead.
 func (*CreateSessionResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{5}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{5}
 }

 func (x *CreateSessionResponse) GetSessionId() string {
@ -474,7 +491,7 @@ type JoinSessionRequest struct {

 func (x *JoinSessionRequest) Reset() {
 	*x = JoinSessionRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[6]
+	mi := &file_session_coordinator_proto_msgTypes[6]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -486,7 +503,7 @@ func (x *JoinSessionRequest) String() string {
 func (*JoinSessionRequest) ProtoMessage() {}

 func (x *JoinSessionRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[6]
+	mi := &file_session_coordinator_proto_msgTypes[6]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -499,7 +516,7 @@ func (x *JoinSessionRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use JoinSessionRequest.ProtoReflect.Descriptor instead.
 func (*JoinSessionRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{6}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{6}
 }

 func (x *JoinSessionRequest) GetSessionId() string {
@ -543,7 +560,7 @@ type JoinSessionResponse struct {

 func (x *JoinSessionResponse) Reset() {
 	*x = JoinSessionResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[7]
+	mi := &file_session_coordinator_proto_msgTypes[7]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -555,7 +572,7 @@ func (x *JoinSessionResponse) String() string {
 func (*JoinSessionResponse) ProtoMessage() {}

 func (x *JoinSessionResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[7]
+	mi := &file_session_coordinator_proto_msgTypes[7]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -568,7 +585,7 @@ func (x *JoinSessionResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use JoinSessionResponse.ProtoReflect.Descriptor instead.
 func (*JoinSessionResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{7}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{7}
 }

 func (x *JoinSessionResponse) GetSuccess() bool {
@ -610,13 +627,16 @@ type SessionInfo struct {
 	Status      string                 `protobuf:"bytes,6,opt,name=status,proto3" json:"status,omitempty"`
 	// For sign sessions: which keygen session's shares to use
 	KeygenSessionId string `protobuf:"bytes,7,opt,name=keygen_session_id,json=keygenSessionId,proto3" json:"keygen_session_id,omitempty"`
-	unknownFields   protoimpl.UnknownFields
-	sizeCache       protoimpl.SizeCache
+	// For co_managed_keygen sessions
+	WalletName    string `protobuf:"bytes,8,opt,name=wallet_name,json=walletName,proto3" json:"wallet_name,omitempty"` // Wallet name (for co_managed_keygen)
+	InviteCode    string `protobuf:"bytes,9,opt,name=invite_code,json=inviteCode,proto3" json:"invite_code,omitempty"` // Invite code (for co_managed_keygen)
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
 }

 func (x *SessionInfo) Reset() {
 	*x = SessionInfo{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[8]
+	mi := &file_session_coordinator_proto_msgTypes[8]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -628,7 +648,7 @@ func (x *SessionInfo) String() string {
 func (*SessionInfo) ProtoMessage() {}

 func (x *SessionInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[8]
+	mi := &file_session_coordinator_proto_msgTypes[8]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -641,7 +661,7 @@ func (x *SessionInfo) ProtoReflect() protoreflect.Message {

 // Deprecated: Use SessionInfo.ProtoReflect.Descriptor instead.
 func (*SessionInfo) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{8}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{8}
 }

 func (x *SessionInfo) GetSessionId() string {
@ -693,6 +713,20 @@ func (x *SessionInfo) GetKeygenSessionId() string {
 	return ""
 }

+func (x *SessionInfo) GetWalletName() string {
+	if x != nil {
+		return x.WalletName
+	}
+	return ""
+}
+
+func (x *SessionInfo) GetInviteCode() string {
+	if x != nil {
+		return x.InviteCode
+	}
+	return ""
+}
+
 // PartyInfo contains party information
 type PartyInfo struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
@ -705,7 +739,7 @@ type PartyInfo struct {

 func (x *PartyInfo) Reset() {
 	*x = PartyInfo{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[9]
+	mi := &file_session_coordinator_proto_msgTypes[9]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -717,7 +751,7 @@ func (x *PartyInfo) String() string {
 func (*PartyInfo) ProtoMessage() {}

 func (x *PartyInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[9]
+	mi := &file_session_coordinator_proto_msgTypes[9]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -730,7 +764,7 @@ func (x *PartyInfo) ProtoReflect() protoreflect.Message {

 // Deprecated: Use PartyInfo.ProtoReflect.Descriptor instead.
 func (*PartyInfo) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{9}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{9}
 }

 func (x *PartyInfo) GetPartyId() string {
@ -764,7 +798,7 @@ type GetSessionStatusRequest struct {

 func (x *GetSessionStatusRequest) Reset() {
 	*x = GetSessionStatusRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[10]
+	mi := &file_session_coordinator_proto_msgTypes[10]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -776,7 +810,7 @@ func (x *GetSessionStatusRequest) String() string {
 func (*GetSessionStatusRequest) ProtoMessage() {}

 func (x *GetSessionStatusRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[10]
+	mi := &file_session_coordinator_proto_msgTypes[10]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -789,7 +823,7 @@ func (x *GetSessionStatusRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use GetSessionStatusRequest.ProtoReflect.Descriptor instead.
 func (*GetSessionStatusRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{10}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{10}
 }

 func (x *GetSessionStatusRequest) GetSessionId() string {
@ -814,13 +848,20 @@ type GetSessionStatusResponse struct {
 	// Delegate share info (returned when keygen session completed and delegate party submitted share)
 	// Only populated if session_type="keygen" AND has_delegate=true AND session is completed
 	DelegateShare *DelegateShareInfo `protobuf:"bytes,8,opt,name=delegate_share,json=delegateShare,proto3" json:"delegate_share,omitempty"`
+	// participants contains detailed participant information including party_index
+	// Used by service-party-app for co_managed_keygen sessions
+	Participants []*ParticipantStatus `protobuf:"bytes,9,rep,name=participants,proto3" json:"participants,omitempty"`
+	// threshold_n and threshold_t - actual threshold values from session config
+	// Used for co_managed_keygen sessions where total_parties may differ from threshold_n during joining
+	ThresholdN    int32 `protobuf:"varint,10,opt,name=threshold_n,json=thresholdN,proto3" json:"threshold_n,omitempty"` // Total number of parties required (e.g., 3 in 2-of-3)
+	ThresholdT    int32 `protobuf:"varint,11,opt,name=threshold_t,json=thresholdT,proto3" json:"threshold_t,omitempty"` // Minimum parties needed to sign (e.g., 2 in 2-of-3)
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }

 func (x *GetSessionStatusResponse) Reset() {
 	*x = GetSessionStatusResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[11]
+	mi := &file_session_coordinator_proto_msgTypes[11]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -832,7 +873,7 @@ func (x *GetSessionStatusResponse) String() string {
 func (*GetSessionStatusResponse) ProtoMessage() {}

 func (x *GetSessionStatusResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[11]
+	mi := &file_session_coordinator_proto_msgTypes[11]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -845,7 +886,7 @@ func (x *GetSessionStatusResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use GetSessionStatusResponse.ProtoReflect.Descriptor instead.
 func (*GetSessionStatusResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{11}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{11}
 }

 func (x *GetSessionStatusResponse) GetStatus() string {
@ -904,6 +945,88 @@ func (x *GetSessionStatusResponse) GetDelegateShare() *DelegateShareInfo {
 	return nil
 }

+func (x *GetSessionStatusResponse) GetParticipants() []*ParticipantStatus {
+	if x != nil {
+		return x.Participants
+	}
+	return nil
+}
+
+func (x *GetSessionStatusResponse) GetThresholdN() int32 {
+	if x != nil {
+		return x.ThresholdN
+	}
+	return 0
+}
+
+func (x *GetSessionStatusResponse) GetThresholdT() int32 {
+	if x != nil {
+		return x.ThresholdT
+	}
+	return 0
+}
+
+// ParticipantStatus contains participant status information
+type ParticipantStatus struct {
+	state         protoimpl.MessageState `protogen:"open.v1"`
+	PartyId       string                 `protobuf:"bytes,1,opt,name=party_id,json=partyId,proto3" json:"party_id,omitempty"`
+	PartyIndex    int32                  `protobuf:"varint,2,opt,name=party_index,json=partyIndex,proto3" json:"party_index,omitempty"`
+	Status        string                 `protobuf:"bytes,3,opt,name=status,proto3" json:"status,omitempty"` // pending, joined, ready, completed
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
+}
+
+func (x *ParticipantStatus) Reset() {
+	*x = ParticipantStatus{}
+	mi := &file_session_coordinator_proto_msgTypes[12]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *ParticipantStatus) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ParticipantStatus) ProtoMessage() {}
+
+func (x *ParticipantStatus) ProtoReflect() protoreflect.Message {
+	mi := &file_session_coordinator_proto_msgTypes[12]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ParticipantStatus.ProtoReflect.Descriptor instead.
+func (*ParticipantStatus) Descriptor() ([]byte, []int) {
+	return file_session_coordinator_proto_rawDescGZIP(), []int{12}
+}
+
+func (x *ParticipantStatus) GetPartyId() string {
+	if x != nil {
+		return x.PartyId
+	}
+	return ""
+}
+
+func (x *ParticipantStatus) GetPartyIndex() int32 {
+	if x != nil {
+		return x.PartyIndex
+	}
+	return 0
+}
+
+func (x *ParticipantStatus) GetStatus() string {
+	if x != nil {
+		return x.Status
+	}
+	return ""
+}
+
 // DelegateShareInfo contains the delegate party's share for user
 type DelegateShareInfo struct {
 	state          protoimpl.MessageState `protogen:"open.v1"`
@ -916,7 +1039,7 @@ type DelegateShareInfo struct {

 func (x *DelegateShareInfo) Reset() {
 	*x = DelegateShareInfo{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[12]
+	mi := &file_session_coordinator_proto_msgTypes[13]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -928,7 +1051,7 @@ func (x *DelegateShareInfo) String() string {
 func (*DelegateShareInfo) ProtoMessage() {}

 func (x *DelegateShareInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[12]
+	mi := &file_session_coordinator_proto_msgTypes[13]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -941,7 +1064,7 @@ func (x *DelegateShareInfo) ProtoReflect() protoreflect.Message {

 // Deprecated: Use DelegateShareInfo.ProtoReflect.Descriptor instead.
 func (*DelegateShareInfo) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{12}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{13}
 }

 func (x *DelegateShareInfo) GetEncryptedShare() []byte {
@ -978,7 +1101,7 @@ type ReportCompletionRequest struct {

 func (x *ReportCompletionRequest) Reset() {
 	*x = ReportCompletionRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[13]
+	mi := &file_session_coordinator_proto_msgTypes[14]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -990,7 +1113,7 @@ func (x *ReportCompletionRequest) String() string {
 func (*ReportCompletionRequest) ProtoMessage() {}

 func (x *ReportCompletionRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[13]
+	mi := &file_session_coordinator_proto_msgTypes[14]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1003,7 +1126,7 @@ func (x *ReportCompletionRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use ReportCompletionRequest.ProtoReflect.Descriptor instead.
 func (*ReportCompletionRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{13}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{14}
 }

 func (x *ReportCompletionRequest) GetSessionId() string {
@ -1045,7 +1168,7 @@ type ReportCompletionResponse struct {

 func (x *ReportCompletionResponse) Reset() {
 	*x = ReportCompletionResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[14]
+	mi := &file_session_coordinator_proto_msgTypes[15]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1057,7 +1180,7 @@ func (x *ReportCompletionResponse) String() string {
 func (*ReportCompletionResponse) ProtoMessage() {}

 func (x *ReportCompletionResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[14]
+	mi := &file_session_coordinator_proto_msgTypes[15]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1070,7 +1193,7 @@ func (x *ReportCompletionResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use ReportCompletionResponse.ProtoReflect.Descriptor instead.
 func (*ReportCompletionResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{14}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{15}
 }

 func (x *ReportCompletionResponse) GetSuccess() bool {
@ -1097,7 +1220,7 @@ type CloseSessionRequest struct {

 func (x *CloseSessionRequest) Reset() {
 	*x = CloseSessionRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[15]
+	mi := &file_session_coordinator_proto_msgTypes[16]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1109,7 +1232,7 @@ func (x *CloseSessionRequest) String() string {
 func (*CloseSessionRequest) ProtoMessage() {}

 func (x *CloseSessionRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[15]
+	mi := &file_session_coordinator_proto_msgTypes[16]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1122,7 +1245,7 @@ func (x *CloseSessionRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use CloseSessionRequest.ProtoReflect.Descriptor instead.
 func (*CloseSessionRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{15}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{16}
 }

 func (x *CloseSessionRequest) GetSessionId() string {
@ -1142,7 +1265,7 @@ type CloseSessionResponse struct {

 func (x *CloseSessionResponse) Reset() {
 	*x = CloseSessionResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[16]
+	mi := &file_session_coordinator_proto_msgTypes[17]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1154,7 +1277,7 @@ func (x *CloseSessionResponse) String() string {
 func (*CloseSessionResponse) ProtoMessage() {}

 func (x *CloseSessionResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[16]
+	mi := &file_session_coordinator_proto_msgTypes[17]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1167,7 +1290,7 @@ func (x *CloseSessionResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use CloseSessionResponse.ProtoReflect.Descriptor instead.
 func (*CloseSessionResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{16}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{17}
 }

 func (x *CloseSessionResponse) GetSuccess() bool {
@ -1188,7 +1311,7 @@ type MarkPartyReadyRequest struct {

 func (x *MarkPartyReadyRequest) Reset() {
 	*x = MarkPartyReadyRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[17]
+	mi := &file_session_coordinator_proto_msgTypes[18]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1200,7 +1323,7 @@ func (x *MarkPartyReadyRequest) String() string {
 func (*MarkPartyReadyRequest) ProtoMessage() {}

 func (x *MarkPartyReadyRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[17]
+	mi := &file_session_coordinator_proto_msgTypes[18]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1213,7 +1336,7 @@ func (x *MarkPartyReadyRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use MarkPartyReadyRequest.ProtoReflect.Descriptor instead.
 func (*MarkPartyReadyRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{17}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{18}
 }

 func (x *MarkPartyReadyRequest) GetSessionId() string {
@ -1243,7 +1366,7 @@ type MarkPartyReadyResponse struct {

 func (x *MarkPartyReadyResponse) Reset() {
 	*x = MarkPartyReadyResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[18]
+	mi := &file_session_coordinator_proto_msgTypes[19]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1255,7 +1378,7 @@ func (x *MarkPartyReadyResponse) String() string {
 func (*MarkPartyReadyResponse) ProtoMessage() {}

 func (x *MarkPartyReadyResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[18]
+	mi := &file_session_coordinator_proto_msgTypes[19]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1268,7 +1391,7 @@ func (x *MarkPartyReadyResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use MarkPartyReadyResponse.ProtoReflect.Descriptor instead.
 func (*MarkPartyReadyResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{18}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{19}
 }

 func (x *MarkPartyReadyResponse) GetSuccess() bool {
@ -1309,7 +1432,7 @@ type StartSessionRequest struct {

 func (x *StartSessionRequest) Reset() {
 	*x = StartSessionRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[19]
+	mi := &file_session_coordinator_proto_msgTypes[20]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1321,7 +1444,7 @@ func (x *StartSessionRequest) String() string {
 func (*StartSessionRequest) ProtoMessage() {}

 func (x *StartSessionRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[19]
+	mi := &file_session_coordinator_proto_msgTypes[20]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1334,7 +1457,7 @@ func (x *StartSessionRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use StartSessionRequest.ProtoReflect.Descriptor instead.
 func (*StartSessionRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{19}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{20}
 }

 func (x *StartSessionRequest) GetSessionId() string {
@ -1355,7 +1478,7 @@ type StartSessionResponse struct {

 func (x *StartSessionResponse) Reset() {
 	*x = StartSessionResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[20]
+	mi := &file_session_coordinator_proto_msgTypes[21]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1367,7 +1490,7 @@ func (x *StartSessionResponse) String() string {
 func (*StartSessionResponse) ProtoMessage() {}

 func (x *StartSessionResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[20]
+	mi := &file_session_coordinator_proto_msgTypes[21]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1380,7 +1503,7 @@ func (x *StartSessionResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use StartSessionResponse.ProtoReflect.Descriptor instead.
 func (*StartSessionResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{20}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{21}
 }

 func (x *StartSessionResponse) GetSuccess() bool {
@ -1411,7 +1534,7 @@ type SubmitDelegateShareRequest struct {

 func (x *SubmitDelegateShareRequest) Reset() {
 	*x = SubmitDelegateShareRequest{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[21]
+	mi := &file_session_coordinator_proto_msgTypes[22]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1423,7 +1546,7 @@ func (x *SubmitDelegateShareRequest) String() string {
 func (*SubmitDelegateShareRequest) ProtoMessage() {}

 func (x *SubmitDelegateShareRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[21]
+	mi := &file_session_coordinator_proto_msgTypes[22]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1436,7 +1559,7 @@ func (x *SubmitDelegateShareRequest) ProtoReflect() protoreflect.Message {

 // Deprecated: Use SubmitDelegateShareRequest.ProtoReflect.Descriptor instead.
 func (*SubmitDelegateShareRequest) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{21}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{22}
 }

 func (x *SubmitDelegateShareRequest) GetSessionId() string {
@ -1484,7 +1607,7 @@ type SubmitDelegateShareResponse struct {

 func (x *SubmitDelegateShareResponse) Reset() {
 	*x = SubmitDelegateShareResponse{}
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[22]
+	mi := &file_session_coordinator_proto_msgTypes[23]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1496,7 +1619,7 @@ func (x *SubmitDelegateShareResponse) String() string {
 func (*SubmitDelegateShareResponse) ProtoMessage() {}

 func (x *SubmitDelegateShareResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_api_proto_session_coordinator_proto_msgTypes[22]
+	mi := &file_session_coordinator_proto_msgTypes[23]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1509,7 +1632,7 @@ func (x *SubmitDelegateShareResponse) ProtoReflect() protoreflect.Message {

 // Deprecated: Use SubmitDelegateShareResponse.ProtoReflect.Descriptor instead.
 func (*SubmitDelegateShareResponse) Descriptor() ([]byte, []int) {
-	return file_api_proto_session_coordinator_proto_rawDescGZIP(), []int{22}
+	return file_session_coordinator_proto_rawDescGZIP(), []int{23}
 }

 func (x *SubmitDelegateShareResponse) GetSuccess() bool {
@ -1519,11 +1642,11 @@ func (x *SubmitDelegateShareResponse) GetSuccess() bool {
 	return false
 }

-var File_api_proto_session_coordinator_proto protoreflect.FileDescriptor
+var File_session_coordinator_proto protoreflect.FileDescriptor

-const file_api_proto_session_coordinator_proto_rawDesc = "" +
+const file_session_coordinator_proto_rawDesc = "" +
 	"\n" +
-	"#api/proto/session_coordinator.proto\x12\x12mpc.coordinator.v1\"\xeb\x03\n" +
+	"\x19session_coordinator.proto\x12\x12mpc.coordinator.v1\"\xad\x04\n" +
 	"\x14CreateSessionRequest\x12!\n" +
 	"\fsession_type\x18\x01 \x01(\tR\vsessionType\x12\x1f\n" +
 	"\vthreshold_n\x18\x02 \x01(\x05R\n" +
@ -1535,7 +1658,12 @@ const file_api_proto_session_coordinator_proto_rawDesc = "" +
 	"\x12expires_in_seconds\x18\x06 \x01(\x03R\x10expiresInSeconds\x12Q\n" +
 	"\x11party_composition\x18\a \x01(\v2$.mpc.coordinator.v1.PartyCompositionR\x10partyComposition\x12U\n" +
 	"\x13delegate_user_share\x18\b \x01(\v2%.mpc.coordinator.v1.DelegateUserShareR\x11delegateUserShare\x12*\n" +
-	"\x11keygen_session_id\x18\t \x01(\tR\x0fkeygenSessionId\"\x89\x01\n" +
+	"\x11keygen_session_id\x18\t \x01(\tR\x0fkeygenSessionId\x12\x1f\n" +
+	"\vwallet_name\x18\n" +
+	" \x01(\tR\n" +
+	"walletName\x12\x1f\n" +
+	"\vinvite_code\x18\v \x01(\tR\n" +
+	"inviteCode\"\x89\x01\n" +
 	"\x11DelegateUserShare\x12*\n" +
 	"\x11delegate_party_id\x18\x01 \x01(\tR\x0fdelegatePartyId\x12'\n" +
 	"\x0fencrypted_share\x18\x02 \x01(\fR\x0eencryptedShare\x12\x1f\n" +
@ -1584,7 +1712,7 @@ const file_api_proto_session_coordinator_proto_rawDesc = "" +
 	"\fsession_info\x18\x02 \x01(\v2\x1f.mpc.coordinator.v1.SessionInfoR\vsessionInfo\x12B\n" +
 	"\rother_parties\x18\x03 \x03(\v2\x1d.mpc.coordinator.v1.PartyInfoR\fotherParties\x12\x1f\n" +
 	"\vparty_index\x18\x04 \x01(\x05R\n" +
-	"partyIndex\"\xf8\x01\n" +
+	"partyIndex\"\xba\x02\n" +
 	"\vSessionInfo\x12\x1d\n" +
 	"\n" +
 	"session_id\x18\x01 \x01(\tR\tsessionId\x12!\n" +
@ -1595,7 +1723,11 @@ const file_api_proto_session_coordinator_proto_rawDesc = "" +
 	"thresholdT\x12!\n" +
 	"\fmessage_hash\x18\x05 \x01(\fR\vmessageHash\x12\x16\n" +
 	"\x06status\x18\x06 \x01(\tR\x06status\x12*\n" +
-	"\x11keygen_session_id\x18\a \x01(\tR\x0fkeygenSessionId\"\x88\x01\n" +
+	"\x11keygen_session_id\x18\a \x01(\tR\x0fkeygenSessionId\x12\x1f\n" +
+	"\vwallet_name\x18\b \x01(\tR\n" +
+	"walletName\x12\x1f\n" +
+	"\vinvite_code\x18\t \x01(\tR\n" +
+	"inviteCode\"\x88\x01\n" +
 	"\tPartyInfo\x12\x19\n" +
 	"\bparty_id\x18\x01 \x01(\tR\apartyId\x12\x1f\n" +
 	"\vparty_index\x18\x02 \x01(\x05R\n" +
@ -1604,7 +1736,7 @@ const file_api_proto_session_coordinator_proto_rawDesc = "" +
 	"deviceInfo\"8\n" +
 	"\x17GetSessionStatusRequest\x12\x1d\n" +
 	"\n" +
-	"session_id\x18\x01 \x01(\tR\tsessionId\"\xd5\x02\n" +
+	"session_id\x18\x01 \x01(\tR\tsessionId\"\xe2\x03\n" +
 	"\x18GetSessionStatusResponse\x12\x16\n" +
 	"\x06status\x18\x01 \x01(\tR\x06status\x12+\n" +
 	"\x11completed_parties\x18\x02 \x01(\x05R\x10completedParties\x12#\n" +
@ -1614,7 +1746,18 @@ const file_api_proto_session_coordinator_proto_rawDesc = "" +
 	"public_key\x18\x05 \x01(\fR\tpublicKey\x12\x1c\n" +
 	"\tsignature\x18\x06 \x01(\fR\tsignature\x12!\n" +
 	"\fhas_delegate\x18\a \x01(\bR\vhasDelegate\x12L\n" +
-	"\x0edelegate_share\x18\b \x01(\v2%.mpc.coordinator.v1.DelegateShareInfoR\rdelegateShare\"x\n" +
+	"\x0edelegate_share\x18\b \x01(\v2%.mpc.coordinator.v1.DelegateShareInfoR\rdelegateShare\x12I\n" +
+	"\fparticipants\x18\t \x03(\v2%.mpc.coordinator.v1.ParticipantStatusR\fparticipants\x12\x1f\n" +
+	"\vthreshold_n\x18\n" +
+	" \x01(\x05R\n" +
+	"thresholdN\x12\x1f\n" +
+	"\vthreshold_t\x18\v \x01(\x05R\n" +
+	"thresholdT\"g\n" +
+	"\x11ParticipantStatus\x12\x19\n" +
+	"\bparty_id\x18\x01 \x01(\tR\apartyId\x12\x1f\n" +
+	"\vparty_index\x18\x02 \x01(\x05R\n" +
+	"partyIndex\x12\x16\n" +
+	"\x06status\x18\x03 \x01(\tR\x06status\"x\n" +
 	"\x11DelegateShareInfo\x12'\n" +
 	"\x0fencrypted_share\x18\x01 \x01(\fR\x0eencryptedShare\x12\x1f\n" +
 	"\vparty_index\x18\x02 \x01(\x05R\n" +
@ -1673,19 +1816,19 @@ const file_api_proto_session_coordinator_proto_rawDesc = "" +
 	"\x13SubmitDelegateShare\x12..mpc.coordinator.v1.SubmitDelegateShareRequest\x1a/.mpc.coordinator.v1.SubmitDelegateShareResponseBEZCgithub.com/rwadurian/mpc-system/api/grpc/coordinator/v1;coordinatorb\x06proto3"

 var (
-	file_api_proto_session_coordinator_proto_rawDescOnce sync.Once
-	file_api_proto_session_coordinator_proto_rawDescData []byte
+	file_session_coordinator_proto_rawDescOnce sync.Once
+	file_session_coordinator_proto_rawDescData []byte
 )

-func file_api_proto_session_coordinator_proto_rawDescGZIP() []byte {
-	file_api_proto_session_coordinator_proto_rawDescOnce.Do(func() {
-		file_api_proto_session_coordinator_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_api_proto_session_coordinator_proto_rawDesc), len(file_api_proto_session_coordinator_proto_rawDesc)))
+func file_session_coordinator_proto_rawDescGZIP() []byte {
+	file_session_coordinator_proto_rawDescOnce.Do(func() {
+		file_session_coordinator_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_session_coordinator_proto_rawDesc), len(file_session_coordinator_proto_rawDesc)))
 	})
-	return file_api_proto_session_coordinator_proto_rawDescData
+	return file_session_coordinator_proto_rawDescData
 }

-var file_api_proto_session_coordinator_proto_msgTypes = make([]protoimpl.MessageInfo, 24)
-var file_api_proto_session_coordinator_proto_goTypes = []any{
+var file_session_coordinator_proto_msgTypes = make([]protoimpl.MessageInfo, 25)
+var file_session_coordinator_proto_goTypes = []any{
 	(*CreateSessionRequest)(nil),        // 0: mpc.coordinator.v1.CreateSessionRequest
 	(*DelegateUserShare)(nil),           // 1: mpc.coordinator.v1.DelegateUserShare
 	(*PartyComposition)(nil),            // 2: mpc.coordinator.v1.PartyComposition
@ -1698,73 +1841,75 @@ var file_api_proto_session_coordinator_proto_goTypes = []any{
 	(*PartyInfo)(nil),                   // 9: mpc.coordinator.v1.PartyInfo
 	(*GetSessionStatusRequest)(nil),     // 10: mpc.coordinator.v1.GetSessionStatusRequest
 	(*GetSessionStatusResponse)(nil),    // 11: mpc.coordinator.v1.GetSessionStatusResponse
-	(*DelegateShareInfo)(nil),           // 12: mpc.coordinator.v1.DelegateShareInfo
-	(*ReportCompletionRequest)(nil),     // 13: mpc.coordinator.v1.ReportCompletionRequest
-	(*ReportCompletionResponse)(nil),    // 14: mpc.coordinator.v1.ReportCompletionResponse
-	(*CloseSessionRequest)(nil),         // 15: mpc.coordinator.v1.CloseSessionRequest
-	(*CloseSessionResponse)(nil),        // 16: mpc.coordinator.v1.CloseSessionResponse
-	(*MarkPartyReadyRequest)(nil),       // 17: mpc.coordinator.v1.MarkPartyReadyRequest
-	(*MarkPartyReadyResponse)(nil),      // 18: mpc.coordinator.v1.MarkPartyReadyResponse
-	(*StartSessionRequest)(nil),         // 19: mpc.coordinator.v1.StartSessionRequest
-	(*StartSessionResponse)(nil),        // 20: mpc.coordinator.v1.StartSessionResponse
-	(*SubmitDelegateShareRequest)(nil),  // 21: mpc.coordinator.v1.SubmitDelegateShareRequest
-	(*SubmitDelegateShareResponse)(nil), // 22: mpc.coordinator.v1.SubmitDelegateShareResponse
-	nil,                                 // 23: mpc.coordinator.v1.CreateSessionResponse.JoinTokensEntry
+	(*ParticipantStatus)(nil),           // 12: mpc.coordinator.v1.ParticipantStatus
+	(*DelegateShareInfo)(nil),           // 13: mpc.coordinator.v1.DelegateShareInfo
+	(*ReportCompletionRequest)(nil),     // 14: mpc.coordinator.v1.ReportCompletionRequest
+	(*ReportCompletionResponse)(nil),    // 15: mpc.coordinator.v1.ReportCompletionResponse
+	(*CloseSessionRequest)(nil),         // 16: mpc.coordinator.v1.CloseSessionRequest
+	(*CloseSessionResponse)(nil),        // 17: mpc.coordinator.v1.CloseSessionResponse
+	(*MarkPartyReadyRequest)(nil),       // 18: mpc.coordinator.v1.MarkPartyReadyRequest
+	(*MarkPartyReadyResponse)(nil),      // 19: mpc.coordinator.v1.MarkPartyReadyResponse
+	(*StartSessionRequest)(nil),         // 20: mpc.coordinator.v1.StartSessionRequest
+	(*StartSessionResponse)(nil),        // 21: mpc.coordinator.v1.StartSessionResponse
+	(*SubmitDelegateShareRequest)(nil),  // 22: mpc.coordinator.v1.SubmitDelegateShareRequest
+	(*SubmitDelegateShareResponse)(nil), // 23: mpc.coordinator.v1.SubmitDelegateShareResponse
+	nil,                                 // 24: mpc.coordinator.v1.CreateSessionResponse.JoinTokensEntry
 }
-var file_api_proto_session_coordinator_proto_depIdxs = []int32{
+var file_session_coordinator_proto_depIdxs = []int32{
 	3,  // 0: mpc.coordinator.v1.CreateSessionRequest.participants:type_name -> mpc.coordinator.v1.ParticipantInfo
 	2,  // 1: mpc.coordinator.v1.CreateSessionRequest.party_composition:type_name -> mpc.coordinator.v1.PartyComposition
 	1,  // 2: mpc.coordinator.v1.CreateSessionRequest.delegate_user_share:type_name -> mpc.coordinator.v1.DelegateUserShare
 	4,  // 3: mpc.coordinator.v1.ParticipantInfo.device_info:type_name -> mpc.coordinator.v1.DeviceInfo
-	23, // 4: mpc.coordinator.v1.CreateSessionResponse.join_tokens:type_name -> mpc.coordinator.v1.CreateSessionResponse.JoinTokensEntry
+	24, // 4: mpc.coordinator.v1.CreateSessionResponse.join_tokens:type_name -> mpc.coordinator.v1.CreateSessionResponse.JoinTokensEntry
 	4,  // 5: mpc.coordinator.v1.JoinSessionRequest.device_info:type_name -> mpc.coordinator.v1.DeviceInfo
 	8,  // 6: mpc.coordinator.v1.JoinSessionResponse.session_info:type_name -> mpc.coordinator.v1.SessionInfo
 	9,  // 7: mpc.coordinator.v1.JoinSessionResponse.other_parties:type_name -> mpc.coordinator.v1.PartyInfo
 	4,  // 8: mpc.coordinator.v1.PartyInfo.device_info:type_name -> mpc.coordinator.v1.DeviceInfo
-	12, // 9: mpc.coordinator.v1.GetSessionStatusResponse.delegate_share:type_name -> mpc.coordinator.v1.DelegateShareInfo
-	0,  // 10: mpc.coordinator.v1.SessionCoordinator.CreateSession:input_type -> mpc.coordinator.v1.CreateSessionRequest
-	6,  // 11: mpc.coordinator.v1.SessionCoordinator.JoinSession:input_type -> mpc.coordinator.v1.JoinSessionRequest
-	10, // 12: mpc.coordinator.v1.SessionCoordinator.GetSessionStatus:input_type -> mpc.coordinator.v1.GetSessionStatusRequest
-	17, // 13: mpc.coordinator.v1.SessionCoordinator.MarkPartyReady:input_type -> mpc.coordinator.v1.MarkPartyReadyRequest
-	19, // 14: mpc.coordinator.v1.SessionCoordinator.StartSession:input_type -> mpc.coordinator.v1.StartSessionRequest
-	13, // 15: mpc.coordinator.v1.SessionCoordinator.ReportCompletion:input_type -> mpc.coordinator.v1.ReportCompletionRequest
-	15, // 16: mpc.coordinator.v1.SessionCoordinator.CloseSession:input_type -> mpc.coordinator.v1.CloseSessionRequest
-	21, // 17: mpc.coordinator.v1.SessionCoordinator.SubmitDelegateShare:input_type -> mpc.coordinator.v1.SubmitDelegateShareRequest
-	5,  // 18: mpc.coordinator.v1.SessionCoordinator.CreateSession:output_type -> mpc.coordinator.v1.CreateSessionResponse
-	7,  // 19: mpc.coordinator.v1.SessionCoordinator.JoinSession:output_type -> mpc.coordinator.v1.JoinSessionResponse
-	11, // 20: mpc.coordinator.v1.SessionCoordinator.GetSessionStatus:output_type -> mpc.coordinator.v1.GetSessionStatusResponse
-	18, // 21: mpc.coordinator.v1.SessionCoordinator.MarkPartyReady:output_type -> mpc.coordinator.v1.MarkPartyReadyResponse
-	20, // 22: mpc.coordinator.v1.SessionCoordinator.StartSession:output_type -> mpc.coordinator.v1.StartSessionResponse
-	14, // 23: mpc.coordinator.v1.SessionCoordinator.ReportCompletion:output_type -> mpc.coordinator.v1.ReportCompletionResponse
-	16, // 24: mpc.coordinator.v1.SessionCoordinator.CloseSession:output_type -> mpc.coordinator.v1.CloseSessionResponse
-	22, // 25: mpc.coordinator.v1.SessionCoordinator.SubmitDelegateShare:output_type -> mpc.coordinator.v1.SubmitDelegateShareResponse
-	18, // [18:26] is the sub-list for method output_type
-	10, // [10:18] is the sub-list for method input_type
-	10, // [10:10] is the sub-list for extension type_name
-	10, // [10:10] is the sub-list for extension extendee
-	0,  // [0:10] is the sub-list for field type_name
+	13, // 9: mpc.coordinator.v1.GetSessionStatusResponse.delegate_share:type_name -> mpc.coordinator.v1.DelegateShareInfo
+	12, // 10: mpc.coordinator.v1.GetSessionStatusResponse.participants:type_name -> mpc.coordinator.v1.ParticipantStatus
+	0,  // 11: mpc.coordinator.v1.SessionCoordinator.CreateSession:input_type -> mpc.coordinator.v1.CreateSessionRequest
+	6,  // 12: mpc.coordinator.v1.SessionCoordinator.JoinSession:input_type -> mpc.coordinator.v1.JoinSessionRequest
+	10, // 13: mpc.coordinator.v1.SessionCoordinator.GetSessionStatus:input_type -> mpc.coordinator.v1.GetSessionStatusRequest
+	18, // 14: mpc.coordinator.v1.SessionCoordinator.MarkPartyReady:input_type -> mpc.coordinator.v1.MarkPartyReadyRequest
+	20, // 15: mpc.coordinator.v1.SessionCoordinator.StartSession:input_type -> mpc.coordinator.v1.StartSessionRequest
+	14, // 16: mpc.coordinator.v1.SessionCoordinator.ReportCompletion:input_type -> mpc.coordinator.v1.ReportCompletionRequest
+	16, // 17: mpc.coordinator.v1.SessionCoordinator.CloseSession:input_type -> mpc.coordinator.v1.CloseSessionRequest
+	22, // 18: mpc.coordinator.v1.SessionCoordinator.SubmitDelegateShare:input_type -> mpc.coordinator.v1.SubmitDelegateShareRequest
+	5,  // 19: mpc.coordinator.v1.SessionCoordinator.CreateSession:output_type -> mpc.coordinator.v1.CreateSessionResponse
+	7,  // 20: mpc.coordinator.v1.SessionCoordinator.JoinSession:output_type -> mpc.coordinator.v1.JoinSessionResponse
+	11, // 21: mpc.coordinator.v1.SessionCoordinator.GetSessionStatus:output_type -> mpc.coordinator.v1.GetSessionStatusResponse
+	19, // 22: mpc.coordinator.v1.SessionCoordinator.MarkPartyReady:output_type -> mpc.coordinator.v1.MarkPartyReadyResponse
+	21, // 23: mpc.coordinator.v1.SessionCoordinator.StartSession:output_type -> mpc.coordinator.v1.StartSessionResponse
+	15, // 24: mpc.coordinator.v1.SessionCoordinator.ReportCompletion:output_type -> mpc.coordinator.v1.ReportCompletionResponse
+	17, // 25: mpc.coordinator.v1.SessionCoordinator.CloseSession:output_type -> mpc.coordinator.v1.CloseSessionResponse
+	23, // 26: mpc.coordinator.v1.SessionCoordinator.SubmitDelegateShare:output_type -> mpc.coordinator.v1.SubmitDelegateShareResponse
+	19, // [19:27] is the sub-list for method output_type
+	11, // [11:19] is the sub-list for method input_type
+	11, // [11:11] is the sub-list for extension type_name
+	11, // [11:11] is the sub-list for extension extendee
+	0,  // [0:11] is the sub-list for field type_name
 }

-func init() { file_api_proto_session_coordinator_proto_init() }
-func file_api_proto_session_coordinator_proto_init() {
-	if File_api_proto_session_coordinator_proto != nil {
+func init() { file_session_coordinator_proto_init() }
+func file_session_coordinator_proto_init() {
+	if File_session_coordinator_proto != nil {
 		return
 	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
-			RawDescriptor: unsafe.Slice(unsafe.StringData(file_api_proto_session_coordinator_proto_rawDesc), len(file_api_proto_session_coordinator_proto_rawDesc)),
+			RawDescriptor: unsafe.Slice(unsafe.StringData(file_session_coordinator_proto_rawDesc), len(file_session_coordinator_proto_rawDesc)),
 			NumEnums:      0,
-			NumMessages:   24,
+			NumMessages:   25,
 			NumExtensions: 0,
 			NumServices:   1,
 		},
-		GoTypes:           file_api_proto_session_coordinator_proto_goTypes,
-		DependencyIndexes: file_api_proto_session_coordinator_proto_depIdxs,
-		MessageInfos:      file_api_proto_session_coordinator_proto_msgTypes,
+		GoTypes:           file_session_coordinator_proto_goTypes,
+		DependencyIndexes: file_session_coordinator_proto_depIdxs,
+		MessageInfos:      file_session_coordinator_proto_msgTypes,
 	}.Build()
-	File_api_proto_session_coordinator_proto = out.File
-	file_api_proto_session_coordinator_proto_goTypes = nil
-	file_api_proto_session_coordinator_proto_depIdxs = nil
+	File_session_coordinator_proto = out.File
+	file_session_coordinator_proto_goTypes = nil
+	file_session_coordinator_proto_depIdxs = nil
 }
--- a/backend/mpc-system/api/grpc/coordinator/v1/session_coordinator_grpc.pb.go
+++ b/backend/mpc-system/api/grpc/coordinator/v1/session_coordinator_grpc.pb.go
@ -2,7 +2,7 @@
 // versions:
 // - protoc-gen-go-grpc v1.6.0
 // - protoc             v6.33.1
-// source: api/proto/session_coordinator.proto
+// source: session_coordinator.proto

 package coordinator

@ -391,5 +391,5 @@ var SessionCoordinator_ServiceDesc = grpc.ServiceDesc{
 		},
 	},
 	Streams:  []grpc.StreamDesc{},
-	Metadata: "api/proto/session_coordinator.proto",
+	Metadata: "session_coordinator.proto",
 }
--- a/backend/mpc-system/api/proto/message_router.pb.go
+++ b/backend/mpc-system/api/proto/message_router.pb.go
--- a/backend/mpc-system/api/proto/message_router_grpc.pb.go
+++ b/backend/mpc-system/api/proto/message_router_grpc.pb.go
@ -1,700 +0,0 @@
-// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
-// versions:
-// - protoc-gen-go-grpc v1.6.0
-// - protoc             v6.33.1
-// source: api/proto/message_router.proto
-
-package router
-
-import (
-	context "context"
-	grpc "google.golang.org/grpc"
-	codes "google.golang.org/grpc/codes"
-	status "google.golang.org/grpc/status"
-)
-
-// This is a compile-time assertion to ensure that this generated file
-// is compatible with the grpc package it is being compiled against.
-// Requires gRPC-Go v1.64.0 or later.
-const _ = grpc.SupportPackageIsVersion9
-
-const (
-	MessageRouter_RouteMessage_FullMethodName           = "/mpc.router.v1.MessageRouter/RouteMessage"
-	MessageRouter_SubscribeMessages_FullMethodName      = "/mpc.router.v1.MessageRouter/SubscribeMessages"
-	MessageRouter_GetPendingMessages_FullMethodName     = "/mpc.router.v1.MessageRouter/GetPendingMessages"
-	MessageRouter_AcknowledgeMessage_FullMethodName     = "/mpc.router.v1.MessageRouter/AcknowledgeMessage"
-	MessageRouter_GetMessageStatus_FullMethodName       = "/mpc.router.v1.MessageRouter/GetMessageStatus"
-	MessageRouter_RegisterParty_FullMethodName          = "/mpc.router.v1.MessageRouter/RegisterParty"
-	MessageRouter_Heartbeat_FullMethodName              = "/mpc.router.v1.MessageRouter/Heartbeat"
-	MessageRouter_SubscribeSessionEvents_FullMethodName = "/mpc.router.v1.MessageRouter/SubscribeSessionEvents"
-	MessageRouter_PublishSessionEvent_FullMethodName    = "/mpc.router.v1.MessageRouter/PublishSessionEvent"
-	MessageRouter_GetRegisteredParties_FullMethodName   = "/mpc.router.v1.MessageRouter/GetRegisteredParties"
-	MessageRouter_JoinSession_FullMethodName            = "/mpc.router.v1.MessageRouter/JoinSession"
-	MessageRouter_MarkPartyReady_FullMethodName         = "/mpc.router.v1.MessageRouter/MarkPartyReady"
-	MessageRouter_ReportCompletion_FullMethodName       = "/mpc.router.v1.MessageRouter/ReportCompletion"
-	MessageRouter_GetSessionStatus_FullMethodName       = "/mpc.router.v1.MessageRouter/GetSessionStatus"
-	MessageRouter_SubmitDelegateShare_FullMethodName    = "/mpc.router.v1.MessageRouter/SubmitDelegateShare"
-)
-
-// MessageRouterClient is the client API for MessageRouter service.
-//
-// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
-//
-// MessageRouter service handles MPC message routing
-// This is the ONLY service that server-parties need to connect to.
-// All session operations are proxied through Message Router to Session Coordinator.
-type MessageRouterClient interface {
-	// RouteMessage routes a message from one party to others
-	RouteMessage(ctx context.Context, in *RouteMessageRequest, opts ...grpc.CallOption) (*RouteMessageResponse, error)
-	// SubscribeMessages subscribes to messages for a party (streaming)
-	SubscribeMessages(ctx context.Context, in *SubscribeMessagesRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[MPCMessage], error)
-	// GetPendingMessages retrieves pending messages (polling alternative)
-	GetPendingMessages(ctx context.Context, in *GetPendingMessagesRequest, opts ...grpc.CallOption) (*GetPendingMessagesResponse, error)
-	// AcknowledgeMessage acknowledges receipt of a message
-	// Must be called after processing a message to confirm delivery
-	AcknowledgeMessage(ctx context.Context, in *AcknowledgeMessageRequest, opts ...grpc.CallOption) (*AcknowledgeMessageResponse, error)
-	// GetMessageStatus gets the delivery status of a message
-	GetMessageStatus(ctx context.Context, in *GetMessageStatusRequest, opts ...grpc.CallOption) (*GetMessageStatusResponse, error)
-	// RegisterParty registers a party with the message router (party actively connects)
-	RegisterParty(ctx context.Context, in *RegisterPartyRequest, opts ...grpc.CallOption) (*RegisterPartyResponse, error)
-	// Heartbeat sends a heartbeat to keep the party alive
-	Heartbeat(ctx context.Context, in *HeartbeatRequest, opts ...grpc.CallOption) (*HeartbeatResponse, error)
-	// SubscribeSessionEvents subscribes to session lifecycle events (session start, etc.)
-	SubscribeSessionEvents(ctx context.Context, in *SubscribeSessionEventsRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[SessionEvent], error)
-	// PublishSessionEvent publishes a session event (called by Session Coordinator)
-	PublishSessionEvent(ctx context.Context, in *PublishSessionEventRequest, opts ...grpc.CallOption) (*PublishSessionEventResponse, error)
-	// GetRegisteredParties returns all registered parties (for Session Coordinator party discovery)
-	GetRegisteredParties(ctx context.Context, in *GetRegisteredPartiesRequest, opts ...grpc.CallOption) (*GetRegisteredPartiesResponse, error)
-	// JoinSession joins a session (proxied to Session Coordinator)
-	JoinSession(ctx context.Context, in *JoinSessionRequest, opts ...grpc.CallOption) (*JoinSessionResponse, error)
-	// MarkPartyReady marks a party as ready (proxied to Session Coordinator)
-	MarkPartyReady(ctx context.Context, in *MarkPartyReadyRequest, opts ...grpc.CallOption) (*MarkPartyReadyResponse, error)
-	// ReportCompletion reports completion (proxied to Session Coordinator)
-	ReportCompletion(ctx context.Context, in *ReportCompletionRequest, opts ...grpc.CallOption) (*ReportCompletionResponse, error)
-	// GetSessionStatus gets session status (proxied to Session Coordinator)
-	GetSessionStatus(ctx context.Context, in *GetSessionStatusRequest, opts ...grpc.CallOption) (*GetSessionStatusResponse, error)
-	// SubmitDelegateShare submits user's share from delegate party (proxied to Session Coordinator)
-	SubmitDelegateShare(ctx context.Context, in *SubmitDelegateShareRequest, opts ...grpc.CallOption) (*SubmitDelegateShareResponse, error)
-}
-
-type messageRouterClient struct {
-	cc grpc.ClientConnInterface
-}
-
-func NewMessageRouterClient(cc grpc.ClientConnInterface) MessageRouterClient {
-	return &messageRouterClient{cc}
-}
-
-func (c *messageRouterClient) RouteMessage(ctx context.Context, in *RouteMessageRequest, opts ...grpc.CallOption) (*RouteMessageResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(RouteMessageResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_RouteMessage_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) SubscribeMessages(ctx context.Context, in *SubscribeMessagesRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[MPCMessage], error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	stream, err := c.cc.NewStream(ctx, &MessageRouter_ServiceDesc.Streams[0], MessageRouter_SubscribeMessages_FullMethodName, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	x := &grpc.GenericClientStream[SubscribeMessagesRequest, MPCMessage]{ClientStream: stream}
-	if err := x.ClientStream.SendMsg(in); err != nil {
-		return nil, err
-	}
-	if err := x.ClientStream.CloseSend(); err != nil {
-		return nil, err
-	}
-	return x, nil
-}
-
-// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.
-type MessageRouter_SubscribeMessagesClient = grpc.ServerStreamingClient[MPCMessage]
-
-func (c *messageRouterClient) GetPendingMessages(ctx context.Context, in *GetPendingMessagesRequest, opts ...grpc.CallOption) (*GetPendingMessagesResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(GetPendingMessagesResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_GetPendingMessages_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) AcknowledgeMessage(ctx context.Context, in *AcknowledgeMessageRequest, opts ...grpc.CallOption) (*AcknowledgeMessageResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(AcknowledgeMessageResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_AcknowledgeMessage_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) GetMessageStatus(ctx context.Context, in *GetMessageStatusRequest, opts ...grpc.CallOption) (*GetMessageStatusResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(GetMessageStatusResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_GetMessageStatus_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) RegisterParty(ctx context.Context, in *RegisterPartyRequest, opts ...grpc.CallOption) (*RegisterPartyResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(RegisterPartyResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_RegisterParty_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) Heartbeat(ctx context.Context, in *HeartbeatRequest, opts ...grpc.CallOption) (*HeartbeatResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(HeartbeatResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_Heartbeat_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) SubscribeSessionEvents(ctx context.Context, in *SubscribeSessionEventsRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[SessionEvent], error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	stream, err := c.cc.NewStream(ctx, &MessageRouter_ServiceDesc.Streams[1], MessageRouter_SubscribeSessionEvents_FullMethodName, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	x := &grpc.GenericClientStream[SubscribeSessionEventsRequest, SessionEvent]{ClientStream: stream}
-	if err := x.ClientStream.SendMsg(in); err != nil {
-		return nil, err
-	}
-	if err := x.ClientStream.CloseSend(); err != nil {
-		return nil, err
-	}
-	return x, nil
-}
-
-// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.
-type MessageRouter_SubscribeSessionEventsClient = grpc.ServerStreamingClient[SessionEvent]
-
-func (c *messageRouterClient) PublishSessionEvent(ctx context.Context, in *PublishSessionEventRequest, opts ...grpc.CallOption) (*PublishSessionEventResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(PublishSessionEventResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_PublishSessionEvent_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) GetRegisteredParties(ctx context.Context, in *GetRegisteredPartiesRequest, opts ...grpc.CallOption) (*GetRegisteredPartiesResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(GetRegisteredPartiesResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_GetRegisteredParties_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) JoinSession(ctx context.Context, in *JoinSessionRequest, opts ...grpc.CallOption) (*JoinSessionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(JoinSessionResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_JoinSession_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) MarkPartyReady(ctx context.Context, in *MarkPartyReadyRequest, opts ...grpc.CallOption) (*MarkPartyReadyResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(MarkPartyReadyResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_MarkPartyReady_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) ReportCompletion(ctx context.Context, in *ReportCompletionRequest, opts ...grpc.CallOption) (*ReportCompletionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(ReportCompletionResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_ReportCompletion_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) GetSessionStatus(ctx context.Context, in *GetSessionStatusRequest, opts ...grpc.CallOption) (*GetSessionStatusResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(GetSessionStatusResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_GetSessionStatus_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *messageRouterClient) SubmitDelegateShare(ctx context.Context, in *SubmitDelegateShareRequest, opts ...grpc.CallOption) (*SubmitDelegateShareResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SubmitDelegateShareResponse)
-	err := c.cc.Invoke(ctx, MessageRouter_SubmitDelegateShare_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-// MessageRouterServer is the server API for MessageRouter service.
-// All implementations must embed UnimplementedMessageRouterServer
-// for forward compatibility.
-//
-// MessageRouter service handles MPC message routing
-// This is the ONLY service that server-parties need to connect to.
-// All session operations are proxied through Message Router to Session Coordinator.
-type MessageRouterServer interface {
-	// RouteMessage routes a message from one party to others
-	RouteMessage(context.Context, *RouteMessageRequest) (*RouteMessageResponse, error)
-	// SubscribeMessages subscribes to messages for a party (streaming)
-	SubscribeMessages(*SubscribeMessagesRequest, grpc.ServerStreamingServer[MPCMessage]) error
-	// GetPendingMessages retrieves pending messages (polling alternative)
-	GetPendingMessages(context.Context, *GetPendingMessagesRequest) (*GetPendingMessagesResponse, error)
-	// AcknowledgeMessage acknowledges receipt of a message
-	// Must be called after processing a message to confirm delivery
-	AcknowledgeMessage(context.Context, *AcknowledgeMessageRequest) (*AcknowledgeMessageResponse, error)
-	// GetMessageStatus gets the delivery status of a message
-	GetMessageStatus(context.Context, *GetMessageStatusRequest) (*GetMessageStatusResponse, error)
-	// RegisterParty registers a party with the message router (party actively connects)
-	RegisterParty(context.Context, *RegisterPartyRequest) (*RegisterPartyResponse, error)
-	// Heartbeat sends a heartbeat to keep the party alive
-	Heartbeat(context.Context, *HeartbeatRequest) (*HeartbeatResponse, error)
-	// SubscribeSessionEvents subscribes to session lifecycle events (session start, etc.)
-	SubscribeSessionEvents(*SubscribeSessionEventsRequest, grpc.ServerStreamingServer[SessionEvent]) error
-	// PublishSessionEvent publishes a session event (called by Session Coordinator)
-	PublishSessionEvent(context.Context, *PublishSessionEventRequest) (*PublishSessionEventResponse, error)
-	// GetRegisteredParties returns all registered parties (for Session Coordinator party discovery)
-	GetRegisteredParties(context.Context, *GetRegisteredPartiesRequest) (*GetRegisteredPartiesResponse, error)
-	// JoinSession joins a session (proxied to Session Coordinator)
-	JoinSession(context.Context, *JoinSessionRequest) (*JoinSessionResponse, error)
-	// MarkPartyReady marks a party as ready (proxied to Session Coordinator)
-	MarkPartyReady(context.Context, *MarkPartyReadyRequest) (*MarkPartyReadyResponse, error)
-	// ReportCompletion reports completion (proxied to Session Coordinator)
-	ReportCompletion(context.Context, *ReportCompletionRequest) (*ReportCompletionResponse, error)
-	// GetSessionStatus gets session status (proxied to Session Coordinator)
-	GetSessionStatus(context.Context, *GetSessionStatusRequest) (*GetSessionStatusResponse, error)
-	// SubmitDelegateShare submits user's share from delegate party (proxied to Session Coordinator)
-	SubmitDelegateShare(context.Context, *SubmitDelegateShareRequest) (*SubmitDelegateShareResponse, error)
-	mustEmbedUnimplementedMessageRouterServer()
-}
-
-// UnimplementedMessageRouterServer must be embedded to have
-// forward compatible implementations.
-//
-// NOTE: this should be embedded by value instead of pointer to avoid a nil
-// pointer dereference when methods are called.
-type UnimplementedMessageRouterServer struct{}
-
-func (UnimplementedMessageRouterServer) RouteMessage(context.Context, *RouteMessageRequest) (*RouteMessageResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method RouteMessage not implemented")
-}
-func (UnimplementedMessageRouterServer) SubscribeMessages(*SubscribeMessagesRequest, grpc.ServerStreamingServer[MPCMessage]) error {
-	return status.Error(codes.Unimplemented, "method SubscribeMessages not implemented")
-}
-func (UnimplementedMessageRouterServer) GetPendingMessages(context.Context, *GetPendingMessagesRequest) (*GetPendingMessagesResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method GetPendingMessages not implemented")
-}
-func (UnimplementedMessageRouterServer) AcknowledgeMessage(context.Context, *AcknowledgeMessageRequest) (*AcknowledgeMessageResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method AcknowledgeMessage not implemented")
-}
-func (UnimplementedMessageRouterServer) GetMessageStatus(context.Context, *GetMessageStatusRequest) (*GetMessageStatusResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method GetMessageStatus not implemented")
-}
-func (UnimplementedMessageRouterServer) RegisterParty(context.Context, *RegisterPartyRequest) (*RegisterPartyResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method RegisterParty not implemented")
-}
-func (UnimplementedMessageRouterServer) Heartbeat(context.Context, *HeartbeatRequest) (*HeartbeatResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method Heartbeat not implemented")
-}
-func (UnimplementedMessageRouterServer) SubscribeSessionEvents(*SubscribeSessionEventsRequest, grpc.ServerStreamingServer[SessionEvent]) error {
-	return status.Error(codes.Unimplemented, "method SubscribeSessionEvents not implemented")
-}
-func (UnimplementedMessageRouterServer) PublishSessionEvent(context.Context, *PublishSessionEventRequest) (*PublishSessionEventResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method PublishSessionEvent not implemented")
-}
-func (UnimplementedMessageRouterServer) GetRegisteredParties(context.Context, *GetRegisteredPartiesRequest) (*GetRegisteredPartiesResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method GetRegisteredParties not implemented")
-}
-func (UnimplementedMessageRouterServer) JoinSession(context.Context, *JoinSessionRequest) (*JoinSessionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method JoinSession not implemented")
-}
-func (UnimplementedMessageRouterServer) MarkPartyReady(context.Context, *MarkPartyReadyRequest) (*MarkPartyReadyResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method MarkPartyReady not implemented")
-}
-func (UnimplementedMessageRouterServer) ReportCompletion(context.Context, *ReportCompletionRequest) (*ReportCompletionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method ReportCompletion not implemented")
-}
-func (UnimplementedMessageRouterServer) GetSessionStatus(context.Context, *GetSessionStatusRequest) (*GetSessionStatusResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method GetSessionStatus not implemented")
-}
-func (UnimplementedMessageRouterServer) SubmitDelegateShare(context.Context, *SubmitDelegateShareRequest) (*SubmitDelegateShareResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SubmitDelegateShare not implemented")
-}
-func (UnimplementedMessageRouterServer) mustEmbedUnimplementedMessageRouterServer() {}
-func (UnimplementedMessageRouterServer) testEmbeddedByValue()                       {}
-
-// UnsafeMessageRouterServer may be embedded to opt out of forward compatibility for this service.
-// Use of this interface is not recommended, as added methods to MessageRouterServer will
-// result in compilation errors.
-type UnsafeMessageRouterServer interface {
-	mustEmbedUnimplementedMessageRouterServer()
-}
-
-func RegisterMessageRouterServer(s grpc.ServiceRegistrar, srv MessageRouterServer) {
-	// If the following call panics, it indicates UnimplementedMessageRouterServer was
-	// embedded by pointer and is nil.  This will cause panics if an
-	// unimplemented method is ever invoked, so we test this at initialization
-	// time to prevent it from happening at runtime later due to I/O.
-	if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
-		t.testEmbeddedByValue()
-	}
-	s.RegisterService(&MessageRouter_ServiceDesc, srv)
-}
-
-func _MessageRouter_RouteMessage_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(RouteMessageRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).RouteMessage(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_RouteMessage_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).RouteMessage(ctx, req.(*RouteMessageRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_SubscribeMessages_Handler(srv interface{}, stream grpc.ServerStream) error {
-	m := new(SubscribeMessagesRequest)
-	if err := stream.RecvMsg(m); err != nil {
-		return err
-	}
-	return srv.(MessageRouterServer).SubscribeMessages(m, &grpc.GenericServerStream[SubscribeMessagesRequest, MPCMessage]{ServerStream: stream})
-}
-
-// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.
-type MessageRouter_SubscribeMessagesServer = grpc.ServerStreamingServer[MPCMessage]
-
-func _MessageRouter_GetPendingMessages_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetPendingMessagesRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).GetPendingMessages(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_GetPendingMessages_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).GetPendingMessages(ctx, req.(*GetPendingMessagesRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_AcknowledgeMessage_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(AcknowledgeMessageRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).AcknowledgeMessage(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_AcknowledgeMessage_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).AcknowledgeMessage(ctx, req.(*AcknowledgeMessageRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_GetMessageStatus_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetMessageStatusRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).GetMessageStatus(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_GetMessageStatus_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).GetMessageStatus(ctx, req.(*GetMessageStatusRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_RegisterParty_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(RegisterPartyRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).RegisterParty(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_RegisterParty_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).RegisterParty(ctx, req.(*RegisterPartyRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_Heartbeat_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(HeartbeatRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).Heartbeat(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_Heartbeat_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).Heartbeat(ctx, req.(*HeartbeatRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_SubscribeSessionEvents_Handler(srv interface{}, stream grpc.ServerStream) error {
-	m := new(SubscribeSessionEventsRequest)
-	if err := stream.RecvMsg(m); err != nil {
-		return err
-	}
-	return srv.(MessageRouterServer).SubscribeSessionEvents(m, &grpc.GenericServerStream[SubscribeSessionEventsRequest, SessionEvent]{ServerStream: stream})
-}
-
-// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.
-type MessageRouter_SubscribeSessionEventsServer = grpc.ServerStreamingServer[SessionEvent]
-
-func _MessageRouter_PublishSessionEvent_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(PublishSessionEventRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).PublishSessionEvent(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_PublishSessionEvent_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).PublishSessionEvent(ctx, req.(*PublishSessionEventRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_GetRegisteredParties_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetRegisteredPartiesRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).GetRegisteredParties(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_GetRegisteredParties_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).GetRegisteredParties(ctx, req.(*GetRegisteredPartiesRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_JoinSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(JoinSessionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).JoinSession(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_JoinSession_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).JoinSession(ctx, req.(*JoinSessionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_MarkPartyReady_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(MarkPartyReadyRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).MarkPartyReady(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_MarkPartyReady_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).MarkPartyReady(ctx, req.(*MarkPartyReadyRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_ReportCompletion_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(ReportCompletionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).ReportCompletion(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_ReportCompletion_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).ReportCompletion(ctx, req.(*ReportCompletionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_GetSessionStatus_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetSessionStatusRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).GetSessionStatus(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_GetSessionStatus_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).GetSessionStatus(ctx, req.(*GetSessionStatusRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _MessageRouter_SubmitDelegateShare_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SubmitDelegateShareRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(MessageRouterServer).SubmitDelegateShare(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: MessageRouter_SubmitDelegateShare_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(MessageRouterServer).SubmitDelegateShare(ctx, req.(*SubmitDelegateShareRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-// MessageRouter_ServiceDesc is the grpc.ServiceDesc for MessageRouter service.
-// It's only intended for direct use with grpc.RegisterService,
-// and not to be introspected or modified (even as a copy)
-var MessageRouter_ServiceDesc = grpc.ServiceDesc{
-	ServiceName: "mpc.router.v1.MessageRouter",
-	HandlerType: (*MessageRouterServer)(nil),
-	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "RouteMessage",
-			Handler:    _MessageRouter_RouteMessage_Handler,
-		},
-		{
-			MethodName: "GetPendingMessages",
-			Handler:    _MessageRouter_GetPendingMessages_Handler,
-		},
-		{
-			MethodName: "AcknowledgeMessage",
-			Handler:    _MessageRouter_AcknowledgeMessage_Handler,
-		},
-		{
-			MethodName: "GetMessageStatus",
-			Handler:    _MessageRouter_GetMessageStatus_Handler,
-		},
-		{
-			MethodName: "RegisterParty",
-			Handler:    _MessageRouter_RegisterParty_Handler,
-		},
-		{
-			MethodName: "Heartbeat",
-			Handler:    _MessageRouter_Heartbeat_Handler,
-		},
-		{
-			MethodName: "PublishSessionEvent",
-			Handler:    _MessageRouter_PublishSessionEvent_Handler,
-		},
-		{
-			MethodName: "GetRegisteredParties",
-			Handler:    _MessageRouter_GetRegisteredParties_Handler,
-		},
-		{
-			MethodName: "JoinSession",
-			Handler:    _MessageRouter_JoinSession_Handler,
-		},
-		{
-			MethodName: "MarkPartyReady",
-			Handler:    _MessageRouter_MarkPartyReady_Handler,
-		},
-		{
-			MethodName: "ReportCompletion",
-			Handler:    _MessageRouter_ReportCompletion_Handler,
-		},
-		{
-			MethodName: "GetSessionStatus",
-			Handler:    _MessageRouter_GetSessionStatus_Handler,
-		},
-		{
-			MethodName: "SubmitDelegateShare",
-			Handler:    _MessageRouter_SubmitDelegateShare_Handler,
-		},
-	},
-	Streams: []grpc.StreamDesc{
-		{
-			StreamName:    "SubscribeMessages",
-			Handler:       _MessageRouter_SubscribeMessages_Handler,
-			ServerStreams: true,
-		},
-		{
-			StreamName:    "SubscribeSessionEvents",
-			Handler:       _MessageRouter_SubscribeSessionEvents_Handler,
-			ServerStreams: true,
-		},
-	},
-	Metadata: "api/proto/message_router.proto",
-}
--- a/backend/mpc-system/api/proto/session_coordinator.pb.go
+++ b/backend/mpc-system/api/proto/session_coordinator.pb.go
--- a/backend/mpc-system/api/proto/session_coordinator.proto
+++ b/backend/mpc-system/api/proto/session_coordinator.proto
@ -21,7 +21,7 @@ service SessionCoordinator {

 // CreateSessionRequest creates a new MPC session
 message CreateSessionRequest {
-  string session_type = 1;               // "keygen" or "sign"
+  string session_type = 1;               // "keygen", "sign", or "co_managed_keygen"
  int32 threshold_n = 2;                 // Total number of parties
  int32 threshold_t = 3;                 // Minimum required parties
  repeated ParticipantInfo participants = 4;  // Optional: if empty, coordinator selects automatically
@ -32,6 +32,9 @@ message CreateSessionRequest {
  DelegateUserShare delegate_user_share = 8;
  // For sign sessions: which keygen session's shares to use
  string keygen_session_id = 9;
+  // For co_managed_keygen sessions: wallet name and invite code
+  string wallet_name = 10;               // Wallet name (for co_managed_keygen)
+  string invite_code = 11;               // Invite code for participants to join (for co_managed_keygen)
 }

 // DelegateUserShare contains user's share for delegate party to use in signing
@ -98,6 +101,9 @@ message SessionInfo {
  string status = 6;
  // For sign sessions: which keygen session's shares to use
  string keygen_session_id = 7;
+  // For co_managed_keygen sessions
+  string wallet_name = 8;                // Wallet name (for co_managed_keygen)
+  string invite_code = 9;                // Invite code (for co_managed_keygen)
 }

 // PartyInfo contains party information
@ -126,6 +132,20 @@ message GetSessionStatusResponse {
  // Delegate share info (returned when keygen session completed and delegate party submitted share)
  // Only populated if session_type="keygen" AND has_delegate=true AND session is completed
  DelegateShareInfo delegate_share = 8;
+  // participants contains detailed participant information including party_index
+  // Used by service-party-app for co_managed_keygen sessions
+  repeated ParticipantStatus participants = 9;
+  // threshold_n and threshold_t - actual threshold values from session config
+  // Used for co_managed_keygen sessions where total_parties may differ from threshold_n during joining
+  int32 threshold_n = 10;                // Total number of parties required (e.g., 3 in 2-of-3)
+  int32 threshold_t = 11;                // Minimum parties needed to sign (e.g., 2 in 2-of-3)
+}
+
+// ParticipantStatus contains participant status information
+message ParticipantStatus {
+  string party_id = 1;
+  int32 party_index = 2;
+  string status = 3;                     // pending, joined, ready, completed
 }

 // DelegateShareInfo contains the delegate party's share for user
--- a/backend/mpc-system/api/proto/session_coordinator_grpc.pb.go
+++ b/backend/mpc-system/api/proto/session_coordinator_grpc.pb.go
@ -1,395 +0,0 @@
-// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
-// versions:
-// - protoc-gen-go-grpc v1.6.0
-// - protoc             v6.33.1
-// source: api/proto/session_coordinator.proto
-
-package coordinator
-
-import (
-	context "context"
-	grpc "google.golang.org/grpc"
-	codes "google.golang.org/grpc/codes"
-	status "google.golang.org/grpc/status"
-)
-
-// This is a compile-time assertion to ensure that this generated file
-// is compatible with the grpc package it is being compiled against.
-// Requires gRPC-Go v1.64.0 or later.
-const _ = grpc.SupportPackageIsVersion9
-
-const (
-	SessionCoordinator_CreateSession_FullMethodName       = "/mpc.coordinator.v1.SessionCoordinator/CreateSession"
-	SessionCoordinator_JoinSession_FullMethodName         = "/mpc.coordinator.v1.SessionCoordinator/JoinSession"
-	SessionCoordinator_GetSessionStatus_FullMethodName    = "/mpc.coordinator.v1.SessionCoordinator/GetSessionStatus"
-	SessionCoordinator_MarkPartyReady_FullMethodName      = "/mpc.coordinator.v1.SessionCoordinator/MarkPartyReady"
-	SessionCoordinator_StartSession_FullMethodName        = "/mpc.coordinator.v1.SessionCoordinator/StartSession"
-	SessionCoordinator_ReportCompletion_FullMethodName    = "/mpc.coordinator.v1.SessionCoordinator/ReportCompletion"
-	SessionCoordinator_CloseSession_FullMethodName        = "/mpc.coordinator.v1.SessionCoordinator/CloseSession"
-	SessionCoordinator_SubmitDelegateShare_FullMethodName = "/mpc.coordinator.v1.SessionCoordinator/SubmitDelegateShare"
-)
-
-// SessionCoordinatorClient is the client API for SessionCoordinator service.
-//
-// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
-//
-// SessionCoordinator service manages MPC sessions
-type SessionCoordinatorClient interface {
-	// Session management
-	CreateSession(ctx context.Context, in *CreateSessionRequest, opts ...grpc.CallOption) (*CreateSessionResponse, error)
-	JoinSession(ctx context.Context, in *JoinSessionRequest, opts ...grpc.CallOption) (*JoinSessionResponse, error)
-	GetSessionStatus(ctx context.Context, in *GetSessionStatusRequest, opts ...grpc.CallOption) (*GetSessionStatusResponse, error)
-	MarkPartyReady(ctx context.Context, in *MarkPartyReadyRequest, opts ...grpc.CallOption) (*MarkPartyReadyResponse, error)
-	StartSession(ctx context.Context, in *StartSessionRequest, opts ...grpc.CallOption) (*StartSessionResponse, error)
-	ReportCompletion(ctx context.Context, in *ReportCompletionRequest, opts ...grpc.CallOption) (*ReportCompletionResponse, error)
-	CloseSession(ctx context.Context, in *CloseSessionRequest, opts ...grpc.CallOption) (*CloseSessionResponse, error)
-	// Delegate party share submission (delegate party submits user's share after keygen)
-	SubmitDelegateShare(ctx context.Context, in *SubmitDelegateShareRequest, opts ...grpc.CallOption) (*SubmitDelegateShareResponse, error)
-}
-
-type sessionCoordinatorClient struct {
-	cc grpc.ClientConnInterface
-}
-
-func NewSessionCoordinatorClient(cc grpc.ClientConnInterface) SessionCoordinatorClient {
-	return &sessionCoordinatorClient{cc}
-}
-
-func (c *sessionCoordinatorClient) CreateSession(ctx context.Context, in *CreateSessionRequest, opts ...grpc.CallOption) (*CreateSessionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(CreateSessionResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_CreateSession_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) JoinSession(ctx context.Context, in *JoinSessionRequest, opts ...grpc.CallOption) (*JoinSessionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(JoinSessionResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_JoinSession_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) GetSessionStatus(ctx context.Context, in *GetSessionStatusRequest, opts ...grpc.CallOption) (*GetSessionStatusResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(GetSessionStatusResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_GetSessionStatus_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) MarkPartyReady(ctx context.Context, in *MarkPartyReadyRequest, opts ...grpc.CallOption) (*MarkPartyReadyResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(MarkPartyReadyResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_MarkPartyReady_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) StartSession(ctx context.Context, in *StartSessionRequest, opts ...grpc.CallOption) (*StartSessionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(StartSessionResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_StartSession_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) ReportCompletion(ctx context.Context, in *ReportCompletionRequest, opts ...grpc.CallOption) (*ReportCompletionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(ReportCompletionResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_ReportCompletion_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) CloseSession(ctx context.Context, in *CloseSessionRequest, opts ...grpc.CallOption) (*CloseSessionResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(CloseSessionResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_CloseSession_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *sessionCoordinatorClient) SubmitDelegateShare(ctx context.Context, in *SubmitDelegateShareRequest, opts ...grpc.CallOption) (*SubmitDelegateShareResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SubmitDelegateShareResponse)
-	err := c.cc.Invoke(ctx, SessionCoordinator_SubmitDelegateShare_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-// SessionCoordinatorServer is the server API for SessionCoordinator service.
-// All implementations must embed UnimplementedSessionCoordinatorServer
-// for forward compatibility.
-//
-// SessionCoordinator service manages MPC sessions
-type SessionCoordinatorServer interface {
-	// Session management
-	CreateSession(context.Context, *CreateSessionRequest) (*CreateSessionResponse, error)
-	JoinSession(context.Context, *JoinSessionRequest) (*JoinSessionResponse, error)
-	GetSessionStatus(context.Context, *GetSessionStatusRequest) (*GetSessionStatusResponse, error)
-	MarkPartyReady(context.Context, *MarkPartyReadyRequest) (*MarkPartyReadyResponse, error)
-	StartSession(context.Context, *StartSessionRequest) (*StartSessionResponse, error)
-	ReportCompletion(context.Context, *ReportCompletionRequest) (*ReportCompletionResponse, error)
-	CloseSession(context.Context, *CloseSessionRequest) (*CloseSessionResponse, error)
-	// Delegate party share submission (delegate party submits user's share after keygen)
-	SubmitDelegateShare(context.Context, *SubmitDelegateShareRequest) (*SubmitDelegateShareResponse, error)
-	mustEmbedUnimplementedSessionCoordinatorServer()
-}
-
-// UnimplementedSessionCoordinatorServer must be embedded to have
-// forward compatible implementations.
-//
-// NOTE: this should be embedded by value instead of pointer to avoid a nil
-// pointer dereference when methods are called.
-type UnimplementedSessionCoordinatorServer struct{}
-
-func (UnimplementedSessionCoordinatorServer) CreateSession(context.Context, *CreateSessionRequest) (*CreateSessionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method CreateSession not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) JoinSession(context.Context, *JoinSessionRequest) (*JoinSessionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method JoinSession not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) GetSessionStatus(context.Context, *GetSessionStatusRequest) (*GetSessionStatusResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method GetSessionStatus not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) MarkPartyReady(context.Context, *MarkPartyReadyRequest) (*MarkPartyReadyResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method MarkPartyReady not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) StartSession(context.Context, *StartSessionRequest) (*StartSessionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method StartSession not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) ReportCompletion(context.Context, *ReportCompletionRequest) (*ReportCompletionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method ReportCompletion not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) CloseSession(context.Context, *CloseSessionRequest) (*CloseSessionResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method CloseSession not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) SubmitDelegateShare(context.Context, *SubmitDelegateShareRequest) (*SubmitDelegateShareResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SubmitDelegateShare not implemented")
-}
-func (UnimplementedSessionCoordinatorServer) mustEmbedUnimplementedSessionCoordinatorServer() {}
-func (UnimplementedSessionCoordinatorServer) testEmbeddedByValue()                            {}
-
-// UnsafeSessionCoordinatorServer may be embedded to opt out of forward compatibility for this service.
-// Use of this interface is not recommended, as added methods to SessionCoordinatorServer will
-// result in compilation errors.
-type UnsafeSessionCoordinatorServer interface {
-	mustEmbedUnimplementedSessionCoordinatorServer()
-}
-
-func RegisterSessionCoordinatorServer(s grpc.ServiceRegistrar, srv SessionCoordinatorServer) {
-	// If the following call panics, it indicates UnimplementedSessionCoordinatorServer was
-	// embedded by pointer and is nil.  This will cause panics if an
-	// unimplemented method is ever invoked, so we test this at initialization
-	// time to prevent it from happening at runtime later due to I/O.
-	if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
-		t.testEmbeddedByValue()
-	}
-	s.RegisterService(&SessionCoordinator_ServiceDesc, srv)
-}
-
-func _SessionCoordinator_CreateSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(CreateSessionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).CreateSession(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_CreateSession_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).CreateSession(ctx, req.(*CreateSessionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_JoinSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(JoinSessionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).JoinSession(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_JoinSession_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).JoinSession(ctx, req.(*JoinSessionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_GetSessionStatus_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetSessionStatusRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).GetSessionStatus(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_GetSessionStatus_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).GetSessionStatus(ctx, req.(*GetSessionStatusRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_MarkPartyReady_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(MarkPartyReadyRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).MarkPartyReady(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_MarkPartyReady_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).MarkPartyReady(ctx, req.(*MarkPartyReadyRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_StartSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(StartSessionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).StartSession(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_StartSession_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).StartSession(ctx, req.(*StartSessionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_ReportCompletion_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(ReportCompletionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).ReportCompletion(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_ReportCompletion_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).ReportCompletion(ctx, req.(*ReportCompletionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_CloseSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(CloseSessionRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).CloseSession(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_CloseSession_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).CloseSession(ctx, req.(*CloseSessionRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _SessionCoordinator_SubmitDelegateShare_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SubmitDelegateShareRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(SessionCoordinatorServer).SubmitDelegateShare(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: SessionCoordinator_SubmitDelegateShare_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(SessionCoordinatorServer).SubmitDelegateShare(ctx, req.(*SubmitDelegateShareRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-// SessionCoordinator_ServiceDesc is the grpc.ServiceDesc for SessionCoordinator service.
-// It's only intended for direct use with grpc.RegisterService,
-// and not to be introspected or modified (even as a copy)
-var SessionCoordinator_ServiceDesc = grpc.ServiceDesc{
-	ServiceName: "mpc.coordinator.v1.SessionCoordinator",
-	HandlerType: (*SessionCoordinatorServer)(nil),
-	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "CreateSession",
-			Handler:    _SessionCoordinator_CreateSession_Handler,
-		},
-		{
-			MethodName: "JoinSession",
-			Handler:    _SessionCoordinator_JoinSession_Handler,
-		},
-		{
-			MethodName: "GetSessionStatus",
-			Handler:    _SessionCoordinator_GetSessionStatus_Handler,
-		},
-		{
-			MethodName: "MarkPartyReady",
-			Handler:    _SessionCoordinator_MarkPartyReady_Handler,
-		},
-		{
-			MethodName: "StartSession",
-			Handler:    _SessionCoordinator_StartSession_Handler,
-		},
-		{
-			MethodName: "ReportCompletion",
-			Handler:    _SessionCoordinator_ReportCompletion_Handler,
-		},
-		{
-			MethodName: "CloseSession",
-			Handler:    _SessionCoordinator_CloseSession_Handler,
-		},
-		{
-			MethodName: "SubmitDelegateShare",
-			Handler:    _SessionCoordinator_SubmitDelegateShare_Handler,
-		},
-	},
-	Streams:  []grpc.StreamDesc{},
-	Metadata: "api/proto/session_coordinator.proto",
-}
--- a/backend/mpc-system/deploy.sh
+++ b/backend/mpc-system/deploy.sh
@ -86,8 +86,8 @@ load_environment() {

 # Service lists
 CORE_SERVICES="postgres"
-DEV_MPC_SERVICES="session-coordinator message-router server-party-1 server-party-2 server-party-3 server-party-api account-service"
-PROD_CENTRAL_SERVICES="postgres message-router session-coordinator account-service server-party-api"
+DEV_MPC_SERVICES="session-coordinator message-router server-party-1 server-party-2 server-party-3 server-party-api server-party-co-managed-1 server-party-co-managed-2 server-party-co-managed-3 account-service"
+PROD_CENTRAL_SERVICES="postgres message-router session-coordinator account-service server-party-api server-party-co-managed-1 server-party-co-managed-2 server-party-co-managed-3"

 # ============================================
 # Development Mode Commands (docker-compose.yml)
@ -212,6 +212,55 @@ dev_commands() {
            echo ""
            ;;

+        start-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            log_info "Starting $2..."
+            docker compose up -d "$2"
+            log_success "$2 started"
+            ;;
+
+        stop-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            log_info "Stopping $2..."
+            docker compose stop "$2"
+            log_success "$2 stopped"
+            ;;
+
+        restart-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            log_info "Restarting $2..."
+            docker compose stop "$2"
+            docker compose up -d "$2"
+            log_success "$2 restarted"
+            ;;
+
+        rebuild-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            local svc="$2"
+            local no_cache="$3"
+            log_info "Rebuilding $svc..."
+            if [ "$no_cache" = "--no-cache" ]; then
+                log_info "Building without cache..."
+                docker compose build --no-cache "$svc"
+            else
+                docker compose build "$svc"
+            fi
+            docker compose up -d "$svc"
+            log_success "$svc rebuilt and restarted"
+            ;;
+
        *)
            return 1
            ;;
@ -314,6 +363,55 @@ prod_commands() {
            fi
            ;;

+        start-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            log_info "Starting $2..."
+            docker compose -f docker-compose.prod.yml up -d "$2"
+            log_success "$2 started"
+            ;;
+
+        stop-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            log_info "Stopping $2..."
+            docker compose -f docker-compose.prod.yml stop "$2"
+            log_success "$2 stopped"
+            ;;
+
+        restart-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            log_info "Restarting $2..."
+            docker compose -f docker-compose.prod.yml stop "$2"
+            docker compose -f docker-compose.prod.yml up -d "$2"
+            log_success "$2 restarted"
+            ;;
+
+        rebuild-svc)
+            if [ -z "$2" ]; then
+                log_error "Please specify a service name"
+                return 1
+            fi
+            local svc="$2"
+            local no_cache="$3"
+            log_info "Rebuilding $svc..."
+            if [ "$no_cache" = "--no-cache" ]; then
+                log_info "Building without cache..."
+                docker compose -f docker-compose.prod.yml build --no-cache "$svc"
+            else
+                docker compose -f docker-compose.prod.yml build "$svc"
+            fi
+            docker compose -f docker-compose.prod.yml up -d "$svc"
+            log_success "$svc rebuilt and restarted"
+            ;;
+
        *)
            return 1
            ;;
@ -435,39 +533,67 @@ show_help() {
    echo ""
    echo "Development Commands (default mode):"
    echo "  $0 build              Build all Docker images"
+    echo "  $0 build-no-cache     Build all images without cache"
    echo "  $0 up|start           Start all services"
    echo "  $0 down|stop          Stop all services"
    echo "  $0 restart            Restart all services"
    echo "  $0 logs [service]     Follow logs"
+    echo "  $0 logs-tail [svc]    Show last 100 lines of logs"
    echo "  $0 status|ps          Show services status"
    echo "  $0 health             Check all services health"
    echo "  $0 clean              Remove containers and volumes"
+    echo "  $0 shell [service]    Open shell in container"
+    echo "  $0 test-api           Test Account Service API"
+    echo ""
+    echo "Single Service Commands (Development):"
+    echo "  $0 start-svc <name>   Start a specific service"
+    echo "  $0 stop-svc <name>    Stop a specific service"
+    echo "  $0 restart-svc <name> Restart a specific service"
+    echo "  $0 rebuild-svc <name> [--no-cache]  Rebuild and restart a service"
    echo ""
    echo "Production Central Commands:"
    echo "  $0 prod build         Build central services"
    echo "  $0 prod up            Start central services"
    echo "  $0 prod down          Stop central services"
-    echo "  $0 prod logs          Follow central logs"
+    echo "  $0 prod restart       Restart central services"
+    echo "  $0 prod logs [svc]    Follow central logs"
+    echo "  $0 prod status        Show central status"
    echo "  $0 prod health        Check central health"
+    echo "  $0 prod clean         Remove central containers and volumes"
+    echo "  $0 prod start-svc <name>   Start a specific service"
+    echo "  $0 prod stop-svc <name>    Stop a specific service"
+    echo "  $0 prod restart-svc <name> Restart a specific service"
+    echo "  $0 prod rebuild-svc <name> [--no-cache]  Rebuild and restart"
    echo ""
    echo "Production Party Commands (run on each party machine):"
    echo "  $0 party build        Build party service"
    echo "  $0 party up           Start party (connects to central)"
    echo "  $0 party down         Stop party"
+    echo "  $0 party restart      Restart party"
    echo "  $0 party logs         Follow party logs"
+    echo "  $0 party status       Show party status"
    echo "  $0 party health       Check party health and connectivity"
+    echo "  $0 party clean        Remove party containers and volumes"
    echo ""
    echo "Environment Files:"
    echo "  .env              Development configuration"
    echo "  .env.prod         Production Central configuration"
    echo "  .env.party        Production Party configuration"
    echo ""
+    echo "Services (Development):"
+    echo "  postgres, session-coordinator, message-router, account-service,"
+    echo "  server-party-api, server-party-1, server-party-2, server-party-3,"
+    echo "  server-party-co-managed-1, server-party-co-managed-2, server-party-co-managed-3"
+    echo ""
    echo "Examples:"
    echo "  # Development (all on one machine)"
    echo "  $0 up"
+    echo "  $0 rebuild-svc account-service --no-cache"
+    echo "  $0 restart-svc session-coordinator"
    echo ""
    echo "  # Production Central (on central server)"
    echo "  $0 prod up"
+    echo "  $0 prod rebuild-svc account-service"
    echo ""
    echo "  # Production Party (on each party machine)"
    echo "  PARTY_ID=server-party-1 $0 party up"
--- a/backend/mpc-system/docker-compose.party.yml
+++ b/backend/mpc-system/docker-compose.party.yml
@ -36,6 +36,7 @@ services:
    image: postgres:15-alpine
    container_name: mpc-party-postgres-${PARTY_ID:-party}
    environment:
+      TZ: Asia/Shanghai
      POSTGRES_DB: mpc_party
      POSTGRES_USER: ${POSTGRES_USER:-mpc_user}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set}
@ -65,6 +66,7 @@ services:
    ports:
      - "${PARTY_HTTP_PORT:-8080}:8080"  # Optional: local health check only
    environment:
+      TZ: Asia/Shanghai
      # Party Identity
      PARTY_ID: ${PARTY_ID:?PARTY_ID must be set (e.g., server-party-1)}
      PARTY_ROLE: ${PARTY_ROLE:-persistent}
--- a/backend/mpc-system/docker-compose.prod.yml
+++ b/backend/mpc-system/docker-compose.prod.yml
@ -29,6 +29,7 @@ services:
    image: postgres:15-alpine
    container_name: mpc-postgres
    environment:
+      TZ: Asia/Shanghai
      POSTGRES_DB: mpc_system
      POSTGRES_USER: ${POSTGRES_USER:-mpc_user}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set in .env}
@ -58,6 +59,7 @@ services:
      - "${MESSAGE_ROUTER_GRPC_PORT:-50051}:50051"  # gRPC for party connections (PUBLIC)
      - "${MESSAGE_ROUTER_HTTP_PORT:-8082}:8080"    # HTTP for health checks
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-production}
@ -92,6 +94,7 @@ services:
      - "${SESSION_COORDINATOR_GRPC_PORT:-50052}:50051"  # gRPC for party connections (PUBLIC)
      - "${SESSION_COORDINATOR_HTTP_PORT:-8081}:8080"    # HTTP API
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-production}
@ -130,6 +133,7 @@ services:
    ports:
      - "${ACCOUNT_SERVICE_PORT:-4000}:8080"  # HTTP API for external access
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-production}
@ -170,6 +174,7 @@ services:
    ports:
      - "${SERVER_PARTY_API_PORT:-8083}:8080"
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-production}
      SESSION_COORDINATOR_ADDR: session-coordinator:50051
--- a/backend/mpc-system/docker-compose.yml
+++ b/backend/mpc-system/docker-compose.yml
@ -24,6 +24,7 @@ services:
    image: postgres:15-alpine
    container_name: mpc-postgres
    environment:
+      TZ: Asia/Shanghai
      POSTGRES_DB: mpc_system
      POSTGRES_USER: ${POSTGRES_USER:-mpc_user}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set in .env}
@ -53,6 +54,7 @@ services:
    ports:
      - "8081:8080"  # HTTP API for external access
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
@ -89,8 +91,10 @@ services:
      dockerfile: services/message-router/Dockerfile
    container_name: mpc-message-router
    ports:
-      - "8082:8080"  # WebSocket for external connections
+      - "50051:50051"  # gRPC for party connections
+      - "8082:8080"    # HTTP for health checks
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
@ -126,6 +130,7 @@ services:
      dockerfile: services/server-party/Dockerfile
    container_name: mpc-server-party-1
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
@ -164,6 +169,7 @@ services:
      dockerfile: services/server-party/Dockerfile
    container_name: mpc-server-party-2
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
@ -202,6 +208,7 @@ services:
      dockerfile: services/server-party/Dockerfile
    container_name: mpc-server-party-3
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
@ -246,6 +253,7 @@ services:
    ports:
      - "8083:8080"  # HTTP API for user share generation
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
      SESSION_COORDINATOR_ADDR: session-coordinator:50051
@ -271,6 +279,123 @@ services:
      - mpc-network
    restart: unless-stopped

+  # ============================================
+  # Co-Managed Server Party Services - TSS 参与方 (专用于 co_managed_keygen)
+  # 与普通 server-party 隔离，使用两阶段事件处理
+  # 行为与 service-party-app 100% 兼容
+  # ============================================
+
+  # Co-Managed Server Party 1
+  server-party-co-managed-1:
+    build:
+      context: .
+      dockerfile: services/server-party-co-managed/Dockerfile
+    container_name: mpc-server-party-co-managed-1
+    environment:
+      TZ: Asia/Shanghai
+      MPC_SERVER_HTTP_PORT: 8080
+      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
+      MPC_LOGGER_LEVEL: ${LOG_LEVEL:-debug}
+      MPC_DATABASE_HOST: postgres
+      MPC_DATABASE_PORT: 5432
+      MPC_DATABASE_USER: ${POSTGRES_USER:-mpc_user}
+      MPC_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set}
+      MPC_DATABASE_DBNAME: mpc_system
+      MPC_DATABASE_SSLMODE: disable
+      MESSAGE_ROUTER_ADDR: message-router:50051
+      MPC_CRYPTO_MASTER_KEY: ${CRYPTO_MASTER_KEY}
+      PARTY_ID: co-managed-party-1
+    depends_on:
+      postgres:
+        condition: service_healthy
+      session-coordinator:
+        condition: service_healthy
+      message-router:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8080/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+    networks:
+      - mpc-network
+    restart: unless-stopped
+
+  # Co-Managed Server Party 2
+  server-party-co-managed-2:
+    build:
+      context: .
+      dockerfile: services/server-party-co-managed/Dockerfile
+    container_name: mpc-server-party-co-managed-2
+    environment:
+      TZ: Asia/Shanghai
+      MPC_SERVER_HTTP_PORT: 8080
+      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
+      MPC_LOGGER_LEVEL: ${LOG_LEVEL:-debug}
+      MPC_DATABASE_HOST: postgres
+      MPC_DATABASE_PORT: 5432
+      MPC_DATABASE_USER: ${POSTGRES_USER:-mpc_user}
+      MPC_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set}
+      MPC_DATABASE_DBNAME: mpc_system
+      MPC_DATABASE_SSLMODE: disable
+      MESSAGE_ROUTER_ADDR: message-router:50051
+      MPC_CRYPTO_MASTER_KEY: ${CRYPTO_MASTER_KEY}
+      PARTY_ID: co-managed-party-2
+    depends_on:
+      postgres:
+        condition: service_healthy
+      session-coordinator:
+        condition: service_healthy
+      message-router:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8080/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+    networks:
+      - mpc-network
+    restart: unless-stopped
+
+  # Co-Managed Server Party 3
+  server-party-co-managed-3:
+    build:
+      context: .
+      dockerfile: services/server-party-co-managed/Dockerfile
+    container_name: mpc-server-party-co-managed-3
+    environment:
+      TZ: Asia/Shanghai
+      MPC_SERVER_HTTP_PORT: 8080
+      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
+      MPC_LOGGER_LEVEL: ${LOG_LEVEL:-debug}
+      MPC_DATABASE_HOST: postgres
+      MPC_DATABASE_PORT: 5432
+      MPC_DATABASE_USER: ${POSTGRES_USER:-mpc_user}
+      MPC_DATABASE_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set}
+      MPC_DATABASE_DBNAME: mpc_system
+      MPC_DATABASE_SSLMODE: disable
+      MESSAGE_ROUTER_ADDR: message-router:50051
+      MPC_CRYPTO_MASTER_KEY: ${CRYPTO_MASTER_KEY}
+      PARTY_ID: co-managed-party-3
+    depends_on:
+      postgres:
+        condition: service_healthy
+      session-coordinator:
+        condition: service_healthy
+      message-router:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8080/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+    networks:
+      - mpc-network
+    restart: unless-stopped
+
  # ============================================
  # Account Service - External API Entry Point
  # Main HTTP API for backend mpc-service integration
@ -283,6 +408,7 @@ services:
    ports:
      - "4000:8080"  # HTTP API for external access
    environment:
+      TZ: Asia/Shanghai
      MPC_SERVER_GRPC_PORT: 50051
      MPC_SERVER_HTTP_PORT: 8080
      MPC_SERVER_ENVIRONMENT: ${ENVIRONMENT:-development}
--- a/backend/mpc-system/migrations/008_add_co_managed_wallet_fields.down.sql
+++ b/backend/mpc-system/migrations/008_add_co_managed_wallet_fields.down.sql
@ -0,0 +1,17 @@
+-- Migration: 008_add_co_managed_wallet_fields (rollback)
+-- Description: Remove wallet_name and invite_code fields and revert session_type constraint
+
+-- Drop the index for invite_code
+DROP INDEX IF EXISTS idx_mpc_sessions_invite_code;
+
+-- Remove the columns
+ALTER TABLE mpc_sessions
+    DROP COLUMN IF EXISTS wallet_name,
+    DROP COLUMN IF EXISTS invite_code;
+
+-- Drop the updated session_type constraint
+ALTER TABLE mpc_sessions DROP CONSTRAINT IF EXISTS chk_session_type;
+
+-- Restore the original session_type constraint
+ALTER TABLE mpc_sessions
+    ADD CONSTRAINT chk_session_type CHECK (session_type IN ('keygen', 'sign'));
--- a/backend/mpc-system/migrations/008_add_co_managed_wallet_fields.up.sql
+++ b/backend/mpc-system/migrations/008_add_co_managed_wallet_fields.up.sql
@ -0,0 +1,32 @@
+-- Migration: 008_add_co_managed_wallet_fields
+-- Description: Add wallet_name and invite_code fields for co-managed wallet sessions
+--              and extend session_type to support 'co_managed_keygen'
+-- This migration is idempotent - safe to run multiple times
+
+-- Add new columns for co-managed wallet sessions (idempotent)
+DO $$
+BEGIN
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns
+                   WHERE table_name = 'mpc_sessions' AND column_name = 'wallet_name') THEN
+        ALTER TABLE mpc_sessions ADD COLUMN wallet_name VARCHAR(255);
+    END IF;
+
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns
+                   WHERE table_name = 'mpc_sessions' AND column_name = 'invite_code') THEN
+        ALTER TABLE mpc_sessions ADD COLUMN invite_code VARCHAR(50);
+    END IF;
+END $$;
+
+-- Create index for invite_code lookups (idempotent)
+CREATE INDEX IF NOT EXISTS idx_mpc_sessions_invite_code ON mpc_sessions(invite_code) WHERE invite_code IS NOT NULL;
+
+-- Drop the existing session_type constraint
+ALTER TABLE mpc_sessions DROP CONSTRAINT IF EXISTS chk_session_type;
+
+-- Add updated session_type constraint including 'co_managed_keygen'
+ALTER TABLE mpc_sessions
+    ADD CONSTRAINT chk_session_type CHECK (session_type IN ('keygen', 'sign', 'co_managed_keygen'));
+
+-- Add comment for the new columns (safe to run multiple times)
+COMMENT ON COLUMN mpc_sessions.wallet_name IS 'Wallet name for co-managed wallet sessions';
+COMMENT ON COLUMN mpc_sessions.invite_code IS 'Invite code for co-managed wallet sessions - used for participants to join';
--- a/backend/mpc-system/pkg/tss/keygen.go
+++ b/backend/mpc-system/pkg/tss/keygen.go
@ -117,8 +117,11 @@ func NewKeygenSession(
 	sortedPartyIDs := tss.SortPartyIDs(tssPartyIDs)

 	// Create peer context and parameters
+	// IMPORTANT: TSS-lib threshold convention: threshold=t means (t+1) signers required
+	// User says "2-of-3" meaning 2 signers needed, so we pass (Threshold-1) to TSS-lib
 	peerCtx := tss.NewPeerContext(sortedPartyIDs)
-	params := tss.NewParameters(tss.S256(), peerCtx, selfTSSID, len(sortedPartyIDs), config.Threshold)
+	tssThreshold := config.Threshold - 1
+	params := tss.NewParameters(tss.S256(), peerCtx, selfTSSID, len(sortedPartyIDs), tssThreshold)

 	return &KeygenSession{
 		config:      config,
--- a/backend/mpc-system/pkg/tss/signing.go
+++ b/backend/mpc-system/pkg/tss/signing.go
@ -132,10 +132,15 @@ func NewSigningSession(
 		keygenIndexToSortedIndex, selfParty.PartyID)

 	// Create peer context and parameters
-	// IMPORTANT: Use TotalParties from keygen, not len(sortedPartyIDs) which is current signers
-	// For 2-of-3: threshold=2, TotalParties=3, but only 2 parties might participate in signing
+	// IMPORTANT: TSS-lib threshold convention: threshold=t means (t+1) signers required
+	// This MUST match keygen exactly! Both use (Threshold-1)
+	// The BuildLocalSaveDataSubset call in Start() will filter the save data to match
 	peerCtx := tss.NewPeerContext(sortedPartyIDs)
-	params := tss.NewParameters(tss.S256(), peerCtx, selfTSSID, config.TotalParties, config.Threshold)
+	tssThreshold := config.Threshold - 1
+	params := tss.NewParameters(tss.S256(), peerCtx, selfTSSID, len(sortedPartyIDs), tssThreshold)
+
+	fmt.Printf("[TSS-SIGN] NewParameters: partyCount=%d, tssThreshold=%d (from config.Threshold=%d) party_id=%s\n",
+		len(sortedPartyIDs), tssThreshold, config.Threshold, selfParty.PartyID)

 	// Convert message hash to big.Int
 	msgHash := new(big.Int).SetBytes(messageHash)
@ -167,8 +172,17 @@ func (s *SigningSession) Start(ctx context.Context) (*SigningResult, error) {
 	s.started = true
 	s.mu.Unlock()

-	// Create local party for signing
-	s.localParty = signing.NewLocalParty(s.messageHash, s.params, *s.saveData, s.outCh, s.endCh)
+	// CRITICAL: Build a subset of the save data for the current signing parties
+	// When signing with fewer parties than keygen (e.g., 2-of-3 signing with only 2 parties),
+	// we must filter the save data to only include the participating parties' data.
+	// This ensures TSS-lib's internal indices match the actual signers.
+	subsetSaveData := keygen.BuildLocalSaveDataSubset(*s.saveData, s.tssPartyIDs)
+
+	fmt.Printf("[TSS-SIGN] Built save data subset for %d signing parties (original keygen had %d parties) party_id=%s\n",
+		len(s.tssPartyIDs), len(s.saveData.Ks), s.selfParty.PartyID)
+
+	// Create local party for signing with the SUBSET save data
+	s.localParty = signing.NewLocalParty(s.messageHash, s.params, subsetSaveData, s.outCh, s.endCh)

 	// Start the local party
 	go func() {
--- a/backend/mpc-system/services/account/adapters/input/http/account_handler.go
+++ b/backend/mpc-system/services/account/adapters/input/http/account_handler.go
@ -833,9 +833,11 @@ func (h *AccountHTTPHandler) CreateSigningSession(c *gin.Context) {
 			zap.String("keygen_session_id", accountOutput.Account.KeygenSessionID.String()))
 	}

+	// CRITICAL: Pass keygenThresholdN (original n from keygen) for correct TSS math
 	resp, err := h.sessionCoordinatorClient.CreateSigningSessionAuto(
 		ctx,
 		int32(accountOutput.Account.ThresholdT),
+		int32(accountOutput.Account.ThresholdN),
 		signingParties,
 		messageHash,
 		600, // 10 minutes expiry
--- a/backend/mpc-system/services/account/adapters/input/http/co_managed_handler.go
+++ b/backend/mpc-system/services/account/adapters/input/http/co_managed_handler.go
@ -0,0 +1,864 @@
+package http
+
+import (
+	"context"
+	"crypto/rand"
+	"database/sql"
+	"encoding/hex"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	grpcclient "github.com/rwadurian/mpc-system/services/account/adapters/output/grpc"
+	"github.com/rwadurian/mpc-system/pkg/jwt"
+	"github.com/rwadurian/mpc-system/pkg/logger"
+	"go.uber.org/zap"
+)
+
+// CoManagedHTTPHandler handles HTTP requests for co-managed wallets
+// This is a completely independent handler that does not affect existing functionality
+type CoManagedHTTPHandler struct {
+	sessionCoordinatorClient *grpcclient.SessionCoordinatorClient
+	db                       *sql.DB         // Database connection for invite_code lookups
+	jwtService               *jwt.JWTService // JWT service for generating join tokens
+}
+
+// NewCoManagedHTTPHandler creates a new CoManagedHTTPHandler
+func NewCoManagedHTTPHandler(
+	sessionCoordinatorClient *grpcclient.SessionCoordinatorClient,
+) *CoManagedHTTPHandler {
+	return &CoManagedHTTPHandler{
+		sessionCoordinatorClient: sessionCoordinatorClient,
+		db:                       nil,
+	}
+}
+
+// NewCoManagedHTTPHandlerWithDB creates a new CoManagedHTTPHandler with database support
+func NewCoManagedHTTPHandlerWithDB(
+	sessionCoordinatorClient *grpcclient.SessionCoordinatorClient,
+	db *sql.DB,
+	jwtService *jwt.JWTService,
+) *CoManagedHTTPHandler {
+	return &CoManagedHTTPHandler{
+		sessionCoordinatorClient: sessionCoordinatorClient,
+		db:                       db,
+		jwtService:               jwtService,
+	}
+}
+
+// RegisterRoutes registers HTTP routes for co-managed wallets
+func (h *CoManagedHTTPHandler) RegisterRoutes(router *gin.RouterGroup) {
+	coManaged := router.Group("/co-managed")
+	{
+		// Keygen session routes
+		coManaged.POST("/sessions", h.CreateSession)
+		coManaged.POST("/sessions/:sessionId/join", h.JoinSession)
+		coManaged.GET("/sessions/:sessionId", h.GetSessionStatus)
+		coManaged.GET("/sessions/by-invite-code/:inviteCode", h.GetSessionByInviteCode)
+
+		// Sign session routes (new - does not affect existing functionality)
+		coManaged.POST("/sign", h.CreateSignSession)
+		coManaged.GET("/sign/:sessionId", h.GetSignSessionStatus)
+		coManaged.GET("/sign/by-invite-code/:inviteCode", h.GetSignSessionByInviteCode)
+	}
+}
+
+// generateInviteCode generates a random invite code in format XXXX-XXXX-XXXX
+func generateInviteCode() string {
+	bytes := make([]byte, 6)
+	rand.Read(bytes)
+	code := fmt.Sprintf("%X", bytes)
+	return fmt.Sprintf("%s-%s-%s", code[0:4], code[4:8], code[8:12])
+}
+
+// ============================================
+// Create Co-Managed Wallet Session
+// ============================================
+
+// CreateCoManagedSessionRequest represents the request for creating a co-managed wallet session
+type CreateCoManagedSessionRequest struct {
+	WalletName       string `json:"wallet_name" binding:"required"`       // Wallet name
+	ThresholdT       int    `json:"threshold_t" binding:"required,min=1"` // Signing threshold (actual signers needed = t+1)
+	ThresholdN       int    `json:"threshold_n" binding:"required,min=2"` // Total parties
+	InitiatorPartyID string `json:"initiator_party_id" binding:"required"` // Initiator's party ID
+	InitiatorName    string `json:"initiator_name"`                        // Initiator's display name
+	PersistentCount  int    `json:"persistent_count"`                      // Number of server parties (default 2)
+}
+
+// CreateSession handles creating a new co-managed wallet session
+func (h *CoManagedHTTPHandler) CreateSession(c *gin.Context) {
+	var req CreateCoManagedSessionRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Validate threshold
+	if req.ThresholdT >= req.ThresholdN {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "threshold_t must be less than threshold_n"})
+		return
+	}
+
+	// Default persistent count is 2 (platform backup parties)
+	persistentCount := req.PersistentCount
+	if persistentCount <= 0 {
+		persistentCount = 2
+	}
+
+	// Calculate external party count
+	externalCount := req.ThresholdN - persistentCount
+	if externalCount < 1 {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": "threshold_n must be greater than persistent_count to allow external participants",
+		})
+		return
+	}
+
+	// Generate invite code
+	inviteCode := generateInviteCode()
+
+	// Call session coordinator via gRPC
+	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	defer cancel()
+
+	logger.Info("Creating co-managed keygen session",
+		zap.String("wallet_name", req.WalletName),
+		zap.Int("threshold_n", req.ThresholdN),
+		zap.Int("threshold_t", req.ThresholdT),
+		zap.Int("persistent_count", persistentCount),
+		zap.Int("external_count", externalCount),
+		zap.String("initiator_party_id", req.InitiatorPartyID))
+
+	resp, err := h.sessionCoordinatorClient.CreateCoManagedKeygenSession(
+		ctx,
+		req.WalletName,
+		inviteCode,
+		int32(req.ThresholdN),
+		int32(req.ThresholdT),
+		int32(persistentCount),
+		int32(externalCount),
+		3600, // 1 hour expiry for session creation phase
+	)
+
+	if err != nil {
+		logger.Error("Failed to create co-managed keygen session", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Get wildcard join token for external participants
+	wildcardToken := ""
+	if token, ok := resp.JoinTokens["*"]; ok {
+		wildcardToken = token
+	}
+
+	logger.Info("Co-managed keygen session created successfully",
+		zap.String("session_id", resp.SessionID),
+		zap.String("invite_code", inviteCode),
+		zap.Int("num_server_parties", len(resp.SelectedServerParties)))
+
+	c.JSON(http.StatusCreated, gin.H{
+		"session_id":              resp.SessionID,
+		"wallet_name":             req.WalletName,
+		"invite_code":             inviteCode,
+		"join_token":              wildcardToken,     // Token for external participants (backward compatible)
+		"join_tokens":             resp.JoinTokens,   // Full join tokens map for service-party-app
+		"threshold_n":             req.ThresholdN,
+		"threshold_t":             req.ThresholdT,
+		"selected_server_parties": resp.SelectedServerParties,
+		"status":                  "waiting_for_participants",
+		"current_participants":    len(resp.SelectedServerParties), // Server parties auto-joined
+		"required_participants":   req.ThresholdN,
+		"expires_at":              resp.ExpiresAt,
+	})
+}
+
+// ============================================
+// Join Co-Managed Wallet Session
+// ============================================
+
+// JoinSessionRequest represents the request for joining a session
+type JoinSessionRequest struct {
+	PartyID         string `json:"party_id" binding:"required"`   // Participant's party ID
+	JoinToken       string `json:"join_token" binding:"required"` // Join token (from invite)
+	ParticipantName string `json:"participant_name"`              // Display name
+	DeviceType      string `json:"device_type"`                   // Device type (pc, android, ios)
+	DeviceID        string `json:"device_id"`                     // Device ID
+}
+
+// JoinSession handles joining an existing co-managed session
+func (h *CoManagedHTTPHandler) JoinSession(c *gin.Context) {
+	sessionID := c.Param("sessionId")
+	if sessionID == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "session_id is required"})
+		return
+	}
+
+	// Validate session ID format
+	if _, err := uuid.Parse(sessionID); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invalid session_id format"})
+		return
+	}
+
+	var req JoinSessionRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Default device type
+	deviceType := req.DeviceType
+	if deviceType == "" {
+		deviceType = "pc"
+	}
+
+	deviceID := req.DeviceID
+	if deviceID == "" {
+		deviceID = req.PartyID // Use party ID as device ID if not provided
+	}
+
+	// Call session coordinator via gRPC
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	defer cancel()
+
+	logger.Info("Joining co-managed session",
+		zap.String("session_id", sessionID),
+		zap.String("party_id", req.PartyID),
+		zap.String("participant_name", req.ParticipantName))
+
+	resp, err := h.sessionCoordinatorClient.JoinSession(
+		ctx,
+		sessionID,
+		req.PartyID,
+		req.JoinToken,
+		deviceType,
+		deviceID,
+	)
+
+	if err != nil {
+		logger.Error("Failed to join session", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	if !resp.Success {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "failed to join session"})
+		return
+	}
+
+	// Build other parties list
+	otherParties := make([]gin.H, 0, len(resp.OtherParties))
+	for _, p := range resp.OtherParties {
+		otherParties = append(otherParties, gin.H{
+			"party_id":    p.PartyID,
+			"party_index": p.PartyIndex,
+		})
+	}
+
+	result := gin.H{
+		"success":       true,
+		"party_index":   resp.PartyIndex,
+		"other_parties": otherParties,
+	}
+
+	if resp.SessionInfo != nil {
+		result["session_info"] = gin.H{
+			"session_id":   resp.SessionInfo.SessionID,
+			"session_type": resp.SessionInfo.SessionType,
+			"threshold_n":  resp.SessionInfo.ThresholdN,
+			"threshold_t":  resp.SessionInfo.ThresholdT,
+			"status":       resp.SessionInfo.Status,
+			"wallet_name":  resp.SessionInfo.WalletName,
+		}
+	}
+
+	logger.Info("Joined co-managed session successfully",
+		zap.String("session_id", sessionID),
+		zap.String("party_id", req.PartyID),
+		zap.Int32("party_index", resp.PartyIndex))
+
+	c.JSON(http.StatusOK, result)
+}
+
+// ============================================
+// Get Session Status
+// ============================================
+
+// GetSessionStatus handles getting the status of a co-managed session
+func (h *CoManagedHTTPHandler) GetSessionStatus(c *gin.Context) {
+	sessionID := c.Param("sessionId")
+	if sessionID == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "session_id is required"})
+		return
+	}
+
+	// Validate session ID format
+	if _, err := uuid.Parse(sessionID); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invalid session_id format"})
+		return
+	}
+
+	// Call session coordinator via gRPC
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	resp, err := h.sessionCoordinatorClient.GetSessionStatus(ctx, sessionID)
+	if err != nil {
+		logger.Error("Failed to get session status", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	result := gin.H{
+		"session_id":        sessionID,
+		"status":            resp.Status,
+		"session_type":      resp.SessionType,
+		"threshold_t":       resp.ThresholdT,
+		"threshold_n":       resp.ThresholdN,
+		"completed_parties": resp.CompletedParties,
+		"total_parties":     resp.TotalParties,
+	}
+
+	// Add public key if keygen completed
+	if resp.SessionType == "co_managed_keygen" && len(resp.PublicKey) > 0 {
+		result["public_key"] = hex.EncodeToString(resp.PublicKey)
+	}
+
+	// Include participants with party_index (for service-party-app to build correct participant list)
+	if len(resp.Participants) > 0 {
+		participants := make([]gin.H, len(resp.Participants))
+		for i, p := range resp.Participants {
+			participants[i] = gin.H{
+				"party_id":    p.PartyID,
+				"party_index": p.PartyIndex,
+				"status":      p.Status,
+			}
+		}
+		result["participants"] = participants
+	}
+
+	c.JSON(http.StatusOK, result)
+}
+
+// ============================================
+// Get Session By Invite Code
+// ============================================
+
+// GetSessionByInviteCode handles looking up a session by its invite code
+// This allows Service-Party-App to find the session_id from an invite_code
+func (h *CoManagedHTTPHandler) GetSessionByInviteCode(c *gin.Context) {
+	inviteCode := c.Param("inviteCode")
+	if inviteCode == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invite_code is required"})
+		return
+	}
+
+	// Check if database connection is available
+	if h.db == nil {
+		logger.Error("Database connection not available for invite_code lookup")
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "service configuration error"})
+		return
+	}
+
+	// Query database for session by invite_code
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	var sessionID string
+	var walletName string
+	var thresholdN, thresholdT int
+	var status string
+	var expiresAt time.Time
+
+	err := h.db.QueryRowContext(ctx, `
+		SELECT id, COALESCE(wallet_name, ''), threshold_n, threshold_t, status, expires_at
+		FROM mpc_sessions
+		WHERE invite_code = $1 AND session_type = 'co_managed_keygen'
+	`, inviteCode).Scan(&sessionID, &walletName, &thresholdN, &thresholdT, &status, &expiresAt)
+
+	if err != nil {
+		if err == sql.ErrNoRows {
+			logger.Info("Session not found for invite_code",
+				zap.String("invite_code", inviteCode))
+			c.JSON(http.StatusNotFound, gin.H{"error": "session not found or expired"})
+			return
+		}
+		logger.Error("Failed to query session by invite_code",
+			zap.String("invite_code", inviteCode),
+			zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to lookup session"})
+		return
+	}
+
+	// Check if session is expired
+	if time.Now().After(expiresAt) {
+		logger.Info("Session expired for invite_code",
+			zap.String("invite_code", inviteCode),
+			zap.String("session_id", sessionID))
+		c.JSON(http.StatusGone, gin.H{"error": "session has expired"})
+		return
+	}
+
+	// Get session status from session coordinator
+	statusResp, err := h.sessionCoordinatorClient.GetSessionStatus(ctx, sessionID)
+	if err != nil {
+		logger.Error("Failed to get session status from coordinator",
+			zap.String("session_id", sessionID),
+			zap.Error(err))
+		// Return basic info without join token
+		c.JSON(http.StatusOK, gin.H{
+			"session_id":   sessionID,
+			"wallet_name":  walletName,
+			"threshold_n":  thresholdN,
+			"threshold_t":  thresholdT,
+			"status":       status,
+			"expires_at":   expiresAt.UnixMilli(),
+		})
+		return
+	}
+
+	// Generate a wildcard join token for this session
+	// This allows any participant to join using this token
+	var joinToken string
+	if h.jwtService != nil {
+		sessionUUID, err := uuid.Parse(sessionID)
+		if err == nil {
+			// Token valid until session expires
+			tokenExpiry := time.Until(expiresAt)
+			if tokenExpiry > 0 {
+				joinToken, err = h.jwtService.GenerateJoinToken(sessionUUID, "*", tokenExpiry)
+				if err != nil {
+					logger.Warn("Failed to generate join token",
+						zap.String("session_id", sessionID),
+						zap.Error(err))
+				}
+			}
+		}
+	}
+
+	logger.Info("Found session for invite_code",
+		zap.String("invite_code", inviteCode),
+		zap.String("session_id", sessionID),
+		zap.String("wallet_name", walletName),
+		zap.Bool("has_join_token", joinToken != ""))
+
+	c.JSON(http.StatusOK, gin.H{
+		"session_id":        sessionID,
+		"wallet_name":       walletName,
+		"threshold_n":       thresholdN,
+		"threshold_t":       thresholdT,
+		"status":            statusResp.Status,
+		"completed_parties": statusResp.CompletedParties,
+		"total_parties":     statusResp.TotalParties,
+		"expires_at":        expiresAt.UnixMilli(),
+		"join_token":        joinToken,
+	})
+}
+
+// ============================================
+// Co-Managed Sign Session (NEW - Independent)
+// ============================================
+
+// SignPartyInfo contains party information for signing
+type SignPartyInfo struct {
+	PartyID    string `json:"party_id" binding:"required"`
+	PartyIndex int32  `json:"party_index" binding:"required"`
+}
+
+// CreateSignSessionRequest represents the request for creating a co-managed sign session
+type CreateSignSessionRequest struct {
+	KeygenSessionID string          `json:"keygen_session_id" binding:"required"` // The keygen session that created the wallet
+	WalletName      string          `json:"wallet_name"`                          // Wallet name (for display)
+	MessageHash     string          `json:"message_hash" binding:"required"`      // Hex-encoded message hash to sign
+	Parties         []SignPartyInfo `json:"parties" binding:"required,min=1"`     // Parties to participate in signing (t+1)
+	ThresholdT      int             `json:"threshold_t" binding:"required,min=1"` // Signing threshold
+	InitiatorName   string          `json:"initiator_name"`                       // Initiator's display name
+}
+
+// CreateSignSession handles creating a new co-managed sign session
+// This is a completely new endpoint that does not affect existing sign functionality
+func (h *CoManagedHTTPHandler) CreateSignSession(c *gin.Context) {
+	var req CreateSignSessionRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Validate keygen_session_id format
+	if _, err := uuid.Parse(req.KeygenSessionID); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invalid keygen_session_id format"})
+		return
+	}
+
+	// Validate message_hash (should be hex encoded)
+	messageHash, err := hex.DecodeString(req.MessageHash)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "message_hash must be hex encoded"})
+		return
+	}
+
+	// Validate party count == threshold_t (for t-of-n signing, exactly t parties are needed)
+	if len(req.Parties) != req.ThresholdT {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": fmt.Sprintf("need exactly %d parties for threshold %d, got %d", req.ThresholdT, req.ThresholdT, len(req.Parties)),
+		})
+		return
+	}
+
+	// Call session coordinator via gRPC
+	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	defer cancel()
+
+	// CRITICAL: Query keygen session to get the original threshold_n
+	// This is required for TSS signing to work correctly - the n value must match keygen
+	var keygenThresholdN, keygenThresholdT int
+	if h.db != nil {
+		err = h.db.QueryRowContext(ctx, `
+			SELECT threshold_n, threshold_t
+			FROM mpc_sessions
+			WHERE id = $1
+		`, req.KeygenSessionID).Scan(&keygenThresholdN, &keygenThresholdT)
+		if err != nil {
+			logger.Error("Failed to query keygen session for threshold values",
+				zap.String("keygen_session_id", req.KeygenSessionID),
+				zap.Error(err))
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to lookup keygen session"})
+			return
+		}
+	} else {
+		logger.Error("Database connection not available for keygen session lookup")
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "service configuration error"})
+		return
+	}
+
+	// Generate invite code for sign session
+	inviteCode := generateInviteCode()
+
+	// Convert parties to gRPC format
+	parties := make([]grpcclient.SigningPartyInfo, len(req.Parties))
+	for i, p := range req.Parties {
+		parties[i] = grpcclient.SigningPartyInfo{
+			PartyID:    p.PartyID,
+			PartyIndex: p.PartyIndex,
+		}
+	}
+
+	logger.Info("Creating co-managed sign session",
+		zap.String("keygen_session_id", req.KeygenSessionID),
+		zap.String("wallet_name", req.WalletName),
+		zap.Int("keygen_threshold_n", keygenThresholdN),
+		zap.Int("keygen_threshold_t", keygenThresholdT),
+		zap.Int("signing_threshold_t", req.ThresholdT),
+		zap.Int("num_signing_parties", len(req.Parties)),
+		zap.String("invite_code", inviteCode))
+
+	// Create signing session
+	// Note: delegateUserShare is nil for co-managed wallets (no delegate party)
+	// CRITICAL: Pass keygenThresholdN (original n from keygen) for correct TSS math
+	resp, err := h.sessionCoordinatorClient.CreateSigningSessionAuto(
+		ctx,
+		int32(req.ThresholdT),
+		int32(keygenThresholdN),
+		parties,
+		messageHash,
+		86400, // 24 hour expiry
+		nil,   // No delegate share for co-managed wallets
+		req.KeygenSessionID,
+	)
+
+	if err != nil {
+		logger.Error("Failed to create co-managed sign session", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Store invite_code mapping in database (for lookup)
+	if h.db != nil {
+		_, dbErr := h.db.ExecContext(ctx, `
+			UPDATE mpc_sessions
+			SET invite_code = $1, wallet_name = $2
+			WHERE id = $3
+		`, inviteCode, req.WalletName, resp.SessionID)
+		if dbErr != nil {
+			logger.Warn("Failed to store invite_code for sign session",
+				zap.String("session_id", resp.SessionID),
+				zap.Error(dbErr))
+			// Don't fail the request, just log the warning
+		}
+	}
+
+	// Get wildcard token for backward compatibility (join_token field)
+	wildcardToken := ""
+	if token, ok := resp.JoinTokens["*"]; ok {
+		wildcardToken = token
+	}
+
+	logger.Info("Co-managed sign session created successfully",
+		zap.String("session_id", resp.SessionID),
+		zap.String("invite_code", inviteCode),
+		zap.Int("num_parties", len(resp.SelectedParties)),
+		zap.Int("num_join_tokens", len(resp.JoinTokens)))
+
+	c.JSON(http.StatusCreated, gin.H{
+		"session_id":            resp.SessionID,
+		"keygen_session_id":     req.KeygenSessionID,
+		"wallet_name":           req.WalletName,
+		"invite_code":           inviteCode,
+		"join_token":            wildcardToken,    // Backward compatible: wildcard token (may be empty)
+		"join_tokens":           resp.JoinTokens,  // New: all join tokens (map[partyID]token)
+		"threshold_n":           keygenThresholdN, // Original N from keygen (required for TSS)
+		"threshold_t":           req.ThresholdT,
+		"selected_parties":      resp.SelectedParties,
+		"status":                "waiting_for_participants",
+		"current_participants":  0,
+		"required_participants": len(req.Parties),
+		"expires_at":            resp.ExpiresAt,
+	})
+}
+
+// GetSignSessionStatus handles getting the status of a co-managed sign session
+func (h *CoManagedHTTPHandler) GetSignSessionStatus(c *gin.Context) {
+	sessionID := c.Param("sessionId")
+	if sessionID == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "session_id is required"})
+		return
+	}
+
+	// Validate session ID format
+	if _, err := uuid.Parse(sessionID); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invalid session_id format"})
+		return
+	}
+
+	// Call session coordinator via gRPC
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	resp, err := h.sessionCoordinatorClient.GetSessionStatus(ctx, sessionID)
+	if err != nil {
+		logger.Error("Failed to get sign session status", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Get invite_code from database
+	var inviteCode string
+	if h.db != nil {
+		row := h.db.QueryRowContext(ctx, `SELECT invite_code FROM mpc_sessions WHERE id = $1`, sessionID)
+		row.Scan(&inviteCode) // Ignore error, invite_code is optional
+	}
+
+	result := gin.H{
+		"session_id":        sessionID,
+		"status":            resp.Status,
+		"session_type":      resp.SessionType,
+		"threshold_t":       resp.ThresholdT,
+		"threshold_n":       resp.ThresholdN,
+		"completed_parties": resp.CompletedParties,
+		"total_parties":     resp.TotalParties,
+	}
+
+	// Add invite_code if available
+	if inviteCode != "" {
+		result["invite_code"] = inviteCode
+	}
+
+	// Add signature if sign completed
+	if resp.SessionType == "sign" && len(resp.Signature) > 0 {
+		result["signature"] = hex.EncodeToString(resp.Signature)
+	}
+
+	// Include participants with party_index
+	if len(resp.Participants) > 0 {
+		participants := make([]gin.H, len(resp.Participants))
+		for i, p := range resp.Participants {
+			participants[i] = gin.H{
+				"party_id":    p.PartyID,
+				"party_index": p.PartyIndex,
+				"status":      p.Status,
+			}
+		}
+		result["participants"] = participants
+	}
+
+	c.JSON(http.StatusOK, result)
+}
+
+// GetSignSessionByInviteCode handles looking up a sign session by its invite code
+// This is a completely new endpoint that does not affect existing functionality
+func (h *CoManagedHTTPHandler) GetSignSessionByInviteCode(c *gin.Context) {
+	inviteCode := c.Param("inviteCode")
+	if inviteCode == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invite_code is required"})
+		return
+	}
+
+	// Check if database connection is available
+	if h.db == nil {
+		logger.Error("Database connection not available for sign invite_code lookup")
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "service configuration error"})
+		return
+	}
+
+	// Query database for sign session by invite_code
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	var sessionID string
+	var walletName string
+	var keygenSessionID string
+	var status string
+	var expiresAt time.Time
+	var messageHash []byte
+
+	// Query sign session basic info
+	err := h.db.QueryRowContext(ctx, `
+		SELECT id, COALESCE(wallet_name, ''), COALESCE(keygen_session_id::text, ''),
+		       status, expires_at, COALESCE(message_hash, '')
+		FROM mpc_sessions
+		WHERE invite_code = $1 AND session_type = 'sign' AND status != 'failed'
+		ORDER BY created_at DESC
+		LIMIT 1
+	`, inviteCode).Scan(&sessionID, &walletName, &keygenSessionID, &status, &expiresAt, &messageHash)
+
+	if err != nil {
+		if err == sql.ErrNoRows {
+			logger.Info("Sign session not found for invite_code",
+				zap.String("invite_code", inviteCode))
+			c.JSON(http.StatusNotFound, gin.H{"error": "sign session not found or expired"})
+			return
+		}
+		logger.Error("Failed to query sign session by invite_code",
+			zap.String("invite_code", inviteCode),
+			zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to lookup sign session"})
+		return
+	}
+
+	// Check if session is expired
+	if time.Now().After(expiresAt) {
+		logger.Info("Sign session expired for invite_code",
+			zap.String("invite_code", inviteCode),
+			zap.String("session_id", sessionID))
+		c.JSON(http.StatusGone, gin.H{"error": "sign session has expired"})
+		return
+	}
+
+	// Get threshold_n and threshold_t from the KEYGEN session (the authoritative source)
+	// This is critical for TSS signing to work correctly
+	var keygenThresholdN, keygenThresholdT int
+	if keygenSessionID != "" {
+		err = h.db.QueryRowContext(ctx, `
+			SELECT threshold_n, threshold_t
+			FROM mpc_sessions
+			WHERE id = $1
+		`, keygenSessionID).Scan(&keygenThresholdN, &keygenThresholdT)
+		if err != nil {
+			logger.Error("Failed to query keygen session for threshold values",
+				zap.String("keygen_session_id", keygenSessionID),
+				zap.Error(err))
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to lookup keygen session"})
+			return
+		}
+	} else {
+		logger.Error("Sign session has no keygen_session_id",
+			zap.String("session_id", sessionID))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "sign session missing keygen reference"})
+		return
+	}
+
+	// Get the signing parties list from the sign session's participants table
+	// These are the parties that were selected for this signing session
+	var parties []gin.H
+	rows, err := h.db.QueryContext(ctx, `
+		SELECT party_id, party_index
+		FROM participants
+		WHERE session_id = $1
+		ORDER BY party_index
+	`, sessionID)
+	if err != nil {
+		logger.Error("Failed to query sign session participants",
+			zap.String("session_id", sessionID),
+			zap.Error(err))
+		// Continue without parties list, frontend will fallback
+	} else {
+		defer rows.Close()
+		for rows.Next() {
+			var partyID string
+			var partyIndex int
+			if err := rows.Scan(&partyID, &partyIndex); err != nil {
+				logger.Warn("Failed to scan participant row",
+					zap.Error(err))
+				continue
+			}
+			parties = append(parties, gin.H{
+				"party_id":    partyID,
+				"party_index": partyIndex,
+			})
+		}
+	}
+
+	// Get session status from coordinator
+	statusResp, err := h.sessionCoordinatorClient.GetSessionStatus(ctx, sessionID)
+	if err != nil {
+		logger.Error("Failed to get sign session status from coordinator",
+			zap.String("session_id", sessionID),
+			zap.Error(err))
+		// Return basic info without detailed status
+		c.JSON(http.StatusOK, gin.H{
+			"session_id":        sessionID,
+			"keygen_session_id": keygenSessionID,
+			"wallet_name":       walletName,
+			"message_hash":      hex.EncodeToString(messageHash),
+			"threshold_n":       keygenThresholdN,
+			"threshold_t":       keygenThresholdT,
+			"status":            status,
+			"joined_count":      0,
+			"expires_at":        expiresAt.UnixMilli(),
+			"parties":           parties,
+		})
+		return
+	}
+
+	// Generate join token for this session (wildcard token that allows any party to join)
+	var joinToken string
+	if h.jwtService != nil {
+		sessionUUID, parseErr := uuid.Parse(sessionID)
+		if parseErr == nil {
+			token, err := h.jwtService.GenerateJoinToken(sessionUUID, "*", time.Hour) // Wildcard party ID, 1 hour expiry
+			if err != nil {
+				logger.Warn("Failed to generate join token for sign session",
+					zap.String("session_id", sessionID),
+					zap.Error(err))
+			} else {
+				joinToken = token
+			}
+		}
+	}
+
+	logger.Info("Found sign session for invite_code",
+		zap.String("invite_code", inviteCode),
+		zap.String("session_id", sessionID),
+		zap.String("wallet_name", walletName),
+		zap.String("keygen_session_id", keygenSessionID),
+		zap.Int("keygen_threshold_n", keygenThresholdN),
+		zap.Int("keygen_threshold_t", keygenThresholdT),
+		zap.Int("parties_count", len(parties)),
+		zap.Bool("has_join_token", joinToken != ""))
+
+	c.JSON(http.StatusOK, gin.H{
+		"session_id":        sessionID,
+		"keygen_session_id": keygenSessionID,
+		"wallet_name":       walletName,
+		"message_hash":      hex.EncodeToString(messageHash),
+		"threshold_n":       keygenThresholdN,
+		"threshold_t":       keygenThresholdT,
+		"status":            statusResp.Status,
+		"joined_count":      statusResp.CompletedParties,
+		"expires_at":        expiresAt.UnixMilli(),
+		"join_token":        joinToken,
+		"parties":           parties,
+	})
+}
--- a/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go
+++ b/backend/mpc-system/services/account/adapters/output/grpc/session_coordinator_client.go
@ -137,9 +137,19 @@ type SigningPartyInfo struct {
 // CreateSigningSessionAuto creates a new signing session with automatic party selection
 // Coordinator will select parties from the provided party info (from account shares)
 // delegateUserShare is required if any of the parties is a delegate party
+// keygenThresholdN is the original threshold_n from the keygen session (required for TSS math)
+//
+// BREAKING CHANGE WARNING (for co-sign feature, commit 042212ea):
+// Original code: ThresholdN = int32(len(parties)) - used participant count as N
+// New code: ThresholdN = keygenThresholdN - uses original N from keygen session
+// This change affects PERSISTENT SIGN flow. The original approach made threshold_n
+// equal to participant count (T+1), which worked with the old N-based validation.
+// If issues arise with persistent sign, REVERT to: ThresholdN: int32(len(parties))
+// Related files: session_coordinator.go, mpc_session.go, account_handler.go
 func (c *SessionCoordinatorClient) CreateSigningSessionAuto(
 	ctx context.Context,
 	thresholdT int32,
+	keygenThresholdN int32,
 	parties []SigningPartyInfo,
 	messageHash []byte,
 	expiresInSeconds int64,
@ -155,9 +165,11 @@ func (c *SessionCoordinatorClient) CreateSigningSessionAuto(
 		}
 	}

+	// CRITICAL: Use keygenThresholdN (original n from keygen), NOT len(parties)
+	// TSS signing requires the same n value used during keygen for correct mathematical operations
 	req := &coordinatorpb.CreateSessionRequest{
 		SessionType:      "sign",
-		ThresholdN:       int32(len(parties)),
+		ThresholdN:       keygenThresholdN,
 		ThresholdT:       thresholdT,
 		Participants:     pbParticipants,
 		MessageHash:      messageHash,
@ -174,12 +186,14 @@ func (c *SessionCoordinatorClient) CreateSigningSessionAuto(
 		}
 		logger.Info("Sending CreateSigningSession gRPC request with delegate user share",
 			zap.Int32("threshold_t", thresholdT),
-			zap.Int("num_parties", len(parties)),
+			zap.Int32("keygen_threshold_n", keygenThresholdN),
+			zap.Int("num_signing_parties", len(parties)),
 			zap.String("delegate_party_id", delegateUserShare.DelegatePartyID))
 	} else {
 		logger.Info("Sending CreateSigningSession gRPC request",
 			zap.Int32("threshold_t", thresholdT),
-			zap.Int("num_parties", len(parties)))
+			zap.Int32("keygen_threshold_n", keygenThresholdN),
+			zap.Int("num_signing_parties", len(parties)))
 	}

 	resp, err := c.client.CreateSession(ctx, req)
@ -225,6 +239,8 @@ func (c *SessionCoordinatorClient) GetSessionStatus(
 		Status:           resp.Status,
 		CompletedParties: resp.CompletedParties,
 		TotalParties:     resp.TotalParties,
+		ThresholdT:       resp.ThresholdT,
+		ThresholdN:       resp.ThresholdN,
 		SessionType:      resp.SessionType,
 		PublicKey:        resp.PublicKey,
 		Signature:        resp.Signature,
@ -240,6 +256,18 @@ func (c *SessionCoordinatorClient) GetSessionStatus(
 		}
 	}

+	// Include participants if present (for co_managed_keygen sessions)
+	if len(resp.Participants) > 0 {
+		result.Participants = make([]ParticipantStatusInfo, len(resp.Participants))
+		for i, p := range resp.Participants {
+			result.Participants[i] = ParticipantStatusInfo{
+				PartyID:    p.PartyId,
+				PartyIndex: p.PartyIndex,
+				Status:     p.Status,
+			}
+		}
+	}
+
 	return result, nil
 }

@ -281,6 +309,8 @@ type SessionStatusResponse struct {
 	Status           string
 	CompletedParties int32
 	TotalParties     int32
+	ThresholdT       int32  // Minimum parties needed to sign (e.g., 2 in 2-of-3)
+	ThresholdN       int32  // Total number of parties required (e.g., 3 in 2-of-3)
 	SessionType      string // "keygen" or "sign"
 	PublicKey        []byte
 	Signature        []byte
@ -290,6 +320,16 @@ type SessionStatusResponse struct {
 	// DelegateShare is non-nil when session_type="keygen" AND has_delegate=true AND session is completed
 	// nil with has_delegate=true means share was already retrieved (one-time retrieval)
 	DelegateShare *DelegateShareInfo
+	// Participants contains detailed participant information including party_index
+	// Used by service-party-app for co_managed_keygen sessions
+	Participants []ParticipantStatusInfo
+}
+
+// ParticipantStatusInfo contains participant status information
+type ParticipantStatusInfo struct {
+	PartyID    string
+	PartyIndex int32
+	Status     string
 }

 // DelegateShareInfo contains the delegate party's share for user
@ -298,3 +338,167 @@ type DelegateShareInfo struct {
 	PartyIndex     int32
 	PartyID        string
 }
+
+// CreateCoManagedSessionResponse contains the created co-managed session info
+type CreateCoManagedSessionResponse struct {
+	SessionID            string
+	InviteCode           string
+	WalletName           string
+	SelectedServerParties []string          // Auto-selected server parties
+	JoinTokens           map[string]string  // Includes wildcard token for external parties
+	ExpiresAt            int64
+	ThresholdN           int32
+	ThresholdT           int32
+}
+
+// CreateCoManagedKeygenSession creates a new co-managed keygen session
+// This session waits for external participants to join via invite code
+func (c *SessionCoordinatorClient) CreateCoManagedKeygenSession(
+	ctx context.Context,
+	walletName string,
+	inviteCode string,
+	thresholdN int32,
+	thresholdT int32,
+	persistentCount int32,   // Number of server parties to auto-select
+	externalCount int32,     // Number of external parties (Service Party Apps)
+	expiresInSeconds int64,
+) (*CreateCoManagedSessionResponse, error) {
+	req := &coordinatorpb.CreateSessionRequest{
+		SessionType:      "co_managed_keygen",
+		ThresholdN:       thresholdN,
+		ThresholdT:       thresholdT,
+		Participants:     nil, // External participants will join later
+		ExpiresInSeconds: expiresInSeconds,
+		PartyComposition: &coordinatorpb.PartyComposition{
+			PersistentCount: persistentCount,
+			DelegateCount:   0,
+			TemporaryCount:  externalCount, // External parties treated as temporary
+		},
+		WalletName: walletName,
+		InviteCode: inviteCode,
+	}
+
+	logger.Info("Sending CreateCoManagedKeygenSession gRPC request",
+		zap.String("session_type", "co_managed_keygen"),
+		zap.String("wallet_name", walletName),
+		zap.Int32("threshold_n", thresholdN),
+		zap.Int32("threshold_t", thresholdT),
+		zap.Int32("persistent_count", persistentCount),
+		zap.Int32("external_count", externalCount))
+
+	resp, err := c.client.CreateSession(ctx, req)
+	if err != nil {
+		logger.Error("CreateCoManagedKeygenSession gRPC call failed", zap.Error(err))
+		return nil, fmt.Errorf("failed to create co-managed keygen session: %w", err)
+	}
+
+	// Extract selected server parties
+	var serverParties []string
+	for partyID := range resp.JoinTokens {
+		if partyID != "*" { // Exclude wildcard token
+			serverParties = append(serverParties, partyID)
+		}
+	}
+
+	logger.Info("CreateCoManagedKeygenSession gRPC call succeeded",
+		zap.String("session_id", resp.SessionId),
+		zap.Int("num_server_parties", len(serverParties)))
+
+	return &CreateCoManagedSessionResponse{
+		SessionID:            resp.SessionId,
+		InviteCode:           inviteCode,
+		WalletName:           walletName,
+		SelectedServerParties: serverParties,
+		JoinTokens:           resp.JoinTokens,
+		ExpiresAt:            resp.ExpiresAt,
+		ThresholdN:           thresholdN,
+		ThresholdT:           thresholdT,
+	}, nil
+}
+
+// JoinSessionResponse contains join session result
+type JoinSessionResponse struct {
+	Success      bool
+	PartyIndex   int32
+	SessionInfo  *SessionInfoResponse
+	OtherParties []PartyInfoResponse
+}
+
+// SessionInfoResponse contains session info from join response
+type SessionInfoResponse struct {
+	SessionID      string
+	SessionType    string
+	ThresholdN     int32
+	ThresholdT     int32
+	Status         string
+	WalletName     string
+	InviteCode     string
+	KeygenSessionID string
+}
+
+// PartyInfoResponse contains party info
+type PartyInfoResponse struct {
+	PartyID    string
+	PartyIndex int32
+}
+
+// JoinSession joins an existing session
+func (c *SessionCoordinatorClient) JoinSession(
+	ctx context.Context,
+	sessionID string,
+	partyID string,
+	joinToken string,
+	deviceType string,
+	deviceID string,
+) (*JoinSessionResponse, error) {
+	req := &coordinatorpb.JoinSessionRequest{
+		SessionId: sessionID,
+		PartyId:   partyID,
+		JoinToken: joinToken,
+		DeviceInfo: &coordinatorpb.DeviceInfo{
+			DeviceType: deviceType,
+			DeviceId:   deviceID,
+		},
+	}
+
+	logger.Info("Sending JoinSession gRPC request",
+		zap.String("session_id", sessionID),
+		zap.String("party_id", partyID))
+
+	resp, err := c.client.JoinSession(ctx, req)
+	if err != nil {
+		logger.Error("JoinSession gRPC call failed", zap.Error(err))
+		return nil, fmt.Errorf("failed to join session: %w", err)
+	}
+
+	result := &JoinSessionResponse{
+		Success:    resp.Success,
+		PartyIndex: resp.PartyIndex,
+	}
+
+	if resp.SessionInfo != nil {
+		result.SessionInfo = &SessionInfoResponse{
+			SessionID:      resp.SessionInfo.SessionId,
+			SessionType:    resp.SessionInfo.SessionType,
+			ThresholdN:     resp.SessionInfo.ThresholdN,
+			ThresholdT:     resp.SessionInfo.ThresholdT,
+			Status:         resp.SessionInfo.Status,
+			WalletName:     resp.SessionInfo.WalletName,
+			InviteCode:     resp.SessionInfo.InviteCode,
+			KeygenSessionID: resp.SessionInfo.KeygenSessionId,
+		}
+	}
+
+	for _, p := range resp.OtherParties {
+		result.OtherParties = append(result.OtherParties, PartyInfoResponse{
+			PartyID:    p.PartyId,
+			PartyIndex: p.PartyIndex,
+		})
+	}
+
+	logger.Info("JoinSession gRPC call succeeded",
+		zap.Bool("success", resp.Success),
+		zap.Int32("party_index", resp.PartyIndex))
+
+	return result, nil
+}
--- a/backend/mpc-system/services/account/cmd/server/main.go
+++ b/backend/mpc-system/services/account/cmd/server/main.go
@ -137,6 +137,7 @@ func main() {
 			getRecoveryStatusUC,
 			cancelRecoveryUC,
 			sessionCoordinatorClient,
+			db,
 		); err != nil {
 			errChan <- fmt.Errorf("HTTP server error: %w", err)
 		}
@ -239,6 +240,7 @@ func startHTTPServer(
 	getRecoveryStatusUC *use_cases.GetRecoveryStatusUseCase,
 	cancelRecoveryUC *use_cases.CancelRecoveryUseCase,
 	sessionCoordinatorClient *grpcadapter.SessionCoordinatorClient,
+	db *sql.DB,
 ) error {
 	// Set Gin mode
 	if cfg.Server.Environment == "production" {
@ -300,14 +302,19 @@ func startHTTPServer(
 		})
 	})

+	// Create co-managed wallet handler (independent from existing functionality)
+	// Uses database connection for invite_code lookups and JWT service for generating join tokens
+	coManagedHandler := httphandler.NewCoManagedHTTPHandlerWithDB(sessionCoordinatorClient, db, jwtService)
+
 	// Configure authentication middleware
 	// Skip paths that don't require authentication
 	authConfig := middleware.AuthConfig{
 		JWTService: jwtService,
 		SkipPaths: []string{
 			"/health",
-			"/api/v1/auth/*",           // Auth endpoints (login, refresh, challenge)
+			"/api/v1/auth/*",               // Auth endpoints (login, refresh, challenge)
 			"/api/v1/accounts/from-keygen", // Internal API from coordinator
+			"/api/v1/co-managed/*",         // Co-managed wallet API (public for Service Party App)
 		},
 		AllowAnonymous: false,
 	}
@ -317,6 +324,9 @@ func startHTTPServer(
 	api.Use(middleware.BearerAuth(authConfig))
 	httpHandler.RegisterRoutes(api)

+	// Register co-managed wallet routes (public API)
+	coManagedHandler.RegisterRoutes(api)
+
 	logger.Info("Starting HTTP server",
 		zap.Int("port", cfg.Server.HTTPPort),
 		zap.String("environment", cfg.Server.Environment),
--- a/backend/mpc-system/services/message-router/adapters/input/grpc/message_grpc_handler.go
+++ b/backend/mpc-system/services/message-router/adapters/input/grpc/message_grpc_handler.go
@ -87,12 +87,49 @@ func (s *MessageRouterServer) RouteMessage(
 }

 // SubscribeMessages subscribes to messages for a party (streaming)
+// On subscription, it first sends any pending messages from the database
+// to ensure no messages are lost during reconnection
 func (s *MessageRouterServer) SubscribeMessages(
 	req *pb.SubscribeMessagesRequest,
 	stream pb.MessageRouter_SubscribeMessagesServer,
 ) error {
 	ctx := stream.Context()

+	logger.Info("Party subscribing to messages",
+		zap.String("session_id", req.SessionId),
+		zap.String("party_id", req.PartyId))
+
+	// First, send any pending messages from the database (message recovery on reconnect)
+	if s.getPendingMessagesUC != nil && req.SessionId != "" {
+		input := use_cases.GetPendingMessagesInput{
+			SessionID:      req.SessionId,
+			PartyID:        req.PartyId,
+			AfterTimestamp: 0, // Get all pending messages
+		}
+
+		pendingMessages, err := s.getPendingMessagesUC.Execute(ctx, input)
+		if err != nil {
+			logger.Warn("Failed to get pending messages on subscribe",
+				zap.String("session_id", req.SessionId),
+				zap.String("party_id", req.PartyId),
+				zap.Error(err))
+		} else if len(pendingMessages) > 0 {
+			logger.Info("Sending pending messages on subscribe",
+				zap.String("session_id", req.SessionId),
+				zap.String("party_id", req.PartyId),
+				zap.Int("count", len(pendingMessages)))
+
+			for _, msg := range pendingMessages {
+				if err := sendMessage(stream, msg); err != nil {
+					logger.Error("Failed to send pending message",
+						zap.String("message_id", msg.ID),
+						zap.Error(err))
+					return err
+				}
+			}
+		}
+	}
+
 	// Subscribe to party messages
 	partyCh, err := s.messageBroker.SubscribeToPartyMessages(ctx, req.PartyId)
 	if err != nil {
@ -109,6 +146,9 @@ func (s *MessageRouterServer) SubscribeMessages(
 	for {
 		select {
 		case <-ctx.Done():
+			logger.Info("Party unsubscribed from messages",
+				zap.String("session_id", req.SessionId),
+				zap.String("party_id", req.PartyId))
 			return nil
 		case msg, ok := <-partyCh:
 			if !ok {
@ -310,8 +350,10 @@ func (s *MessageRouterServer) SubscribeSessionEvents(
 		zap.String("party_id", req.PartyId))

 	// Subscribe to events
-	eventCh := s.eventBroadcaster.Subscribe(req.PartyId)
-	defer s.eventBroadcaster.Unsubscribe(req.PartyId)
+	// The channel is used for identity check in Unsubscribe to prevent
+	// accidentally removing a newer subscription when this stream exits
+	eventCh, _ := s.eventBroadcaster.Subscribe(req.PartyId)
+	defer s.eventBroadcaster.Unsubscribe(req.PartyId, eventCh)

 	// Stream events
 	for {
@ -516,6 +558,7 @@ func (s *MessageRouterServer) JoinSession(
 			ThresholdT:      coordResp.SessionInfo.ThresholdT,
 			MessageHash:     coordResp.SessionInfo.MessageHash,
 			KeygenSessionId: coordResp.SessionInfo.KeygenSessionId,
+			Status:          coordResp.SessionInfo.Status, // 修复: 添加缺失的 Status 字段
 		}
 	}

@ -639,11 +682,24 @@ func (s *MessageRouterServer) GetSessionStatus(
 		return nil, err
 	}

+	// Convert participants from coordinator response
+	var participants []*pb.PartyInfo
+	if len(coordResp.Participants) > 0 {
+		participants = make([]*pb.PartyInfo, len(coordResp.Participants))
+		for i, p := range coordResp.Participants {
+			participants[i] = &pb.PartyInfo{
+				PartyId:    p.PartyId,
+				PartyIndex: p.PartyIndex,
+			}
+		}
+	}
+
 	return &pb.GetSessionStatusResponse{
-		SessionId:  req.SessionId,
-		Status:     coordResp.Status,
-		ThresholdN: coordResp.TotalParties,    // Use TotalParties as N
-		ThresholdT: coordResp.CompletedParties, // Return completed count in ThresholdT for info
+		SessionId:    req.SessionId,
+		Status:       coordResp.Status,
+		ThresholdN:   coordResp.ThresholdN,   // Actual threshold N from session config
+		ThresholdT:   coordResp.ThresholdT,   // Actual threshold T from session config
+		Participants: participants,           // Include participants for co_managed_keygen
 	}, nil
 }

--- a/backend/mpc-system/services/message-router/adapters/output/memory/message_broker.go
+++ b/backend/mpc-system/services/message-router/adapters/output/memory/message_broker.go
@ -116,6 +116,7 @@ func (a *MessageBrokerAdapter) PublishToSession(
 }

 // SubscribeToPartyMessages subscribes to messages for a specific party
+// If the party already has an active subscription, the old channel is closed first
 func (a *MessageBrokerAdapter) SubscribeToPartyMessages(
 	ctx context.Context,
 	partyID string,
@ -123,11 +124,15 @@ func (a *MessageBrokerAdapter) SubscribeToPartyMessages(
 	a.mu.Lock()
 	defer a.mu.Unlock()

-	// Create channel if not exists
-	if _, exists := a.partyChannels[partyID]; !exists {
-		a.partyChannels[partyID] = make(chan *entities.MessageDTO, 100)
+	// Close existing channel if party is re-subscribing (e.g., after reconnect)
+	if oldCh, exists := a.partyChannels[partyID]; exists {
+		close(oldCh)
+		logger.Info("closed existing party channel for re-subscription",
+			zap.String("party_id", partyID))
 	}

+	// Create new channel
+	a.partyChannels[partyID] = make(chan *entities.MessageDTO, 100)
 	ch := a.partyChannels[partyID]

 	// Return a read-only channel
@ -155,6 +160,7 @@ func (a *MessageBrokerAdapter) SubscribeToPartyMessages(
 }

 // SubscribeToSessionMessages subscribes to all messages in a session
+// If the party already has an active subscription for this session, the old channel is closed first
 func (a *MessageBrokerAdapter) SubscribeToSessionMessages(
 	ctx context.Context,
 	sessionID string,
@ -171,14 +177,18 @@ func (a *MessageBrokerAdapter) SubscribeToSessionMessages(
 		zap.String("key", key),
 		zap.Int("current_channel_count", len(a.sessionChannels)))

-	// Create channel if not exists
-	if _, exists := a.sessionChannels[key]; !exists {
-		a.sessionChannels[key] = make(chan *entities.MessageDTO, 100)
-		logger.Info("Created new session channel",
+	// Close existing channel if party is re-subscribing (e.g., after reconnect)
+	if oldCh, exists := a.sessionChannels[key]; exists {
+		close(oldCh)
+		logger.Info("closed existing session channel for re-subscription",
 			zap.String("key", key))
 	}

+	// Create new channel
+	a.sessionChannels[key] = make(chan *entities.MessageDTO, 100)
 	ch := a.sessionChannels[key]
+	logger.Info("Created new session channel",
+		zap.String("key", key))

 	// Return a read-only channel
 	out := make(chan *entities.MessageDTO, 100)
--- a/backend/mpc-system/services/message-router/domain/session_event_broadcaster.go
+++ b/backend/mpc-system/services/message-router/domain/session_event_broadcaster.go
@ -2,8 +2,11 @@ package domain

 import (
 	"sync"
+	"time"

 	pb "github.com/rwadurian/mpc-system/api/grpc/router/v1"
+	"github.com/rwadurian/mpc-system/pkg/logger"
+	"go.uber.org/zap"
 )

 // SessionEventBroadcaster manages session event subscriptions and broadcasting
@ -20,25 +23,51 @@ func NewSessionEventBroadcaster() *SessionEventBroadcaster {
 }

 // Subscribe subscribes a party to session events
-func (b *SessionEventBroadcaster) Subscribe(partyID string) <-chan *pb.SessionEvent {
+// Returns the channel for receiving events and a unique subscription ID
+// The subscription ID is used to safely unsubscribe without affecting newer subscriptions
+func (b *SessionEventBroadcaster) Subscribe(partyID string) (<-chan *pb.SessionEvent, int64) {
 	b.mu.Lock()
 	defer b.mu.Unlock()

+	// Close existing channel if party is re-subscribing (e.g., after reconnect)
+	// This will cause the old gRPC stream to exit cleanly
+	if oldCh, exists := b.subscribers[partyID]; exists {
+		close(oldCh)
+		logger.Debug("Closed old subscription channel for re-subscribing party",
+			zap.String("party_id", partyID))
+	}
+
 	// Create buffered channel for this subscriber
 	ch := make(chan *pb.SessionEvent, 100)
 	b.subscribers[partyID] = ch

-	return ch
+	// Generate a unique subscription ID (using current time in nanoseconds)
+	subscriptionID := time.Now().UnixNano()
+
+	return ch, subscriptionID
 }

-// Unsubscribe removes a party's subscription
-func (b *SessionEventBroadcaster) Unsubscribe(partyID string) {
+// Unsubscribe removes a party's subscription only if the channel matches
+// This prevents a race condition where a newer subscription is accidentally removed
+// when an old gRPC stream exits after the party has already re-subscribed
+func (b *SessionEventBroadcaster) Unsubscribe(partyID string, ch <-chan *pb.SessionEvent) {
 	b.mu.Lock()
 	defer b.mu.Unlock()

-	if ch, exists := b.subscribers[partyID]; exists {
-		close(ch)
-		delete(b.subscribers, partyID)
+	if currentCh, exists := b.subscribers[partyID]; exists {
+		// Only delete if the channel matches (i.e., this is still our subscription)
+		// If the channel doesn't match, a newer subscription has been created
+		// and we should not delete it
+		if currentCh == ch {
+			// Don't close the channel here - it was already closed by Subscribe
+			// when the new subscription was created, or we're the last one
+			delete(b.subscribers, partyID)
+			logger.Debug("Unsubscribed party from session events",
+				zap.String("party_id", partyID))
+		} else {
+			logger.Debug("Skipping unsubscribe - channel mismatch (newer subscription exists)",
+				zap.String("party_id", partyID))
+		}
 	}
 }

@ -62,16 +91,34 @@ func (b *SessionEventBroadcaster) BroadcastToParties(event *pb.SessionEvent, par
 	b.mu.RLock()
 	defer b.mu.RUnlock()

+	sentCount := 0
+	missedParties := []string{}
+
 	for _, partyID := range partyIDs {
 		if ch, exists := b.subscribers[partyID]; exists {
 			// Non-blocking send
 			select {
 			case ch <- event:
+				sentCount++
 			default:
 				// Channel full, skip this subscriber
+				missedParties = append(missedParties, partyID+" (channel full)")
 			}
+		} else {
+			// Party not subscribed - this is a problem for session_started events!
+			missedParties = append(missedParties, partyID+" (not subscribed)")
 		}
 	}
+
+	// Log if any parties were missed (helps debug event delivery issues)
+	if len(missedParties) > 0 {
+		logger.Warn("Some parties missed session event broadcast",
+			zap.String("event_type", event.EventType),
+			zap.String("session_id", event.SessionId),
+			zap.Int("sent_count", sentCount),
+			zap.Int("missed_count", len(missedParties)),
+			zap.Strings("missed_parties", missedParties))
+	}
 }

 // SubscriberCount returns the number of active subscribers
--- a/backend/mpc-system/services/server-party-co-managed/Dockerfile
+++ b/backend/mpc-system/services/server-party-co-managed/Dockerfile
@ -0,0 +1,38 @@
+# Build stage
+FROM golang:1.24-alpine AS builder
+
+RUN apk add --no-cache git ca-certificates
+
+# Set Go proxy (can be overridden with --build-arg GOPROXY=...)
+ARG GOPROXY=https://proxy.golang.org,direct
+ENV GOPROXY=${GOPROXY}
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+RUN go mod download
+
+COPY . .
+
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
+    -ldflags="-w -s" \
+    -o /bin/server-party-co-managed \
+    ./services/server-party-co-managed/cmd/server
+
+# Final stage
+FROM alpine:3.18
+
+RUN apk --no-cache add ca-certificates curl
+RUN adduser -D -s /bin/sh mpc
+
+COPY --from=builder /bin/server-party-co-managed /bin/server-party-co-managed
+
+USER mpc
+
+EXPOSE 8080
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD curl -sf http://localhost:8080/health || exit 1
+
+ENTRYPOINT ["/bin/server-party-co-managed"]
--- a/backend/mpc-system/services/server-party-co-managed/cmd/server/main.go
+++ b/backend/mpc-system/services/server-party-co-managed/cmd/server/main.go
@ -0,0 +1,464 @@
+package main
+
+import (
+	"context"
+	"database/sql"
+	"encoding/hex"
+	"flag"
+	"fmt"
+	"net/http"
+	"os"
+	"os/signal"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	_ "github.com/lib/pq"
+
+	router "github.com/rwadurian/mpc-system/api/grpc/router/v1"
+	"github.com/rwadurian/mpc-system/pkg/config"
+	"github.com/rwadurian/mpc-system/pkg/crypto"
+	"github.com/rwadurian/mpc-system/pkg/logger"
+	grpcclient "github.com/rwadurian/mpc-system/services/server-party/adapters/output/grpc"
+	"github.com/rwadurian/mpc-system/services/server-party/adapters/output/postgres"
+	"github.com/rwadurian/mpc-system/services/server-party/application/use_cases"
+	"go.uber.org/zap"
+)
+
+// PendingSession stores session info between session_created and session_started events
+type PendingSession struct {
+	SessionID       uuid.UUID
+	JoinToken       string
+	MessageHash     []byte
+	ThresholdN      int
+	ThresholdT      int
+	SelectedParties []string
+	CreatedAt       time.Time
+}
+
+// PendingSessionCache stores pending sessions waiting for session_started
+type PendingSessionCache struct {
+	mu       sync.RWMutex
+	sessions map[string]*PendingSession // sessionID -> PendingSession
+}
+
+// Global pending session cache
+var pendingSessionCache = &PendingSessionCache{
+	sessions: make(map[string]*PendingSession),
+}
+
+// Store stores a pending session
+func (c *PendingSessionCache) Store(sessionID string, session *PendingSession) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	c.sessions[sessionID] = session
+	logger.Info("Pending session stored",
+		zap.String("session_id", sessionID))
+}
+
+// Get retrieves and deletes a pending session
+func (c *PendingSessionCache) Get(sessionID string) (*PendingSession, bool) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	session, exists := c.sessions[sessionID]
+	if exists {
+		delete(c.sessions, sessionID)
+		logger.Info("Pending session retrieved and deleted",
+			zap.String("session_id", sessionID))
+	}
+	return session, exists
+}
+
+// Delete removes a pending session without returning it
+func (c *PendingSessionCache) Delete(sessionID string) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	delete(c.sessions, sessionID)
+}
+
+func main() {
+	// Parse flags
+	configPath := flag.String("config", "", "Path to config file")
+	flag.Parse()
+
+	// Load configuration
+	cfg, err := config.Load(*configPath)
+	if err != nil {
+		fmt.Printf("Failed to load config: %v\n", err)
+		os.Exit(1)
+	}
+
+	// Initialize logger
+	if err := logger.Init(&logger.Config{
+		Level:    cfg.Logger.Level,
+		Encoding: cfg.Logger.Encoding,
+	}); err != nil {
+		fmt.Printf("Failed to initialize logger: %v\n", err)
+		os.Exit(1)
+	}
+	defer logger.Sync()
+
+	logger.Info("Starting Server Party Co-Managed Service",
+		zap.String("environment", cfg.Server.Environment),
+		zap.Int("http_port", cfg.Server.HTTPPort))
+
+	// Initialize database connection
+	db, err := initDatabase(cfg.Database)
+	if err != nil {
+		logger.Fatal("Failed to connect to database", zap.Error(err))
+	}
+	defer db.Close()
+
+	// Initialize crypto service with master key from environment
+	masterKeyHex := os.Getenv("MPC_CRYPTO_MASTER_KEY")
+	if masterKeyHex == "" {
+		masterKeyHex = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" // 64 hex chars = 32 bytes
+	}
+	masterKey, err := hex.DecodeString(masterKeyHex)
+	if err != nil {
+		logger.Fatal("Invalid master key format", zap.Error(err))
+	}
+	cryptoService, err := crypto.NewCryptoService(masterKey)
+	if err != nil {
+		logger.Fatal("Failed to create crypto service", zap.Error(err))
+	}
+
+	// Get Message Router address from environment
+	routerAddr := os.Getenv("MESSAGE_ROUTER_ADDR")
+	if routerAddr == "" {
+		routerAddr = "localhost:9092"
+	}
+
+	// Initialize Message Router client
+	messageRouter, err := grpcclient.NewMessageRouterClient(routerAddr)
+	if err != nil {
+		logger.Fatal("Failed to connect to message router", zap.Error(err))
+	}
+	defer messageRouter.Close()
+
+	// Initialize repositories
+	keyShareRepo := postgres.NewKeySharePostgresRepo(db)
+
+	// Initialize use cases
+	participateKeygenUC := use_cases.NewParticipateKeygenUseCase(
+		keyShareRepo,
+		messageRouter,
+		messageRouter,
+		cryptoService,
+	)
+
+	// Create shutdown context
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	// Get party ID from environment
+	partyID := os.Getenv("PARTY_ID")
+	if partyID == "" {
+		partyID, _ = os.Hostname()
+		if partyID == "" {
+			partyID = "co-managed-party-" + uuid.New().String()[:8]
+		}
+	}
+
+	// Party role is co_managed_persistent - different from normal persistent
+	// This ensures co_managed_keygen sessions only select these parties
+	partyRole := "co_managed_persistent"
+
+	// Register this party with Message Router
+	logger.Info("Registering co-managed party with Message Router",
+		zap.String("party_id", partyID),
+		zap.String("role", partyRole))
+
+	if err := messageRouter.RegisterPartyWithNotification(ctx, partyID, partyRole, "1.0.0", nil); err != nil {
+		logger.Fatal("Failed to register party", zap.Error(err))
+	}
+
+	// Start heartbeat
+	heartbeatCancel := messageRouter.StartHeartbeat(ctx, partyID, 30*time.Second, func(pendingCount int32) {
+		if pendingCount > 0 {
+			logger.Info("Pending messages detected via heartbeat",
+				zap.String("party_id", partyID),
+				zap.Int32("pending_count", pendingCount))
+		}
+	})
+	defer heartbeatCancel()
+	logger.Info("Heartbeat started", zap.String("party_id", partyID), zap.Duration("interval", 30*time.Second))
+
+	// Subscribe to session events with two-phase handling for co_managed_keygen
+	logger.Info("Subscribing to session events (co_managed_keygen only)", zap.String("party_id", partyID))
+
+	eventHandler := createCoManagedSessionEventHandler(
+		ctx,
+		partyID,
+		messageRouter,
+		participateKeygenUC,
+	)
+
+	if err := messageRouter.SubscribeSessionEvents(ctx, partyID, eventHandler); err != nil {
+		logger.Fatal("Failed to subscribe to session events", zap.Error(err))
+	}
+
+	logger.Info("Co-managed party initialized successfully",
+		zap.String("party_id", partyID),
+		zap.String("role", partyRole))
+
+	// Start HTTP server
+	errChan := make(chan error, 1)
+	go func() {
+		if err := startHTTPServer(cfg); err != nil {
+			errChan <- fmt.Errorf("HTTP server error: %w", err)
+		}
+	}()
+
+	// Wait for shutdown signal
+	sigChan := make(chan os.Signal, 1)
+	signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
+
+	select {
+	case sig := <-sigChan:
+		logger.Info("Received shutdown signal", zap.String("signal", sig.String()))
+	case err := <-errChan:
+		logger.Error("Server error", zap.Error(err))
+	}
+
+	// Graceful shutdown
+	logger.Info("Shutting down...")
+	cancel()
+
+	time.Sleep(5 * time.Second)
+	logger.Info("Shutdown complete")
+}
+
+func initDatabase(cfg config.DatabaseConfig) (*sql.DB, error) {
+	const maxRetries = 10
+	const retryDelay = 2 * time.Second
+
+	var db *sql.DB
+	var err error
+
+	for i := 0; i < maxRetries; i++ {
+		db, err = sql.Open("postgres", cfg.DSN())
+		if err != nil {
+			logger.Warn("Failed to open database connection, retrying...",
+				zap.Int("attempt", i+1),
+				zap.Int("max_retries", maxRetries),
+				zap.Error(err))
+			time.Sleep(retryDelay * time.Duration(i+1))
+			continue
+		}
+
+		db.SetMaxOpenConns(cfg.MaxOpenConns)
+		db.SetMaxIdleConns(cfg.MaxIdleConns)
+		db.SetConnMaxLifetime(cfg.ConnMaxLife)
+
+		if err = db.Ping(); err != nil {
+			logger.Warn("Failed to ping database, retrying...",
+				zap.Int("attempt", i+1),
+				zap.Int("max_retries", maxRetries),
+				zap.Error(err))
+			db.Close()
+			time.Sleep(retryDelay * time.Duration(i+1))
+			continue
+		}
+
+		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		var result int
+		err = db.QueryRowContext(ctx, "SELECT 1").Scan(&result)
+		cancel()
+		if err != nil {
+			logger.Warn("Database ping succeeded but query failed, retrying...",
+				zap.Int("attempt", i+1),
+				zap.Int("max_retries", maxRetries),
+				zap.Error(err))
+			db.Close()
+			time.Sleep(retryDelay * time.Duration(i+1))
+			continue
+		}
+
+		logger.Info("Connected to PostgreSQL and verified connectivity",
+			zap.Int("attempt", i+1))
+		return db, nil
+	}
+
+	return nil, fmt.Errorf("failed to connect to database after %d retries: %w", maxRetries, err)
+}
+
+func startHTTPServer(cfg *config.Config) error {
+	if cfg.Server.Environment == "production" {
+		gin.SetMode(gin.ReleaseMode)
+	}
+
+	r := gin.New()
+	r.Use(gin.Recovery())
+	r.Use(gin.Logger())
+
+	// Health check
+	r.GET("/health", func(c *gin.Context) {
+		c.JSON(http.StatusOK, gin.H{
+			"status":  "healthy",
+			"service": "server-party-co-managed",
+		})
+	})
+
+	logger.Info("Starting HTTP server", zap.Int("port", cfg.Server.HTTPPort))
+	return r.Run(fmt.Sprintf(":%d", cfg.Server.HTTPPort))
+}
+
+// createCoManagedSessionEventHandler creates a handler specifically for co_managed_keygen sessions
+// Two-phase event handling:
+// Phase 1 (session_created): JoinSession immediately + store session info
+// Phase 2 (session_started): Execute TSS protocol (same timing as user clients receiving all_joined)
+func createCoManagedSessionEventHandler(
+	ctx context.Context,
+	partyID string,
+	messageRouter *grpcclient.MessageRouterClient,
+	participateKeygenUC *use_cases.ParticipateKeygenUseCase,
+) func(*router.SessionEvent) {
+	return func(event *router.SessionEvent) {
+		// Check if this party is selected for the session
+		isSelected := false
+		for _, selectedParty := range event.SelectedParties {
+			if selectedParty == partyID {
+				isSelected = true
+				break
+			}
+		}
+
+		if !isSelected {
+			logger.Debug("Party not selected for this session",
+				zap.String("session_id", event.SessionId),
+				zap.String("party_id", partyID))
+			return
+		}
+
+		logger.Info("Received session event",
+			zap.String("session_id", event.SessionId),
+			zap.String("party_id", partyID),
+			zap.String("event_type", event.EventType))
+
+		// Parse session ID
+		sessionID, err := uuid.Parse(event.SessionId)
+		if err != nil {
+			logger.Error("Invalid session ID", zap.Error(err))
+			return
+		}
+
+		// Handle different event types
+		switch event.EventType {
+		case "session_created":
+			// Only handle keygen sessions (no message_hash)
+			if len(event.MessageHash) > 0 {
+				logger.Debug("Ignoring sign session (co-managed only handles keygen)",
+					zap.String("session_id", event.SessionId))
+				return
+			}
+
+			// Phase 1: Get join token
+			joinToken, exists := event.JoinTokens[partyID]
+			if !exists {
+				logger.Error("No join token found for party in session_created",
+					zap.String("session_id", event.SessionId),
+					zap.String("party_id", partyID))
+				return
+			}
+
+			// Immediately call JoinSession (this is required to trigger session_started)
+			joinCtx, joinCancel := context.WithTimeout(ctx, 30*time.Second)
+			_, err := messageRouter.JoinSession(joinCtx, sessionID, partyID, joinToken)
+			joinCancel()
+			if err != nil {
+				logger.Error("Failed to join session",
+					zap.String("session_id", event.SessionId),
+					zap.String("party_id", partyID),
+					zap.Error(err))
+				return
+			}
+
+			logger.Info("Successfully joined session, waiting for session_started",
+				zap.String("session_id", event.SessionId),
+				zap.String("party_id", partyID))
+
+			// Store pending session for later use when session_started arrives
+			pendingSessionCache.Store(event.SessionId, &PendingSession{
+				SessionID:       sessionID,
+				JoinToken:       joinToken,
+				MessageHash:     event.MessageHash,
+				ThresholdN:      int(event.ThresholdN),
+				ThresholdT:      int(event.ThresholdT),
+				SelectedParties: event.SelectedParties,
+				CreatedAt:       time.Now(),
+			})
+
+		case "session_started":
+			// Phase 2: All participants have joined, now execute TSS protocol
+			pendingSession, exists := pendingSessionCache.Get(event.SessionId)
+			if !exists {
+				logger.Warn("No pending session found for session_started event",
+					zap.String("session_id", event.SessionId),
+					zap.String("party_id", partyID))
+				return
+			}
+
+			logger.Info("Session started event received, beginning TSS keygen protocol",
+				zap.String("session_id", event.SessionId),
+				zap.String("party_id", partyID))
+
+			// Execute TSS keygen protocol in goroutine
+			// Timeout starts NOW (when session_started is received), not at session_created
+			go func() {
+				// 10 minute timeout for TSS protocol execution
+				participateCtx, cancel := context.WithTimeout(ctx, 10*time.Minute)
+				defer cancel()
+
+				logger.Info("Auto-participating in co_managed_keygen session",
+					zap.String("session_id", event.SessionId),
+					zap.String("party_id", partyID))
+
+				// Build SessionInfo from session_started event (NOT from pendingSession cache)
+				// session_started event contains ALL participants who have joined,
+				// including external parties that joined dynamically after session_created
+				// Note: We already called JoinSession in session_created phase,
+				// so we use ExecuteWithSessionInfo to skip the duplicate JoinSession call
+				participants := make([]use_cases.ParticipantInfo, len(event.SelectedParties))
+				for i, p := range event.SelectedParties {
+					participants[i] = use_cases.ParticipantInfo{
+						PartyID:    p,
+						PartyIndex: i,
+					}
+				}
+
+				sessionInfo := &use_cases.SessionInfo{
+					SessionID:    pendingSession.SessionID,
+					SessionType:  "co_managed_keygen",
+					ThresholdN:   int(event.ThresholdN),
+					ThresholdT:   int(event.ThresholdT),
+					MessageHash:  pendingSession.MessageHash,
+					Participants: participants,
+				}
+
+				result, err := participateKeygenUC.ExecuteWithSessionInfo(
+					participateCtx,
+					pendingSession.SessionID,
+					partyID,
+					sessionInfo,
+				)
+				if err != nil {
+					logger.Error("Co-managed keygen participation failed",
+						zap.Error(err),
+						zap.String("session_id", event.SessionId))
+				} else {
+					logger.Info("Co-managed keygen participation completed",
+						zap.String("session_id", event.SessionId),
+						zap.String("public_key", hex.EncodeToString(result.PublicKey)))
+				}
+			}()
+
+		default:
+			logger.Debug("Ignoring unhandled event type",
+				zap.String("session_id", event.SessionId),
+				zap.String("event_type", event.EventType))
+		}
+	}
+}
--- a/backend/mpc-system/services/server-party/adapters/output/grpc/message_router_client.go
+++ b/backend/mpc-system/services/server-party/adapters/output/grpc/message_router_client.go
@ -385,7 +385,7 @@ func (c *MessageRouterClient) UpdateNotificationChannels(
 	return c.RegisterPartyWithNotification(ctx, partyID, partyRole, version, notification)
 }

-// SubscribeSessionEvents subscribes to session lifecycle events
+// SubscribeSessionEvents subscribes to session lifecycle events with auto-reconnect
 func (c *MessageRouterClient) SubscribeSessionEvents(
 	ctx context.Context,
 	partyID string,
@ -396,7 +396,7 @@ func (c *MessageRouterClient) SubscribeSessionEvents(
 		EventTypes: []string{}, // Subscribe to all event types
 	}

-	// Create a streaming connection
+	// Create initial streaming connection
 	stream, err := c.createSessionEventStream(ctx, req)
 	if err != nil {
 		logger.Error("Failed to subscribe to session events",
@ -408,8 +408,12 @@ func (c *MessageRouterClient) SubscribeSessionEvents(
 	logger.Info("Subscribed to session events",
 		zap.String("party_id", partyID))

-	// Start goroutine to receive events
+	// Start goroutine to receive events with auto-reconnect
 	go func() {
+		currentStream := stream
+		reconnectBackoff := time.Second // Start with 1 second backoff
+		maxBackoff := 30 * time.Second
+
 		for {
 			select {
 			case <-ctx.Done():
@ -418,27 +422,60 @@ func (c *MessageRouterClient) SubscribeSessionEvents(
 				return
 			default:
 				event := &router.SessionEvent{}
-				err := stream.RecvMsg(event)
+				err := currentStream.RecvMsg(event)
 				if err == io.EOF {
-					logger.Info("Session event stream ended",
+					logger.Warn("Session event stream ended, reconnecting...",
 						zap.String("party_id", partyID))
-					return
-				}
-				if err != nil {
-					logger.Error("Error receiving session event",
+				} else if err != nil {
+					logger.Warn("Error receiving session event, reconnecting...",
 						zap.Error(err),
 						zap.String("party_id", partyID))
-					return
+				} else {
+					// Successfully received event, reset backoff
+					reconnectBackoff = time.Second
+
+					logger.Info("Received session event",
+						zap.String("event_type", event.EventType),
+						zap.String("session_id", event.SessionId),
+						zap.String("party_id", partyID))
+
+					// Call event handler
+					if eventHandler != nil {
+						eventHandler(event)
+					}
+					continue
 				}

-				logger.Info("Received session event",
-					zap.String("event_type", event.EventType),
-					zap.String("session_id", event.SessionId),
-					zap.String("party_id", partyID))
+				// Reconnect with exponential backoff
+				for {
+					select {
+					case <-ctx.Done():
+						return
+					case <-time.After(reconnectBackoff):
+						logger.Info("Attempting to reconnect session event stream",
+							zap.String("party_id", partyID),
+							zap.Duration("backoff", reconnectBackoff))

-				// Call event handler
-				if eventHandler != nil {
-					eventHandler(event)
+						newStream, err := c.createSessionEventStream(ctx, req)
+						if err != nil {
+							logger.Error("Failed to reconnect session event stream",
+								zap.Error(err),
+								zap.String("party_id", partyID))
+							// Increase backoff for next attempt
+							reconnectBackoff = reconnectBackoff * 2
+							if reconnectBackoff > maxBackoff {
+								reconnectBackoff = maxBackoff
+							}
+							continue
+						}
+
+						logger.Info("Successfully reconnected to session events",
+							zap.String("party_id", partyID))
+						currentStream = newStream
+						reconnectBackoff = time.Second // Reset backoff on success
+						break
+					}
+					break
 				}
 			}
 		}
@ -814,3 +851,45 @@ func (c *MessageRouterClient) SubmitDelegateShare(
 		return nil
 	})
 }
+
+// GetSessionStatusFull gets the full session status including participants via Message Router
+// This is used for co_managed_keygen sessions to wait for all parties to join
+// Includes automatic retry with exponential backoff for transient failures
+func (c *MessageRouterClient) GetSessionStatusFull(
+	ctx context.Context,
+	sessionID uuid.UUID,
+) (*use_cases.SessionStatusInfo, error) {
+	req := &router.GetSessionStatusRequest{
+		SessionId: sessionID.String(),
+	}
+
+	return retry.Do(ctx, c.retryCfg, "GetSessionStatusFull", func() (*use_cases.SessionStatusInfo, error) {
+		resp := &router.GetSessionStatusResponse{}
+		err := c.getConn().Invoke(ctx, "/mpc.router.v1.MessageRouter/GetSessionStatus", req, resp)
+		if err != nil {
+			return nil, err
+		}
+
+		// Convert participants from response
+		participants := make([]use_cases.ParticipantInfo, len(resp.Participants))
+		for i, p := range resp.Participants {
+			participants[i] = use_cases.ParticipantInfo{
+				PartyID:    p.PartyId,
+				PartyIndex: int(p.PartyIndex),
+			}
+		}
+
+		logger.Debug("GetSessionStatusFull response",
+			zap.String("session_id", sessionID.String()),
+			zap.String("status", resp.Status),
+			zap.Int32("threshold_n", resp.ThresholdN),
+			zap.Int("participants_count", len(participants)))
+
+		return &use_cases.SessionStatusInfo{
+			Status:       resp.Status,
+			ThresholdN:   int(resp.ThresholdN),
+			ThresholdT:   int(resp.ThresholdT),
+			Participants: participants,
+		}, nil
+	})
+}
--- a/backend/mpc-system/services/server-party/application/use_cases/participate_keygen.go
+++ b/backend/mpc-system/services/server-party/application/use_cases/participate_keygen.go
@ -41,12 +41,22 @@ type ParticipateKeygenOutput struct {
 type SessionCoordinatorClient interface {
 	JoinSession(ctx context.Context, sessionID uuid.UUID, partyID, joinToken string) (*SessionInfo, error)
 	ReportCompletion(ctx context.Context, sessionID uuid.UUID, partyID string, publicKey []byte) error
+	GetSessionStatusFull(ctx context.Context, sessionID uuid.UUID) (*SessionStatusInfo, error)
+}
+
+// SessionStatusInfo contains full session status information
+type SessionStatusInfo struct {
+	Status       string
+	ThresholdN   int
+	ThresholdT   int
+	Participants []ParticipantInfo
 }

 // MessageRouterClient defines the interface for message router communication
 type MessageRouterClient interface {
 	RouteMessage(ctx context.Context, sessionID uuid.UUID, fromParty string, toParties []string, roundNumber int, payload []byte) error
 	SubscribeMessages(ctx context.Context, sessionID uuid.UUID, partyID string) (<-chan *MPCMessage, error)
+	Heartbeat(ctx context.Context, partyID string) (int32, error)
 }

 // SessionInfo contains session information from coordinator
@ -110,16 +120,61 @@ func (uc *ParticipateKeygenUseCase) Execute(
 		return nil, err
 	}

-	if sessionInfo.SessionType != "keygen" {
+	// Accept both "keygen" and "co_managed_keygen" session types
+	if sessionInfo.SessionType != "keygen" && sessionInfo.SessionType != "co_managed_keygen" {
 		return nil, ErrInvalidSession
 	}

-	// 2. Find self in participants and build party index map
+	// For co_managed_keygen: wait for all N participants to join before proceeding
+	// This is necessary because server parties join immediately but external party joins later
+	if sessionInfo.SessionType == "co_managed_keygen" {
+		sessionInfo, err = uc.waitForAllParticipants(ctx, input.SessionID, sessionInfo, input.PartyID)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	// Delegate to the common execution logic
+	return uc.executeWithSessionInfo(ctx, input.SessionID, input.PartyID, sessionInfo)
+}
+
+// ExecuteWithSessionInfo participates in a keygen session with pre-obtained SessionInfo
+// This is used by server-party-co-managed which has already called JoinSession in session_created phase
+// and receives session_started event when all participants have joined
+func (uc *ParticipateKeygenUseCase) ExecuteWithSessionInfo(
+	ctx context.Context,
+	sessionID uuid.UUID,
+	partyID string,
+	sessionInfo *SessionInfo,
+) (*ParticipateKeygenOutput, error) {
+	// Validate session type
+	if sessionInfo.SessionType != "keygen" && sessionInfo.SessionType != "co_managed_keygen" {
+		return nil, ErrInvalidSession
+	}
+
+	logger.Info("ExecuteWithSessionInfo: starting keygen with pre-obtained session info",
+		zap.String("session_id", sessionID.String()),
+		zap.String("party_id", partyID),
+		zap.String("session_type", sessionInfo.SessionType),
+		zap.Int("participants", len(sessionInfo.Participants)))
+
+	// Delegate to the common execution logic
+	return uc.executeWithSessionInfo(ctx, sessionID, partyID, sessionInfo)
+}
+
+// executeWithSessionInfo is the common execution logic shared by Execute and ExecuteWithSessionInfo
+func (uc *ParticipateKeygenUseCase) executeWithSessionInfo(
+	ctx context.Context,
+	sessionID uuid.UUID,
+	partyID string,
+	sessionInfo *SessionInfo,
+) (*ParticipateKeygenOutput, error) {
+	// 1. Find self in participants and build party index map
 	var selfIndex int
 	partyIndexMap := make(map[string]int)
 	for _, p := range sessionInfo.Participants {
 		partyIndexMap[p.PartyID] = p.PartyIndex
-		if p.PartyID == input.PartyID {
+		if p.PartyID == partyID {
 			selfIndex = p.PartyIndex
 		}
 		logger.Debug("Added participant to index map",
@ -127,13 +182,13 @@ func (uc *ParticipateKeygenUseCase) Execute(
 			zap.Int("party_index", p.PartyIndex))
 	}
 	logger.Info("Built party index map",
-		zap.String("session_id", input.SessionID.String()),
-		zap.String("self_party_id", input.PartyID),
+		zap.String("session_id", sessionID.String()),
+		zap.String("self_party_id", partyID),
 		zap.Int("self_index", selfIndex),
 		zap.Int("total_participants", len(sessionInfo.Participants)))

 	// 3. Subscribe to messages
-	msgChan, err := uc.messageRouter.SubscribeMessages(ctx, input.SessionID, input.PartyID)
+	msgChan, err := uc.messageRouter.SubscribeMessages(ctx, sessionID, partyID)
 	if err != nil {
 		return nil, err
 	}
@ -141,8 +196,8 @@ func (uc *ParticipateKeygenUseCase) Execute(
 	// 4. Run TSS Keygen protocol
 	saveData, publicKey, err := uc.runKeygenProtocol(
 		ctx,
-		input.SessionID,
-		input.PartyID,
+		sessionID,
+		partyID,
 		selfIndex,
 		sessionInfo.Participants,
 		sessionInfo.ThresholdN,
@ -155,15 +210,15 @@ func (uc *ParticipateKeygenUseCase) Execute(
 	}

 	// 5. Encrypt the share
-	encryptedShare, err := uc.cryptoService.EncryptShare(saveData, input.PartyID)
+	encryptedShare, err := uc.cryptoService.EncryptShare(saveData, partyID)
 	if err != nil {
 		return nil, err
 	}

 	keyShare := entities.NewPartyKeyShare(
-		input.PartyID,
+		partyID,
 		selfIndex,
-		input.SessionID,
+		sessionID,
 		sessionInfo.ThresholdN,
 		sessionInfo.ThresholdT,
 		encryptedShare,
@ -181,21 +236,21 @@ func (uc *ParticipateKeygenUseCase) Execute(
 			return nil, ErrShareSaveFailed
 		}
 		logger.Info("Share saved to database (persistent party)",
-			zap.String("party_id", input.PartyID),
-			zap.String("session_id", input.SessionID.String()))
+			zap.String("party_id", partyID),
+			zap.String("session_id", sessionID.String()))

 	case "delegate":
 		// Delegate Party: do NOT save to database, return to user
 		shareForUser = encryptedShare
 		logger.Info("Share NOT saved, will be returned to user (delegate party)",
-			zap.String("party_id", input.PartyID),
-			zap.String("session_id", input.SessionID.String()),
+			zap.String("party_id", partyID),
+			zap.String("session_id", sessionID.String()),
 			zap.Int("share_size", len(shareForUser)))

 	case "temporary":
 		// Temporary Party: optionally save to temp storage (not implemented yet)
 		logger.Info("Temporary party - share not saved",
-			zap.String("party_id", input.PartyID))
+			zap.String("party_id", partyID))

 	default:
 		// Default to persistent for safety
@ -203,12 +258,12 @@ func (uc *ParticipateKeygenUseCase) Execute(
 			return nil, ErrShareSaveFailed
 		}
 		logger.Warn("Unknown party role, defaulting to persistent",
-			zap.String("party_id", input.PartyID),
+			zap.String("party_id", partyID),
 			zap.String("role", partyRole))
 	}

 	// 7. Report completion to coordinator
-	if err := uc.sessionClient.ReportCompletion(ctx, input.SessionID, input.PartyID, publicKey); err != nil {
+	if err := uc.sessionClient.ReportCompletion(ctx, sessionID, partyID, publicKey); err != nil {
 		logger.Error("failed to report completion", zap.Error(err))
 		// Don't fail - share is handled
 	}
@ -368,3 +423,89 @@ func (uc *ParticipateKeygenUseCase) getPartyRole() string {
 	}
 	return role
 }
+
+// waitForAllParticipants waits for all N participants to join the session
+// This is only used for co_managed_keygen sessions where server parties join first
+// and need to wait for the external party to join via invite code
+func (uc *ParticipateKeygenUseCase) waitForAllParticipants(
+	ctx context.Context,
+	sessionID uuid.UUID,
+	initialSessionInfo *SessionInfo,
+	partyID string,
+) (*SessionInfo, error) {
+	logger.Info("Waiting for all participants to join co_managed_keygen session",
+		zap.String("session_id", sessionID.String()),
+		zap.Int("expected_n", initialSessionInfo.ThresholdN),
+		zap.Int("current_participants", len(initialSessionInfo.Participants)))
+
+	// If already have all participants, return immediately
+	if len(initialSessionInfo.Participants) >= initialSessionInfo.ThresholdN {
+		logger.Info("All participants already joined",
+			zap.String("session_id", sessionID.String()))
+		return initialSessionInfo, nil
+	}
+
+	// Poll for session status until all participants join or timeout
+	pollInterval := 2 * time.Second
+	maxWaitTime := 5 * time.Minute
+	deadline := time.Now().Add(maxWaitTime)
+
+	for time.Now().Before(deadline) {
+		select {
+		case <-ctx.Done():
+			return nil, ctx.Err()
+		case <-time.After(pollInterval):
+			// Send heartbeat to keep the party alive during wait
+			// This prevents the session-coordinator from timing out this party
+			_, heartbeatErr := uc.messageRouter.Heartbeat(ctx, partyID)
+			if heartbeatErr != nil {
+				logger.Warn("Failed to send heartbeat during wait",
+					zap.String("session_id", sessionID.String()),
+					zap.String("party_id", partyID),
+					zap.Error(heartbeatErr))
+				// Continue anyway - heartbeat failure is not fatal
+			}
+
+			// Get full session status including participants
+			statusInfo, err := uc.sessionClient.GetSessionStatusFull(ctx, sessionID)
+			if err != nil {
+				logger.Warn("Failed to get session status, will retry",
+					zap.String("session_id", sessionID.String()),
+					zap.Error(err))
+				continue
+			}
+
+			logger.Debug("Polled session status",
+				zap.String("session_id", sessionID.String()),
+				zap.String("status", statusInfo.Status),
+				zap.Int("participants", len(statusInfo.Participants)),
+				zap.Int("expected_n", initialSessionInfo.ThresholdN))
+
+			// Check if session is in_progress (all parties joined and ready)
+			if statusInfo.Status == "in_progress" && len(statusInfo.Participants) >= initialSessionInfo.ThresholdN {
+				logger.Info("All participants joined, session is in_progress",
+					zap.String("session_id", sessionID.String()),
+					zap.Int("participants", len(statusInfo.Participants)))
+
+				// Update session info with full participants list
+				initialSessionInfo.Participants = statusInfo.Participants
+				return initialSessionInfo, nil
+			}
+
+			// Also accept if we have all N participants even if status hasn't changed
+			if len(statusInfo.Participants) >= initialSessionInfo.ThresholdN {
+				logger.Info("All participants joined",
+					zap.String("session_id", sessionID.String()),
+					zap.Int("participants", len(statusInfo.Participants)))
+
+				initialSessionInfo.Participants = statusInfo.Participants
+				return initialSessionInfo, nil
+			}
+		}
+	}
+
+	logger.Error("Timeout waiting for all participants",
+		zap.String("session_id", sessionID.String()),
+		zap.Int("expected_n", initialSessionInfo.ThresholdN))
+	return nil, ErrKeygenTimeout
+}
--- a/backend/mpc-system/services/service-party-android/.gitignore
+++ b/backend/mpc-system/services/service-party-android/.gitignore
@ -0,0 +1,99 @@
+# Built application files
+*.apk
+*.aar
+*.ap_
+*.aab
+
+# Files for the ART/Dalvik VM
+*.dex
+
+# Java class files
+*.class
+
+# Generated files
+bin/
+gen/
+out/
+release/
+
+# Gradle files
+.gradle/
+build/
+app/build/
+
+# Local configuration file (sdk path, etc)
+local.properties
+
+# Proguard folder generated by Eclipse
+proguard/
+
+# Log Files
+*.log
+
+# Android Studio Navigation editor temp files
+.navigation/
+
+# Android Studio captures folder
+captures/
+
+# IntelliJ
+*.iml
+.idea/
+.idea/workspace.xml
+.idea/tasks.xml
+.idea/gradle.xml
+.idea/assetWizardSettings.xml
+.idea/dictionaries
+.idea/libraries
+.idea/caches
+.idea/modules.xml
+.idea/misc.xml
+.idea/vcs.xml
+
+# Keystore files (DO NOT COMMIT production keystores)
+*.jks
+*.keystore
+
+# External native build folder generated in Android Studio 2.2 and later
+.externalNativeBuild
+.cxx/
+
+# Google Services (e.g. APIs or Firebase)
+google-services.json
+
+# Freeline
+freeline.py
+freeline/
+freeline_project_description.json
+
+# fastlane
+fastlane/report.xml
+fastlane/Preview.html
+fastlane/screenshots
+fastlane/test_output
+fastlane/readme.md
+
+# Version control
+vcs.xml
+
+# lint
+lint/intermediates/
+lint/generated/
+lint/outputs/
+lint/tmp/
+
+# Kotlin
+.kotlin/
+
+# OS-specific files
+.DS_Store
+Thumbs.db
+*.swp
+*~
+
+# Signing configs - don't commit
+signing.properties
+keystore.properties
+
+# Auto-generated version file
+app/version.properties
--- a/backend/mpc-system/services/service-party-android/README.md
+++ b/backend/mpc-system/services/service-party-android/README.md
@ -0,0 +1,101 @@
+# TSS Party Android
+
+Android 版本的 TSS (Threshold Signature Scheme) Party 应用，用于多方共管钱包的密钥生成和签名。
+
+## 项目结构
+
+```
+service-party-android/
+├── app/                          # Android 应用模块
+│   ├── src/main/
+│   │   ├── java/com/durian/tssparty/
+│   │   │   ├── data/             # 数据层
+│   │   │   │   ├── local/        # 本地存储 (Room, TSS Bridge)
+│   │   │   │   ├── remote/       # 远程通信 (gRPC)
+│   │   │   │   └── repository/   # 数据仓库
+│   │   │   ├── domain/model/     # 领域模型
+│   │   │   ├── presentation/     # UI 层
+│   │   │   │   ├── screens/      # Compose 屏幕
+│   │   │   │   └── viewmodel/    # ViewModels
+│   │   │   ├── di/               # Hilt 依赖注入
+│   │   │   ├── ui/theme/         # Material Theme
+│   │   │   └── util/             # 工具类
+│   │   ├── proto/                # gRPC Proto 文件
+│   │   └── res/                  # Android 资源
+│   └── libs/                     # TSS 原生库 (.aar)
+├── tsslib/                       # Go TSS 库源码
+│   ├── tsslib.go                 # gomobile 绑定
+│   ├── go.mod
+│   ├── build.sh                  # Linux/macOS 构建脚本
+│   └── build.bat                 # Windows 构建脚本
+└── gradle/                       # Gradle Wrapper
+```
+
+## 技术栈
+
+- **UI**: Jetpack Compose + Material 3
+- **架构**: MVVM + Repository Pattern
+- **依赖注入**: Hilt
+- **数据库**: Room
+- **网络**: gRPC (protobuf-lite)
+- **TSS 核心**: Go + gomobile (BnB Chain tss-lib v2)
+
+## 构建步骤
+
+### 1. 构建 TSS 原生库 (可选，需要 Go 环境)
+
+```bash
+# 安装 gomobile
+go install golang.org/x/mobile/cmd/gomobile@latest
+gomobile init
+
+# 构建 Android AAR
+cd tsslib
+./build.sh  # Linux/macOS
+# 或
+build.bat   # Windows
+```
+
+这将在 `app/libs/` 生成 `tsslib.aar`。
+
+> **注意**: 当前版本使用 Kotlin stub 实现，无需编译 Go 库即可构建 APK。
+> 实际运行需要真正的 `tsslib.aar`。
+
+### 2. 构建 APK
+
+```bash
+# Debug 版本
+./gradlew assembleDebug
+
+# Release 版本 (需要签名配置)
+./gradlew assembleRelease
+```
+
+APK 输出路径: `app/build/outputs/apk/debug/app-debug.apk`
+
+## 功能
+
+1. **加入 Keygen 会话** - 扫描/输入邀请码，参与多方密钥生成
+2. **查看钱包** - 显示已创建的共管钱包列表
+3. **签名交易** - 使用密钥份额参与多方签名
+4. **设置** - 配置 Message Router 服务器地址
+
+## 配置
+
+默认服务器配置:
+- Message Router: `localhost:50051`
+- Kava RPC: `https://evm.kava.io`
+
+## 与 Electron 版本的对应关系
+
+| Electron 版本 | Android 版本 |
+|---------------|--------------|
+| `electron/main.ts` | `TssNativeBridge.kt` + `GrpcClient.kt` |
+| `electron/preload.ts` | `TssRepository.kt` |
+| `src/pages/*.tsx` | `presentation/screens/*.kt` |
+| `tss-party/` (Go 子进程) | `tsslib/` (gomobile .aar) |
+| sql.js | Room Database |
+
+## 许可证
+
+MIT
--- a/backend/mpc-system/services/service-party-android/app/build.gradle.kts
+++ b/backend/mpc-system/services/service-party-android/app/build.gradle.kts
@ -0,0 +1,200 @@
+import java.util.Properties
+
+plugins {
+    id("com.android.application")
+    id("org.jetbrains.kotlin.android")
+    id("com.google.dagger.hilt.android")
+    id("com.google.protobuf")
+    kotlin("kapt")
+}
+
+// Auto-increment version code from file
+val versionFile = file("version.properties")
+val versionProps = Properties()
+if (versionFile.exists()) {
+    versionProps.load(versionFile.inputStream())
+}
+val autoVersionCode = (versionProps.getProperty("VERSION_CODE")?.toIntOrNull() ?: 0) + 1
+val autoVersionName = "1.0.${autoVersionCode}"
+
+// Save new version code
+versionProps.setProperty("VERSION_CODE", autoVersionCode.toString())
+versionFile.outputStream().use { versionProps.store(it, "Auto-generated version properties") }
+
+android {
+    namespace = "com.durian.tssparty"
+    compileSdk = 34
+
+    defaultConfig {
+        applicationId = "com.durian.tssparty"
+        minSdk = 26
+        targetSdk = 34
+        versionCode = autoVersionCode
+        versionName = autoVersionName
+
+        testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
+
+        vectorDrawables {
+            useSupportLibrary = true
+        }
+
+        // NDK configuration for TSS native library
+        ndk {
+            abiFilters += listOf("arm64-v8a", "armeabi-v7a", "x86_64")
+        }
+    }
+
+    signingConfigs {
+        create("release") {
+            // Use debug keystore for now - replace with production keystore for real release
+            storeFile = file("${System.getProperty("user.home")}/.android/debug.keystore")
+            storePassword = "android"
+            keyAlias = "androiddebugkey"
+            keyPassword = "android"
+        }
+    }
+
+    buildTypes {
+        release {
+            isMinifyEnabled = false  // Disable minification for easier debugging
+            isShrinkResources = false
+            signingConfig = signingConfigs.getByName("release")
+            proguardFiles(
+                getDefaultProguardFile("proguard-android-optimize.txt"),
+                "proguard-rules.pro"
+            )
+        }
+        debug {
+            isMinifyEnabled = false
+        }
+    }
+
+    compileOptions {
+        sourceCompatibility = JavaVersion.VERSION_17
+        targetCompatibility = JavaVersion.VERSION_17
+    }
+
+    kotlinOptions {
+        jvmTarget = "17"
+    }
+
+    buildFeatures {
+        compose = true
+        buildConfig = true
+    }
+
+    composeOptions {
+        kotlinCompilerExtensionVersion = "1.5.6"
+    }
+
+    packaging {
+        resources {
+            excludes += "/META-INF/{AL2.0,LGPL2.1}"
+        }
+    }
+
+    sourceSets {
+        getByName("main") {
+            // Include the compiled TSS .aar library
+            jniLibs.srcDirs("libs")
+        }
+    }
+}
+
+// Protobuf configuration for gRPC
+protobuf {
+    protoc {
+        artifact = "com.google.protobuf:protoc:3.25.1"
+    }
+    plugins {
+        create("grpc") {
+            artifact = "io.grpc:protoc-gen-grpc-java:1.60.0"
+        }
+    }
+    generateProtoTasks {
+        all().forEach { task ->
+            task.builtins {
+                create("java") {
+                    option("lite")
+                }
+            }
+            task.plugins {
+                create("grpc") {
+                    option("lite")
+                }
+            }
+        }
+    }
+}
+
+dependencies {
+    // TSS Library (gomobile generated)
+    implementation(files("libs/tsslib.aar"))
+
+    // Core Android
+    implementation("androidx.core:core-ktx:1.12.0")
+    implementation("androidx.lifecycle:lifecycle-runtime-ktx:2.6.2")
+    implementation("androidx.activity:activity-compose:1.8.2")
+
+    // Compose
+    implementation(platform("androidx.compose:compose-bom:2023.10.01"))
+    implementation("androidx.compose.ui:ui")
+    implementation("androidx.compose.ui:ui-graphics")
+    implementation("androidx.compose.ui:ui-tooling-preview")
+    implementation("androidx.compose.material3:material3")
+    implementation("androidx.compose.material:material-icons-extended")
+    implementation("androidx.navigation:navigation-compose:2.7.6")
+
+    // Hilt DI
+    implementation("com.google.dagger:hilt-android:2.48.1")
+    kapt("com.google.dagger:hilt-android-compiler:2.48.1")
+    implementation("androidx.hilt:hilt-navigation-compose:1.1.0")
+
+    // Room Database
+    implementation("androidx.room:room-runtime:2.6.1")
+    implementation("androidx.room:room-ktx:2.6.1")
+    kapt("androidx.room:room-compiler:2.6.1")
+
+    // gRPC
+    implementation("io.grpc:grpc-okhttp:1.60.0")
+    implementation("io.grpc:grpc-protobuf-lite:1.60.0")
+    implementation("io.grpc:grpc-stub:1.60.0")
+    implementation("io.grpc:grpc-kotlin-stub:1.4.1")
+    implementation("com.google.protobuf:protobuf-kotlin-lite:3.25.1")
+
+    // Networking
+    implementation("com.squareup.okhttp3:okhttp:4.12.0")
+    implementation("com.squareup.okhttp3:logging-interceptor:4.12.0")
+    implementation("com.squareup.retrofit2:retrofit:2.9.0")
+    implementation("com.squareup.retrofit2:converter-gson:2.9.0")
+
+    // Coroutines
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.3")
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.3")
+
+    // JSON
+    implementation("com.google.code.gson:gson:2.10.1")
+
+    // QR Code
+    implementation("com.google.zxing:core:3.5.2")
+    implementation("com.journeyapps:zxing-android-embedded:4.3.0")
+
+    // Crypto
+    implementation("org.bouncycastle:bcprov-jdk18on:1.77")
+
+    // DataStore for preferences
+    implementation("androidx.datastore:datastore-preferences:1.0.0")
+
+    // Testing
+    testImplementation("junit:junit:4.13.2")
+    androidTestImplementation("androidx.test.ext:junit:1.1.5")
+    androidTestImplementation("androidx.test.espresso:espresso-core:3.5.1")
+    androidTestImplementation(platform("androidx.compose:compose-bom:2023.10.01"))
+    androidTestImplementation("androidx.compose.ui:ui-test-junit4")
+    debugImplementation("androidx.compose.ui:ui-tooling")
+    debugImplementation("androidx.compose.ui:ui-test-manifest")
+}
+
+kapt {
+    correctErrorTypes = true
+}
--- a/backend/mpc-system/services/service-party-android/app/libs/tsslib-sources.jar
+++ b/backend/mpc-system/services/service-party-android/app/libs/tsslib-sources.jar
--- a/backend/mpc-system/services/service-party-android/app/proguard-rules.pro
+++ b/backend/mpc-system/services/service-party-android/app/proguard-rules.pro
@ -0,0 +1,21 @@
+# Add project specific ProGuard rules here.
+
+# Keep gRPC classes
+-keep class io.grpc.** { *; }
+-keep class com.google.protobuf.** { *; }
+-keep class com.durian.tssparty.grpc.** { *; }
+
+# Keep tsslib (gomobile generated)
+-keep class tsslib.** { *; }
+
+# Keep Hilt generated classes
+-keep class dagger.hilt.** { *; }
+-keep class javax.inject.** { *; }
+
+# Keep Room entities
+-keep class com.durian.tssparty.data.local.** { *; }
+
+# Gson
+-keepattributes Signature
+-keepattributes *Annotation*
+-keep class com.durian.tssparty.domain.model.** { *; }
--- a/backend/mpc-system/services/service-party-android/app/src/main/AndroidManifest.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/AndroidManifest.xml
@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools">
+
+    <!-- Network permissions -->
+    <uses-permission android:name="android.permission.INTERNET" />
+    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
+
+    <!-- Camera permission for QR code scanning (optional) -->
+    <uses-permission android:name="android.permission.CAMERA" />
+
+    <application
+        android:name=".TssPartyApplication"
+        android:allowBackup="true"
+        android:dataExtractionRules="@xml/data_extraction_rules"
+        android:fullBackupContent="@xml/backup_rules"
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:roundIcon="@mipmap/ic_launcher_round"
+        android:supportsRtl="true"
+        android:theme="@style/Theme.TssParty"
+        android:usesCleartextTraffic="true"
+        tools:targetApi="31">
+
+        <activity
+            android:name=".MainActivity"
+            android:exported="true"
+            android:theme="@style/Theme.TssParty">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+
+        <!-- Portrait-only QR code scanner activity -->
+        <activity
+            android:name=".presentation.screens.PortraitCaptureActivity"
+            android:screenOrientation="portrait"
+            android:stateNotNeeded="true"
+            android:theme="@style/zxing_CaptureTheme"
+            android:windowSoftInputMode="stateAlwaysHidden" />
+    </application>
+
+</manifest>
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/MainActivity.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/MainActivity.kt
@ -0,0 +1,526 @@
+package com.durian.tssparty
+
+import android.content.ClipData
+import android.content.ClipboardManager
+import android.content.Context
+import android.net.Uri
+import android.os.Bundle
+import android.widget.Toast
+import androidx.activity.ComponentActivity
+import androidx.activity.compose.rememberLauncherForActivityResult
+import androidx.activity.compose.setContent
+import androidx.activity.result.contract.ActivityResultContracts
+import androidx.compose.foundation.layout.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.platform.LocalContext
+import androidx.hilt.navigation.compose.hiltViewModel
+import androidx.navigation.compose.NavHost
+import androidx.navigation.compose.composable
+import androidx.navigation.compose.currentBackStackEntryAsState
+import androidx.navigation.compose.rememberNavController
+import com.durian.tssparty.domain.model.AppReadyState
+import com.durian.tssparty.domain.model.ShareBackup
+import com.durian.tssparty.domain.model.TokenType
+import com.durian.tssparty.presentation.components.BottomNavItem
+import com.durian.tssparty.presentation.components.TssBottomNavigation
+import com.durian.tssparty.presentation.screens.*
+import com.durian.tssparty.presentation.viewmodel.MainViewModel
+import com.durian.tssparty.presentation.viewmodel.ConnectionTestResult as ViewModelConnectionTestResult
+import com.durian.tssparty.ui.theme.TssPartyTheme
+import dagger.hilt.android.AndroidEntryPoint
+import java.text.SimpleDateFormat
+import java.util.Date
+import java.util.Locale
+
+@AndroidEntryPoint
+class MainActivity : ComponentActivity() {
+    override fun onCreate(savedInstanceState: Bundle?) {
+        super.onCreate(savedInstanceState)
+        setContent {
+            TssPartyTheme {
+                Surface(
+                    modifier = Modifier.fillMaxSize(),
+                    color = MaterialTheme.colorScheme.background
+                ) {
+                    TssPartyApp(
+                        onCopyToClipboard = { text ->
+                            val clipboard = getSystemService(Context.CLIPBOARD_SERVICE) as ClipboardManager
+                            val clip = ClipData.newPlainText("邀请码", text)
+                            clipboard.setPrimaryClip(clip)
+                            Toast.makeText(this, "邀请码已复制", Toast.LENGTH_SHORT).show()
+                        }
+                    )
+                }
+            }
+        }
+    }
+}
+
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun TssPartyApp(
+    viewModel: MainViewModel = hiltViewModel(),
+    onCopyToClipboard: (String) -> Unit = {}
+) {
+    val navController = rememberNavController()
+    val appState by viewModel.appState.collectAsState()
+    val uiState by viewModel.uiState.collectAsState()
+    val shares by viewModel.shares.collectAsState()
+    val sessionStatus by viewModel.sessionStatus.collectAsState()
+    val settings by viewModel.settings.collectAsState()
+    val createdInviteCode by viewModel.createdInviteCode.collectAsState()
+    val balances by viewModel.balances.collectAsState()
+    val walletBalances by viewModel.walletBalances.collectAsState()
+    val currentSessionId by viewModel.currentSessionId.collectAsState()
+    val sessionParticipants by viewModel.sessionParticipants.collectAsState()
+    val currentRound by viewModel.currentRound.collectAsState()
+    val publicKey by viewModel.publicKey.collectAsState()
+    val hasEnteredSession by viewModel.hasEnteredSession.collectAsState()
+
+    // Transfer state
+    val preparedTx by viewModel.preparedTx.collectAsState()
+    val signSessionId by viewModel.signSessionId.collectAsState()
+    val signInviteCode by viewModel.signInviteCode.collectAsState()
+    val signParticipants by viewModel.signParticipants.collectAsState()
+    val signCurrentRound by viewModel.signCurrentRound.collectAsState()
+    val signature by viewModel.signature.collectAsState()
+    val txHash by viewModel.txHash.collectAsState()
+
+    // Join keygen state
+    val joinSessionInfo by viewModel.joinSessionInfo.collectAsState()
+    val joinKeygenParticipants by viewModel.joinKeygenParticipants.collectAsState()
+    val joinKeygenRound by viewModel.joinKeygenRound.collectAsState()
+    val joinKeygenPublicKey by viewModel.joinKeygenPublicKey.collectAsState()
+
+    // CoSign state
+    val coSignSessionInfo by viewModel.coSignSessionInfo.collectAsState()
+    val coSignParticipants by viewModel.coSignParticipants.collectAsState()
+    val coSignRound by viewModel.coSignRound.collectAsState()
+    val coSignSignature by viewModel.coSignSignature.collectAsState()
+
+    // Settings test connection results
+    val messageRouterTestResult by viewModel.messageRouterTestResult.collectAsState()
+    val accountServiceTestResult by viewModel.accountServiceTestResult.collectAsState()
+    val kavaApiTestResult by viewModel.kavaApiTestResult.collectAsState()
+
+    // Export/Import state
+    val exportResult by viewModel.exportResult.collectAsState()
+    val importResult by viewModel.importResult.collectAsState()
+
+    // Current transfer wallet
+    var transferWalletId by remember { mutableStateOf<Long?>(null) }
+
+    // Export/Import file handling
+    val context = LocalContext.current
+    var pendingExportJson by remember { mutableStateOf<String?>(null) }
+    var pendingExportAddress by remember { mutableStateOf<String?>(null) }
+
+    // File picker for saving backup
+    val createDocumentLauncher = rememberLauncherForActivityResult(
+        contract = ActivityResultContracts.CreateDocument(ShareBackup.MIME_TYPE)
+    ) { uri: Uri? ->
+        uri?.let { targetUri ->
+            pendingExportJson?.let { json ->
+                try {
+                    context.contentResolver.openOutputStream(targetUri)?.use { outputStream ->
+                        outputStream.write(json.toByteArray(Charsets.UTF_8))
+                    }
+                    Toast.makeText(context, "备份文件已保存", Toast.LENGTH_SHORT).show()
+                } catch (e: Exception) {
+                    Toast.makeText(context, "保存失败: ${e.message}", Toast.LENGTH_LONG).show()
+                }
+                pendingExportJson = null
+                pendingExportAddress = null
+            }
+        }
+    }
+
+    // File picker for importing backup
+    val openDocumentLauncher = rememberLauncherForActivityResult(
+        contract = ActivityResultContracts.OpenDocument()
+    ) { uri: Uri? ->
+        uri?.let { sourceUri ->
+            try {
+                context.contentResolver.openInputStream(sourceUri)?.use { inputStream ->
+                    val json = inputStream.bufferedReader().readText()
+                    viewModel.importShareBackup(json)
+                }
+            } catch (e: Exception) {
+                Toast.makeText(context, "读取文件失败: ${e.message}", Toast.LENGTH_LONG).show()
+            }
+        }
+    }
+
+    // Handle export result - trigger file save dialog
+    LaunchedEffect(pendingExportJson) {
+        pendingExportJson?.let { json ->
+            val timestamp = SimpleDateFormat("yyyyMMdd_HHmmss", Locale.getDefault()).format(Date())
+            val addressSuffix = pendingExportAddress?.take(8) ?: "wallet"
+            val fileName = "tss_backup_${addressSuffix}_$timestamp.${ShareBackup.FILE_EXTENSION}"
+            createDocumentLauncher.launch(fileName)
+        }
+    }
+
+    // Handle import result - show toast
+    LaunchedEffect(importResult) {
+        importResult?.let { result ->
+            when {
+                result.isSuccess -> {
+                    Toast.makeText(context, result.message ?: "导入成功", Toast.LENGTH_SHORT).show()
+                    viewModel.clearExportImportResult()
+                }
+                result.error != null -> {
+                    Toast.makeText(context, result.error, Toast.LENGTH_LONG).show()
+                    viewModel.clearExportImportResult()
+                }
+            }
+        }
+    }
+
+    // Track if startup is complete
+    var startupComplete by remember { mutableStateOf(false) }
+
+    // Handle success messages
+    LaunchedEffect(uiState.successMessage) {
+        if (uiState.successMessage != null) {
+            // Navigate back to wallets on success
+            navController.navigate(BottomNavItem.Wallets.route) {
+                popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+            }
+            // Reset all session states so next time user enters a fresh state
+            viewModel.resetSessionState()
+            viewModel.resetJoinKeygenState()
+            viewModel.resetCoSignState()
+            viewModel.resetTransferState()
+            viewModel.clearSuccess()
+            viewModel.clearCreatedInviteCode()
+        }
+    }
+
+    // Show startup check screen if not complete
+    if (!startupComplete) {
+        StartupCheckScreen(
+            appState = appState,
+            onEnterApp = { startupComplete = true },
+            onRetry = { viewModel.checkAllServices() }
+        )
+        return
+    }
+
+    // Main app with bottom navigation
+    val navBackStackEntry by navController.currentBackStackEntryAsState()
+    val currentRoute = navBackStackEntry?.destination?.route ?: BottomNavItem.Wallets.route
+
+    Scaffold(
+        bottomBar = {
+            TssBottomNavigation(
+                currentRoute = currentRoute,
+                onNavigate = { item ->
+                    navController.navigate(item.route) {
+                        // Pop up to the start destination to avoid building up a large stack
+                        popUpTo(BottomNavItem.Wallets.route) {
+                            saveState = true
+                        }
+                        // Avoid multiple copies of the same destination
+                        launchSingleTop = true
+                        // Restore state when reselecting a previously selected item
+                        restoreState = true
+                    }
+                }
+            )
+        }
+    ) { paddingValues ->
+        NavHost(
+            navController = navController,
+            startDestination = BottomNavItem.Wallets.route,
+            modifier = Modifier.padding(paddingValues)
+        ) {
+            // Tab 1: My Wallets (我的钱包)
+            composable(BottomNavItem.Wallets.route) {
+                // Fetch balances when entering wallets screen
+                LaunchedEffect(shares) {
+                    viewModel.fetchAllBalances()
+                }
+
+                WalletsScreen(
+                    shares = shares,
+                    isConnected = uiState.isConnected,
+                    balances = balances,
+                    walletBalances = walletBalances,
+                    networkType = settings.networkType,
+                    onDeleteShare = { viewModel.deleteShare(it) },
+                    onRefreshBalance = { address -> viewModel.fetchBalance(address) },
+                    onTransfer = { shareId ->
+                        transferWalletId = shareId
+                        navController.navigate("transfer/$shareId")
+                    },
+                    onExportBackup = { shareId, _ ->
+                        // Get address for filename
+                        val share = shares.find { it.id == shareId }
+                        pendingExportAddress = share?.address
+                        // Export and save to file
+                        viewModel.exportShareBackup(shareId) { json ->
+                            pendingExportJson = json
+                        }
+                    },
+                    onImportBackup = {
+                        // Open file picker to select backup file
+                        openDocumentLauncher.launch(arrayOf("*/*"))
+                    },
+                    onCreateWallet = {
+                        navController.navigate(BottomNavItem.Create.route)
+                    }
+                )
+            }
+
+            // Transfer Screen
+            composable("transfer/{shareId}") { backStackEntry ->
+                val shareId = backStackEntry.arguments?.getString("shareId")?.toLongOrNull()
+                val wallet = shareId?.let { viewModel.getWalletById(it) }
+
+                if (wallet != null) {
+                    TransferScreen(
+                        wallet = wallet,
+                        balance = balances[wallet.address],
+                        walletBalance = walletBalances[wallet.address],
+                        sessionStatus = sessionStatus,
+                        participants = signParticipants,
+                        currentRound = signCurrentRound,
+                        totalRounds = 9,
+                        preparedTx = preparedTx,
+                        signSessionId = signSessionId,
+                        inviteCode = signInviteCode,
+                        signature = signature,
+                        txHash = txHash,
+                        isLoading = uiState.isLoading,
+                        error = uiState.error,
+                        networkType = settings.networkType,
+                        rpcUrl = settings.kavaRpcUrl,
+                        onPrepareTransaction = { toAddress, amount, tokenType ->
+                            viewModel.prepareTransfer(shareId, toAddress, amount, tokenType)
+                        },
+                        onConfirmTransaction = {
+                            viewModel.initiateSignSession(shareId, "")
+                        },
+                        onCopyInviteCode = {
+                            signInviteCode?.let { onCopyToClipboard(it) }
+                        },
+                        onBroadcastTransaction = {
+                            viewModel.broadcastTransaction()
+                        },
+                        onCancel = {
+                            viewModel.resetTransferState()
+                            viewModel.clearError()
+                            navController.popBackStack()
+                        },
+                        onBackToWallets = {
+                            viewModel.resetTransferState()
+                            navController.navigate(BottomNavItem.Wallets.route) {
+                                popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                            }
+                        }
+                    )
+                }
+            }
+
+            // Tab 2: Create Wallet (创建钱包)
+            composable(BottomNavItem.Create.route) {
+                CreateWalletScreen(
+                    isLoading = uiState.isLoading,
+                    error = uiState.error,
+                    inviteCode = createdInviteCode,
+                    sessionId = currentSessionId,
+                    sessionStatus = sessionStatus,
+                    hasEnteredSession = hasEnteredSession,
+                    participants = sessionParticipants,
+                    currentRound = currentRound,
+                    totalRounds = 9,
+                    publicKey = publicKey,
+                    countdownSeconds = uiState.countdownSeconds,
+                    onCreateSession = { name, t, n, participantName ->
+                        viewModel.createKeygenSession(name, t, n, participantName)
+                    },
+                    onCopyInviteCode = {
+                        createdInviteCode?.let { onCopyToClipboard(it) }
+                    },
+                    onEnterSession = {
+                        viewModel.enterSession()
+                    },
+                    onCancel = {
+                        viewModel.cancelSession()
+                        viewModel.clearError()
+                        viewModel.resetSessionState()
+                        navController.navigate(BottomNavItem.Wallets.route) {
+                            popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                        }
+                    },
+                    onBackToHome = {
+                        viewModel.resetSessionState()
+                        navController.navigate(BottomNavItem.Wallets.route) {
+                            popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                        }
+                    }
+                )
+            }
+
+            // Tab 3: Join Keygen (加入创建)
+            composable(BottomNavItem.JoinKeygen.route) {
+                // Convert JoinKeygenSessionInfo to JoinSessionInfo for the screen
+                val screenSessionInfo = joinSessionInfo?.let {
+                    JoinSessionInfo(
+                        sessionId = it.sessionId,
+                        walletName = it.walletName,
+                        thresholdT = it.thresholdT,
+                        thresholdN = it.thresholdN,
+                        initiator = it.initiator,
+                        currentParticipants = it.currentParticipants,
+                        totalParticipants = it.totalParticipants
+                    )
+                }
+
+                JoinKeygenScreen(
+                    sessionStatus = sessionStatus,
+                    isLoading = uiState.isLoading,
+                    error = uiState.error,
+                    sessionInfo = screenSessionInfo,
+                    participants = joinKeygenParticipants,
+                    currentRound = joinKeygenRound,
+                    totalRounds = 9,
+                    publicKey = joinKeygenPublicKey,
+                    countdownSeconds = uiState.countdownSeconds,
+                    onValidateInviteCode = { inviteCode ->
+                        viewModel.validateInviteCode(inviteCode)
+                    },
+                    onJoinKeygen = { inviteCode, password ->
+                        viewModel.joinKeygen(inviteCode, password)
+                    },
+                    onCancel = {
+                        // Cancel from input screen - navigate away
+                        viewModel.cancelSession()
+                        viewModel.clearError()
+                        viewModel.resetJoinKeygenState()
+                        navController.navigate(BottomNavItem.Wallets.route) {
+                            popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                        }
+                    },
+                    onResetState = {
+                        // Reset from confirm/joining/progress screens - stay on page
+                        viewModel.cancelSession()
+                        viewModel.clearError()
+                        viewModel.resetJoinKeygenState()
+                    },
+                    onBackToHome = {
+                        viewModel.resetJoinKeygenState()
+                        navController.navigate(BottomNavItem.Wallets.route) {
+                            popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                        }
+                    }
+                )
+            }
+
+            // Tab 4: Co-Sign (参与签名)
+            composable(BottomNavItem.CoSign.route) {
+                // Convert CoSignSessionInfo to SignSessionInfo for the screen
+                val screenSignSessionInfo = coSignSessionInfo?.let {
+                    SignSessionInfo(
+                        sessionId = it.sessionId,
+                        keygenSessionId = it.keygenSessionId,
+                        walletName = it.walletName,
+                        messageHash = it.messageHash,
+                        thresholdT = it.thresholdT,
+                        thresholdN = it.thresholdN,
+                        currentParticipants = it.currentParticipants
+                    )
+                }
+
+                CoSignJoinScreen(
+                    shares = shares,
+                    sessionStatus = sessionStatus,
+                    isLoading = uiState.isLoading,
+                    error = uiState.error,
+                    signSessionInfo = screenSignSessionInfo,
+                    participants = coSignParticipants,
+                    currentRound = coSignRound,
+                    totalRounds = 9,
+                    signature = coSignSignature,
+                    countdownSeconds = uiState.countdownSeconds,
+                    onValidateInviteCode = { inviteCode ->
+                        viewModel.validateSignInviteCode(inviteCode)
+                    },
+                    onJoinSign = { inviteCode, shareId, password ->
+                        viewModel.joinSign(inviteCode, shareId, password)
+                    },
+                    onCancel = {
+                        // Cancel from input screen - navigate away
+                        viewModel.cancelSession()
+                        viewModel.clearError()
+                        viewModel.resetCoSignState()
+                        navController.navigate(BottomNavItem.Wallets.route) {
+                            popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                        }
+                    },
+                    onResetState = {
+                        // Reset from select_share/joining/signing screens - stay on page
+                        viewModel.cancelSession()
+                        viewModel.clearError()
+                        viewModel.resetCoSignState()
+                    },
+                    onBackToHome = {
+                        viewModel.resetCoSignState()
+                        navController.navigate(BottomNavItem.Wallets.route) {
+                            popUpTo(BottomNavItem.Wallets.route) { inclusive = true }
+                        }
+                    }
+                )
+            }
+
+            // Tab 5: Settings (设置)
+            composable(BottomNavItem.Settings.route) {
+                // Convert ViewModel ConnectionTestResult to Screen ConnectionTestResult
+                val screenMessageRouterStatus: ConnectionTestResult? = messageRouterTestResult?.let {
+                    ConnectionTestResult(
+                        success = it.success,
+                        message = it.message,
+                        latency = it.latency
+                    )
+                }
+                val screenAccountServiceStatus: ConnectionTestResult? = accountServiceTestResult?.let {
+                    ConnectionTestResult(
+                        success = it.success,
+                        message = it.message,
+                        latency = it.latency
+                    )
+                }
+                val screenKavaApiStatus: ConnectionTestResult? = kavaApiTestResult?.let {
+                    ConnectionTestResult(
+                        success = it.success,
+                        message = it.message,
+                        latency = it.latency
+                    )
+                }
+
+                SettingsScreen(
+                    settings = settings,
+                    isConnected = uiState.isConnected,
+                    messageRouterStatus = screenMessageRouterStatus,
+                    accountServiceStatus = screenAccountServiceStatus,
+                    kavaApiStatus = screenKavaApiStatus,
+                    onSaveSettings = { newSettings ->
+                        viewModel.updateSettings(newSettings)
+                    },
+                    onTestMessageRouter = { url ->
+                        viewModel.testMessageRouter(url)
+                    },
+                    onTestAccountService = { url ->
+                        viewModel.testAccountService(url)
+                    },
+                    onTestKavaApi = { url ->
+                        viewModel.testKavaApi(url)
+                    }
+                )
+            }
+        }
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/TssPartyApplication.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/TssPartyApplication.kt
@ -0,0 +1,7 @@
+package com.durian.tssparty
+
+import android.app.Application
+import dagger.hilt.android.HiltAndroidApp
+
+@HiltAndroidApp
+class TssPartyApplication : Application()
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/local/Database.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/local/Database.kt
@ -0,0 +1,104 @@
+package com.durian.tssparty.data.local
+
+import androidx.room.*
+import kotlinx.coroutines.flow.Flow
+
+/**
+ * Entity for storing TSS share records
+ */
+@Entity(tableName = "share_records")
+data class ShareRecordEntity(
+    @PrimaryKey(autoGenerate = true)
+    val id: Long = 0,
+
+    @ColumnInfo(name = "session_id")
+    val sessionId: String,
+
+    @ColumnInfo(name = "public_key")
+    val publicKey: String,
+
+    @ColumnInfo(name = "encrypted_share")
+    val encryptedShare: String,
+
+    @ColumnInfo(name = "threshold_t")
+    val thresholdT: Int,
+
+    @ColumnInfo(name = "threshold_n")
+    val thresholdN: Int,
+
+    @ColumnInfo(name = "party_index")
+    val partyIndex: Int,
+
+    @ColumnInfo(name = "address")
+    val address: String,
+
+    @ColumnInfo(name = "created_at")
+    val createdAt: Long = System.currentTimeMillis()
+)
+
+/**
+ * DAO for share records
+ */
+@Dao
+interface ShareRecordDao {
+    @Query("SELECT * FROM share_records ORDER BY created_at DESC")
+    fun getAllShares(): Flow<List<ShareRecordEntity>>
+
+    @Query("SELECT * FROM share_records WHERE id = :id")
+    suspend fun getShareById(id: Long): ShareRecordEntity?
+
+    @Query("SELECT * FROM share_records WHERE session_id = :sessionId")
+    suspend fun getShareBySessionId(sessionId: String): ShareRecordEntity?
+
+    @Query("SELECT * FROM share_records WHERE address = :address")
+    suspend fun getShareByAddress(address: String): ShareRecordEntity?
+
+    @Insert(onConflict = OnConflictStrategy.REPLACE)
+    suspend fun insertShare(share: ShareRecordEntity): Long
+
+    @Delete
+    suspend fun deleteShare(share: ShareRecordEntity)
+
+    @Query("DELETE FROM share_records WHERE id = :id")
+    suspend fun deleteShareById(id: Long)
+
+    @Query("SELECT COUNT(*) FROM share_records")
+    suspend fun getShareCount(): Int
+}
+
+/**
+ * Entity for storing app settings (like persistent partyId)
+ */
+@Entity(tableName = "app_settings")
+data class AppSettingEntity(
+    @PrimaryKey
+    val key: String,
+
+    @ColumnInfo(name = "value")
+    val value: String
+)
+
+/**
+ * DAO for app settings
+ */
+@Dao
+interface AppSettingDao {
+    @Query("SELECT value FROM app_settings WHERE `key` = :key")
+    suspend fun getValue(key: String): String?
+
+    @Insert(onConflict = OnConflictStrategy.REPLACE)
+    suspend fun setValue(setting: AppSettingEntity)
+}
+
+/**
+ * Room database
+ */
+@Database(
+    entities = [ShareRecordEntity::class, AppSettingEntity::class],
+    version = 2,
+    exportSchema = false
+)
+abstract class TssDatabase : RoomDatabase() {
+    abstract fun shareRecordDao(): ShareRecordDao
+    abstract fun appSettingDao(): AppSettingDao
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/local/TssNativeBridge.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/local/TssNativeBridge.kt
@ -0,0 +1,172 @@
+package com.durian.tssparty.data.local
+
+import com.durian.tssparty.domain.model.KeygenResult
+import com.durian.tssparty.domain.model.Participant
+import com.durian.tssparty.domain.model.SignResult
+import com.durian.tssparty.domain.model.TssOutgoingMessage
+import com.google.gson.Gson
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.channels.Channel
+import kotlinx.coroutines.flow.Flow
+import kotlinx.coroutines.flow.receiveAsFlow
+import kotlinx.coroutines.withContext
+import tsslib.MessageCallback
+import tsslib.Tsslib
+import javax.inject.Inject
+import javax.inject.Singleton
+
+/**
+ * Bridge between Kotlin and Go TSS library via gomobile bindings
+ */
+@Singleton
+class TssNativeBridge @Inject constructor(
+    private val gson: Gson
+) {
+    private val _outgoingMessages = Channel<TssOutgoingMessage>(Channel.BUFFERED)
+    val outgoingMessages: Flow<TssOutgoingMessage> = _outgoingMessages.receiveAsFlow()
+
+    private val _progress = Channel<Pair<Int, Int>>(Channel.BUFFERED)
+    val progress: Flow<Pair<Int, Int>> = _progress.receiveAsFlow()
+
+    private val _errors = Channel<String>(Channel.BUFFERED)
+    val errors: Flow<String> = _errors.receiveAsFlow()
+
+    private val _logs = Channel<String>(Channel.BUFFERED)
+    val logs: Flow<String> = _logs.receiveAsFlow()
+
+    private val callback = object : MessageCallback {
+        override fun onOutgoingMessage(messageJSON: String) {
+            try {
+                val message = gson.fromJson(messageJSON, TssOutgoingMessage::class.java)
+                _outgoingMessages.trySend(message)
+            } catch (e: Exception) {
+                _errors.trySend("Failed to parse outgoing message: ${e.message}")
+            }
+        }
+
+        override fun onProgress(round: Long, totalRounds: Long) {
+            _progress.trySend(Pair(round.toInt(), totalRounds.toInt()))
+        }
+
+        override fun onError(errorMessage: String) {
+            _errors.trySend(errorMessage)
+        }
+
+        override fun onLog(message: String) {
+            _logs.trySend(message)
+        }
+    }
+
+    /**
+     * Start a keygen session
+     */
+    suspend fun startKeygen(
+        sessionId: String,
+        partyId: String,
+        partyIndex: Int,
+        thresholdT: Int,
+        thresholdN: Int,
+        participants: List<Participant>,
+        password: String
+    ): Result<Unit> = withContext(Dispatchers.IO) {
+        try {
+            val participantsJson = gson.toJson(participants)
+            Tsslib.startKeygen(
+                sessionId,
+                partyId,
+                partyIndex.toLong(),
+                thresholdT.toLong(),
+                thresholdN.toLong(),
+                participantsJson,
+                password,
+                callback
+            )
+            Result.success(Unit)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Start a sign session
+     */
+    suspend fun startSign(
+        sessionId: String,
+        partyId: String,
+        partyIndex: Int,
+        thresholdT: Int,
+        thresholdN: Int,
+        participants: List<Participant>,
+        messageHash: String,
+        shareData: String,
+        password: String
+    ): Result<Unit> = withContext(Dispatchers.IO) {
+        try {
+            val participantsJson = gson.toJson(participants)
+            Tsslib.startSign(
+                sessionId,
+                partyId,
+                partyIndex.toLong(),
+                thresholdT.toLong(),
+                thresholdN.toLong(),
+                participantsJson,
+                messageHash,
+                shareData,
+                password,
+                callback
+            )
+            Result.success(Unit)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Send incoming message from another party
+     */
+    suspend fun sendIncomingMessage(
+        fromPartyIndex: Int,
+        isBroadcast: Boolean,
+        payload: String
+    ): Result<Unit> = withContext(Dispatchers.IO) {
+        try {
+            Tsslib.sendIncomingMessage(fromPartyIndex.toLong(), isBroadcast, payload)
+            Result.success(Unit)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Wait for keygen result
+     */
+    suspend fun waitForKeygenResult(password: String): Result<KeygenResult> = withContext(Dispatchers.IO) {
+        try {
+            val resultJson = Tsslib.waitForKeygenResult(password)
+            val result = gson.fromJson(resultJson, KeygenResult::class.java)
+            Result.success(result)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Wait for sign result
+     */
+    suspend fun waitForSignResult(): Result<SignResult> = withContext(Dispatchers.IO) {
+        try {
+            val resultJson = Tsslib.waitForSignResult()
+            val result = gson.fromJson(resultJson, SignResult::class.java)
+            Result.success(result)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Cancel current session
+     */
+    fun cancelSession() {
+        Tsslib.cancelSession()
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/remote/GrpcClient.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/remote/GrpcClient.kt
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/repository/TssRepository.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/data/repository/TssRepository.kt
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/di/AppModule.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/di/AppModule.kt
@ -0,0 +1,89 @@
+package com.durian.tssparty.di
+
+import android.content.Context
+import androidx.room.Room
+import androidx.room.migration.Migration
+import androidx.sqlite.db.SupportSQLiteDatabase
+import com.durian.tssparty.data.local.AppSettingDao
+import com.durian.tssparty.data.local.ShareRecordDao
+import com.durian.tssparty.data.local.TssDatabase
+import com.durian.tssparty.data.local.TssNativeBridge
+import com.durian.tssparty.data.remote.GrpcClient
+import com.durian.tssparty.data.repository.TssRepository
+import com.google.gson.Gson
+import com.google.gson.GsonBuilder
+import dagger.Module
+import dagger.Provides
+import dagger.hilt.InstallIn
+import dagger.hilt.android.qualifiers.ApplicationContext
+import dagger.hilt.components.SingletonComponent
+import javax.inject.Singleton
+
+@Module
+@InstallIn(SingletonComponent::class)
+object AppModule {
+
+    // Migration from version 1 to 2: add app_settings table
+    private val MIGRATION_1_2 = object : Migration(1, 2) {
+        override fun migrate(database: SupportSQLiteDatabase) {
+            database.execSQL(
+                "CREATE TABLE IF NOT EXISTS `app_settings` (" +
+                "`key` TEXT NOT NULL PRIMARY KEY, " +
+                "`value` TEXT NOT NULL)"
+            )
+        }
+    }
+
+    @Provides
+    @Singleton
+    fun provideGson(): Gson {
+        return GsonBuilder().create()
+    }
+
+    @Provides
+    @Singleton
+    fun provideDatabase(@ApplicationContext context: Context): TssDatabase {
+        return Room.databaseBuilder(
+            context,
+            TssDatabase::class.java,
+            "tss_party.db"
+        )
+            .addMigrations(MIGRATION_1_2)
+            .build()
+    }
+
+    @Provides
+    @Singleton
+    fun provideShareRecordDao(database: TssDatabase): ShareRecordDao {
+        return database.shareRecordDao()
+    }
+
+    @Provides
+    @Singleton
+    fun provideAppSettingDao(database: TssDatabase): AppSettingDao {
+        return database.appSettingDao()
+    }
+
+    @Provides
+    @Singleton
+    fun provideGrpcClient(): GrpcClient {
+        return GrpcClient()
+    }
+
+    @Provides
+    @Singleton
+    fun provideTssNativeBridge(gson: Gson): TssNativeBridge {
+        return TssNativeBridge(gson)
+    }
+
+    @Provides
+    @Singleton
+    fun provideTssRepository(
+        grpcClient: GrpcClient,
+        tssNativeBridge: TssNativeBridge,
+        shareRecordDao: ShareRecordDao,
+        appSettingDao: AppSettingDao
+    ): TssRepository {
+        return TssRepository(grpcClient, tssNativeBridge, shareRecordDao, appSettingDao)
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/domain/model/AppState.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/domain/model/AppState.kt
@ -0,0 +1,58 @@
+package com.durian.tssparty.domain.model
+
+/**
+ * Application ready state
+ */
+enum class AppReadyState {
+    INITIALIZING,
+    READY,
+    ERROR
+}
+
+/**
+ * Service check status
+ */
+data class ServiceStatus(
+    val isOnline: Boolean = false,
+    val message: String = "",
+    val latency: Long? = null
+)
+
+/**
+ * Environment state - tracks all service statuses
+ */
+data class EnvironmentState(
+    val database: ServiceStatus = ServiceStatus(),
+    val messageRouter: ServiceStatus = ServiceStatus(),
+    val kavaApi: ServiceStatus = ServiceStatus()
+)
+
+/**
+ * Operation progress for keygen/sign
+ */
+data class OperationProgress(
+    val isActive: Boolean = false,
+    val type: OperationType = OperationType.NONE,
+    val sessionId: String? = null,
+    val currentRound: Int = 0,
+    val totalRounds: Int = 0,
+    val status: String = ""
+)
+
+enum class OperationType {
+    NONE,
+    KEYGEN,
+    SIGN
+}
+
+/**
+ * Global app state (similar to Zustand store in Electron version)
+ */
+data class AppState(
+    val appReady: AppReadyState = AppReadyState.INITIALIZING,
+    val appError: String? = null,
+    val environment: EnvironmentState = EnvironmentState(),
+    val operation: OperationProgress = OperationProgress(),
+    val partyId: String? = null,
+    val walletCount: Int = 0
+)
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/domain/model/Models.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/domain/model/Models.kt
@ -0,0 +1,234 @@
+package com.durian.tssparty.domain.model
+
+import com.google.gson.annotations.SerializedName
+
+/**
+ * Participant in a TSS session
+ */
+data class Participant(
+    @SerializedName("partyId")
+    val partyId: String,
+    @SerializedName("partyIndex")
+    val partyIndex: Int,
+    @SerializedName("name")
+    val name: String = ""
+)
+
+/**
+ * TSS Session information
+ */
+data class TssSession(
+    val sessionId: String,
+    val sessionType: SessionType,
+    val thresholdT: Int,
+    val thresholdN: Int,
+    val participants: List<Participant>,
+    val status: SessionStatus,
+    val inviteCode: String? = null,
+    val messageHash: String? = null,
+    val createdAt: Long = System.currentTimeMillis()
+)
+
+enum class SessionType {
+    KEYGEN,
+    SIGN
+}
+
+enum class SessionStatus {
+    WAITING,
+    IN_PROGRESS,
+    COMPLETED,
+    FAILED
+}
+
+/**
+ * Result of key generation
+ */
+data class KeygenResult(
+    @SerializedName("publicKey")
+    val publicKey: String,  // base64 encoded
+    @SerializedName("encryptedShare")
+    val encryptedShare: String  // base64 encoded
+)
+
+/**
+ * Result of signing
+ */
+data class SignResult(
+    @SerializedName("signature")
+    val signature: String,  // base64 encoded (r || s || v, 65 bytes)
+    @SerializedName("recoveryId")
+    val recoveryId: Int
+)
+
+/**
+ * Outgoing TSS message
+ */
+data class TssOutgoingMessage(
+    @SerializedName("type")
+    val type: String,
+    @SerializedName("isBroadcast")
+    val isBroadcast: Boolean,
+    @SerializedName("toParties")
+    val toParties: List<String>?,
+    @SerializedName("payload")
+    val payload: String  // base64 encoded
+)
+
+/**
+ * Share record stored in local database
+ */
+data class ShareRecord(
+    val id: Long = 0,
+    val sessionId: String,
+    val publicKey: String,
+    val encryptedShare: String,
+    val thresholdT: Int,
+    val thresholdN: Int,
+    val partyIndex: Int,
+    val address: String,
+    val createdAt: Long = System.currentTimeMillis()
+)
+
+/**
+ * Account balance information
+ */
+data class AccountBalance(
+    val address: String,
+    val balance: String,
+    val denom: String = "ukava"
+)
+
+/**
+ * Sign session request
+ */
+data class SignSessionRequest(
+    val sessionId: String,
+    val messageHash: String,  // hex encoded
+    val participants: List<Participant>
+)
+
+/**
+ * Settings
+ * Matches service-party-app settings structure
+ */
+data class AppSettings(
+    val messageRouterUrl: String = "mpc-grpc.szaiai.com:443",
+    val accountServiceUrl: String = "https://rwaapi.szaiai.com",
+    val kavaRpcUrl: String = "https://evm.kava.io",
+    val networkType: NetworkType = NetworkType.MAINNET
+)
+
+enum class NetworkType {
+    MAINNET,
+    TESTNET
+}
+
+/**
+ * Token type for transfers
+ */
+enum class TokenType {
+    KAVA,           // Native KAVA token
+    GREEN_POINTS    // 绿积分 (dUSDT) ERC-20 token
+}
+
+/**
+ * Green Points (绿积分) Token Contract Configuration
+ * dUSDT - Fixed supply ERC-20 token on Kava EVM
+ */
+object GreenPointsToken {
+    const val CONTRACT_ADDRESS = "0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3"
+    const val NAME = "绿积分"
+    const val SYMBOL = "dUSDT"
+    const val DECIMALS = 6
+
+    // ERC-20 function signatures (first 4 bytes of keccak256 hash)
+    const val BALANCE_OF_SELECTOR = "0x70a08231"  // balanceOf(address)
+    const val TRANSFER_SELECTOR = "0xa9059cbb"    // transfer(address,uint256)
+    const val APPROVE_SELECTOR = "0x095ea7b3"     // approve(address,uint256)
+    const val ALLOWANCE_SELECTOR = "0xdd62ed3e"   // allowance(address,address)
+    const val TOTAL_SUPPLY_SELECTOR = "0x18160ddd" // totalSupply()
+}
+
+/**
+ * Wallet balance containing both native and token balances
+ */
+data class WalletBalance(
+    val address: String,
+    val kavaBalance: String = "0",       // Native KAVA balance
+    val greenPointsBalance: String = "0" // 绿积分 (dUSDT) balance
+)
+
+/**
+ * Share backup data for export/import
+ * Contains all necessary information to restore a wallet share
+ */
+data class ShareBackup(
+    @SerializedName("version")
+    val version: Int = 1,  // Backup format version for future compatibility
+
+    @SerializedName("sessionId")
+    val sessionId: String,
+
+    @SerializedName("publicKey")
+    val publicKey: String,  // base64 encoded
+
+    @SerializedName("encryptedShare")
+    val encryptedShare: String,  // base64 encoded, encrypted with user password
+
+    @SerializedName("thresholdT")
+    val thresholdT: Int,
+
+    @SerializedName("thresholdN")
+    val thresholdN: Int,
+
+    @SerializedName("partyIndex")
+    val partyIndex: Int,
+
+    @SerializedName("address")
+    val address: String,
+
+    @SerializedName("createdAt")
+    val createdAt: Long,
+
+    @SerializedName("exportedAt")
+    val exportedAt: Long = System.currentTimeMillis()
+) {
+    companion object {
+        const val FILE_EXTENSION = "tss-backup"
+        const val MIME_TYPE = "application/octet-stream"
+
+        /**
+         * Create backup from ShareRecord
+         */
+        fun fromShareRecord(share: ShareRecord): ShareBackup {
+            return ShareBackup(
+                sessionId = share.sessionId,
+                publicKey = share.publicKey,
+                encryptedShare = share.encryptedShare,
+                thresholdT = share.thresholdT,
+                thresholdN = share.thresholdN,
+                partyIndex = share.partyIndex,
+                address = share.address,
+                createdAt = share.createdAt
+            )
+        }
+    }
+
+    /**
+     * Convert backup to ShareRecord for database storage
+     */
+    fun toShareRecord(): ShareRecord {
+        return ShareRecord(
+            id = 0,  // Will be auto-generated
+            sessionId = sessionId,
+            publicKey = publicKey,
+            encryptedShare = encryptedShare,
+            thresholdT = thresholdT,
+            thresholdN = thresholdN,
+            partyIndex = partyIndex,
+            address = address,
+            createdAt = createdAt
+        )
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/components/BottomNavigation.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/components/BottomNavigation.kt
@ -0,0 +1,85 @@
+package com.durian.tssparty.presentation.components
+
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material.icons.outlined.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.Composable
+import androidx.compose.ui.graphics.vector.ImageVector
+
+/**
+ * Navigation destinations for bottom tabs
+ */
+sealed class BottomNavItem(
+    val route: String,
+    val title: String,
+    val selectedIcon: ImageVector,
+    val unselectedIcon: ImageVector
+) {
+    data object Wallets : BottomNavItem(
+        route = "wallets",
+        title = "我的钱包",
+        selectedIcon = Icons.Filled.Lock,
+        unselectedIcon = Icons.Outlined.Lock
+    )
+
+    data object Create : BottomNavItem(
+        route = "create",
+        title = "创建钱包",
+        selectedIcon = Icons.Filled.Add,
+        unselectedIcon = Icons.Outlined.Add
+    )
+
+    data object JoinKeygen : BottomNavItem(
+        route = "join_keygen",
+        title = "加入创建",
+        selectedIcon = Icons.Filled.Handshake,
+        unselectedIcon = Icons.Outlined.Handshake
+    )
+
+    data object CoSign : BottomNavItem(
+        route = "cosign",
+        title = "参与签名",
+        selectedIcon = Icons.Filled.Create,
+        unselectedIcon = Icons.Outlined.Create
+    )
+
+    data object Settings : BottomNavItem(
+        route = "settings",
+        title = "设置",
+        selectedIcon = Icons.Filled.Settings,
+        unselectedIcon = Icons.Outlined.Settings
+    )
+}
+
+val bottomNavItems = listOf(
+    BottomNavItem.Wallets,
+    BottomNavItem.JoinKeygen,
+    BottomNavItem.CoSign,
+    BottomNavItem.Settings
+)
+
+@Composable
+fun TssBottomNavigation(
+    currentRoute: String,
+    onNavigate: (BottomNavItem) -> Unit
+) {
+    NavigationBar {
+        bottomNavItems.forEach { item ->
+            val selected = currentRoute == item.route ||
+                    (item == BottomNavItem.Wallets && currentRoute.startsWith("wallet_detail"))
+
+            NavigationBarItem(
+                icon = {
+                    Icon(
+                        imageVector = if (selected) item.selectedIcon else item.unselectedIcon,
+                        contentDescription = item.title
+                    )
+                },
+                label = { Text(item.title) },
+                selected = selected,
+                onClick = { onNavigate(item) }
+            )
+        }
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/CoSignJoinScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/CoSignJoinScreen.kt
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/CreateWalletScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/CreateWalletScreen.kt
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/HomeScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/HomeScreen.kt
@ -0,0 +1,258 @@
+package com.durian.tssparty.presentation.screens
+
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.lazy.LazyColumn
+import androidx.compose.foundation.lazy.items
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.text.style.TextOverflow
+import androidx.compose.ui.unit.dp
+import com.durian.tssparty.domain.model.GreenPointsToken
+import com.durian.tssparty.domain.model.ShareRecord
+import com.durian.tssparty.domain.model.WalletBalance
+
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun HomeScreen(
+    shares: List<ShareRecord>,
+    walletBalances: Map<String, WalletBalance>,
+    isConnected: Boolean,
+    onNavigateToJoin: () -> Unit,
+    onNavigateToSign: (Long) -> Unit,
+    onNavigateToSettings: () -> Unit,
+    onDeleteShare: (Long) -> Unit,
+    onRefreshBalances: () -> Unit = {}
+) {
+    Scaffold(
+        topBar = {
+            TopAppBar(
+                title = { Text("TSS Party") },
+                actions = {
+                    // Refresh button
+                    IconButton(onClick = onRefreshBalances) {
+                        Icon(Icons.Default.Refresh, contentDescription = "Refresh")
+                    }
+                    // Connection status indicator
+                    Icon(
+                        imageVector = if (isConnected) Icons.Default.CheckCircle else Icons.Default.Warning,
+                        contentDescription = if (isConnected) "Connected" else "Disconnected",
+                        tint = if (isConnected) MaterialTheme.colorScheme.primary
+                        else MaterialTheme.colorScheme.error
+                    )
+                    Spacer(modifier = Modifier.width(8.dp))
+                    IconButton(onClick = onNavigateToSettings) {
+                        Icon(Icons.Default.Settings, contentDescription = "Settings")
+                    }
+                }
+            )
+        },
+        floatingActionButton = {
+            FloatingActionButton(onClick = onNavigateToJoin) {
+                Icon(Icons.Default.Add, contentDescription = "Join Session")
+            }
+        }
+    ) { paddingValues ->
+        Column(
+            modifier = Modifier
+                .fillMaxSize()
+                .padding(paddingValues)
+                .padding(16.dp)
+        ) {
+            Text(
+                text = "My Wallets",
+                style = MaterialTheme.typography.headlineSmall
+            )
+
+            Spacer(modifier = Modifier.height(16.dp))
+
+            if (shares.isEmpty()) {
+                Box(
+                    modifier = Modifier.fillMaxSize(),
+                    contentAlignment = Alignment.Center
+                ) {
+                    Column(horizontalAlignment = Alignment.CenterHorizontally) {
+                        Icon(
+                            imageVector = Icons.Default.AccountBalanceWallet,
+                            contentDescription = null,
+                            modifier = Modifier.size(64.dp),
+                            tint = MaterialTheme.colorScheme.outline
+                        )
+                        Spacer(modifier = Modifier.height(16.dp))
+                        Text(
+                            text = "No wallets yet",
+                            style = MaterialTheme.typography.bodyLarge,
+                            color = MaterialTheme.colorScheme.outline
+                        )
+                        Spacer(modifier = Modifier.height(8.dp))
+                        Text(
+                            text = "Tap + to join a keygen session",
+                            style = MaterialTheme.typography.bodyMedium,
+                            color = MaterialTheme.colorScheme.outline
+                        )
+                    }
+                }
+            } else {
+                LazyColumn(
+                    verticalArrangement = Arrangement.spacedBy(12.dp)
+                ) {
+                    items(shares) { share ->
+                        WalletCard(
+                            share = share,
+                            walletBalance = walletBalances[share.address],
+                            onSign = { onNavigateToSign(share.id) },
+                            onDelete = { onDeleteShare(share.id) }
+                        )
+                    }
+                }
+            }
+        }
+    }
+}
+
+@Composable
+fun WalletCard(
+    share: ShareRecord,
+    walletBalance: WalletBalance?,
+    onSign: () -> Unit,
+    onDelete: () -> Unit
+) {
+    var showDeleteDialog by remember { mutableStateOf(false) }
+
+    Card(
+        modifier = Modifier.fillMaxWidth()
+    ) {
+        Column(
+            modifier = Modifier.padding(16.dp)
+        ) {
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.SpaceBetween,
+                verticalAlignment = Alignment.CenterVertically
+            ) {
+                Column(modifier = Modifier.weight(1f)) {
+                    Text(
+                        text = "Address",
+                        style = MaterialTheme.typography.labelSmall,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Text(
+                        text = share.address,
+                        style = MaterialTheme.typography.bodyMedium,
+                        maxLines = 1,
+                        overflow = TextOverflow.Ellipsis
+                    )
+                }
+            }
+
+            Spacer(modifier = Modifier.height(12.dp))
+
+            // Balance section
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.SpaceBetween
+            ) {
+                // KAVA balance
+                Column {
+                    Text(
+                        text = "KAVA",
+                        style = MaterialTheme.typography.labelSmall,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Text(
+                        text = walletBalance?.kavaBalance ?: "Loading...",
+                        style = MaterialTheme.typography.bodyLarge,
+                        fontWeight = FontWeight.Medium
+                    )
+                }
+                // Green Points balance
+                Column(horizontalAlignment = Alignment.End) {
+                    Text(
+                        text = GreenPointsToken.NAME,
+                        style = MaterialTheme.typography.labelSmall,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Text(
+                        text = walletBalance?.greenPointsBalance ?: "Loading...",
+                        style = MaterialTheme.typography.bodyLarge,
+                        fontWeight = FontWeight.Medium,
+                        color = MaterialTheme.colorScheme.primary
+                    )
+                }
+            }
+
+            Spacer(modifier = Modifier.height(8.dp))
+
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.SpaceBetween
+            ) {
+                Text(
+                    text = "${share.thresholdT}-of-${share.thresholdN}",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.outline
+                )
+                Text(
+                    text = "Party #${share.partyIndex}",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.outline
+                )
+            }
+
+            Spacer(modifier = Modifier.height(12.dp))
+
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.End,
+                verticalAlignment = Alignment.CenterVertically
+            ) {
+                TextButton(onClick = { showDeleteDialog = true }) {
+                    Icon(
+                        Icons.Default.Delete,
+                        contentDescription = null,
+                        modifier = Modifier.size(18.dp)
+                    )
+                    Spacer(modifier = Modifier.width(4.dp))
+                    Text("Delete")
+                }
+                Spacer(modifier = Modifier.width(8.dp))
+                Button(onClick = onSign) {
+                    Icon(
+                        Icons.Default.Edit,
+                        contentDescription = null,
+                        modifier = Modifier.size(18.dp)
+                    )
+                    Spacer(modifier = Modifier.width(4.dp))
+                    Text("Sign")
+                }
+            }
+        }
+    }
+
+    if (showDeleteDialog) {
+        AlertDialog(
+            onDismissRequest = { showDeleteDialog = false },
+            title = { Text("Delete Wallet") },
+            text = { Text("Are you sure you want to delete this wallet? This action cannot be undone.") },
+            confirmButton = {
+                TextButton(
+                    onClick = {
+                        onDelete()
+                        showDeleteDialog = false
+                    }
+                ) {
+                    Text("Delete", color = MaterialTheme.colorScheme.error)
+                }
+            },
+            dismissButton = {
+                TextButton(onClick = { showDeleteDialog = false }) {
+                    Text("Cancel")
+                }
+            }
+        )
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/JoinKeygenScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/JoinKeygenScreen.kt
@ -0,0 +1,847 @@
+package com.durian.tssparty.presentation.screens
+
+import android.app.Activity
+import androidx.activity.compose.rememberLauncherForActivityResult
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.rememberScrollState
+import androidx.compose.foundation.verticalScroll
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.platform.LocalContext
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.unit.dp
+import com.durian.tssparty.domain.model.SessionStatus
+import com.journeyapps.barcodescanner.ScanContract
+import com.journeyapps.barcodescanner.ScanOptions
+
+/**
+ * Session info returned from validateInviteCode API
+ * Matches service-party-app SessionInfo type
+ */
+data class JoinSessionInfo(
+    val sessionId: String,
+    val walletName: String,
+    val thresholdT: Int,
+    val thresholdN: Int,
+    val initiator: String,
+    val currentParticipants: Int,
+    val totalParticipants: Int
+)
+
+/**
+ * Format countdown seconds to mm:ss display
+ */
+private fun formatCountdown(seconds: Long): String {
+    if (seconds < 0) return ""
+    val minutes = seconds / 60
+    val secs = seconds % 60
+    return "%d:%02d".format(minutes, secs)
+}
+
+/**
+ * JoinKeygen screen matching service-party-app/src/renderer/src/pages/Join.tsx
+ * Simplified flow without password: input → confirm → joining
+ */
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun JoinKeygenScreen(
+    sessionStatus: SessionStatus,
+    isLoading: Boolean,
+    error: String?,
+    sessionInfo: JoinSessionInfo? = null,
+    participants: List<String> = emptyList(),
+    currentRound: Int = 0,
+    totalRounds: Int = 9,
+    publicKey: String? = null,
+    countdownSeconds: Long = -1L,  // 5-minute countdown: -1 = not counting, >0 = remaining seconds
+    onValidateInviteCode: (inviteCode: String) -> Unit,
+    onJoinKeygen: (inviteCode: String, password: String) -> Unit,
+    onCancel: () -> Unit,
+    onResetState: () -> Unit = {},  // Reset ViewModel state without navigating
+    onBackToHome: () -> Unit = {}
+) {
+    var inviteCode by remember { mutableStateOf("") }
+    var validationError by remember { mutableStateOf<String?>(null) }
+
+    // 3-step flow: input → confirm → joining
+    var step by remember { mutableStateOf("input") }
+    var autoJoinAttempted by remember { mutableStateOf(false) }
+
+    // Handle session info received (validation success)
+    LaunchedEffect(sessionInfo) {
+        if (sessionInfo != null && step == "input") {
+            step = "confirm"
+        }
+    }
+
+    // Auto-join when we have session info (password is empty string)
+    LaunchedEffect(step, sessionInfo, autoJoinAttempted, isLoading) {
+        if (step == "confirm" && sessionInfo != null && !autoJoinAttempted && !isLoading && error == null) {
+            autoJoinAttempted = true
+            step = "joining"
+            onJoinKeygen(inviteCode, "") // Empty password
+        }
+    }
+
+    // Handle session status changes
+    LaunchedEffect(sessionStatus) {
+        when (sessionStatus) {
+            SessionStatus.IN_PROGRESS -> {
+                step = "progress"
+            }
+            SessionStatus.COMPLETED -> {
+                step = "completed"
+            }
+            SessionStatus.FAILED -> {
+                if (step == "joining") {
+                    step = "confirm"
+                }
+            }
+            else -> {}
+        }
+    }
+
+    // Reset auto-join on error
+    LaunchedEffect(error) {
+        if (error != null && step == "joining") {
+            step = "confirm"
+            autoJoinAttempted = false
+        }
+    }
+
+    // Reset to input state (used by cancel buttons in confirm/joining/progress screens)
+    // This resets UI state to input screen WITHOUT navigating away from JoinKeygen page
+    val resetToInput: () -> Unit = {
+        step = "input"
+        inviteCode = ""
+        validationError = null
+        autoJoinAttempted = false
+        onResetState() // Clear ViewModel state (sessionInfo, joinToken, etc.) without navigating
+    }
+
+    when (step) {
+        "input" -> InputScreen(
+            inviteCode = inviteCode,
+            isLoading = isLoading,
+            error = error,
+            validationError = validationError,
+            onInviteCodeChange = { inviteCode = it },
+            onValidateCode = {
+                when {
+                    inviteCode.isBlank() -> validationError = "请输入邀请码"
+                    else -> {
+                        validationError = null
+                        onValidateInviteCode(inviteCode)
+                    }
+                }
+            },
+            onCancel = onCancel  // In input state, cancel navigates away
+        )
+        "confirm" -> ConfirmScreen(
+            sessionInfo = sessionInfo,
+            isLoading = isLoading,
+            error = error,
+            onBack = {
+                step = "input"
+                autoJoinAttempted = false
+            },
+            onRetry = {
+                autoJoinAttempted = false
+            },
+            onCancel = resetToInput  // Reset to input state, stay on page
+        )
+        "joining" -> JoiningScreen(
+            countdownSeconds = countdownSeconds,
+            onCancel = resetToInput
+        )  // Reset to input state, stay on page
+        "progress" -> KeygenProgressScreen(
+            sessionStatus = sessionStatus,
+            participants = participants,
+            currentRound = currentRound,
+            totalRounds = totalRounds,
+            countdownSeconds = countdownSeconds,
+            onCancel = resetToInput  // Reset to input state, stay on page
+        )
+        "completed" -> KeygenCompletedScreen(
+            publicKey = publicKey,
+            onBackToHome = onBackToHome
+        )
+    }
+}
+
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+private fun InputScreen(
+    inviteCode: String,
+    isLoading: Boolean,
+    error: String?,
+    validationError: String?,
+    onInviteCodeChange: (String) -> Unit,
+    onValidateCode: () -> Unit,
+    onCancel: () -> Unit
+) {
+    val context = LocalContext.current
+
+    // QR Scanner launcher
+    val scanLauncher = rememberLauncherForActivityResult(
+        contract = ScanContract()
+    ) { result ->
+        if (result.contents != null) {
+            // Parse the scanned content (could be invite code or deep link)
+            val scannedContent = result.contents
+            val extractedCode = if (scannedContent.startsWith("tssparty://join/")) {
+                scannedContent.removePrefix("tssparty://join/")
+            } else {
+                scannedContent
+            }
+            onInviteCodeChange(extractedCode)
+        }
+    }
+
+    Column(
+        modifier = Modifier
+            .fillMaxSize()
+            .verticalScroll(rememberScrollState())
+            .padding(16.dp)
+    ) {
+        // Header
+        Text(
+            text = "加入共管钱包",
+            style = MaterialTheme.typography.headlineMedium,
+            fontWeight = FontWeight.Bold
+        )
+
+        Spacer(modifier = Modifier.height(8.dp))
+
+        Text(
+            text = "扫描二维码或输入邀请码加入多方钱包创建会话",
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Scan QR Button
+        Card(
+            onClick = {
+                val options = ScanOptions().apply {
+                    setDesiredBarcodeFormats(ScanOptions.QR_CODE)
+                    setPrompt("扫描邀请二维码")
+                    setCameraId(0)
+                    setBeepEnabled(true)
+                    setBarcodeImageEnabled(false)
+                    setOrientationLocked(true)
+                    setCaptureActivity(PortraitCaptureActivity::class.java)
+                }
+                scanLauncher.launch(options)
+            },
+            modifier = Modifier.fillMaxWidth(),
+            colors = CardDefaults.cardColors(
+                containerColor = MaterialTheme.colorScheme.primaryContainer
+            )
+        ) {
+            Row(
+                modifier = Modifier
+                    .fillMaxWidth()
+                    .padding(20.dp),
+                horizontalArrangement = Arrangement.Center,
+                verticalAlignment = Alignment.CenterVertically
+            ) {
+                Icon(
+                    Icons.Default.QrCodeScanner,
+                    contentDescription = null,
+                    modifier = Modifier.size(32.dp),
+                    tint = MaterialTheme.colorScheme.onPrimaryContainer
+                )
+                Spacer(modifier = Modifier.width(12.dp))
+                Text(
+                    text = "扫描二维码",
+                    style = MaterialTheme.typography.titleMedium,
+                    fontWeight = FontWeight.Medium,
+                    color = MaterialTheme.colorScheme.onPrimaryContainer
+                )
+            }
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Divider with "或"
+        Row(
+            modifier = Modifier.fillMaxWidth(),
+            verticalAlignment = Alignment.CenterVertically
+        ) {
+            Divider(modifier = Modifier.weight(1f))
+            Text(
+                text = "  或  ",
+                style = MaterialTheme.typography.bodyMedium,
+                color = MaterialTheme.colorScheme.onSurfaceVariant
+            )
+            Divider(modifier = Modifier.weight(1f))
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Invite Code Input
+        OutlinedTextField(
+            value = inviteCode,
+            onValueChange = onInviteCodeChange,
+            label = { Text("邀请码") },
+            placeholder = { Text("粘贴邀请码") },
+            leadingIcon = {
+                Icon(Icons.Default.Key, contentDescription = null)
+            },
+            modifier = Modifier.fillMaxWidth(),
+            singleLine = true,
+            enabled = !isLoading
+        )
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        // Info card
+        Card(
+            colors = CardDefaults.cardColors(
+                containerColor = MaterialTheme.colorScheme.secondaryContainer
+            ),
+            modifier = Modifier.fillMaxWidth()
+        ) {
+            Row(
+                modifier = Modifier.padding(12.dp),
+                verticalAlignment = Alignment.Top
+            ) {
+                Icon(
+                    Icons.Default.Info,
+                    contentDescription = null,
+                    tint = MaterialTheme.colorScheme.onSecondaryContainer,
+                    modifier = Modifier.size(20.dp)
+                )
+                Spacer(modifier = Modifier.width(8.dp))
+                Text(
+                    text = "请向会话发起者获取邀请二维码或邀请码",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.onSecondaryContainer
+                )
+            }
+        }
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        // Error display
+        error?.let {
+            Card(
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.errorContainer
+                ),
+                modifier = Modifier.fillMaxWidth()
+            ) {
+                Row(
+                    modifier = Modifier.padding(12.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Icon(
+                        Icons.Default.Error,
+                        contentDescription = null,
+                        tint = MaterialTheme.colorScheme.error
+                    )
+                    Spacer(modifier = Modifier.width(8.dp))
+                    Text(
+                        text = it,
+                        color = MaterialTheme.colorScheme.onErrorContainer
+                    )
+                }
+            }
+            Spacer(modifier = Modifier.height(16.dp))
+        }
+
+        validationError?.let {
+            Card(
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.errorContainer
+                ),
+                modifier = Modifier.fillMaxWidth()
+            ) {
+                Row(
+                    modifier = Modifier.padding(12.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Icon(
+                        Icons.Default.Warning,
+                        contentDescription = null,
+                        tint = MaterialTheme.colorScheme.error
+                    )
+                    Spacer(modifier = Modifier.width(8.dp))
+                    Text(
+                        text = it,
+                        color = MaterialTheme.colorScheme.onErrorContainer
+                    )
+                }
+            }
+            Spacer(modifier = Modifier.height(16.dp))
+        }
+
+        Spacer(modifier = Modifier.weight(1f))
+
+        // Buttons
+        Row(
+            modifier = Modifier.fillMaxWidth(),
+            horizontalArrangement = Arrangement.spacedBy(12.dp)
+        ) {
+            OutlinedButton(
+                onClick = onCancel,
+                modifier = Modifier.weight(1f),
+                enabled = !isLoading
+            ) {
+                Text("取消")
+            }
+
+            Button(
+                onClick = onValidateCode,
+                modifier = Modifier.weight(1f),
+                enabled = !isLoading && inviteCode.isNotBlank()
+            ) {
+                if (isLoading) {
+                    CircularProgressIndicator(
+                        modifier = Modifier.size(24.dp),
+                        color = MaterialTheme.colorScheme.onPrimary,
+                        strokeWidth = 2.dp
+                    )
+                    Spacer(modifier = Modifier.width(8.dp))
+                    Text("验证中...")
+                } else {
+                    Text("加入会话")
+                }
+            }
+        }
+    }
+}
+
+@Composable
+private fun ConfirmScreen(
+    sessionInfo: JoinSessionInfo?,
+    isLoading: Boolean,
+    error: String?,
+    onBack: () -> Unit,
+    onRetry: () -> Unit,
+    onCancel: () -> Unit
+) {
+    Column(
+        modifier = Modifier
+            .fillMaxSize()
+            .padding(16.dp),
+        horizontalAlignment = Alignment.CenterHorizontally
+    ) {
+        // Header
+        Text(
+            text = "确认会话信息",
+            style = MaterialTheme.typography.headlineMedium,
+            fontWeight = FontWeight.Bold
+        )
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Session info card
+        if (sessionInfo != null) {
+            Card(
+                modifier = Modifier.fillMaxWidth()
+            ) {
+                Column(modifier = Modifier.padding(16.dp)) {
+                    InfoRow("钱包名称", sessionInfo.walletName)
+                    Divider(modifier = Modifier.padding(vertical = 8.dp))
+                    InfoRow("阈值设置", "${sessionInfo.thresholdT}-of-${sessionInfo.thresholdN}")
+                    Divider(modifier = Modifier.padding(vertical = 8.dp))
+                    InfoRow("发起者", sessionInfo.initiator)
+                    Divider(modifier = Modifier.padding(vertical = 8.dp))
+                    InfoRow("当前参与者", "${sessionInfo.currentParticipants} / ${sessionInfo.totalParticipants}")
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Error or auto-joining state
+        if (error != null) {
+            Card(
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.errorContainer
+                ),
+                modifier = Modifier.fillMaxWidth()
+            ) {
+                Row(
+                    modifier = Modifier.padding(12.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Icon(
+                        Icons.Default.Error,
+                        contentDescription = null,
+                        tint = MaterialTheme.colorScheme.error
+                    )
+                    Spacer(modifier = Modifier.width(8.dp))
+                    Text(
+                        text = error,
+                        color = MaterialTheme.colorScheme.onErrorContainer
+                    )
+                }
+            }
+
+            Spacer(modifier = Modifier.height(24.dp))
+
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.spacedBy(12.dp)
+            ) {
+                OutlinedButton(
+                    onClick = onCancel,
+                    modifier = Modifier.weight(1f)
+                ) {
+                    Text("取消")
+                }
+                Button(
+                    onClick = onRetry,
+                    modifier = Modifier.weight(1f)
+                ) {
+                    Text("重试")
+                }
+            }
+        } else {
+            // Auto-joining state
+            CircularProgressIndicator(modifier = Modifier.size(48.dp))
+            Spacer(modifier = Modifier.height(16.dp))
+            Text(
+                text = "正在自动加入会话...",
+                style = MaterialTheme.typography.bodyLarge
+            )
+
+            Spacer(modifier = Modifier.height(24.dp))
+
+            // Cancel button during auto-join
+            OutlinedButton(onClick = onCancel) {
+                Icon(Icons.Default.Cancel, contentDescription = null)
+                Spacer(modifier = Modifier.width(8.dp))
+                Text("取消")
+            }
+        }
+    }
+}
+
+@Composable
+private fun JoiningScreen(
+    countdownSeconds: Long = -1L,
+    onCancel: () -> Unit
+) {
+    Column(
+        modifier = Modifier
+            .fillMaxSize()
+            .padding(16.dp),
+        horizontalAlignment = Alignment.CenterHorizontally,
+        verticalArrangement = Arrangement.Center
+    ) {
+        CircularProgressIndicator(
+            modifier = Modifier.size(80.dp),
+            strokeWidth = 6.dp
+        )
+
+        Spacer(modifier = Modifier.height(32.dp))
+
+        Text(
+            text = "正在加入会话...",
+            style = MaterialTheme.typography.headlineSmall,
+            fontWeight = FontWeight.Bold
+        )
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        Text(
+            text = "请稍候，正在连接到其他参与者",
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        // Countdown timer (if counting down)
+        if (countdownSeconds > 0) {
+            Spacer(modifier = Modifier.height(24.dp))
+            Card(
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.tertiaryContainer
+                )
+            ) {
+                Row(
+                    modifier = Modifier.padding(horizontal = 24.dp, vertical = 12.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Icon(
+                        Icons.Default.Timer,
+                        contentDescription = null,
+                        tint = MaterialTheme.colorScheme.onTertiaryContainer,
+                        modifier = Modifier.size(20.dp)
+                    )
+                    Spacer(modifier = Modifier.width(8.dp))
+                    Text(
+                        text = "等待启动: ${formatCountdown(countdownSeconds)}",
+                        style = MaterialTheme.typography.titleMedium,
+                        fontWeight = FontWeight.Bold,
+                        color = MaterialTheme.colorScheme.onTertiaryContainer
+                    )
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(32.dp))
+
+        // Cancel button
+        OutlinedButton(onClick = onCancel) {
+            Icon(Icons.Default.Cancel, contentDescription = null)
+            Spacer(modifier = Modifier.width(8.dp))
+            Text("取消")
+        }
+    }
+}
+
+@Composable
+private fun KeygenProgressScreen(
+    sessionStatus: SessionStatus,
+    participants: List<String>,
+    currentRound: Int,
+    totalRounds: Int,
+    countdownSeconds: Long = -1L,
+    onCancel: () -> Unit
+) {
+    Column(
+        modifier = Modifier
+            .fillMaxSize()
+            .padding(16.dp),
+        horizontalAlignment = Alignment.CenterHorizontally
+    ) {
+        // Header
+        Text(
+            text = "密钥生成中",
+            style = MaterialTheme.typography.headlineMedium,
+            fontWeight = FontWeight.Bold
+        )
+
+        Spacer(modifier = Modifier.height(8.dp))
+
+        Text(
+            text = "请保持应用在前台，直到密钥生成完成",
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        Spacer(modifier = Modifier.height(32.dp))
+
+        // Progress indicator
+        CircularProgressIndicator(
+            modifier = Modifier.size(80.dp),
+            strokeWidth = 6.dp
+        )
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Progress card
+        Card(modifier = Modifier.fillMaxWidth()) {
+            Column(modifier = Modifier.padding(16.dp)) {
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.SpaceBetween
+                ) {
+                    Text(
+                        text = "协议进度",
+                        style = MaterialTheme.typography.titleSmall,
+                        fontWeight = FontWeight.Medium
+                    )
+                    Text(
+                        text = "$currentRound / $totalRounds",
+                        style = MaterialTheme.typography.bodySmall,
+                        color = MaterialTheme.colorScheme.onSurfaceVariant
+                    )
+                }
+                Spacer(modifier = Modifier.height(8.dp))
+                LinearProgressIndicator(
+                    progress = if (totalRounds > 0) currentRound.toFloat() / totalRounds else 0f,
+                    modifier = Modifier.fillMaxWidth()
+                )
+            }
+        }
+
+        // Countdown timer (if counting down - waiting for keygen to start)
+        if (countdownSeconds > 0) {
+            Spacer(modifier = Modifier.height(16.dp))
+            Card(
+                modifier = Modifier.fillMaxWidth(),
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.tertiaryContainer
+                )
+            ) {
+                Row(
+                    modifier = Modifier
+                        .fillMaxWidth()
+                        .padding(16.dp),
+                    horizontalArrangement = Arrangement.Center,
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Icon(
+                        Icons.Default.Timer,
+                        contentDescription = null,
+                        tint = MaterialTheme.colorScheme.onTertiaryContainer,
+                        modifier = Modifier.size(24.dp)
+                    )
+                    Spacer(modifier = Modifier.width(12.dp))
+                    Column {
+                        Text(
+                            text = "等待密钥生成启动",
+                            style = MaterialTheme.typography.labelMedium,
+                            color = MaterialTheme.colorScheme.onTertiaryContainer
+                        )
+                        Text(
+                            text = formatCountdown(countdownSeconds),
+                            style = MaterialTheme.typography.headlineMedium,
+                            fontWeight = FontWeight.Bold,
+                            color = MaterialTheme.colorScheme.onTertiaryContainer
+                        )
+                    }
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        // Participants card
+        if (participants.isNotEmpty()) {
+            Card(modifier = Modifier.fillMaxWidth()) {
+                Column(modifier = Modifier.padding(16.dp)) {
+                    Text(
+                        text = "参与方 (${participants.size})",
+                        style = MaterialTheme.typography.titleSmall,
+                        fontWeight = FontWeight.Medium
+                    )
+                    Spacer(modifier = Modifier.height(8.dp))
+                    participants.forEach { participant ->
+                        Row(
+                            modifier = Modifier
+                                .fillMaxWidth()
+                                .padding(vertical = 4.dp),
+                            verticalAlignment = Alignment.CenterVertically
+                        ) {
+                            Icon(
+                                Icons.Default.Person,
+                                contentDescription = null,
+                                modifier = Modifier.size(20.dp),
+                                tint = MaterialTheme.colorScheme.primary
+                            )
+                            Spacer(modifier = Modifier.width(8.dp))
+                            Text(
+                                text = participant,
+                                style = MaterialTheme.typography.bodyMedium
+                            )
+                        }
+                    }
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.weight(1f))
+
+        // Cancel button
+        OutlinedButton(onClick = onCancel) {
+            Icon(Icons.Default.Cancel, contentDescription = null)
+            Spacer(modifier = Modifier.width(8.dp))
+            Text("取消")
+        }
+    }
+}
+
+@Composable
+private fun KeygenCompletedScreen(
+    publicKey: String?,
+    onBackToHome: () -> Unit
+) {
+    Column(
+        modifier = Modifier
+            .fillMaxSize()
+            .padding(16.dp),
+        horizontalAlignment = Alignment.CenterHorizontally,
+        verticalArrangement = Arrangement.Center
+    ) {
+        // Success icon
+        Icon(
+            Icons.Default.CheckCircle,
+            contentDescription = null,
+            modifier = Modifier.size(80.dp),
+            tint = MaterialTheme.colorScheme.primary
+        )
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        Text(
+            text = "密钥生成成功！",
+            style = MaterialTheme.typography.headlineMedium,
+            fontWeight = FontWeight.Bold
+        )
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        Text(
+            text = "您的钱包已创建成功，可以在「我的钱包」中查看",
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        Spacer(modifier = Modifier.height(32.dp))
+
+        // Public key info
+        if (publicKey != null) {
+            Card(
+                modifier = Modifier.fillMaxWidth(),
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.surfaceVariant
+                )
+            ) {
+                Column(modifier = Modifier.padding(16.dp)) {
+                    Text(
+                        text = "公钥",
+                        style = MaterialTheme.typography.labelSmall,
+                        color = MaterialTheme.colorScheme.onSurfaceVariant
+                    )
+                    Spacer(modifier = Modifier.height(4.dp))
+                    Text(
+                        text = "${publicKey.take(20)}...${publicKey.takeLast(20)}",
+                        style = MaterialTheme.typography.bodySmall,
+                        fontWeight = FontWeight.Medium
+                    )
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(32.dp))
+
+        Button(
+            onClick = onBackToHome,
+            modifier = Modifier.fillMaxWidth()
+        ) {
+            Icon(Icons.Default.Home, contentDescription = null)
+            Spacer(modifier = Modifier.width(8.dp))
+            Text("返回首页")
+        }
+    }
+}
+
+@Composable
+private fun InfoRow(label: String, value: String) {
+    Row(
+        modifier = Modifier.fillMaxWidth(),
+        horizontalArrangement = Arrangement.SpaceBetween
+    ) {
+        Text(
+            text = label,
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+        Text(
+            text = value,
+            style = MaterialTheme.typography.bodyMedium,
+            fontWeight = FontWeight.Medium
+        )
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/JoinScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/JoinScreen.kt
@ -0,0 +1,229 @@
+package com.durian.tssparty.presentation.screens
+
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.text.KeyboardOptions
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.text.input.KeyboardType
+import androidx.compose.ui.text.input.PasswordVisualTransformation
+import androidx.compose.ui.text.input.VisualTransformation
+import androidx.compose.ui.unit.dp
+import com.durian.tssparty.domain.model.SessionStatus
+
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun JoinScreen(
+    sessionStatus: SessionStatus,
+    isLoading: Boolean,
+    error: String?,
+    onJoinKeygen: (inviteCode: String, password: String) -> Unit,
+    onCancel: () -> Unit,
+    onBack: () -> Unit
+) {
+    var inviteCode by remember { mutableStateOf("") }
+    var password by remember { mutableStateOf("") }
+    var confirmPassword by remember { mutableStateOf("") }
+    var showPassword by remember { mutableStateOf(false) }
+    var passwordError by remember { mutableStateOf<String?>(null) }
+
+    Scaffold(
+        topBar = {
+            TopAppBar(
+                title = { Text("Join Keygen") },
+                navigationIcon = {
+                    IconButton(onClick = onBack, enabled = !isLoading) {
+                        Icon(Icons.Default.ArrowBack, contentDescription = "Back")
+                    }
+                }
+            )
+        }
+    ) { paddingValues ->
+        Column(
+            modifier = Modifier
+                .fillMaxSize()
+                .padding(paddingValues)
+                .padding(16.dp),
+            verticalArrangement = Arrangement.spacedBy(16.dp)
+        ) {
+            // Instructions
+            Card(
+                colors = CardDefaults.cardColors(
+                    containerColor = MaterialTheme.colorScheme.primaryContainer
+                )
+            ) {
+                Row(
+                    modifier = Modifier.padding(16.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    Icon(
+                        Icons.Default.Info,
+                        contentDescription = null,
+                        tint = MaterialTheme.colorScheme.onPrimaryContainer
+                    )
+                    Spacer(modifier = Modifier.width(12.dp))
+                    Text(
+                        text = "Enter the invite code shared by the session creator and set a password to protect your key share.",
+                        style = MaterialTheme.typography.bodyMedium,
+                        color = MaterialTheme.colorScheme.onPrimaryContainer
+                    )
+                }
+            }
+
+            // Invite code input
+            OutlinedTextField(
+                value = inviteCode,
+                onValueChange = { inviteCode = it },
+                label = { Text("Invite Code") },
+                placeholder = { Text("session-id:join-token") },
+                modifier = Modifier.fillMaxWidth(),
+                enabled = !isLoading,
+                singleLine = true,
+                leadingIcon = {
+                    Icon(Icons.Default.QrCode, contentDescription = null)
+                }
+            )
+
+            // Password input
+            OutlinedTextField(
+                value = password,
+                onValueChange = {
+                    password = it
+                    passwordError = null
+                },
+                label = { Text("Password") },
+                modifier = Modifier.fillMaxWidth(),
+                enabled = !isLoading,
+                singleLine = true,
+                visualTransformation = if (showPassword) VisualTransformation.None
+                else PasswordVisualTransformation(),
+                keyboardOptions = KeyboardOptions(keyboardType = KeyboardType.Password),
+                leadingIcon = {
+                    Icon(Icons.Default.Lock, contentDescription = null)
+                },
+                trailingIcon = {
+                    IconButton(onClick = { showPassword = !showPassword }) {
+                        Icon(
+                            if (showPassword) Icons.Default.VisibilityOff
+                            else Icons.Default.Visibility,
+                            contentDescription = if (showPassword) "Hide password" else "Show password"
+                        )
+                    }
+                }
+            )
+
+            // Confirm password
+            OutlinedTextField(
+                value = confirmPassword,
+                onValueChange = {
+                    confirmPassword = it
+                    passwordError = null
+                },
+                label = { Text("Confirm Password") },
+                modifier = Modifier.fillMaxWidth(),
+                enabled = !isLoading,
+                singleLine = true,
+                visualTransformation = if (showPassword) VisualTransformation.None
+                else PasswordVisualTransformation(),
+                keyboardOptions = KeyboardOptions(keyboardType = KeyboardType.Password),
+                leadingIcon = {
+                    Icon(Icons.Default.Lock, contentDescription = null)
+                },
+                isError = passwordError != null,
+                supportingText = passwordError?.let { { Text(it) } }
+            )
+
+            // Error message
+            error?.let {
+                Card(
+                    colors = CardDefaults.cardColors(
+                        containerColor = MaterialTheme.colorScheme.errorContainer
+                    )
+                ) {
+                    Row(
+                        modifier = Modifier.padding(16.dp),
+                        verticalAlignment = Alignment.CenterVertically
+                    ) {
+                        Icon(
+                            Icons.Default.Error,
+                            contentDescription = null,
+                            tint = MaterialTheme.colorScheme.onErrorContainer
+                        )
+                        Spacer(modifier = Modifier.width(12.dp))
+                        Text(
+                            text = it,
+                            color = MaterialTheme.colorScheme.onErrorContainer
+                        )
+                    }
+                }
+            }
+
+            // Progress indicator
+            if (isLoading) {
+                Card {
+                    Column(
+                        modifier = Modifier
+                            .fillMaxWidth()
+                            .padding(16.dp),
+                        horizontalAlignment = Alignment.CenterHorizontally
+                    ) {
+                        CircularProgressIndicator()
+                        Spacer(modifier = Modifier.height(16.dp))
+                        Text(
+                            text = when (sessionStatus) {
+                                SessionStatus.WAITING -> "Waiting for other parties..."
+                                SessionStatus.IN_PROGRESS -> "Generating keys..."
+                                SessionStatus.COMPLETED -> "Completed!"
+                                SessionStatus.FAILED -> "Failed"
+                            },
+                            style = MaterialTheme.typography.bodyMedium
+                        )
+                    }
+                }
+            }
+
+            Spacer(modifier = Modifier.weight(1f))
+
+            // Action buttons
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.spacedBy(12.dp)
+            ) {
+                if (isLoading) {
+                    OutlinedButton(
+                        onClick = onCancel,
+                        modifier = Modifier.weight(1f)
+                    ) {
+                        Text("Cancel")
+                    }
+                } else {
+                    Button(
+                        onClick = {
+                            if (password != confirmPassword) {
+                                passwordError = "Passwords do not match"
+                                return@Button
+                            }
+                            if (password.length < 4) {
+                                passwordError = "Password must be at least 4 characters"
+                                return@Button
+                            }
+                            if (inviteCode.isBlank()) {
+                                return@Button
+                            }
+                            onJoinKeygen(inviteCode.trim(), password)
+                        },
+                        modifier = Modifier.fillMaxWidth(),
+                        enabled = inviteCode.isNotBlank() && password.isNotBlank() && confirmPassword.isNotBlank()
+                    ) {
+                        Icon(Icons.Default.PlayArrow, contentDescription = null)
+                        Spacer(modifier = Modifier.width(8.dp))
+                        Text("Join Keygen")
+                    }
+                }
+            }
+        }
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/PortraitCaptureActivity.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/PortraitCaptureActivity.kt
@ -0,0 +1,9 @@
+package com.durian.tssparty.presentation.screens
+
+import com.journeyapps.barcodescanner.CaptureActivity
+
+/**
+ * Portrait-only barcode capture activity
+ * Used to force the QR scanner to use portrait orientation
+ */
+class PortraitCaptureActivity : CaptureActivity()
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/SettingsScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/SettingsScreen.kt
@ -0,0 +1,542 @@
+package com.durian.tssparty.presentation.screens
+
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.rememberScrollState
+import androidx.compose.foundation.verticalScroll
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.unit.dp
+import com.durian.tssparty.BuildConfig
+import com.durian.tssparty.domain.model.AppSettings
+import com.durian.tssparty.domain.model.NetworkType
+
+/**
+ * Connection test result
+ */
+data class ConnectionTestResult(
+    val success: Boolean,
+    val message: String,
+    val latency: Long? = null
+)
+
+/**
+ * Settings screen matching service-party-app/src/pages/Settings.tsx
+ * Full implementation with test connection buttons and Account Service URL
+ */
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun SettingsScreen(
+    settings: AppSettings,
+    isConnected: Boolean,
+    messageRouterStatus: ConnectionTestResult? = null,
+    accountServiceStatus: ConnectionTestResult? = null,
+    kavaApiStatus: ConnectionTestResult? = null,
+    onSaveSettings: (AppSettings) -> Unit,
+    onTestMessageRouter: (String) -> Unit = {},
+    onTestAccountService: (String) -> Unit = {},
+    onTestKavaApi: (String) -> Unit = {}
+) {
+    var messageRouterUrl by remember { mutableStateOf(settings.messageRouterUrl) }
+    var accountServiceUrl by remember { mutableStateOf(settings.accountServiceUrl) }
+    var kavaRpcUrl by remember { mutableStateOf(settings.kavaRpcUrl) }
+    var networkType by remember { mutableStateOf(settings.networkType) }
+    var hasChanges by remember { mutableStateOf(false) }
+
+    // Test connection states
+    var isTestingMessageRouter by remember { mutableStateOf(false) }
+    var isTestingAccountService by remember { mutableStateOf(false) }
+    var isTestingKavaApi by remember { mutableStateOf(false) }
+
+    // Local test results (for display)
+    var localMessageRouterResult by remember { mutableStateOf<ConnectionTestResult?>(null) }
+    var localAccountServiceResult by remember { mutableStateOf<ConnectionTestResult?>(null) }
+    var localKavaApiResult by remember { mutableStateOf<ConnectionTestResult?>(null) }
+
+    // Update local results when props change
+    LaunchedEffect(messageRouterStatus) {
+        if (messageRouterStatus != null) {
+            localMessageRouterResult = messageRouterStatus
+            isTestingMessageRouter = false
+        }
+    }
+    LaunchedEffect(accountServiceStatus) {
+        if (accountServiceStatus != null) {
+            localAccountServiceResult = accountServiceStatus
+            isTestingAccountService = false
+        }
+    }
+    LaunchedEffect(kavaApiStatus) {
+        if (kavaApiStatus != null) {
+            localKavaApiResult = kavaApiStatus
+            isTestingKavaApi = false
+        }
+    }
+
+    Column(
+        modifier = Modifier
+            .fillMaxSize()
+            .verticalScroll(rememberScrollState())
+            .padding(16.dp)
+    ) {
+        // Header
+        Text(
+            text = "设置",
+            style = MaterialTheme.typography.headlineMedium,
+            fontWeight = FontWeight.Bold
+        )
+
+        Spacer(modifier = Modifier.height(8.dp))
+
+        Text(
+            text = "配置应用程序连接和网络设置",
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Connection status overview
+        Card(
+            colors = CardDefaults.cardColors(
+                containerColor = if (isConnected)
+                    MaterialTheme.colorScheme.primaryContainer
+                else
+                    MaterialTheme.colorScheme.errorContainer
+            ),
+            modifier = Modifier.fillMaxWidth()
+        ) {
+            Row(
+                modifier = Modifier
+                    .fillMaxWidth()
+                    .padding(16.dp),
+                verticalAlignment = Alignment.CenterVertically
+            ) {
+                Icon(
+                    if (isConnected) Icons.Default.CheckCircle else Icons.Default.Warning,
+                    contentDescription = null,
+                    tint = if (isConnected)
+                        MaterialTheme.colorScheme.onPrimaryContainer
+                    else
+                        MaterialTheme.colorScheme.onErrorContainer
+                )
+                Spacer(modifier = Modifier.width(12.dp))
+                Column {
+                    Text(
+                        text = if (isConnected) "应用就绪" else "连接异常",
+                        fontWeight = FontWeight.Medium,
+                        color = if (isConnected)
+                            MaterialTheme.colorScheme.onPrimaryContainer
+                        else
+                            MaterialTheme.colorScheme.onErrorContainer
+                    )
+                    Text(
+                        text = if (isConnected) "所有服务正常运行" else "请检查网络设置",
+                        style = MaterialTheme.typography.bodySmall,
+                        color = if (isConnected)
+                            MaterialTheme.colorScheme.onPrimaryContainer.copy(alpha = 0.7f)
+                        else
+                            MaterialTheme.colorScheme.onErrorContainer.copy(alpha = 0.7f)
+                    )
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Section: Connection Settings
+        Text(
+            text = "连接设置",
+            style = MaterialTheme.typography.titleMedium,
+            fontWeight = FontWeight.SemiBold
+        )
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        // Message Router URL
+        Card(modifier = Modifier.fillMaxWidth()) {
+            Column(modifier = Modifier.padding(16.dp)) {
+                Text(
+                    text = "消息路由服务",
+                    style = MaterialTheme.typography.titleSmall,
+                    fontWeight = FontWeight.Medium
+                )
+                Spacer(modifier = Modifier.height(4.dp))
+                Text(
+                    text = "TSS 多方计算消息中继服务器",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.onSurfaceVariant
+                )
+                Spacer(modifier = Modifier.height(12.dp))
+
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.spacedBy(8.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    OutlinedTextField(
+                        value = messageRouterUrl,
+                        onValueChange = {
+                            messageRouterUrl = it
+                            hasChanges = true
+                            localMessageRouterResult = null
+                        },
+                        label = { Text("服务地址") },
+                        placeholder = { Text("mpc-grpc.szaiai.com:443") },
+                        modifier = Modifier.weight(1f),
+                        singleLine = true,
+                        leadingIcon = {
+                            Icon(Icons.Default.Cloud, contentDescription = null)
+                        }
+                    )
+                    Button(
+                        onClick = {
+                            isTestingMessageRouter = true
+                            localMessageRouterResult = null
+                            onTestMessageRouter(messageRouterUrl)
+                        },
+                        enabled = !isTestingMessageRouter && messageRouterUrl.isNotBlank()
+                    ) {
+                        if (isTestingMessageRouter) {
+                            CircularProgressIndicator(
+                                modifier = Modifier.size(16.dp),
+                                strokeWidth = 2.dp,
+                                color = MaterialTheme.colorScheme.onPrimary
+                            )
+                        } else {
+                            Text("测试")
+                        }
+                    }
+                }
+
+                // Test result
+                localMessageRouterResult?.let { result ->
+                    Spacer(modifier = Modifier.height(8.dp))
+                    Row(verticalAlignment = Alignment.CenterVertically) {
+                        Icon(
+                            if (result.success) Icons.Default.CheckCircle else Icons.Default.Error,
+                            contentDescription = null,
+                            tint = if (result.success)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.error,
+                            modifier = Modifier.size(16.dp)
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text(
+                            text = result.message + (result.latency?.let { " (${it}ms)" } ?: ""),
+                            style = MaterialTheme.typography.bodySmall,
+                            color = if (result.success)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.error
+                        )
+                    }
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        // Account Service URL
+        Card(modifier = Modifier.fillMaxWidth()) {
+            Column(modifier = Modifier.padding(16.dp)) {
+                Text(
+                    text = "账户服务",
+                    style = MaterialTheme.typography.titleSmall,
+                    fontWeight = FontWeight.Medium
+                )
+                Spacer(modifier = Modifier.height(4.dp))
+                Text(
+                    text = "会话管理和账户 API 服务",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.onSurfaceVariant
+                )
+                Spacer(modifier = Modifier.height(12.dp))
+
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.spacedBy(8.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    OutlinedTextField(
+                        value = accountServiceUrl,
+                        onValueChange = {
+                            accountServiceUrl = it
+                            hasChanges = true
+                            localAccountServiceResult = null
+                        },
+                        label = { Text("API 地址") },
+                        placeholder = { Text("https://rwaapi.szaiai.com") },
+                        modifier = Modifier.weight(1f),
+                        singleLine = true,
+                        leadingIcon = {
+                            Icon(Icons.Default.Api, contentDescription = null)
+                        }
+                    )
+                    Button(
+                        onClick = {
+                            isTestingAccountService = true
+                            localAccountServiceResult = null
+                            onTestAccountService(accountServiceUrl)
+                        },
+                        enabled = !isTestingAccountService && accountServiceUrl.isNotBlank()
+                    ) {
+                        if (isTestingAccountService) {
+                            CircularProgressIndicator(
+                                modifier = Modifier.size(16.dp),
+                                strokeWidth = 2.dp,
+                                color = MaterialTheme.colorScheme.onPrimary
+                            )
+                        } else {
+                            Text("测试")
+                        }
+                    }
+                }
+
+                // Test result
+                localAccountServiceResult?.let { result ->
+                    Spacer(modifier = Modifier.height(8.dp))
+                    Row(verticalAlignment = Alignment.CenterVertically) {
+                        Icon(
+                            if (result.success) Icons.Default.CheckCircle else Icons.Default.Error,
+                            contentDescription = null,
+                            tint = if (result.success)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.error,
+                            modifier = Modifier.size(16.dp)
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text(
+                            text = result.message + (result.latency?.let { " (${it}ms)" } ?: ""),
+                            style = MaterialTheme.typography.bodySmall,
+                            color = if (result.success)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.error
+                        )
+                    }
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Section: Blockchain Network
+        Text(
+            text = "区块链网络",
+            style = MaterialTheme.typography.titleMedium,
+            fontWeight = FontWeight.SemiBold
+        )
+
+        Spacer(modifier = Modifier.height(8.dp))
+
+        Text(
+            text = "选择要连接的 Kava 区块链网络",
+            style = MaterialTheme.typography.bodySmall,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        Spacer(modifier = Modifier.height(12.dp))
+
+        Row(
+            modifier = Modifier.fillMaxWidth(),
+            horizontalArrangement = Arrangement.spacedBy(12.dp)
+        ) {
+            FilterChip(
+                selected = networkType == NetworkType.MAINNET,
+                onClick = {
+                    networkType = NetworkType.MAINNET
+                    kavaRpcUrl = "https://evm.kava.io"
+                    hasChanges = true
+                    localKavaApiResult = null
+                },
+                label = { Text("主网 (Kava)") },
+                leadingIcon = if (networkType == NetworkType.MAINNET) {
+                    { Icon(Icons.Default.Check, contentDescription = null, Modifier.size(18.dp)) }
+                } else null
+            )
+            FilterChip(
+                selected = networkType == NetworkType.TESTNET,
+                onClick = {
+                    networkType = NetworkType.TESTNET
+                    kavaRpcUrl = "https://evm.testnet.kava.io"
+                    hasChanges = true
+                    localKavaApiResult = null
+                },
+                label = { Text("测试网") },
+                leadingIcon = if (networkType == NetworkType.TESTNET) {
+                    { Icon(Icons.Default.Check, contentDescription = null, Modifier.size(18.dp)) }
+                } else null
+            )
+        }
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        // Kava RPC URL
+        Card(modifier = Modifier.fillMaxWidth()) {
+            Column(modifier = Modifier.padding(16.dp)) {
+                Text(
+                    text = "Kava RPC 节点",
+                    style = MaterialTheme.typography.titleSmall,
+                    fontWeight = FontWeight.Medium
+                )
+                Spacer(modifier = Modifier.height(4.dp))
+                Text(
+                    text = "区块链交易和查询 API",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.onSurfaceVariant
+                )
+                Spacer(modifier = Modifier.height(12.dp))
+
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.spacedBy(8.dp),
+                    verticalAlignment = Alignment.CenterVertically
+                ) {
+                    OutlinedTextField(
+                        value = kavaRpcUrl,
+                        onValueChange = {
+                            kavaRpcUrl = it
+                            hasChanges = true
+                            localKavaApiResult = null
+                        },
+                        label = { Text("RPC 地址") },
+                        placeholder = { Text("https://evm.kava.io") },
+                        modifier = Modifier.weight(1f),
+                        singleLine = true,
+                        leadingIcon = {
+                            Icon(Icons.Default.Link, contentDescription = null)
+                        }
+                    )
+                    Button(
+                        onClick = {
+                            isTestingKavaApi = true
+                            localKavaApiResult = null
+                            onTestKavaApi(kavaRpcUrl)
+                        },
+                        enabled = !isTestingKavaApi && kavaRpcUrl.isNotBlank()
+                    ) {
+                        if (isTestingKavaApi) {
+                            CircularProgressIndicator(
+                                modifier = Modifier.size(16.dp),
+                                strokeWidth = 2.dp,
+                                color = MaterialTheme.colorScheme.onPrimary
+                            )
+                        } else {
+                            Text("测试")
+                        }
+                    }
+                }
+
+                // Test result
+                localKavaApiResult?.let { result ->
+                    Spacer(modifier = Modifier.height(8.dp))
+                    Row(verticalAlignment = Alignment.CenterVertically) {
+                        Icon(
+                            if (result.success) Icons.Default.CheckCircle else Icons.Default.Error,
+                            contentDescription = null,
+                            tint = if (result.success)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.error,
+                            modifier = Modifier.size(16.dp)
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text(
+                            text = result.message + (result.latency?.let { " (${it}ms)" } ?: ""),
+                            style = MaterialTheme.typography.bodySmall,
+                            color = if (result.success)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.error
+                        )
+                    }
+                }
+            }
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+
+        // Section: About
+        Text(
+            text = "关于",
+            style = MaterialTheme.typography.titleMedium,
+            fontWeight = FontWeight.SemiBold
+        )
+
+        Spacer(modifier = Modifier.height(12.dp))
+
+        Card(
+            modifier = Modifier.fillMaxWidth()
+        ) {
+            Column(
+                modifier = Modifier.padding(16.dp)
+            ) {
+                AboutRow("应用名称", "TSS Party")
+                Divider(modifier = Modifier.padding(vertical = 8.dp))
+                AboutRow("版本", BuildConfig.VERSION_NAME)
+                Divider(modifier = Modifier.padding(vertical = 8.dp))
+                AboutRow("版本号", BuildConfig.VERSION_CODE.toString())
+                Divider(modifier = Modifier.padding(vertical = 8.dp))
+                AboutRow("构建类型", if (BuildConfig.DEBUG) "Debug" else "Release")
+                Divider(modifier = Modifier.padding(vertical = 8.dp))
+                AboutRow("TSS 协议", "GG20")
+                Divider(modifier = Modifier.padding(vertical = 8.dp))
+                AboutRow("区块链", "Kava EVM")
+                Divider(modifier = Modifier.padding(vertical = 8.dp))
+                AboutRow("项目", "RWADurian MPC System")
+            }
+        }
+
+        Spacer(modifier = Modifier.height(24.dp))
+        Spacer(modifier = Modifier.weight(1f))
+
+        // Save button
+        Button(
+            onClick = {
+                onSaveSettings(
+                    AppSettings(
+                        messageRouterUrl = messageRouterUrl,
+                        accountServiceUrl = accountServiceUrl,
+                        kavaRpcUrl = kavaRpcUrl,
+                        networkType = networkType
+                    )
+                )
+                hasChanges = false
+            },
+            modifier = Modifier
+                .fillMaxWidth()
+                .height(56.dp),
+            enabled = hasChanges
+        ) {
+            Icon(Icons.Default.Save, contentDescription = null)
+            Spacer(modifier = Modifier.width(8.dp))
+            Text("保存设置")
+        }
+    }
+}
+
+@Composable
+private fun AboutRow(label: String, value: String) {
+    Row(
+        modifier = Modifier.fillMaxWidth(),
+        horizontalArrangement = Arrangement.SpaceBetween
+    ) {
+        Text(
+            text = label,
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+        Text(
+            text = value,
+            style = MaterialTheme.typography.bodyMedium,
+            fontWeight = FontWeight.Medium
+        )
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/SignScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/SignScreen.kt
@ -0,0 +1,199 @@
+package com.durian.tssparty.presentation.screens
+
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.text.KeyboardOptions
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.text.input.KeyboardType
+import androidx.compose.ui.text.input.PasswordVisualTransformation
+import androidx.compose.ui.text.input.VisualTransformation
+import androidx.compose.ui.text.style.TextOverflow
+import androidx.compose.ui.unit.dp
+import com.durian.tssparty.domain.model.SessionStatus
+import com.durian.tssparty.domain.model.ShareRecord
+
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun SignScreen(
+    share: ShareRecord?,
+    sessionStatus: SessionStatus,
+    isLoading: Boolean,
+    error: String?,
+    onJoinSign: (inviteCode: String, shareId: Long, password: String) -> Unit,
+    onCancel: () -> Unit,
+    onBack: () -> Unit
+) {
+    var inviteCode by remember { mutableStateOf("") }
+    var password by remember { mutableStateOf("") }
+    var showPassword by remember { mutableStateOf(false) }
+
+    Scaffold(
+        topBar = {
+            TopAppBar(
+                title = { Text("Sign Transaction") },
+                navigationIcon = {
+                    IconButton(onClick = onBack, enabled = !isLoading) {
+                        Icon(Icons.Default.ArrowBack, contentDescription = "Back")
+                    }
+                }
+            )
+        }
+    ) { paddingValues ->
+        Column(
+            modifier = Modifier
+                .fillMaxSize()
+                .padding(paddingValues)
+                .padding(16.dp),
+            verticalArrangement = Arrangement.spacedBy(16.dp)
+        ) {
+            // Wallet info
+            share?.let { s ->
+                Card {
+                    Column(modifier = Modifier.padding(16.dp)) {
+                        Text(
+                            text = "Signing with wallet",
+                            style = MaterialTheme.typography.labelMedium,
+                            color = MaterialTheme.colorScheme.outline
+                        )
+                        Spacer(modifier = Modifier.height(4.dp))
+                        Text(
+                            text = s.address,
+                            style = MaterialTheme.typography.bodyMedium,
+                            maxLines = 1,
+                            overflow = TextOverflow.Ellipsis
+                        )
+                        Spacer(modifier = Modifier.height(8.dp))
+                        Text(
+                            text = "${s.thresholdT}-of-${s.thresholdN} • Party #${s.partyIndex}",
+                            style = MaterialTheme.typography.bodySmall,
+                            color = MaterialTheme.colorScheme.outline
+                        )
+                    }
+                }
+            }
+
+            // Invite code input
+            OutlinedTextField(
+                value = inviteCode,
+                onValueChange = { inviteCode = it },
+                label = { Text("Sign Session Code") },
+                placeholder = { Text("session-id:join-token") },
+                modifier = Modifier.fillMaxWidth(),
+                enabled = !isLoading,
+                singleLine = true,
+                leadingIcon = {
+                    Icon(Icons.Default.QrCode, contentDescription = null)
+                }
+            )
+
+            // Password input
+            OutlinedTextField(
+                value = password,
+                onValueChange = { password = it },
+                label = { Text("Password") },
+                modifier = Modifier.fillMaxWidth(),
+                enabled = !isLoading,
+                singleLine = true,
+                visualTransformation = if (showPassword) VisualTransformation.None
+                else PasswordVisualTransformation(),
+                keyboardOptions = KeyboardOptions(keyboardType = KeyboardType.Password),
+                leadingIcon = {
+                    Icon(Icons.Default.Lock, contentDescription = null)
+                },
+                trailingIcon = {
+                    IconButton(onClick = { showPassword = !showPassword }) {
+                        Icon(
+                            if (showPassword) Icons.Default.VisibilityOff
+                            else Icons.Default.Visibility,
+                            contentDescription = if (showPassword) "Hide password" else "Show password"
+                        )
+                    }
+                }
+            )
+
+            // Error message
+            error?.let {
+                Card(
+                    colors = CardDefaults.cardColors(
+                        containerColor = MaterialTheme.colorScheme.errorContainer
+                    )
+                ) {
+                    Row(
+                        modifier = Modifier.padding(16.dp),
+                        verticalAlignment = Alignment.CenterVertically
+                    ) {
+                        Icon(
+                            Icons.Default.Error,
+                            contentDescription = null,
+                            tint = MaterialTheme.colorScheme.onErrorContainer
+                        )
+                        Spacer(modifier = Modifier.width(12.dp))
+                        Text(
+                            text = it,
+                            color = MaterialTheme.colorScheme.onErrorContainer
+                        )
+                    }
+                }
+            }
+
+            // Progress indicator
+            if (isLoading) {
+                Card {
+                    Column(
+                        modifier = Modifier
+                            .fillMaxWidth()
+                            .padding(16.dp),
+                        horizontalAlignment = Alignment.CenterHorizontally
+                    ) {
+                        CircularProgressIndicator()
+                        Spacer(modifier = Modifier.height(16.dp))
+                        Text(
+                            text = when (sessionStatus) {
+                                SessionStatus.WAITING -> "Waiting for other parties..."
+                                SessionStatus.IN_PROGRESS -> "Signing in progress..."
+                                SessionStatus.COMPLETED -> "Signed successfully!"
+                                SessionStatus.FAILED -> "Signing failed"
+                            },
+                            style = MaterialTheme.typography.bodyMedium
+                        )
+                    }
+                }
+            }
+
+            Spacer(modifier = Modifier.weight(1f))
+
+            // Action buttons
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.spacedBy(12.dp)
+            ) {
+                if (isLoading) {
+                    OutlinedButton(
+                        onClick = onCancel,
+                        modifier = Modifier.weight(1f)
+                    ) {
+                        Text("Cancel")
+                    }
+                } else {
+                    Button(
+                        onClick = {
+                            share?.let {
+                                onJoinSign(inviteCode.trim(), it.id, password)
+                            }
+                        },
+                        modifier = Modifier.fillMaxWidth(),
+                        enabled = share != null && inviteCode.isNotBlank() && password.isNotBlank()
+                    ) {
+                        Icon(Icons.Default.Edit, contentDescription = null)
+                        Spacer(modifier = Modifier.width(8.dp))
+                        Text("Sign")
+                    }
+                }
+            }
+        }
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/StartupCheckScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/StartupCheckScreen.kt
@ -0,0 +1,273 @@
+package com.durian.tssparty.presentation.screens
+
+import androidx.compose.animation.*
+import androidx.compose.foundation.background
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.shape.CircleShape
+import androidx.compose.foundation.shape.RoundedCornerShape
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.draw.clip
+import androidx.compose.ui.graphics.Color
+import androidx.compose.ui.graphics.vector.ImageVector
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.text.style.TextAlign
+import androidx.compose.ui.unit.dp
+import androidx.compose.ui.unit.sp
+import com.durian.tssparty.domain.model.AppReadyState
+import com.durian.tssparty.domain.model.AppState
+import com.durian.tssparty.domain.model.ServiceStatus
+
+@Composable
+fun StartupCheckScreen(
+    appState: AppState,
+    onEnterApp: () -> Unit,
+    onRetry: () -> Unit
+) {
+    val canEnter = appState.appReady == AppReadyState.READY || appState.appReady == AppReadyState.ERROR
+
+    Box(
+        modifier = Modifier
+            .fillMaxSize()
+            .background(MaterialTheme.colorScheme.background)
+    ) {
+        Column(
+            modifier = Modifier
+                .fillMaxSize()
+                .padding(24.dp),
+            horizontalAlignment = Alignment.CenterHorizontally,
+            verticalArrangement = Arrangement.Center
+        ) {
+            // App Logo/Icon
+            Box(
+                modifier = Modifier
+                    .size(100.dp)
+                    .clip(CircleShape)
+                    .background(MaterialTheme.colorScheme.primaryContainer),
+                contentAlignment = Alignment.Center
+            ) {
+                Icon(
+                    imageVector = Icons.Default.Lock,
+                    contentDescription = null,
+                    modifier = Modifier.size(50.dp),
+                    tint = MaterialTheme.colorScheme.onPrimaryContainer
+                )
+            }
+
+            Spacer(modifier = Modifier.height(24.dp))
+
+            // App Title
+            Text(
+                text = "TSS Party",
+                style = MaterialTheme.typography.headlineLarge,
+                fontWeight = FontWeight.Bold,
+                color = MaterialTheme.colorScheme.onBackground
+            )
+
+            Text(
+                text = "多方安全计算钱包",
+                style = MaterialTheme.typography.bodyMedium,
+                color = MaterialTheme.colorScheme.onSurfaceVariant
+            )
+
+            Spacer(modifier = Modifier.height(48.dp))
+
+            // Service Check Cards
+            Card(
+                modifier = Modifier.fillMaxWidth(),
+                shape = RoundedCornerShape(16.dp)
+            ) {
+                Column(
+                    modifier = Modifier.padding(16.dp)
+                ) {
+                    Text(
+                        text = "服务状态",
+                        style = MaterialTheme.typography.titleMedium,
+                        fontWeight = FontWeight.SemiBold
+                    )
+
+                    Spacer(modifier = Modifier.height(16.dp))
+
+                    // Database Status
+                    ServiceCheckItem(
+                        icon = Icons.Default.Storage,
+                        title = "本地数据库",
+                        status = appState.environment.database,
+                        extraInfo = if (appState.walletCount > 0) "${appState.walletCount} 个钱包" else null
+                    )
+
+                    Divider(modifier = Modifier.padding(vertical = 12.dp))
+
+                    // Message Router Status
+                    ServiceCheckItem(
+                        icon = Icons.Default.Cloud,
+                        title = "消息路由服务",
+                        status = appState.environment.messageRouter,
+                        extraInfo = appState.partyId?.take(8)?.let { "Party: $it..." }
+                    )
+
+                    Divider(modifier = Modifier.padding(vertical = 12.dp))
+
+                    // Kava API Status
+                    ServiceCheckItem(
+                        icon = Icons.Default.Language,
+                        title = "Kava 区块链",
+                        status = appState.environment.kavaApi,
+                        extraInfo = appState.environment.kavaApi.latency?.let { "${it}ms" }
+                    )
+                }
+            }
+
+            Spacer(modifier = Modifier.height(32.dp))
+
+            // Status Message
+            when (appState.appReady) {
+                AppReadyState.INITIALIZING -> {
+                    Row(
+                        verticalAlignment = Alignment.CenterVertically
+                    ) {
+                        CircularProgressIndicator(
+                            modifier = Modifier.size(20.dp),
+                            strokeWidth = 2.dp
+                        )
+                        Spacer(modifier = Modifier.width(12.dp))
+                        Text(
+                            text = "正在检查服务...",
+                            style = MaterialTheme.typography.bodyMedium,
+                            color = MaterialTheme.colorScheme.onSurfaceVariant
+                        )
+                    }
+                }
+                AppReadyState.READY -> {
+                    Text(
+                        text = "所有服务就绪",
+                        style = MaterialTheme.typography.bodyMedium,
+                        color = MaterialTheme.colorScheme.primary
+                    )
+                }
+                AppReadyState.ERROR -> {
+                    Text(
+                        text = appState.appError ?: "部分服务不可用",
+                        style = MaterialTheme.typography.bodyMedium,
+                        color = MaterialTheme.colorScheme.error,
+                        textAlign = TextAlign.Center
+                    )
+                }
+            }
+
+            Spacer(modifier = Modifier.height(32.dp))
+
+            // Action Buttons
+            Row(
+                horizontalArrangement = Arrangement.spacedBy(12.dp)
+            ) {
+                if (appState.appReady == AppReadyState.ERROR) {
+                    OutlinedButton(
+                        onClick = onRetry,
+                        modifier = Modifier.weight(1f)
+                    ) {
+                        Icon(
+                            Icons.Default.Refresh,
+                            contentDescription = null,
+                            modifier = Modifier.size(18.dp)
+                        )
+                        Spacer(modifier = Modifier.width(8.dp))
+                        Text("重试")
+                    }
+                }
+
+                Button(
+                    onClick = onEnterApp,
+                    enabled = canEnter,
+                    modifier = Modifier.weight(1f)
+                ) {
+                    Text(
+                        text = when (appState.appReady) {
+                            AppReadyState.READY -> "进入应用"
+                            AppReadyState.ERROR -> "继续使用"
+                            else -> "加载中..."
+                        }
+                    )
+                    if (canEnter) {
+                        Spacer(modifier = Modifier.width(8.dp))
+                        Icon(
+                            Icons.Default.ArrowForward,
+                            contentDescription = null,
+                            modifier = Modifier.size(18.dp)
+                        )
+                    }
+                }
+            }
+        }
+    }
+}
+
+@Composable
+private fun ServiceCheckItem(
+    icon: ImageVector,
+    title: String,
+    status: ServiceStatus,
+    extraInfo: String? = null
+) {
+    Row(
+        modifier = Modifier.fillMaxWidth(),
+        verticalAlignment = Alignment.CenterVertically
+    ) {
+        // Icon with status indicator
+        Box {
+            Icon(
+                imageVector = icon,
+                contentDescription = null,
+                modifier = Modifier.size(32.dp),
+                tint = MaterialTheme.colorScheme.onSurfaceVariant
+            )
+            // Status dot
+            Box(
+                modifier = Modifier
+                    .size(12.dp)
+                    .align(Alignment.BottomEnd)
+                    .clip(CircleShape)
+                    .background(
+                        when {
+                            status.message.isEmpty() -> Color.Gray
+                            status.isOnline -> Color(0xFFD4AF37) // Gold for success
+                            else -> Color(0xFFFF5722)
+                        }
+                    )
+            )
+        }
+
+        Spacer(modifier = Modifier.width(16.dp))
+
+        Column(modifier = Modifier.weight(1f)) {
+            Text(
+                text = title,
+                style = MaterialTheme.typography.bodyLarge,
+                fontWeight = FontWeight.Medium
+            )
+            if (status.message.isNotEmpty()) {
+                Text(
+                    text = status.message,
+                    style = MaterialTheme.typography.bodySmall,
+                    color = if (status.isOnline)
+                        MaterialTheme.colorScheme.onSurfaceVariant
+                    else
+                        MaterialTheme.colorScheme.error
+                )
+            }
+        }
+
+        // Extra info (wallet count, latency, etc.)
+        extraInfo?.let {
+            Text(
+                text = it,
+                style = MaterialTheme.typography.bodySmall,
+                color = MaterialTheme.colorScheme.primary
+            )
+        }
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/TransferScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/TransferScreen.kt
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/WalletsScreen.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/screens/WalletsScreen.kt
@ -0,0 +1,716 @@
+package com.durian.tssparty.presentation.screens
+
+import android.graphics.Bitmap
+import androidx.compose.foundation.Image
+import androidx.compose.foundation.background
+import androidx.compose.foundation.clickable
+import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.lazy.LazyColumn
+import androidx.compose.foundation.lazy.items
+import androidx.compose.foundation.rememberScrollState
+import androidx.compose.foundation.shape.RoundedCornerShape
+import androidx.compose.foundation.text.KeyboardOptions
+import androidx.compose.foundation.verticalScroll
+import androidx.compose.material.icons.Icons
+import androidx.compose.material.icons.filled.*
+import androidx.compose.material3.*
+import androidx.compose.runtime.*
+import androidx.compose.ui.Alignment
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.draw.clip
+import androidx.compose.ui.graphics.Color
+import androidx.compose.ui.graphics.asImageBitmap
+import androidx.compose.ui.platform.LocalClipboardManager
+import androidx.compose.ui.text.AnnotatedString
+import androidx.compose.ui.text.font.FontFamily
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.text.input.KeyboardType
+import androidx.compose.ui.text.input.PasswordVisualTransformation
+import androidx.compose.ui.text.input.VisualTransformation
+// Note: Some unused imports kept for ExportBackupDialog which still uses password
+import androidx.compose.ui.text.style.TextAlign
+import androidx.compose.ui.text.style.TextOverflow
+import androidx.compose.ui.unit.dp
+import androidx.compose.ui.unit.sp
+import androidx.compose.ui.window.Dialog
+import android.content.Intent
+import android.net.Uri
+import com.durian.tssparty.domain.model.GreenPointsToken
+import com.durian.tssparty.domain.model.NetworkType
+import com.durian.tssparty.domain.model.ShareRecord
+import com.durian.tssparty.domain.model.WalletBalance
+import com.google.zxing.BarcodeFormat
+import com.google.zxing.qrcode.QRCodeWriter
+import kotlinx.coroutines.delay
+import kotlinx.coroutines.launch
+
+@OptIn(ExperimentalMaterial3Api::class)
+@Composable
+fun WalletsScreen(
+    shares: List<ShareRecord>,
+    isConnected: Boolean,
+    balances: Map<String, String> = emptyMap(),
+    walletBalances: Map<String, WalletBalance> = emptyMap(),
+    networkType: NetworkType = NetworkType.MAINNET,
+    onDeleteShare: (Long) -> Unit,
+    onRefreshBalance: ((String) -> Unit)? = null,
+    onTransfer: ((shareId: Long) -> Unit)? = null,
+    onExportBackup: ((shareId: Long, password: String) -> Unit)? = null,
+    onImportBackup: (() -> Unit)? = null,
+    onCreateWallet: (() -> Unit)? = null
+) {
+    var selectedWallet by remember { mutableStateOf<ShareRecord?>(null) }
+
+    Box(modifier = Modifier.fillMaxSize()) {
+        Column(
+            modifier = Modifier
+                .fillMaxSize()
+                .padding(16.dp)
+        ) {
+        // Header with connection status
+        Row(
+            modifier = Modifier.fillMaxWidth(),
+            horizontalArrangement = Arrangement.SpaceBetween,
+            verticalAlignment = Alignment.CenterVertically
+        ) {
+            Text(
+                text = "我的钱包",
+                style = MaterialTheme.typography.headlineMedium,
+                fontWeight = FontWeight.Bold
+            )
+
+            // Connection status
+            Row(
+                verticalAlignment = Alignment.CenterVertically
+            ) {
+                Icon(
+                    imageVector = if (isConnected) Icons.Default.CheckCircle else Icons.Default.Warning,
+                    contentDescription = if (isConnected) "已连接" else "未连接",
+                    tint = if (isConnected) MaterialTheme.colorScheme.primary else MaterialTheme.colorScheme.error,
+                    modifier = Modifier.size(20.dp)
+                )
+                Spacer(modifier = Modifier.width(4.dp))
+                Text(
+                    text = if (isConnected) "已连接" else "离线",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = if (isConnected) MaterialTheme.colorScheme.primary else MaterialTheme.colorScheme.error
+                )
+            }
+        }
+
+        Spacer(modifier = Modifier.height(8.dp))
+
+        Text(
+            text = "共 ${shares.size} 个钱包",
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+
+        Spacer(modifier = Modifier.height(16.dp))
+
+        if (shares.isEmpty()) {
+            // Empty state
+            Box(
+                modifier = Modifier.fillMaxSize(),
+                contentAlignment = Alignment.Center
+            ) {
+                Column(horizontalAlignment = Alignment.CenterHorizontally) {
+                    Icon(
+                        imageVector = Icons.Default.AccountBalanceWallet,
+                        contentDescription = null,
+                        modifier = Modifier.size(80.dp),
+                        tint = MaterialTheme.colorScheme.outline
+                    )
+                    Spacer(modifier = Modifier.height(16.dp))
+                    Text(
+                        text = "暂无钱包",
+                        style = MaterialTheme.typography.titleLarge,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Spacer(modifier = Modifier.height(8.dp))
+                    Text(
+                        text = "使用「创建钱包」发起新钱包",
+                        style = MaterialTheme.typography.bodyMedium,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Text(
+                        text = "或使用「加入创建」参与他人的会话",
+                        style = MaterialTheme.typography.bodyMedium,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                }
+            }
+        } else {
+            // Wallet list
+            LazyColumn(
+                verticalArrangement = Arrangement.spacedBy(12.dp),
+                contentPadding = PaddingValues(bottom = 80.dp) // Space for FAB
+            ) {
+                items(shares) { share ->
+                    WalletItemCard(
+                        share = share,
+                        balance = balances[share.address],
+                        walletBalance = walletBalances[share.address],
+                        onViewDetails = { selectedWallet = share },
+                        onTransfer = {
+                            onTransfer?.invoke(share.id)
+                        },
+                        onDelete = { onDeleteShare(share.id) }
+                    )
+                }
+            }
+        }
+        }
+
+        // Floating Action Buttons - Import and Create
+        Column(
+            modifier = Modifier
+                .align(Alignment.BottomEnd)
+                .padding(16.dp),
+            verticalArrangement = Arrangement.spacedBy(12.dp)
+        ) {
+            // Import button (smaller, secondary)
+            if (onImportBackup != null) {
+                FloatingActionButton(
+                    onClick = onImportBackup,
+                    containerColor = MaterialTheme.colorScheme.secondaryContainer,
+                    contentColor = MaterialTheme.colorScheme.onSecondaryContainer
+                ) {
+                    Icon(
+                        imageVector = Icons.Default.Upload,
+                        contentDescription = "导入备份"
+                    )
+                }
+            }
+
+            // Create wallet button (primary)
+            if (onCreateWallet != null) {
+                FloatingActionButton(
+                    onClick = onCreateWallet,
+                    containerColor = MaterialTheme.colorScheme.primary
+                ) {
+                    Icon(
+                        imageVector = Icons.Default.Add,
+                        contentDescription = "创建钱包",
+                        tint = MaterialTheme.colorScheme.onPrimary
+                    )
+                }
+            }
+        }
+    }
+
+    // Wallet detail dialog
+    selectedWallet?.let { wallet ->
+        WalletDetailDialog(
+            wallet = wallet,
+            networkType = networkType,
+            onDismiss = { selectedWallet = null },
+            onTransfer = {
+                selectedWallet = null
+                onTransfer?.invoke(wallet.id)
+            },
+            onExport = onExportBackup?.let { export ->
+                { password -> export(wallet.id, password) }
+            }
+        )
+    }
+}
+
+@Composable
+private fun WalletItemCard(
+    share: ShareRecord,
+    balance: String? = null,
+    walletBalance: WalletBalance? = null,
+    onViewDetails: () -> Unit,
+    onTransfer: () -> Unit,
+    onDelete: () -> Unit
+) {
+    var showDeleteDialog by remember { mutableStateOf(false) }
+
+    Card(
+        modifier = Modifier
+            .fillMaxWidth()
+            .clickable { onViewDetails() }
+    ) {
+        Column(
+            modifier = Modifier.padding(16.dp)
+        ) {
+            // Header with threshold badge
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.SpaceBetween,
+                verticalAlignment = Alignment.CenterVertically
+            ) {
+                // Threshold badge
+                Surface(
+                    color = MaterialTheme.colorScheme.primaryContainer,
+                    shape = RoundedCornerShape(4.dp)
+                ) {
+                    Text(
+                        text = "${share.thresholdT}-of-${share.thresholdN}",
+                        modifier = Modifier.padding(horizontal = 8.dp, vertical = 4.dp),
+                        style = MaterialTheme.typography.labelMedium,
+                        color = MaterialTheme.colorScheme.onPrimaryContainer,
+                        fontWeight = FontWeight.Bold
+                    )
+                }
+
+                // Party index
+                Text(
+                    text = "参与者 #${share.partyIndex}",
+                    style = MaterialTheme.typography.bodySmall,
+                    color = MaterialTheme.colorScheme.outline
+                )
+            }
+
+            Spacer(modifier = Modifier.height(12.dp))
+
+            // Address
+            Text(
+                text = "地址",
+                style = MaterialTheme.typography.labelSmall,
+                color = MaterialTheme.colorScheme.outline
+            )
+            Text(
+                text = share.address,
+                style = MaterialTheme.typography.bodyMedium,
+                maxLines = 1,
+                overflow = TextOverflow.Ellipsis,
+                fontFamily = FontFamily.Monospace
+            )
+
+            Spacer(modifier = Modifier.height(12.dp))
+
+            // Balance display - now shows both KAVA and Green Points
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.SpaceBetween
+            ) {
+                // KAVA balance
+                Column {
+                    Text(
+                        text = "KAVA",
+                        style = MaterialTheme.typography.labelSmall,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Row(verticalAlignment = Alignment.CenterVertically) {
+                        Icon(
+                            Icons.Default.AccountBalance,
+                            contentDescription = null,
+                            modifier = Modifier.size(16.dp),
+                            tint = MaterialTheme.colorScheme.primary
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text(
+                            text = walletBalance?.kavaBalance ?: balance ?: "加载中...",
+                            style = MaterialTheme.typography.bodyMedium,
+                            color = if (walletBalance != null || balance != null)
+                                MaterialTheme.colorScheme.primary
+                            else
+                                MaterialTheme.colorScheme.outline,
+                            fontWeight = FontWeight.Medium
+                        )
+                    }
+                }
+
+                // Green Points (绿积分) balance
+                Column(horizontalAlignment = Alignment.End) {
+                    Text(
+                        text = GreenPointsToken.NAME,
+                        style = MaterialTheme.typography.labelSmall,
+                        color = MaterialTheme.colorScheme.outline
+                    )
+                    Row(verticalAlignment = Alignment.CenterVertically) {
+                        Icon(
+                            Icons.Default.Stars,
+                            contentDescription = null,
+                            modifier = Modifier.size(16.dp),
+                            tint = Color(0xFF4CAF50) // Green color for Green Points
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text(
+                            text = walletBalance?.greenPointsBalance ?: "加载中...",
+                            style = MaterialTheme.typography.bodyMedium,
+                            color = if (walletBalance != null)
+                                Color(0xFF4CAF50)
+                            else
+                                MaterialTheme.colorScheme.outline,
+                            fontWeight = FontWeight.Medium
+                        )
+                    }
+                }
+            }
+
+            Spacer(modifier = Modifier.height(12.dp))
+
+            Divider()
+
+            Spacer(modifier = Modifier.height(8.dp))
+
+            // Actions
+            Row(
+                modifier = Modifier.fillMaxWidth(),
+                horizontalArrangement = Arrangement.SpaceEvenly
+            ) {
+                TextButton(onClick = onViewDetails) {
+                    Icon(
+                        Icons.Default.QrCode,
+                        contentDescription = null,
+                        modifier = Modifier.size(18.dp)
+                    )
+                    Spacer(modifier = Modifier.width(4.dp))
+                    Text("详情")
+                }
+
+                TextButton(onClick = onTransfer) {
+                    Icon(
+                        Icons.Default.Send,
+                        contentDescription = null,
+                        modifier = Modifier.size(18.dp)
+                    )
+                    Spacer(modifier = Modifier.width(4.dp))
+                    Text("转账")
+                }
+
+                TextButton(
+                    onClick = { showDeleteDialog = true },
+                    colors = ButtonDefaults.textButtonColors(
+                        contentColor = MaterialTheme.colorScheme.error
+                    )
+                ) {
+                    Icon(
+                        Icons.Default.Delete,
+                        contentDescription = null,
+                        modifier = Modifier.size(18.dp)
+                    )
+                    Spacer(modifier = Modifier.width(4.dp))
+                    Text("删除")
+                }
+            }
+        }
+    }
+
+    // Delete confirmation dialog
+    if (showDeleteDialog) {
+        AlertDialog(
+            onDismissRequest = { showDeleteDialog = false },
+            icon = {
+                Icon(
+                    Icons.Default.Warning,
+                    contentDescription = null,
+                    tint = MaterialTheme.colorScheme.error
+                )
+            },
+            title = { Text("删除钱包") },
+            text = {
+                Text("确定要删除这个钱包吗？此操作无法撤销，删除后您将无法使用此密钥份额参与签名。")
+            },
+            confirmButton = {
+                TextButton(
+                    onClick = {
+                        onDelete()
+                        showDeleteDialog = false
+                    },
+                    colors = ButtonDefaults.textButtonColors(
+                        contentColor = MaterialTheme.colorScheme.error
+                    )
+                ) {
+                    Text("删除")
+                }
+            },
+            dismissButton = {
+                TextButton(onClick = { showDeleteDialog = false }) {
+                    Text("取消")
+                }
+            }
+        )
+    }
+}
+
+@Composable
+private fun WalletDetailDialog(
+    wallet: ShareRecord,
+    networkType: NetworkType = NetworkType.MAINNET,
+    onDismiss: () -> Unit,
+    onTransfer: () -> Unit,
+    onExport: ((String) -> Unit)?
+) {
+    val clipboardManager = LocalClipboardManager.current
+    val context = androidx.compose.ui.platform.LocalContext.current
+    val scope = rememberCoroutineScope()
+    var showExportDialog by remember { mutableStateOf(false) }
+    var copySuccess by remember { mutableStateOf(false) }
+
+    Dialog(onDismissRequest = onDismiss) {
+        Card(
+            modifier = Modifier
+                .fillMaxWidth()
+                .padding(16.dp),
+            shape = RoundedCornerShape(16.dp)
+        ) {
+            Column(
+                modifier = Modifier
+                    .verticalScroll(rememberScrollState())
+                    .padding(24.dp),
+                horizontalAlignment = Alignment.CenterHorizontally
+            ) {
+                // QR Code
+                val qrBitmap = remember(wallet.address) {
+                    generateQRCode(wallet.address, 240)
+                }
+                qrBitmap?.let { bitmap ->
+                    Image(
+                        bitmap = bitmap.asImageBitmap(),
+                        contentDescription = "QR Code",
+                        modifier = Modifier
+                            .size(200.dp)
+                            .clip(RoundedCornerShape(8.dp))
+                            .background(Color.White)
+                            .padding(8.dp)
+                    )
+                }
+
+                Spacer(modifier = Modifier.height(16.dp))
+
+                // Threshold badge
+                Surface(
+                    color = MaterialTheme.colorScheme.primaryContainer,
+                    shape = RoundedCornerShape(8.dp)
+                ) {
+                    Text(
+                        text = "${wallet.thresholdT}-of-${wallet.thresholdN} 多签钱包",
+                        modifier = Modifier.padding(horizontal = 12.dp, vertical = 6.dp),
+                        style = MaterialTheme.typography.labelLarge,
+                        color = MaterialTheme.colorScheme.onPrimaryContainer
+                    )
+                }
+
+                Spacer(modifier = Modifier.height(16.dp))
+
+                // Address
+                Text(
+                    text = "Kava EVM 地址",
+                    style = MaterialTheme.typography.labelMedium,
+                    color = MaterialTheme.colorScheme.outline
+                )
+                Spacer(modifier = Modifier.height(4.dp))
+                Text(
+                    text = wallet.address,
+                    style = MaterialTheme.typography.bodySmall,
+                    fontFamily = FontFamily.Monospace,
+                    textAlign = TextAlign.Center,
+                    modifier = Modifier.fillMaxWidth()
+                )
+
+                Spacer(modifier = Modifier.height(8.dp))
+
+                // Action buttons row
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.spacedBy(8.dp)
+                ) {
+                    // Copy button
+                    OutlinedButton(
+                        onClick = {
+                            clipboardManager.setText(AnnotatedString(wallet.address))
+                            copySuccess = true
+                            scope.launch {
+                                delay(2000)
+                                copySuccess = false
+                            }
+                        },
+                        modifier = Modifier.weight(1f)
+                    ) {
+                        Icon(
+                            if (copySuccess) Icons.Default.Check else Icons.Default.ContentCopy,
+                            contentDescription = null,
+                            modifier = Modifier.size(18.dp)
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text(if (copySuccess) "已复制" else "复制地址")
+                    }
+
+                    // Explorer button
+                    OutlinedButton(
+                        onClick = {
+                            val baseUrl = if (networkType == NetworkType.TESTNET) {
+                                "https://testnet.kavascan.com"
+                            } else {
+                                "https://kavascan.com"
+                            }
+                            val intent = Intent(Intent.ACTION_VIEW, Uri.parse("$baseUrl/address/${wallet.address}"))
+                            context.startActivity(intent)
+                        },
+                        modifier = Modifier.weight(1f)
+                    ) {
+                        Icon(
+                            Icons.Default.OpenInNew,
+                            contentDescription = null,
+                            modifier = Modifier.size(18.dp)
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text("浏览器")
+                    }
+                }
+
+                Spacer(modifier = Modifier.height(16.dp))
+
+                Divider()
+
+                Spacer(modifier = Modifier.height(16.dp))
+
+                // Info rows
+                InfoRow("门限设置", "${wallet.thresholdT}-of-${wallet.thresholdN}")
+                InfoRow("您的序号", "#${wallet.partyIndex}")
+                InfoRow("会话ID", wallet.sessionId.take(16) + "...")
+
+                Spacer(modifier = Modifier.height(24.dp))
+
+                // Action buttons
+                Row(
+                    modifier = Modifier.fillMaxWidth(),
+                    horizontalArrangement = Arrangement.spacedBy(8.dp)
+                ) {
+                    OutlinedButton(
+                        onClick = onTransfer,
+                        modifier = Modifier.weight(1f)
+                    ) {
+                        Icon(
+                            Icons.Default.Send,
+                            contentDescription = null,
+                            modifier = Modifier.size(18.dp)
+                        )
+                        Spacer(modifier = Modifier.width(4.dp))
+                        Text("转账")
+                    }
+
+                    if (onExport != null) {
+                        OutlinedButton(
+                            onClick = { showExportDialog = true },
+                            modifier = Modifier.weight(1f)
+                        ) {
+                            Icon(
+                                Icons.Default.Download,
+                                contentDescription = null,
+                                modifier = Modifier.size(18.dp)
+                            )
+                            Spacer(modifier = Modifier.width(4.dp))
+                            Text("导出")
+                        }
+                    }
+                }
+
+                Spacer(modifier = Modifier.height(8.dp))
+
+                TextButton(onClick = onDismiss) {
+                    Text("关闭")
+                }
+            }
+        }
+    }
+
+    // Export dialog
+    if (showExportDialog && onExport != null) {
+        ExportBackupDialog(
+            onDismiss = { showExportDialog = false },
+            onConfirm = { password ->
+                onExport(password)
+                showExportDialog = false
+            }
+        )
+    }
+}
+
+@Composable
+private fun InfoRow(label: String, value: String) {
+    Row(
+        modifier = Modifier
+            .fillMaxWidth()
+            .padding(vertical = 4.dp),
+        horizontalArrangement = Arrangement.SpaceBetween
+    ) {
+        Text(
+            text = label,
+            style = MaterialTheme.typography.bodyMedium,
+            color = MaterialTheme.colorScheme.onSurfaceVariant
+        )
+        Text(
+            text = value,
+            style = MaterialTheme.typography.bodyMedium,
+            fontWeight = FontWeight.Medium
+        )
+    }
+}
+
+@Composable
+private fun ExportBackupDialog(
+    onDismiss: () -> Unit,
+    onConfirm: (password: String) -> Unit
+) {
+    var password by remember { mutableStateOf("") }
+    var showPassword by remember { mutableStateOf(false) }
+
+    AlertDialog(
+        onDismissRequest = onDismiss,
+        icon = {
+            Icon(Icons.Default.Download, contentDescription = null)
+        },
+        title = { Text("导出备份") },
+        text = {
+            Column {
+                Text("导出加密备份文件，请妥善保管。")
+                Spacer(modifier = Modifier.height(16.dp))
+                OutlinedTextField(
+                    value = password,
+                    onValueChange = { password = it },
+                    label = { Text("密码") },
+                    singleLine = true,
+                    visualTransformation = if (showPassword) VisualTransformation.None else PasswordVisualTransformation(),
+                    trailingIcon = {
+                        IconButton(onClick = { showPassword = !showPassword }) {
+                            Icon(
+                                if (showPassword) Icons.Default.VisibilityOff else Icons.Default.Visibility,
+                                contentDescription = null
+                            )
+                        }
+                    },
+                    modifier = Modifier.fillMaxWidth()
+                )
+            }
+        },
+        confirmButton = {
+            TextButton(
+                onClick = { onConfirm(password) },
+                enabled = password.isNotBlank()
+            ) {
+                Text("导出")
+            }
+        },
+        dismissButton = {
+            TextButton(onClick = onDismiss) {
+                Text("取消")
+            }
+        }
+    )
+}
+
+/**
+ * Generate QR code bitmap
+ */
+private fun generateQRCode(content: String, size: Int): Bitmap? {
+    return try {
+        val writer = QRCodeWriter()
+        val bitMatrix = writer.encode(content, BarcodeFormat.QR_CODE, size, size)
+        val width = bitMatrix.width
+        val height = bitMatrix.height
+        val bitmap = Bitmap.createBitmap(width, height, Bitmap.Config.RGB_565)
+        for (x in 0 until width) {
+            for (y in 0 until height) {
+                bitmap.setPixel(x, y, if (bitMatrix[x, y]) android.graphics.Color.BLACK else android.graphics.Color.WHITE)
+            }
+        }
+        bitmap
+    } catch (e: Exception) {
+        null
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/viewmodel/MainViewModel.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/presentation/viewmodel/MainViewModel.kt
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/ui/theme/Theme.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/ui/theme/Theme.kt
@ -0,0 +1,100 @@
+package com.durian.tssparty.ui.theme
+
+import android.app.Activity
+import android.os.Build
+import androidx.compose.foundation.isSystemInDarkTheme
+import androidx.compose.material3.*
+import androidx.compose.runtime.Composable
+import androidx.compose.runtime.SideEffect
+import androidx.compose.ui.graphics.Color
+import androidx.compose.ui.graphics.toArgb
+import androidx.compose.ui.platform.LocalContext
+import androidx.compose.ui.platform.LocalView
+import androidx.core.view.WindowCompat
+
+// Dark Gray & Gold Theme Colors
+private val Gold = Color(0xFFD4AF37)           // Classic gold
+private val GoldLight = Color(0xFFFFD966)      // Light gold
+private val GoldDark = Color(0xFFB8960C)       // Dark gold
+private val DarkGray = Color(0xFF1A1A1A)       // Deep dark gray
+private val MediumGray = Color(0xFF2D2D2D)     // Medium dark gray
+private val LightGray = Color(0xFF3D3D3D)      // Lighter gray for surfaces
+private val TextGray = Color(0xFFB0B0B0)       // Gray for secondary text
+
+private val DarkColorScheme = darkColorScheme(
+    primary = Gold,
+    onPrimary = Color.Black,
+    primaryContainer = GoldDark,
+    onPrimaryContainer = Color.White,
+    secondary = GoldLight,
+    onSecondary = Color.Black,
+    secondaryContainer = LightGray,
+    onSecondaryContainer = GoldLight,
+    tertiary = GoldLight,
+    onTertiary = Color.Black,
+    background = DarkGray,
+    onBackground = Color.White,
+    surface = MediumGray,
+    onSurface = Color.White,
+    surfaceVariant = LightGray,
+    onSurfaceVariant = TextGray,
+    outline = Color(0xFF5A5A5A),
+    outlineVariant = Color(0xFF404040),
+    error = Color(0xFFCF6679),
+    onError = Color.Black
+)
+
+private val LightColorScheme = lightColorScheme(
+    primary = GoldDark,
+    onPrimary = Color.White,
+    primaryContainer = GoldLight,
+    onPrimaryContainer = Color.Black,
+    secondary = Gold,
+    onSecondary = Color.Black,
+    secondaryContainer = Color(0xFFFFF3CD),
+    onSecondaryContainer = GoldDark,
+    tertiary = GoldDark,
+    onTertiary = Color.White,
+    background = Color(0xFFF5F5F5),
+    onBackground = Color(0xFF2D2D2D),
+    surface = Color.White,
+    onSurface = Color(0xFF2D2D2D),
+    surfaceVariant = Color(0xFFE8E8E8),
+    onSurfaceVariant = Color(0xFF5A5A5A),
+    outline = Color(0xFFB0B0B0),
+    outlineVariant = Color(0xFFD0D0D0),
+    error = Color(0xFFB00020),
+    onError = Color.White
+)
+
+@Composable
+fun TssPartyTheme(
+    darkTheme: Boolean = true, // Default to dark theme for dark gray & gold look
+    dynamicColor: Boolean = false, // Disable dynamic colors to use our custom theme
+    content: @Composable () -> Unit
+) {
+    val colorScheme = when {
+        dynamicColor && Build.VERSION.SDK_INT >= Build.VERSION_CODES.S -> {
+            val context = LocalContext.current
+            if (darkTheme) dynamicDarkColorScheme(context) else dynamicLightColorScheme(context)
+        }
+        darkTheme -> DarkColorScheme
+        else -> LightColorScheme
+    }
+
+    val view = LocalView.current
+    if (!view.isInEditMode) {
+        SideEffect {
+            val window = (view.context as Activity).window
+            // Use dark background color for status bar to match the dark theme
+            window.statusBarColor = colorScheme.background.toArgb()
+            WindowCompat.getInsetsController(window, view).isAppearanceLightStatusBars = !darkTheme
+        }
+    }
+
+    MaterialTheme(
+        colorScheme = colorScheme,
+        typography = Typography,
+        content = content
+    )
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/ui/theme/Type.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/ui/theme/Type.kt
@ -0,0 +1,31 @@
+package com.durian.tssparty.ui.theme
+
+import androidx.compose.material3.Typography
+import androidx.compose.ui.text.TextStyle
+import androidx.compose.ui.text.font.FontFamily
+import androidx.compose.ui.text.font.FontWeight
+import androidx.compose.ui.unit.sp
+
+val Typography = Typography(
+    bodyLarge = TextStyle(
+        fontFamily = FontFamily.Default,
+        fontWeight = FontWeight.Normal,
+        fontSize = 16.sp,
+        lineHeight = 24.sp,
+        letterSpacing = 0.5.sp
+    ),
+    titleLarge = TextStyle(
+        fontFamily = FontFamily.Default,
+        fontWeight = FontWeight.Bold,
+        fontSize = 22.sp,
+        lineHeight = 28.sp,
+        letterSpacing = 0.sp
+    ),
+    labelSmall = TextStyle(
+        fontFamily = FontFamily.Default,
+        fontWeight = FontWeight.Medium,
+        fontSize = 11.sp,
+        lineHeight = 16.sp,
+        letterSpacing = 0.5.sp
+    )
+)
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/util/AddressUtils.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/util/AddressUtils.kt
@ -0,0 +1,207 @@
+package com.durian.tssparty.util
+
+import org.bouncycastle.jcajce.provider.digest.Keccak
+import org.bouncycastle.jcajce.provider.digest.RIPEMD160
+import org.bouncycastle.jcajce.provider.digest.SHA256
+import java.security.MessageDigest
+
+/**
+ * Utility functions for address derivation
+ */
+object AddressUtils {
+
+    /**
+     * Derive Kava address from compressed public key
+     * Kava uses Bech32 with "kava" prefix
+     */
+    fun deriveKavaAddress(compressedPubKey: ByteArray): String {
+        // 1. Decompress public key if compressed (33 bytes -> 65 bytes)
+        val uncompressedPubKey = if (compressedPubKey.size == 33) {
+            decompressPublicKey(compressedPubKey)
+        } else {
+            compressedPubKey
+        }
+
+        // 2. For Cosmos/Kava: SHA256 -> RIPEMD160
+        val sha256 = SHA256.Digest().digest(compressedPubKey)
+        val ripemd160 = RIPEMD160.Digest().digest(sha256)
+
+        // 3. Bech32 encode with "kava" prefix
+        return Bech32.encode("kava", convertBits(ripemd160, 8, 5, true))
+    }
+
+    /**
+     * Check if address is in EVM format (0x...)
+     */
+    fun isEvmAddress(address: String): Boolean {
+        return address.startsWith("0x") && address.length == 42
+    }
+
+    /**
+     * Get EVM address - either returns the address if already EVM format,
+     * or derives it from the public key
+     */
+    fun getEvmAddress(address: String, publicKeyBase64: String): String {
+        return if (isEvmAddress(address)) {
+            address
+        } else {
+            // Derive EVM address from public key
+            val publicKeyBytes = android.util.Base64.decode(publicKeyBase64, android.util.Base64.NO_WRAP)
+            deriveEvmAddress(publicKeyBytes)
+        }
+    }
+
+    /**
+     * Derive EVM address from public key (for Kava EVM compatibility)
+     */
+    fun deriveEvmAddress(compressedPubKey: ByteArray): String {
+        // 1. Decompress if needed
+        val uncompressedPubKey = if (compressedPubKey.size == 33) {
+            decompressPublicKey(compressedPubKey)
+        } else {
+            compressedPubKey
+        }
+
+        // 2. Take last 64 bytes (remove 0x04 prefix)
+        val pubKeyNoPrefix = if (uncompressedPubKey.size == 65) {
+            uncompressedPubKey.sliceArray(1..64)
+        } else {
+            uncompressedPubKey
+        }
+
+        // 3. Keccak256 hash
+        val keccak = Keccak.Digest256().digest(pubKeyNoPrefix)
+
+        // 4. Take last 20 bytes
+        val addressBytes = keccak.sliceArray(12..31)
+
+        // 5. Hex encode with 0x prefix
+        return "0x" + addressBytes.toHexString()
+    }
+
+    /**
+     * Decompress a compressed secp256k1 public key
+     */
+    private fun decompressPublicKey(compressed: ByteArray): ByteArray {
+        require(compressed.size == 33) { "Invalid compressed public key size" }
+
+        val prefix = compressed[0].toInt() and 0xFF
+        require(prefix == 0x02 || prefix == 0x03) { "Invalid compression prefix" }
+
+        val x = compressed.sliceArray(1..32)
+
+        // secp256k1 curve parameters
+        val p = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F".toBigInteger(16)
+        val xBigInt = x.toBigInteger()
+
+        // y² = x³ + 7 (mod p)
+        val ySquared = (xBigInt.pow(3) + 7.toBigInteger()).mod(p)
+
+        // Calculate y using modular square root
+        var y = ySquared.modPow((p + 1.toBigInteger()) / 4.toBigInteger(), p)
+
+        // Check parity
+        val isOdd = prefix == 0x03
+        if (y.testBit(0) != isOdd) {
+            y = p - y
+        }
+
+        // Build uncompressed key: 0x04 || x || y
+        val result = ByteArray(65)
+        result[0] = 0x04
+        val xBytes = x
+        val yBytes = y.toByteArray32()
+        System.arraycopy(xBytes, 0, result, 1, 32)
+        System.arraycopy(yBytes, 0, result, 33, 32)
+
+        return result
+    }
+
+    /**
+     * Convert between bit groups for Bech32
+     */
+    private fun convertBits(data: ByteArray, fromBits: Int, toBits: Int, pad: Boolean): ByteArray {
+        var acc = 0
+        var bits = 0
+        val result = mutableListOf<Byte>()
+        val maxv = (1 shl toBits) - 1
+
+        for (value in data) {
+            val v = value.toInt() and 0xFF
+            acc = (acc shl fromBits) or v
+            bits += fromBits
+            while (bits >= toBits) {
+                bits -= toBits
+                result.add(((acc shr bits) and maxv).toByte())
+            }
+        }
+
+        if (pad && bits > 0) {
+            result.add(((acc shl (toBits - bits)) and maxv).toByte())
+        }
+
+        return result.toByteArray()
+    }
+
+    private fun ByteArray.toHexString(): String = joinToString("") { "%02x".format(it) }
+
+    private fun ByteArray.toBigInteger(): java.math.BigInteger {
+        return java.math.BigInteger(1, this)
+    }
+
+    private fun java.math.BigInteger.toByteArray32(): ByteArray {
+        val bytes = this.toByteArray()
+        return when {
+            bytes.size == 32 -> bytes
+            bytes.size > 32 -> bytes.sliceArray((bytes.size - 32) until bytes.size)
+            else -> ByteArray(32 - bytes.size) + bytes
+        }
+    }
+}
+
+/**
+ * Bech32 encoding utilities
+ */
+object Bech32 {
+    private const val CHARSET = "qpzry9x8gf2tvdw0s3jn54khce6mua7l"
+    private val GENERATOR = intArrayOf(0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3)
+
+    fun encode(hrp: String, data: ByteArray): String {
+        val combined = data.map { it.toInt() and 0xFF }.toIntArray()
+        val checksum = createChecksum(hrp, combined)
+        val result = StringBuilder(hrp).append("1")
+        for (d in combined) result.append(CHARSET[d])
+        for (d in checksum) result.append(CHARSET[d])
+        return result.toString()
+    }
+
+    private fun polymod(values: IntArray): Int {
+        var chk = 1
+        for (v in values) {
+            val top = chk shr 25
+            chk = ((chk and 0x1ffffff) shl 5) xor v
+            for (i in 0..4) {
+                if ((top shr i) and 1 == 1) {
+                    chk = chk xor GENERATOR[i]
+                }
+            }
+        }
+        return chk
+    }
+
+    private fun hrpExpand(hrp: String): IntArray {
+        val result = IntArray(hrp.length * 2 + 1)
+        for (i in hrp.indices) {
+            result[i] = hrp[i].code shr 5
+            result[i + hrp.length + 1] = hrp[i].code and 31
+        }
+        result[hrp.length] = 0
+        return result
+    }
+
+    private fun createChecksum(hrp: String, data: IntArray): IntArray {
+        val values = hrpExpand(hrp) + data + intArrayOf(0, 0, 0, 0, 0, 0)
+        val polymod = polymod(values) xor 1
+        return IntArray(6) { (polymod shr (5 * (5 - it))) and 31 }
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/util/TransactionUtils.kt
+++ b/backend/mpc-system/services/service-party-android/app/src/main/java/com/durian/tssparty/util/TransactionUtils.kt
@ -0,0 +1,629 @@
+package com.durian.tssparty.util
+
+import com.durian.tssparty.domain.model.GreenPointsToken
+import com.durian.tssparty.domain.model.TokenType
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+import okhttp3.MediaType.Companion.toMediaType
+import okhttp3.OkHttpClient
+import okhttp3.Request
+import okhttp3.RequestBody.Companion.toRequestBody
+import org.bouncycastle.jcajce.provider.digest.Keccak
+import java.math.BigDecimal
+import java.math.BigInteger
+import java.util.concurrent.TimeUnit
+
+/**
+ * Transaction utilities for Kava EVM
+ * Matches service-party-app/src/utils/transaction.ts
+ */
+object TransactionUtils {
+
+    private val client = OkHttpClient.Builder()
+        .connectTimeout(30, TimeUnit.SECONDS)
+        .readTimeout(30, TimeUnit.SECONDS)
+        .build()
+
+    private val jsonMediaType = "application/json; charset=utf-8".toMediaType()
+
+    // Chain IDs
+    const val KAVA_TESTNET_CHAIN_ID = 2221
+    const val KAVA_MAINNET_CHAIN_ID = 2222
+
+    /**
+     * Prepared transaction ready for signing
+     */
+    data class PreparedTransaction(
+        val nonce: BigInteger,
+        val gasPrice: BigInteger,
+        val gasLimit: BigInteger,
+        val to: String,
+        val from: String,
+        val value: BigInteger,
+        val data: ByteArray = ByteArray(0),
+        val chainId: Int,
+        val signHash: String,  // Hash to be signed (hex with 0x prefix)
+        val rawTxForSigning: ByteArray  // RLP encoded tx for signing
+    )
+
+    /**
+     * Transaction parameters for preparation
+     */
+    data class TransactionParams(
+        val from: String,
+        val to: String,
+        val amount: String,  // In KAVA or token units (not wei)
+        val rpcUrl: String,
+        val chainId: Int = KAVA_TESTNET_CHAIN_ID,
+        val tokenType: TokenType = TokenType.KAVA  // Token type for transfer
+    )
+
+    /**
+     * Prepare a transaction for signing
+     * Gets nonce, gas price, estimates gas, and calculates sign hash
+     * Supports both native KAVA transfers and ERC-20 token transfers (绿积分)
+     */
+    suspend fun prepareTransaction(params: TransactionParams): Result<PreparedTransaction> = withContext(Dispatchers.IO) {
+        try {
+            // 1. Get nonce
+            val nonce = getNonce(params.from, params.rpcUrl).getOrThrow()
+
+            // 2. Get gas price
+            val gasPrice = getGasPrice(params.rpcUrl).getOrThrow()
+
+            // 3. Prepare transaction based on token type
+            val (toAddress, valueWei, txData) = when (params.tokenType) {
+                TokenType.KAVA -> {
+                    // Native KAVA transfer
+                    Triple(params.to, kavaToWei(params.amount), ByteArray(0))
+                }
+                TokenType.GREEN_POINTS -> {
+                    // ERC-20 token transfer (绿积分)
+                    // To address is the contract, value is 0
+                    // Data is transfer(recipient, amount) encoded
+                    val tokenAmount = greenPointsToRaw(params.amount)
+                    val transferData = encodeErc20Transfer(params.to, tokenAmount)
+                    Triple(GreenPointsToken.CONTRACT_ADDRESS, BigInteger.ZERO, transferData)
+                }
+            }
+
+            // 4. Estimate gas
+            val gasLimit = estimateGasWithData(
+                from = params.from,
+                to = toAddress,
+                value = valueWei,
+                data = txData,
+                rpcUrl = params.rpcUrl
+            ).getOrElse {
+                // Default gas limits
+                when (params.tokenType) {
+                    TokenType.KAVA -> BigInteger.valueOf(21000)
+                    TokenType.GREEN_POINTS -> BigInteger.valueOf(65000)  // ERC-20 transfers need more gas
+                }
+            }
+
+            // 5. RLP encode for signing (Legacy Type 0 format)
+            // Format: [nonce, gasPrice, gasLimit, to, value, data, chainId, 0, 0]
+            val rawTxForSigning = rlpEncodeForSigning(
+                nonce = nonce,
+                gasPrice = gasPrice,
+                gasLimit = gasLimit,
+                to = toAddress,
+                value = valueWei,
+                data = txData,
+                chainId = params.chainId
+            )
+
+            // 6. Calculate Keccak-256 hash
+            val signHash = keccak256(rawTxForSigning)
+
+            Result.success(PreparedTransaction(
+                nonce = nonce,
+                gasPrice = gasPrice,
+                gasLimit = gasLimit,
+                to = toAddress,
+                from = params.from,
+                value = valueWei,
+                data = txData,
+                chainId = params.chainId,
+                signHash = "0x" + signHash.toHexString(),
+                rawTxForSigning = rawTxForSigning
+            ))
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Encode ERC-20 transfer(address,uint256) function call
+     */
+    private fun encodeErc20Transfer(to: String, amount: BigInteger): ByteArray {
+        // Function selector: transfer(address,uint256) = 0xa9059cbb
+        val selector = GreenPointsToken.TRANSFER_SELECTOR.removePrefix("0x").hexToByteArray()
+
+        // Encode recipient address (padded to 32 bytes)
+        val paddedAddress = to.removePrefix("0x").lowercase().padStart(64, '0').hexToByteArray()
+
+        // Encode amount (padded to 32 bytes)
+        val amountHex = amount.toString(16).padStart(64, '0')
+        val paddedAmount = amountHex.hexToByteArray()
+
+        return selector + paddedAddress + paddedAmount
+    }
+
+    /**
+     * Convert Green Points amount to raw units (6 decimals)
+     */
+    fun greenPointsToRaw(amount: String): BigInteger {
+        val decimal = BigDecimal(amount)
+        val rawDecimal = decimal.multiply(BigDecimal("1000000"))  // 10^6
+        return rawDecimal.toBigInteger()
+    }
+
+    /**
+     * Convert raw units to Green Points display amount
+     */
+    fun rawToGreenPoints(raw: BigInteger): String {
+        val rawDecimal = BigDecimal(raw)
+        val displayDecimal = rawDecimal.divide(BigDecimal("1000000"), 6, java.math.RoundingMode.DOWN)
+        return displayDecimal.toPlainString()
+    }
+
+    /**
+     * Finalize transaction with signature
+     * Returns the signed raw transaction hex string ready for broadcast
+     */
+    fun finalizeTransaction(
+        preparedTx: PreparedTransaction,
+        r: ByteArray,
+        s: ByteArray,
+        recoveryId: Int
+    ): String {
+        // Calculate EIP-155 v value
+        // v = chainId * 2 + 35 + recovery_id
+        val v = preparedTx.chainId * 2 + 35 + recoveryId
+
+        // RLP encode signed transaction
+        // Format: [nonce, gasPrice, gasLimit, to, value, data, v, r, s]
+        val signedTx = rlpEncodeSigned(
+            nonce = preparedTx.nonce,
+            gasPrice = preparedTx.gasPrice,
+            gasLimit = preparedTx.gasLimit,
+            to = preparedTx.to,
+            value = preparedTx.value,
+            data = preparedTx.data,
+            v = BigInteger.valueOf(v.toLong()),
+            r = BigInteger(1, r),
+            s = BigInteger(1, s)
+        )
+
+        return "0x" + signedTx.toHexString()
+    }
+
+    /**
+     * Broadcast signed transaction to the network
+     */
+    suspend fun broadcastTransaction(signedTx: String, rpcUrl: String): Result<String> = withContext(Dispatchers.IO) {
+        try {
+            val requestBody = """
+                {
+                    "jsonrpc": "2.0",
+                    "method": "eth_sendRawTransaction",
+                    "params": ["$signedTx"],
+                    "id": 1
+                }
+            """.trimIndent()
+
+            val request = Request.Builder()
+                .url(rpcUrl)
+                .post(requestBody.toRequestBody(jsonMediaType))
+                .build()
+
+            val response = client.newCall(request).execute()
+            val responseBody = response.body?.string() ?: return@withContext Result.failure(Exception("Empty response"))
+
+            val json = com.google.gson.JsonParser.parseString(responseBody).asJsonObject
+            if (json.has("error")) {
+                val errorMsg = json.get("error").asJsonObject.get("message").asString
+                return@withContext Result.failure(Exception(errorMsg))
+            }
+
+            val txHash = json.get("result").asString
+            Result.success(txHash)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    /**
+     * Get transaction receipt (for confirmation)
+     */
+    suspend fun getTransactionReceipt(txHash: String, rpcUrl: String): Result<TransactionReceipt?> = withContext(Dispatchers.IO) {
+        try {
+            val requestBody = """
+                {
+                    "jsonrpc": "2.0",
+                    "method": "eth_getTransactionReceipt",
+                    "params": ["$txHash"],
+                    "id": 1
+                }
+            """.trimIndent()
+
+            val request = Request.Builder()
+                .url(rpcUrl)
+                .post(requestBody.toRequestBody(jsonMediaType))
+                .build()
+
+            val response = client.newCall(request).execute()
+            val responseBody = response.body?.string() ?: return@withContext Result.failure(Exception("Empty response"))
+
+            val json = com.google.gson.JsonParser.parseString(responseBody).asJsonObject
+            if (json.has("error")) {
+                val errorMsg = json.get("error").asJsonObject.get("message").asString
+                return@withContext Result.failure(Exception(errorMsg))
+            }
+
+            val result = json.get("result")
+            if (result.isJsonNull) {
+                // Transaction not yet mined
+                return@withContext Result.success(null)
+            }
+
+            val receipt = result.asJsonObject
+            Result.success(TransactionReceipt(
+                transactionHash = receipt.get("transactionHash").asString,
+                blockNumber = receipt.get("blockNumber").asString,
+                status = receipt.get("status").asString == "0x1",
+                gasUsed = BigInteger(receipt.get("gasUsed").asString.removePrefix("0x"), 16)
+            ))
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    data class TransactionReceipt(
+        val transactionHash: String,
+        val blockNumber: String,
+        val status: Boolean,
+        val gasUsed: BigInteger
+    )
+
+    // ========== RPC Methods ==========
+
+    private suspend fun getNonce(address: String, rpcUrl: String): Result<BigInteger> = withContext(Dispatchers.IO) {
+        try {
+            val requestBody = """
+                {
+                    "jsonrpc": "2.0",
+                    "method": "eth_getTransactionCount",
+                    "params": ["$address", "pending"],
+                    "id": 1
+                }
+            """.trimIndent()
+
+            val request = Request.Builder()
+                .url(rpcUrl)
+                .post(requestBody.toRequestBody(jsonMediaType))
+                .build()
+
+            val response = client.newCall(request).execute()
+            val responseBody = response.body?.string() ?: return@withContext Result.failure(Exception("Empty response"))
+
+            val json = com.google.gson.JsonParser.parseString(responseBody).asJsonObject
+            if (json.has("error")) {
+                return@withContext Result.failure(Exception(json.get("error").asJsonObject.get("message").asString))
+            }
+
+            val hexNonce = json.get("result").asString
+            Result.success(BigInteger(hexNonce.removePrefix("0x"), 16))
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    private suspend fun getGasPrice(rpcUrl: String): Result<BigInteger> = withContext(Dispatchers.IO) {
+        try {
+            val requestBody = """
+                {
+                    "jsonrpc": "2.0",
+                    "method": "eth_gasPrice",
+                    "params": [],
+                    "id": 1
+                }
+            """.trimIndent()
+
+            val request = Request.Builder()
+                .url(rpcUrl)
+                .post(requestBody.toRequestBody(jsonMediaType))
+                .build()
+
+            val response = client.newCall(request).execute()
+            val responseBody = response.body?.string() ?: return@withContext Result.failure(Exception("Empty response"))
+
+            val json = com.google.gson.JsonParser.parseString(responseBody).asJsonObject
+            if (json.has("error")) {
+                return@withContext Result.failure(Exception(json.get("error").asJsonObject.get("message").asString))
+            }
+
+            val hexGasPrice = json.get("result").asString
+            Result.success(BigInteger(hexGasPrice.removePrefix("0x"), 16))
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    private suspend fun estimateGas(
+        from: String,
+        to: String,
+        value: BigInteger,
+        rpcUrl: String
+    ): Result<BigInteger> = withContext(Dispatchers.IO) {
+        estimateGasWithData(from, to, value, ByteArray(0), rpcUrl)
+    }
+
+    private suspend fun estimateGasWithData(
+        from: String,
+        to: String,
+        value: BigInteger,
+        data: ByteArray,
+        rpcUrl: String
+    ): Result<BigInteger> = withContext(Dispatchers.IO) {
+        try {
+            val valueHex = "0x" + value.toString(16)
+            val dataHex = if (data.isEmpty()) "" else "\"data\": \"0x${data.toHexString()}\","
+            val requestBody = """
+                {
+                    "jsonrpc": "2.0",
+                    "method": "eth_estimateGas",
+                    "params": [{
+                        "from": "$from",
+                        "to": "$to",
+                        "value": "$valueHex"${if (dataHex.isNotEmpty()) ",\n                        ${dataHex.trimEnd(',')}" else ""}
+                    }],
+                    "id": 1
+                }
+            """.trimIndent()
+
+            val request = Request.Builder()
+                .url(rpcUrl)
+                .post(requestBody.toRequestBody(jsonMediaType))
+                .build()
+
+            val response = client.newCall(request).execute()
+            val responseBody = response.body?.string() ?: return@withContext Result.failure(Exception("Empty response"))
+
+            val json = com.google.gson.JsonParser.parseString(responseBody).asJsonObject
+            if (json.has("error")) {
+                return@withContext Result.failure(Exception(json.get("error").asJsonObject.get("message").asString))
+            }
+
+            val hexGas = json.get("result").asString
+            // Add 10% buffer
+            val gas = BigInteger(hexGas.removePrefix("0x"), 16)
+            val gasWithBuffer = gas.multiply(BigInteger.valueOf(110)).divide(BigInteger.valueOf(100))
+            Result.success(gasWithBuffer)
+        } catch (e: Exception) {
+            Result.failure(e)
+        }
+    }
+
+    // ========== Utility Methods ==========
+
+    fun kavaToWei(kava: String): BigInteger {
+        val decimal = BigDecimal(kava)
+        val weiDecimal = decimal.multiply(BigDecimal("1000000000000000000"))
+        return weiDecimal.toBigInteger()
+    }
+
+    fun weiToKava(wei: BigInteger): String {
+        val weiDecimal = BigDecimal(wei)
+        val kavaDecimal = weiDecimal.divide(BigDecimal("1000000000000000000"), 6, java.math.RoundingMode.DOWN)
+        return kavaDecimal.toPlainString()
+    }
+
+    fun weiToGwei(wei: BigInteger): String {
+        val weiDecimal = BigDecimal(wei)
+        val gweiDecimal = weiDecimal.divide(BigDecimal("1000000000"), 2, java.math.RoundingMode.DOWN)
+        return gweiDecimal.toPlainString()
+    }
+
+    /**
+     * Calculate maximum transferable amount after deducting gas fee
+     * @param balance Current balance in KAVA
+     * @param rpcUrl RPC endpoint URL
+     * @return Maximum amount in KAVA string, or "0" if insufficient balance
+     */
+    suspend fun calculateMaxTransferAmount(balance: String, rpcUrl: String): Result<String> = withContext(Dispatchers.IO) {
+        try {
+            val balanceKava = BigDecimal(balance)
+            if (balanceKava <= BigDecimal.ZERO) {
+                return@withContext Result.success("0")
+            }
+
+            // Get current gas price
+            val gasPriceResult = getGasPrice(rpcUrl)
+            val gasPrice = gasPriceResult.getOrElse {
+                // Default to 1 gwei if failed
+                BigInteger.valueOf(1000000000)
+            }
+
+            // Add 10% buffer to gas price
+            val gasPriceWithBuffer = gasPrice.multiply(BigInteger.valueOf(110)).divide(BigInteger.valueOf(100))
+
+            // Simple transfer gas limit is 21000
+            val gasLimit = BigInteger.valueOf(21000)
+            val gasFee = gasPriceWithBuffer.multiply(gasLimit)
+
+            // Convert gas fee to KAVA
+            val gasFeeKava = BigDecimal(gasFee).divide(BigDecimal("1000000000000000000"), 8, java.math.RoundingMode.UP)
+
+            // Calculate max amount = balance - gas fee
+            val maxAmount = balanceKava.subtract(gasFeeKava)
+
+            if (maxAmount <= BigDecimal.ZERO) {
+                return@withContext Result.success("0")
+            }
+
+            // Round down to 6 decimal places
+            val formattedMax = maxAmount.setScale(6, java.math.RoundingMode.DOWN).stripTrailingZeros().toPlainString()
+            Result.success(formattedMax)
+        } catch (e: Exception) {
+            // Fallback: use default gas estimate (21000 * 1 gwei = 0.000021 KAVA)
+            try {
+                val balanceKava = BigDecimal(balance)
+                val defaultGasFee = BigDecimal("0.000021")
+                val maxAmount = balanceKava.subtract(defaultGasFee)
+                if (maxAmount <= BigDecimal.ZERO) {
+                    Result.success("0")
+                } else {
+                    val formattedMax = maxAmount.setScale(6, java.math.RoundingMode.DOWN).stripTrailingZeros().toPlainString()
+                    Result.success(formattedMax)
+                }
+            } catch (e2: Exception) {
+                Result.failure(e)
+            }
+        }
+    }
+
+    private fun keccak256(data: ByteArray): ByteArray {
+        val keccak = Keccak.Digest256()
+        return keccak.digest(data)
+    }
+
+    // ========== RLP Encoding ==========
+
+    /**
+     * RLP encode transaction for signing (EIP-155)
+     * Format: [nonce, gasPrice, gasLimit, to, value, data, chainId, 0, 0]
+     */
+    private fun rlpEncodeForSigning(
+        nonce: BigInteger,
+        gasPrice: BigInteger,
+        gasLimit: BigInteger,
+        to: String,
+        value: BigInteger,
+        data: ByteArray,
+        chainId: Int
+    ): ByteArray {
+        val items = listOf(
+            rlpEncodeInteger(nonce),
+            rlpEncodeInteger(gasPrice),
+            rlpEncodeInteger(gasLimit),
+            rlpEncodeAddress(to),
+            rlpEncodeInteger(value),
+            rlpEncodeBytes(data),
+            rlpEncodeInteger(BigInteger.valueOf(chainId.toLong())),
+            rlpEncodeInteger(BigInteger.ZERO),
+            rlpEncodeInteger(BigInteger.ZERO)
+        )
+        return rlpEncodeList(items)
+    }
+
+    /**
+     * RLP encode signed transaction
+     * Format: [nonce, gasPrice, gasLimit, to, value, data, v, r, s]
+     */
+    private fun rlpEncodeSigned(
+        nonce: BigInteger,
+        gasPrice: BigInteger,
+        gasLimit: BigInteger,
+        to: String,
+        value: BigInteger,
+        data: ByteArray,
+        v: BigInteger,
+        r: BigInteger,
+        s: BigInteger
+    ): ByteArray {
+        val items = listOf(
+            rlpEncodeInteger(nonce),
+            rlpEncodeInteger(gasPrice),
+            rlpEncodeInteger(gasLimit),
+            rlpEncodeAddress(to),
+            rlpEncodeInteger(value),
+            rlpEncodeBytes(data),
+            rlpEncodeInteger(v),
+            rlpEncodeInteger(r),
+            rlpEncodeInteger(s)
+        )
+        return rlpEncodeList(items)
+    }
+
+    private fun rlpEncodeInteger(value: BigInteger): ByteArray {
+        if (value == BigInteger.ZERO) {
+            return byteArrayOf(0x80.toByte())
+        }
+        val bytes = value.toByteArray()
+        // Remove leading zero if present
+        val trimmed = if (bytes[0] == 0.toByte() && bytes.size > 1) {
+            bytes.copyOfRange(1, bytes.size)
+        } else {
+            bytes
+        }
+        return rlpEncodeBytes(trimmed)
+    }
+
+    private fun rlpEncodeAddress(address: String): ByteArray {
+        val cleanAddress = address.removePrefix("0x")
+        val bytes = cleanAddress.hexToByteArray()
+        return rlpEncodeBytes(bytes)
+    }
+
+    private fun rlpEncodeBytes(bytes: ByteArray): ByteArray {
+        return when {
+            bytes.size == 1 && bytes[0].toInt() and 0xFF < 0x80 -> bytes
+            bytes.size <= 55 -> {
+                val result = ByteArray(1 + bytes.size)
+                result[0] = (0x80 + bytes.size).toByte()
+                System.arraycopy(bytes, 0, result, 1, bytes.size)
+                result
+            }
+            else -> {
+                val lengthBytes = bytes.size.toBigInteger().toByteArray().let { arr ->
+                    if (arr[0] == 0.toByte() && arr.size > 1) arr.copyOfRange(1, arr.size) else arr
+                }
+                val result = ByteArray(1 + lengthBytes.size + bytes.size)
+                result[0] = (0xB7 + lengthBytes.size).toByte()
+                System.arraycopy(lengthBytes, 0, result, 1, lengthBytes.size)
+                System.arraycopy(bytes, 0, result, 1 + lengthBytes.size, bytes.size)
+                result
+            }
+        }
+    }
+
+    private fun rlpEncodeList(items: List<ByteArray>): ByteArray {
+        val concatenated = items.fold(ByteArray(0)) { acc, item -> acc + item }
+        return when {
+            concatenated.size <= 55 -> {
+                val result = ByteArray(1 + concatenated.size)
+                result[0] = (0xC0 + concatenated.size).toByte()
+                System.arraycopy(concatenated, 0, result, 1, concatenated.size)
+                result
+            }
+            else -> {
+                val lengthBytes = concatenated.size.toBigInteger().toByteArray().let { arr ->
+                    if (arr[0] == 0.toByte() && arr.size > 1) arr.copyOfRange(1, arr.size) else arr
+                }
+                val result = ByteArray(1 + lengthBytes.size + concatenated.size)
+                result[0] = (0xF7 + lengthBytes.size).toByte()
+                System.arraycopy(lengthBytes, 0, result, 1, lengthBytes.size)
+                System.arraycopy(concatenated, 0, result, 1 + lengthBytes.size, concatenated.size)
+                result
+            }
+        }
+    }
+
+    // ========== Extension Functions ==========
+
+    private fun ByteArray.toHexString(): String = joinToString("") { "%02x".format(it) }
+
+    private fun String.hexToByteArray(): ByteArray {
+        val len = this.length
+        val data = ByteArray(len / 2)
+        var i = 0
+        while (i < len) {
+            data[i / 2] = ((Character.digit(this[i], 16) shl 4) + Character.digit(this[i + 1], 16)).toByte()
+            i += 2
+        }
+        return data
+    }
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/proto/message_router.proto
+++ b/backend/mpc-system/services/service-party-android/app/src/main/proto/message_router.proto
@ -0,0 +1,215 @@
+syntax = "proto3";
+
+package mpc.router.v1;
+
+option java_package = "com.durian.tssparty.grpc";
+option java_outer_classname = "MessageRouterProto";
+option java_multiple_files = true;
+
+// MessageRouter service handles MPC message routing
+service MessageRouter {
+  // RouteMessage routes a message from one party to others
+  rpc RouteMessage(RouteMessageRequest) returns (RouteMessageResponse);
+
+  // SubscribeMessages subscribes to messages for a party (streaming)
+  rpc SubscribeMessages(SubscribeMessagesRequest) returns (stream MPCMessage);
+
+  // GetPendingMessages retrieves pending messages (polling alternative)
+  rpc GetPendingMessages(GetPendingMessagesRequest) returns (GetPendingMessagesResponse);
+
+  // AcknowledgeMessage acknowledges receipt of a message
+  rpc AcknowledgeMessage(AcknowledgeMessageRequest) returns (AcknowledgeMessageResponse);
+
+  // RegisterParty registers a party with the message router
+  rpc RegisterParty(RegisterPartyRequest) returns (RegisterPartyResponse);
+
+  // Heartbeat sends a heartbeat to keep the party alive
+  rpc Heartbeat(HeartbeatRequest) returns (HeartbeatResponse);
+
+  // SubscribeSessionEvents subscribes to session lifecycle events
+  rpc SubscribeSessionEvents(SubscribeSessionEventsRequest) returns (stream SessionEvent);
+
+  // JoinSession joins a session (proxied to Session Coordinator)
+  rpc JoinSession(JoinSessionRequest) returns (JoinSessionResponse);
+
+  // MarkPartyReady marks a party as ready
+  rpc MarkPartyReady(MarkPartyReadyRequest) returns (MarkPartyReadyResponse);
+
+  // ReportCompletion reports protocol completion
+  rpc ReportCompletion(ReportCompletionRequest) returns (ReportCompletionResponse);
+
+  // GetSessionStatus gets session status
+  rpc GetSessionStatus(GetSessionStatusRequest) returns (GetSessionStatusResponse);
+}
+
+message RouteMessageRequest {
+  string session_id = 1;
+  string from_party = 2;
+  repeated string to_parties = 3;
+  int32 round_number = 4;
+  string message_type = 5;
+  bytes payload = 6;
+}
+
+message RouteMessageResponse {
+  bool success = 1;
+  string message_id = 2;
+}
+
+message SubscribeMessagesRequest {
+  string session_id = 1;
+  string party_id = 2;
+}
+
+message MPCMessage {
+  string message_id = 1;
+  string session_id = 2;
+  string from_party = 3;
+  bool is_broadcast = 4;
+  int32 round_number = 5;
+  string message_type = 6;
+  bytes payload = 7;
+  int64 created_at = 8;
+}
+
+message GetPendingMessagesRequest {
+  string session_id = 1;
+  string party_id = 2;
+  int64 after_timestamp = 3;
+}
+
+message GetPendingMessagesResponse {
+  repeated MPCMessage messages = 1;
+}
+
+message NotificationChannel {
+  string email = 1;
+  string phone = 2;
+  string push_token = 3;
+}
+
+message RegisterPartyRequest {
+  string party_id = 1;
+  string party_role = 2;
+  string version = 3;
+  NotificationChannel notification = 4;
+}
+
+message RegisterPartyResponse {
+  bool success = 1;
+  string message = 2;
+  int64 registered_at = 3;
+}
+
+message SubscribeSessionEventsRequest {
+  string party_id = 1;
+  repeated string event_types = 2;
+}
+
+message SessionEvent {
+  string event_id = 1;
+  string event_type = 2;
+  string session_id = 3;
+  int32 threshold_n = 4;
+  int32 threshold_t = 5;
+  repeated string selected_parties = 6;
+  map<string, string> join_tokens = 7;
+  bytes message_hash = 8;
+  int64 created_at = 9;
+  int64 expires_at = 10;
+}
+
+message AcknowledgeMessageRequest {
+  string message_id = 1;
+  string party_id = 2;
+  string session_id = 3;
+  bool success = 4;
+  string error_message = 5;
+}
+
+message AcknowledgeMessageResponse {
+  bool success = 1;
+  string message = 2;
+}
+
+message HeartbeatRequest {
+  string party_id = 1;
+  int64 timestamp = 2;
+}
+
+message HeartbeatResponse {
+  bool success = 1;
+  int64 server_timestamp = 2;
+  int32 pending_messages = 3;
+}
+
+message DeviceInfo {
+  string device_type = 1;
+  string device_id = 2;
+  string platform = 3;
+  string app_version = 4;
+}
+
+message PartyInfo {
+  string party_id = 1;
+  int32 party_index = 2;
+  DeviceInfo device_info = 3;
+}
+
+message SessionInfo {
+  string session_id = 1;
+  string session_type = 2;
+  int32 threshold_n = 3;
+  int32 threshold_t = 4;
+  bytes message_hash = 5;
+  string status = 6;
+  string keygen_session_id = 7;
+}
+
+message JoinSessionRequest {
+  string session_id = 1;
+  string party_id = 2;
+  string join_token = 3;
+  DeviceInfo device_info = 4;
+}
+
+message JoinSessionResponse {
+  bool success = 1;
+  SessionInfo session_info = 2;
+  repeated PartyInfo other_parties = 3;
+  int32 party_index = 4;
+}
+
+message MarkPartyReadyRequest {
+  string session_id = 1;
+  string party_id = 2;
+}
+
+message MarkPartyReadyResponse {
+  bool success = 1;
+  bool all_ready = 2;
+}
+
+message ReportCompletionRequest {
+  string session_id = 1;
+  string party_id = 2;
+  bytes public_key = 3;
+  bytes signature = 4;
+}
+
+message ReportCompletionResponse {
+  bool success = 1;
+  bool all_completed = 2;
+}
+
+message GetSessionStatusRequest {
+  string session_id = 1;
+}
+
+message GetSessionStatusResponse {
+  string session_id = 1;
+  string status = 2;
+  int32 threshold_n = 3;
+  int32 threshold_t = 4;
+  repeated PartyInfo participants = 5;
+}
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/drawable/ic_launcher_foreground.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/drawable/ic_launcher_foreground.xml
@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+    android:width="108dp"
+    android:height="108dp"
+    android:viewportWidth="108"
+    android:viewportHeight="108">
+
+    <!-- Simple wallet icon -->
+    <path
+        android:fillColor="#FFFFFF"
+        android:pathData="M54,30 L78,30 C80.2,30 82,31.8 82,34 L82,74 C82,76.2 80.2,78 78,78 L30,78 C27.8,78 26,76.2 26,74 L26,34 C26,31.8 27.8,30 30,30 L54,30 Z M54,26 L30,26 C25.6,26 22,29.6 22,34 L22,74 C22,78.4 25.6,82 30,82 L78,82 C82.4,82 86,78.4 86,74 L86,34 C86,29.6 82.4,26 78,26 L54,26 Z"/>
+
+    <!-- Key symbol -->
+    <path
+        android:fillColor="#FFFFFF"
+        android:pathData="M54,44 C58.4,44 62,47.6 62,52 C62,54.8 60.6,57.2 58.4,58.6 L58.4,66 L50,66 L50,58.6 C47.4,57.2 46,54.8 46,52 C46,47.6 49.6,44 54,44 Z M54,48 C51.8,48 50,49.8 50,52 C50,53.4 50.8,54.6 52,55.2 L52,62 L56,62 L56,55.2 C57.2,54.6 58,53.4 58,52 C58,49.8 56.2,48 54,48 Z"/>
+</vector>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/mipmap-hdpi/ic_launcher.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/mipmap-hdpi/ic_launcher.xml
@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="utf-8"?>
+<adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
+    <background android:drawable="@color/green_primary"/>
+    <foreground android:drawable="@drawable/ic_launcher_foreground"/>
+</adaptive-icon>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/mipmap-hdpi/ic_launcher_round.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/mipmap-hdpi/ic_launcher_round.xml
@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="utf-8"?>
+<adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
+    <background android:drawable="@color/green_primary"/>
+    <foreground android:drawable="@drawable/ic_launcher_foreground"/>
+</adaptive-icon>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/values/colors.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/values/colors.xml
@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+    <color name="green_primary">#4CAF50</color>
+    <color name="green_dark">#388E3C</color>
+    <color name="green_light">#81C784</color>
+    <color name="white">#FFFFFF</color>
+    <color name="black">#000000</color>
+</resources>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/values/strings.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/values/strings.xml
@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+    <string name="app_name">TSS Party</string>
+</resources>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/values/themes.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/values/themes.xml
@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+    <style name="Theme.TssParty" parent="android:Theme.Material.Light.NoActionBar">
+        <item name="android:statusBarColor">@color/green_primary</item>
+    </style>
+</resources>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/xml/backup_rules.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/xml/backup_rules.xml
@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<full-backup-content>
+    <include domain="sharedpref" path="."/>
+    <include domain="database" path="."/>
+    <exclude domain="database" path="tss_party.db"/>
+</full-backup-content>
--- a/backend/mpc-system/services/service-party-android/app/src/main/res/xml/data_extraction_rules.xml
+++ b/backend/mpc-system/services/service-party-android/app/src/main/res/xml/data_extraction_rules.xml
@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<data-extraction-rules>
+    <cloud-backup>
+        <include domain="sharedpref" path="."/>
+        <include domain="database" path="."/>
+        <exclude domain="database" path="tss_party.db"/>
+    </cloud-backup>
+    <device-transfer>
+        <include domain="sharedpref" path="."/>
+        <include domain="database" path="."/>
+        <exclude domain="database" path="tss_party.db"/>
+    </device-transfer>
+</data-extraction-rules>
--- a/backend/mpc-system/services/service-party-android/build-apk.bat
+++ b/backend/mpc-system/services/service-party-android/build-apk.bat
@ -0,0 +1,290 @@
+@echo off
+setlocal enabledelayedexpansion
+
+echo ========================================
+echo   TSS Party Android APK Builder
+echo ========================================
+echo.
+
+:: Check if gradlew exists
+if not exist "gradlew.bat" (
+    echo [ERROR] gradlew.bat not found!
+    echo Please run this script from the service-party-android directory.
+    pause
+    exit /b 1
+)
+
+:: Check and create local.properties if needed
+if not exist "local.properties" (
+    echo [INFO] local.properties not found, attempting to detect Android SDK...
+
+    :: Try common SDK locations
+    set SDK_FOUND=0
+
+    :: Check ANDROID_HOME environment variable first
+    if defined ANDROID_HOME (
+        :: Remove any surrounding quotes from ANDROID_HOME
+        set "ANDROID_HOME_CLEAN=!ANDROID_HOME:"=!"
+        if exist "!ANDROID_HOME_CLEAN!\platform-tools" (
+            set "SDK_PATH_CLEAN=!ANDROID_HOME_CLEAN:\=/!"
+            echo sdk.dir=!SDK_PATH_CLEAN!> local.properties
+            echo [INFO] Created local.properties with ANDROID_HOME: !ANDROID_HOME_CLEAN!
+            set SDK_FOUND=1
+        )
+    )
+
+    :: Try common Windows locations
+    if !SDK_FOUND!==0 (
+        for %%P in (
+            "%LOCALAPPDATA%\Android\Sdk"
+            "%USERPROFILE%\AppData\Local\Android\Sdk"
+            "C:\Android\Sdk"
+            "C:\Android"
+            "C:\Users\%USERNAME%\Android\Sdk"
+        ) do (
+            if exist "%%~P\platform-tools" (
+                set "SDK_PATH=%%~P"
+                set "SDK_PATH=!SDK_PATH:\=/!"
+                echo sdk.dir=!SDK_PATH!> local.properties
+                echo [INFO] Created local.properties with SDK path: %%~P
+                set SDK_FOUND=1
+                goto :sdk_found
+            )
+        )
+    )
+
+    :sdk_found
+    if !SDK_FOUND!==0 (
+        echo [ERROR] Android SDK not found!
+        echo.
+        echo Please do one of the following:
+        echo   1. Set ANDROID_HOME environment variable to your SDK path
+        echo   2. Create local.properties file with: sdk.dir=C:/path/to/android/sdk
+        echo   3. Install Android Studio which includes the SDK
+        echo.
+        echo Common SDK locations:
+        echo   - %LOCALAPPDATA%\Android\Sdk
+        echo   - C:\Android\Sdk
+        echo.
+        pause
+        exit /b 1
+    )
+)
+
+echo [INFO] Using SDK from local.properties
+type local.properties
+echo.
+
+:: Check and build tsslib.aar if needed
+if not exist "app\libs\tsslib.aar" (
+    echo [INFO] tsslib.aar not found, attempting to build TSS library...
+    echo.
+
+    :: Check if Go is installed
+    where go >nul 2>nul
+    if !errorlevel! neq 0 (
+        echo [ERROR] Go is not installed or not in PATH!
+        echo Please install Go from https://golang.org/dl/
+        pause
+        exit /b 1
+    )
+
+    :: Get GOPATH for bin directory
+    for /f "tokens=*" %%G in ('go env GOPATH') do set "GOPATH_DIR=%%G"
+    if not defined GOPATH_DIR set "GOPATH_DIR=%USERPROFILE%\go"
+    set "GOBIN_DIR=!GOPATH_DIR!\bin"
+
+    :: Add GOPATH/bin to PATH if not already there
+    echo !PATH! | findstr /i /c:"!GOBIN_DIR!" >nul 2>nul
+    if !errorlevel! neq 0 (
+        echo [INFO] Adding !GOBIN_DIR! to PATH...
+        set "PATH=!PATH!;!GOBIN_DIR!"
+    )
+
+    :: Show Go version
+    for /f "tokens=3" %%V in ('go version') do set "GO_VERSION=%%V"
+    echo [INFO] Go version: !GO_VERSION!
+
+    :: Get the tsslib directory path (inside service-party-android)
+    set "TSSLIB_DIR=tsslib"
+
+    if not exist "!TSSLIB_DIR!\go.mod" (
+        echo [ERROR] TSS library source not found at !TSSLIB_DIR!
+        echo Please ensure the tsslib source code exists.
+        pause
+        exit /b 1
+    )
+
+    :: IMPORTANT: Add gomobile dependency to go.mod (official recommended step)
+    echo [INFO] Adding gomobile dependency to go.mod...
+    pushd "!TSSLIB_DIR!"
+    go get -d golang.org/x/mobile/cmd/gomobile
+    if !errorlevel! neq 0 (
+        echo [WARNING] go get gomobile failed, continuing anyway...
+    )
+    popd
+
+    :: Install gomobile
+    echo [INFO] Installing gomobile...
+    go install golang.org/x/mobile/cmd/gomobile@latest
+    if !errorlevel! neq 0 (
+        echo [ERROR] Failed to install gomobile!
+        pause
+        exit /b 1
+    )
+
+    :: Verify gomobile exists
+    if not exist "!GOBIN_DIR!\gomobile.exe" (
+        echo [ERROR] gomobile was not installed correctly!
+        echo Please check your Go installation and GOPATH.
+        echo Expected location: !GOBIN_DIR!\gomobile.exe
+        pause
+        exit /b 1
+    )
+
+    echo [INFO] Initializing gomobile...
+    "!GOBIN_DIR!\gomobile.exe" init
+    if !errorlevel! neq 0 (
+        echo [WARNING] gomobile init failed, but continuing...
+    )
+
+    echo [INFO] Building tsslib.aar with gomobile...
+    pushd "!TSSLIB_DIR!"
+
+    :: Build the AAR
+    :: Use -androidapi 21 to ensure compatibility with modern NDK
+    "!GOBIN_DIR!\gomobile.exe" bind -target=android -androidapi 21 -o "..\app\libs\tsslib.aar" .
+    if !errorlevel! neq 0 (
+        echo [ERROR] gomobile bind failed!
+        popd
+        pause
+        exit /b 1
+    )
+
+    popd
+
+    if exist "app\libs\tsslib.aar" (
+        echo [SUCCESS] tsslib.aar built successfully!
+        for %%F in ("app\libs\tsslib.aar") do echo   Size: %%~zF bytes
+    ) else (
+        echo [ERROR] tsslib.aar was not created!
+        pause
+        exit /b 1
+    )
+    echo.
+) else (
+    echo [INFO] tsslib.aar found, skipping TSS library build
+    for %%F in ("app\libs\tsslib.aar") do echo   Size: %%~zF bytes
+    echo.
+)
+
+:: Parse command line arguments
+set BUILD_TYPE=all
+if "%1"=="debug" set BUILD_TYPE=debug
+if "%1"=="release" set BUILD_TYPE=release
+if "%1"=="clean" set BUILD_TYPE=clean
+if "%1"=="help" goto :show_help
+
+:: Show build type
+echo Build type: %BUILD_TYPE%
+echo.
+
+:: Clean build
+if "%BUILD_TYPE%"=="clean" (
+    echo [1/1] Cleaning build files...
+    call gradlew.bat clean --no-daemon
+    if !errorlevel! neq 0 (
+        echo [ERROR] Clean failed!
+        pause
+        exit /b 1
+    )
+    echo.
+    echo [SUCCESS] Clean completed!
+    goto :end
+)
+
+:: Build Debug APK
+if "%BUILD_TYPE%"=="debug" goto :build_debug
+if "%BUILD_TYPE%"=="all" goto :build_debug
+goto :check_release
+
+:build_debug
+echo [1/2] Building Debug APK...
+call gradlew.bat assembleDebug --no-daemon
+if !errorlevel! neq 0 (
+    echo [ERROR] Debug build failed!
+    pause
+    exit /b 1
+)
+echo [SUCCESS] Debug APK built successfully!
+echo   Location: app\build\outputs\apk\debug\app-debug.apk
+echo.
+
+:check_release
+if "%BUILD_TYPE%"=="debug" goto :show_results
+
+:: Build Release APK
+:build_release
+echo [2/2] Building Release APK...
+call gradlew.bat assembleRelease --no-daemon
+if !errorlevel! neq 0 (
+    echo [ERROR] Release build failed!
+    pause
+    exit /b 1
+)
+echo [SUCCESS] Release APK built successfully!
+echo   Location: app\build\outputs\apk\release\app-release.apk
+echo.
+
+:show_results
+echo ========================================
+echo   Build Results
+echo ========================================
+echo.
+
+:: Check and show Debug APK
+if exist "app\build\outputs\apk\debug\app-debug.apk" (
+    for %%F in ("app\build\outputs\apk\debug\app-debug.apk") do (
+        echo [DEBUG APK]
+        echo   Path: %%~fF
+        echo   Size: %%~zF bytes
+    )
+    echo.
+)
+
+:: Check and show Release APK
+if exist "app\build\outputs\apk\release\app-release.apk" (
+    for %%F in ("app\build\outputs\apk\release\app-release.apk") do (
+        echo [RELEASE APK]
+        echo   Path: %%~fF
+        echo   Size: %%~zF bytes
+    )
+    echo.
+)
+
+echo ========================================
+echo   Build completed successfully!
+echo ========================================
+goto :end
+
+:show_help
+echo.
+echo Usage: build-apk.bat [option]
+echo.
+echo Options:
+echo   debug    - Build debug APK only
+echo   release  - Build release APK only
+echo   all      - Build both debug and release APKs (default)
+echo   clean    - Clean build files
+echo   help     - Show this help message
+echo.
+echo Examples:
+echo   build-apk.bat           - Build both APKs
+echo   build-apk.bat debug     - Build debug APK only
+echo   build-apk.bat release   - Build release APK only
+echo   build-apk.bat clean     - Clean project
+echo.
+
+:end
+echo.
+pause
--- a/backend/mpc-system/services/service-party-android/build.gradle.kts
+++ b/backend/mpc-system/services/service-party-android/build.gradle.kts
@ -0,0 +1,18 @@
+// Top-level build file
+plugins {
+    id("com.android.application") version "8.2.0" apply false
+    id("org.jetbrains.kotlin.android") version "1.9.21" apply false
+    id("com.google.dagger.hilt.android") version "2.48.1" apply false
+    id("com.google.protobuf") version "0.9.4" apply false
+}
+
+buildscript {
+    repositories {
+        google()
+        mavenCentral()
+    }
+}
+
+tasks.register("clean", Delete::class) {
+    delete(rootProject.layout.buildDirectory)
+}
--- a/backend/mpc-system/services/service-party-android/contracts/CONTRACT_INFO.md
+++ b/backend/mpc-system/services/service-party-android/contracts/CONTRACT_INFO.md
@ -0,0 +1,115 @@
+# Durian USDT (dUSDT) 代币合约
+
+## 合约概述
+
+Durian USDT 是一个部署在 Kava EVM 主网上的固定供应量 ERC-20 代币。该合约**完全禁止增发**，所有代币在部署时一次性铸造给部署者地址。
+
+## 合约详情
+
+| 项目 | 值 |
+|------|-----|
+| 合约地址 | `0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3` |
+| 代币名称 | Durian USDT |
+| 代币符号 | dUSDT |
+| 精度 (Decimals) | 6 |
+| 总供应量 | 1,000,000,000,000 dUSDT (1万亿) |
+| 总供应量 (最小单位) | 1,000,000,000,000,000,000 (10^18) |
+
+## 网络信息
+
+| 项目 | 值 |
+|------|-----|
+| 网络名称 | Kava EVM Mainnet |
+| Chain ID | 2222 |
+| RPC URL | https://evm.kava.io |
+| 区块浏览器 | https://kavascan.com |
+| 原生代币 | KAVA |
+
+## 持有人/管理人信息
+
+| 项目 | 值 |
+|------|-----|
+| 地址 | `0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E` |
+| 私钥 | `0x886ea4cffe76c386fecf3ff321ac9ae913737c46c17bc6ce2413752144668a2a` |
+| 初始 dUSDT 余额 | 1,000,000,000,000 dUSDT (全部) |
+
+> **安全警告**: 私钥必须妥善保管，切勿泄露给他人。
+
+## 部署信息
+
+| 项目 | 值 |
+|------|-----|
+| 部署时间 | 2026-01-02 |
+| 部署交易哈希 | `0xa73d7dce17723bc5a9d62767c515dadf4ccccc26327ed5637958ce817edd671d` |
+| Solidity 版本 | 0.8.19 |
+| EVM 版本 | Paris (无 PUSH0 操作码) |
+| 优化 | 启用 (runs: 200) |
+
+## 合约特性
+
+### 固定供应量 - 无增发机制
+
+该合约的核心特性是**完全禁止增发**：
+
+1. **无 mint 函数**: 合约代码中不存在任何铸造新代币的函数
+2. **无 owner/admin 权限**: 合约没有特权角色，无人能修改供应量
+3. **供应量在构造函数中固定**: 所有代币在部署时一次性创建
+4. **totalSupply 是 constant**: 总供应量声明为常量，无法修改
+
+### 支持的 ERC-20 标准函数
+
+| 函数 | 描述 |
+|------|------|
+| `name()` | 返回代币名称 "Durian USDT" |
+| `symbol()` | 返回代币符号 "dUSDT" |
+| `decimals()` | 返回精度 6 |
+| `totalSupply()` | 返回总供应量 |
+| `balanceOf(address)` | 查询地址余额 |
+| `transfer(address, uint256)` | 转账 |
+| `approve(address, uint256)` | 授权 |
+| `allowance(address, address)` | 查询授权额度 |
+| `transferFrom(address, address, uint256)` | 授权转账 |
+
+## 查看链接
+
+- 合约: https://kavascan.com/address/0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3
+- 持有人: https://kavascan.com/address/0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E
+- 部署交易: https://kavascan.com/tx/0xa73d7dce17723bc5a9d62767c515dadf4ccccc26327ed5637958ce817edd671d
+
+## 在钱包中添加代币
+
+在 MetaMask 或其他钱包中添加自定义代币：
+
+1. 网络: Kava EVM (Chain ID: 2222)
+2. 合约地址: `0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3`
+3. 代币符号: `dUSDT`
+4. 精度: `6`
+
+## 文件说明
+
+| 文件 | 描述 |
+|------|------|
+| `DurianUSDT.sol` | Solidity 源代码 |
+| `DurianUSDT.abi` | 合约 ABI (Application Binary Interface) |
+| `DurianUSDT.bin` | 编译后的字节码 |
+| `CONTRACT_INFO.md` | 本文档 |
+
+## 代码审计要点
+
+该合约经过精简设计，关键安全特性：
+
+1. **无 owner 模式**: 没有特权地址可以执行管理操作
+2. **无升级机制**: 合约不可升级，代码永久固定
+3. **无暂停功能**: 转账功能无法被暂停
+4. **无黑名单功能**: 没有地址可以被限制转账
+5. **使用 unchecked 块**: 在已验证的情况下使用，节省 gas
+
+## 与标准 USDT 的对比
+
+| 特性 | dUSDT | 标准 USDT |
+|------|-------|----------|
+| 精度 | 6 | 6 |
+| 可增发 | 否 | 是 |
+| 可暂停 | 否 | 是 |
+| 黑名单功能 | 否 | 是 |
+| 中心化管理 | 否 | 是 |
--- a/backend/mpc-system/services/service-party-android/contracts/DurianUSDT.abi
+++ b/backend/mpc-system/services/service-party-android/contracts/DurianUSDT.abi
@ -0,0 +1,229 @@
+[
+  {
+    "inputs": [],
+    "stateMutability": "nonpayable",
+    "type": "constructor"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "internalType": "address",
+        "name": "owner",
+        "type": "address"
+      },
+      {
+        "indexed": true,
+        "internalType": "address",
+        "name": "spender",
+        "type": "address"
+      },
+      {
+        "indexed": false,
+        "internalType": "uint256",
+        "name": "value",
+        "type": "uint256"
+      }
+    ],
+    "name": "Approval",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "internalType": "address",
+        "name": "from",
+        "type": "address"
+      },
+      {
+        "indexed": true,
+        "internalType": "address",
+        "name": "to",
+        "type": "address"
+      },
+      {
+        "indexed": false,
+        "internalType": "uint256",
+        "name": "value",
+        "type": "uint256"
+      }
+    ],
+    "name": "Transfer",
+    "type": "event"
+  },
+  {
+    "inputs": [
+      {
+        "internalType": "address",
+        "name": "owner",
+        "type": "address"
+      },
+      {
+        "internalType": "address",
+        "name": "spender",
+        "type": "address"
+      }
+    ],
+    "name": "allowance",
+    "outputs": [
+      {
+        "internalType": "uint256",
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      {
+        "internalType": "address",
+        "name": "spender",
+        "type": "address"
+      },
+      {
+        "internalType": "uint256",
+        "name": "amount",
+        "type": "uint256"
+      }
+    ],
+    "name": "approve",
+    "outputs": [
+      {
+        "internalType": "bool",
+        "name": "",
+        "type": "bool"
+      }
+    ],
+    "stateMutability": "nonpayable",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      {
+        "internalType": "address",
+        "name": "account",
+        "type": "address"
+      }
+    ],
+    "name": "balanceOf",
+    "outputs": [
+      {
+        "internalType": "uint256",
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [],
+    "name": "decimals",
+    "outputs": [
+      {
+        "internalType": "uint8",
+        "name": "",
+        "type": "uint8"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [],
+    "name": "name",
+    "outputs": [
+      {
+        "internalType": "string",
+        "name": "",
+        "type": "string"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [],
+    "name": "symbol",
+    "outputs": [
+      {
+        "internalType": "string",
+        "name": "",
+        "type": "string"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [],
+    "name": "totalSupply",
+    "outputs": [
+      {
+        "internalType": "uint256",
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "stateMutability": "view",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      {
+        "internalType": "address",
+        "name": "to",
+        "type": "address"
+      },
+      {
+        "internalType": "uint256",
+        "name": "amount",
+        "type": "uint256"
+      }
+    ],
+    "name": "transfer",
+    "outputs": [
+      {
+        "internalType": "bool",
+        "name": "",
+        "type": "bool"
+      }
+    ],
+    "stateMutability": "nonpayable",
+    "type": "function"
+  },
+  {
+    "inputs": [
+      {
+        "internalType": "address",
+        "name": "from",
+        "type": "address"
+      },
+      {
+        "internalType": "address",
+        "name": "to",
+        "type": "address"
+      },
+      {
+        "internalType": "uint256",
+        "name": "amount",
+        "type": "uint256"
+      }
+    ],
+    "name": "transferFrom",
+    "outputs": [
+      {
+        "internalType": "bool",
+        "name": "",
+        "type": "bool"
+      }
+    ],
+    "stateMutability": "nonpayable",
+    "type": "function"
+  }
+]
--- a/backend/mpc-system/services/service-party-android/contracts/DurianUSDT.bin
+++ b/backend/mpc-system/services/service-party-android/contracts/DurianUSDT.bin
@ -0,0 +1 @@
+608060405234801561001057600080fd5b5033600081815260208181526040808320670de0b6b3a76400009081905590519081527fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910160405180910390a36106fb8061006d6000396000f3fe608060405234801561001057600080fd5b50600436106100935760003560e01c8063313ce56711610066578063313ce5671461012b57806370a082311461014557806395d89b411461016e578063a9059cbb14610192578063dd62ed3e146101a557600080fd5b806306fdde0314610098578063095ea7b3146100d857806318160ddd146100fb57806323b872dd14610118575b600080fd5b6100c26040518060400160405280600b81526020016a111d5c9a585b881554d11560aa1b81525081565b6040516100cf91906105a0565b60405180910390f35b6100eb6100e636600461060a565b6101de565b60405190151581526020016100cf565b61010a670de0b6b3a764000081565b6040519081526020016100cf565b6100eb610126366004610634565b6102a0565b610133600681565b60405160ff90911681526020016100cf565b61010a610153366004610670565b6001600160a01b031660009081526020819052604090205490565b6100c260405180604001604052806005815260200164191554d11560da1b81525081565b6100eb6101a036600461060a565b61049a565b61010a6101b3366004610692565b6001600160a01b03918216600090815260016020908152604080832093909416825291909152205490565b60006001600160a01b03831661023b5760405162461bcd60e51b815260206004820152601760248201527f417070726f766520746f207a65726f206164647265737300000000000000000060448201526064015b60405180910390fd5b3360008181526001602090815260408083206001600160a01b03881680855290835292819020869055518581529192917f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92591015b60405180910390a350600192915050565b60006001600160a01b0384166102f85760405162461bcd60e51b815260206004820152601a60248201527f5472616e736665722066726f6d207a65726f20616464726573730000000000006044820152606401610232565b6001600160a01b0383166103495760405162461bcd60e51b81526020600482015260186024820152775472616e7366657220746f207a65726f206164647265737360401b6044820152606401610232565b6001600160a01b0384166000908152602081905260409020548211156103a85760405162461bcd60e51b8152602060048201526014602482015273496e73756666696369656e742062616c616e636560601b6044820152606401610232565b6001600160a01b03841660009081526001602090815260408083203384529091529020548211156104145760405162461bcd60e51b8152602060048201526016602482015275496e73756666696369656e7420616c6c6f77616e636560501b6044820152606401610232565b6001600160a01b03848116600081815260208181526040808320805488900390559387168083528483208054880190558383526001825284832033845282529184902080548790039055925185815290927fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910160405180910390a35060019392505050565b60006001600160a01b0383166104ed5760405162461bcd60e51b81526020600482015260186024820152775472616e7366657220746f207a65726f206164647265737360401b6044820152606401610232565b336000908152602081905260409020548211156105435760405162461bcd60e51b8152602060048201526014602482015273496e73756666696369656e742062616c616e636560601b6044820152606401610232565b33600081815260208181526040808320805487900390556001600160a01b03871680845292819020805487019055518581529192917fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910161028f565b600060208083528351808285015260005b818110156105cd578581018301518582016040015282016105b1565b506000604082860101526040601f19601f8301168501019250505092915050565b80356001600160a01b038116811461060557600080fd5b919050565b6000806040838503121561061d57600080fd5b610626836105ee565b946020939093013593505050565b60008060006060848603121561064957600080fd5b610652846105ee565b9250610660602085016105ee565b9150604084013590509250925092565b60006020828403121561068257600080fd5b61068b826105ee565b9392505050565b600080604083850312156106a557600080fd5b6106ae836105ee565b91506106bc602084016105ee565b9050925092905056fea264697066735822122028c97073f6e7db0ad943d101cb6873b31c3eb19bcea3eda83148447ab676a5ee64736f6c63430008130033
--- a/backend/mpc-system/services/service-party-android/contracts/DurianUSDT.sol
+++ b/backend/mpc-system/services/service-party-android/contracts/DurianUSDT.sol
@ -0,0 +1,78 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.19;
+
+/**
+ * @title DurianUSDT
+ * @dev Fixed supply ERC-20 token - NO MINTING CAPABILITY
+ * Total Supply: 1,000,000,000,000 (1 Trillion) tokens with 6 decimals (matching USDT)
+ *
+ * IMPORTANT: This contract has NO mint function and NO way to increase supply.
+ * All tokens are minted to the deployer at construction time.
+ */
+contract DurianUSDT {
+    string public constant name = "Durian USDT";
+    string public constant symbol = "dUSDT";
+    uint8 public constant decimals = 6;
+
+    // Fixed total supply: 1 trillion tokens (1,000,000,000,000 * 10^6)
+    uint256 public constant totalSupply = 1_000_000_000_000 * 10**6;
+
+    mapping(address => uint256) private _balances;
+    mapping(address => mapping(address => uint256)) private _allowances;
+
+    event Transfer(address indexed from, address indexed to, uint256 value);
+    event Approval(address indexed owner, address indexed spender, uint256 value);
+
+    /**
+     * @dev Constructor - mints entire fixed supply to deployer
+     * No mint function exists - supply is permanently fixed
+     */
+    constructor() {
+        _balances[msg.sender] = totalSupply;
+        emit Transfer(address(0), msg.sender, totalSupply);
+    }
+
+    function balanceOf(address account) public view returns (uint256) {
+        return _balances[account];
+    }
+
+    function transfer(address to, uint256 amount) public returns (bool) {
+        require(to != address(0), "Transfer to zero address");
+        require(_balances[msg.sender] >= amount, "Insufficient balance");
+
+        unchecked {
+            _balances[msg.sender] -= amount;
+            _balances[to] += amount;
+        }
+
+        emit Transfer(msg.sender, to, amount);
+        return true;
+    }
+
+    function allowance(address owner, address spender) public view returns (uint256) {
+        return _allowances[owner][spender];
+    }
+
+    function approve(address spender, uint256 amount) public returns (bool) {
+        require(spender != address(0), "Approve to zero address");
+        _allowances[msg.sender][spender] = amount;
+        emit Approval(msg.sender, spender, amount);
+        return true;
+    }
+
+    function transferFrom(address from, address to, uint256 amount) public returns (bool) {
+        require(from != address(0), "Transfer from zero address");
+        require(to != address(0), "Transfer to zero address");
+        require(_balances[from] >= amount, "Insufficient balance");
+        require(_allowances[from][msg.sender] >= amount, "Insufficient allowance");
+
+        unchecked {
+            _balances[from] -= amount;
+            _balances[to] += amount;
+            _allowances[from][msg.sender] -= amount;
+        }
+
+        emit Transfer(from, to, amount);
+        return true;
+    }
+}
--- a/backend/mpc-system/services/service-party-android/contracts/KAVA_NETWORK.md
+++ b/backend/mpc-system/services/service-party-android/contracts/KAVA_NETWORK.md
@ -0,0 +1,120 @@
+# Kava EVM 网络配置
+
+## 主网配置
+
+| 项目 | 值 |
+|------|-----|
+| 网络名称 | Kava EVM Mainnet |
+| Chain ID | 2222 |
+| Currency Symbol | KAVA |
+| RPC URL | https://evm.kava.io |
+| WebSocket URL | wss://wevm.kava.io |
+| 区块浏览器 | https://kavascan.com |
+
+## 测试网配置
+
+| 项目 | 值 |
+|------|-----|
+| 网络名称 | Kava EVM Testnet |
+| Chain ID | 2221 |
+| Currency Symbol | KAVA |
+| RPC URL | https://evm.testnet.kava.io |
+| 区块浏览器 | https://testnet.kavascan.com |
+| 水龙头 | https://faucet.kava.io |
+
+## RPC 端点列表
+
+### 主网 RPC
+
+```
+https://evm.kava.io
+https://kava-evm.publicnode.com
+https://kava.api.onfinality.io/public
+https://evm.kava.chainstacklabs.com
+```
+
+### WebSocket (主网)
+
+```
+wss://wevm.kava.io
+wss://kava-evm.publicnode.com
+```
+
+## Gas 配置
+
+| 项目 | 值 |
+|------|-----|
+| Gas Price | ~1 Gwei (动态) |
+| 合约部署 Gas Limit | ~500,000 - 1,000,000 |
+| 代币转账 Gas Limit | ~65,000 |
+| 原生转账 Gas Limit | ~21,000 |
+
+## 在 MetaMask 中添加网络
+
+### 主网
+
+1. 打开 MetaMask
+2. 点击网络选择器 > 添加网络
+3. 填写以下信息:
+   - 网络名称: `Kava EVM`
+   - RPC URL: `https://evm.kava.io`
+   - Chain ID: `2222`
+   - 货币符号: `KAVA`
+   - 区块浏览器: `https://kavascan.com`
+
+### 测试网
+
+1. 打开 MetaMask
+2. 点击网络选择器 > 添加网络
+3. 填写以下信息:
+   - 网络名称: `Kava EVM Testnet`
+   - RPC URL: `https://evm.testnet.kava.io`
+   - Chain ID: `2221`
+   - 货币符号: `KAVA`
+   - 区块浏览器: `https://testnet.kavascan.com`
+
+## Kava 双地址系统
+
+Kava 网络支持两种地址格式:
+
+| 类型 | 格式 | 示例 |
+|------|------|------|
+| Cosmos 地址 | kava1... | `kava1...abc` |
+| EVM 地址 | 0x... | `0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E` |
+
+同一个私钥可以派生出两种地址，它们共享相同的余额。
+
+## EVM 兼容性
+
+Kava EVM 兼容以太坊 EVM，支持:
+
+- Solidity 智能合约
+- ERC-20/ERC-721/ERC-1155 代币标准
+- Web3.js / ethers.js
+- MetaMask 等以太坊钱包
+
+### 注意事项
+
+- Kava EVM **不支持 PUSH0 操作码** (Shanghai 升级的特性)
+- 编译合约时需要使用 `evmVersion: "paris"` 或更早版本
+- 推荐使用 Solidity 0.8.19 或更早版本
+
+## 常用合约地址
+
+### 主网
+
+| 代币 | 地址 |
+|------|------|
+| WKAVA (Wrapped KAVA) | `0xc86c7C0eFbd6A49B35E8714C5f59D99De09A225b` |
+| USDT (官方) | `0x919C1c267BC06a7039e03fcc2eF738525769109c` |
+| USDC | `0xfA9343C3897324496A05fC75abeD6bAC29f8A40f` |
+| DAI | `0x765277EebeCA2e31912C9946eAe1021199B39C61` |
+| **dUSDT (绿积分)** | `0xA9F3A35dBa8699c8C681D8db03F0c1A8CEB9D7c3` ⭐ 当前使用 |
+
+## 资源链接
+
+- 官网: https://www.kava.io/
+- 文档: https://docs.kava.io/
+- GitHub: https://github.com/Kava-Labs
+- 区块浏览器: https://kavascan.com/
+- Discord: https://discord.com/invite/kQzh3Uv
--- a/backend/mpc-system/services/service-party-android/contracts/WALLET_KEYS.md
+++ b/backend/mpc-system/services/service-party-android/contracts/WALLET_KEYS.md
@ -0,0 +1,83 @@
+# 钱包密钥信息
+
+> **重要安全警告**: 本文件包含私钥，仅供内部使用。切勿将此文件提交到公开仓库或分享给他人。
+
+## 管理员钱包
+
+该钱包用于部署和管理 dUSDT 代币合约。
+
+### 地址信息
+
+| 项目 | 值 |
+|------|-----|
+| EVM 地址 | `0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E` |
+| 私钥 | `0x886ea4cffe76c386fecf3ff321ac9ae913737c46c17bc6ce2413752144668a2a` |
+
+### 余额信息
+
+| 代币 | 余额 | 备注 |
+|------|------|------|
+| KAVA | ~0.45 KAVA | 用于支付 Gas 费用 |
+| dUSDT | 1,000,000,000,000 | 1万亿，全部供应量 |
+
+### 查看链接
+
+- 地址: https://kavascan.com/address/0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E
+
+## 导入钱包
+
+### MetaMask
+
+1. 打开 MetaMask
+2. 点击账户图标 > 导入账户
+3. 选择类型: 私钥
+4. 粘贴私钥: `886ea4cffe76c386fecf3ff321ac9ae913737c46c17bc6ce2413752144668a2a`
+5. 点击导入
+
+### ethers.js
+
+```javascript
+import { ethers } from 'ethers';
+
+const PRIVATE_KEY = '0x886ea4cffe76c386fecf3ff321ac9ae913737c46c17bc6ce2413752144668a2a';
+const provider = new ethers.JsonRpcProvider('https://evm.kava.io');
+const wallet = new ethers.Wallet(PRIVATE_KEY, provider);
+
+console.log('Address:', wallet.address);
+// Output: 0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E
+```
+
+### Android/Kotlin
+
+```kotlin
+// 使用 Web3j 或其他库
+val privateKey = "886ea4cffe76c386fecf3ff321ac9ae913737c46c17bc6ce2413752144668a2a"
+val credentials = Credentials.create(privateKey)
+println("Address: ${credentials.address}")
+// Output: 0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E
+```
+
+## 地址派生
+
+该地址是通过以下步骤从私钥派生的:
+
+1. 私钥 (32 bytes): `886ea4cffe76c386fecf3ff321ac9ae913737c46c17bc6ce2413752144668a2a`
+2. 公钥 (65 bytes, uncompressed): `047e0b2f84204a2f859f51be78e09af3c504e9525f49d8ab1c537ab9c2a4deb28c3b16870449f50b9b79e959649a78144a5329958a95f6697534be0156b421588b`
+3. Keccak-256(公钥[1:65])
+4. 取后 20 bytes: `4f7e78d6b7c5fc502ec7039848690f08c8970f1e`
+5. 添加 0x 前缀: `0x4F7E78d6B7C5FC502Ec7039848690f08c8970F1E` (含校验和)
+
+## 安全建议
+
+1. **备份私钥**: 将私钥安全存储在离线环境中
+2. **不要分享**: 永远不要将私钥分享给任何人
+3. **不要提交**: 确保 .gitignore 包含此文件
+4. **硬件钱包**: 考虑将大额资产转移到硬件钱包
+5. **多签**: 对于生产环境，考虑使用多签钱包
+
+## 相关交易
+
+### 合约部署交易
+
+- 交易哈希: `0xa73d7dce17723bc5a9d62767c515dadf4ccccc26327ed5637958ce817edd671d`
+- 查看: https://kavascan.com/tx/0xa73d7dce17723bc5a9d62767c515dadf4ccccc26327ed5637958ce817edd671d
--- a/backend/mpc-system/services/service-party-android/gradle.properties
+++ b/backend/mpc-system/services/service-party-android/gradle.properties
@ -0,0 +1,11 @@
+# Project-wide Gradle settings
+org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
+org.gradle.parallel=true
+org.gradle.caching=true
+
+# Android settings
+android.useAndroidX=true
+android.nonTransitiveRClass=true
+
+# Kotlin settings
+kotlin.code.style=official
--- a/backend/mpc-system/services/service-party-android/gradle/wrapper/gradle-wrapper.jar
+++ b/backend/mpc-system/services/service-party-android/gradle/wrapper/gradle-wrapper.jar
--- a/backend/mpc-system/services/service-party-android/gradle/wrapper/gradle-wrapper.properties
+++ b/backend/mpc-system/services/service-party-android/gradle/wrapper/gradle-wrapper.properties
@ -0,0 +1,7 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
--- a/Show More
+++ b/Show More
				`@ -0,0 +1 @@`
				608060405234801561001057600080fd5b5033600081815260208181526040808320670de0b6b3a76400009081905590519081527fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910160405180910390a36106fb8061006d6000396000f3fe608060405234801561001057600080fd5b50600436106100935760003560e01c8063313ce56711610066578063313ce5671461012b57806370a082311461014557806395d89b411461016e578063a9059cbb14610192578063dd62ed3e146101a557600080fd5b806306fdde0314610098578063095ea7b3146100d857806318160ddd146100fb57806323b872dd14610118575b600080fd5b6100c26040518060400160405280600b81526020016a111d5c9a585b881554d11560aa1b81525081565b6040516100cf91906105a0565b60405180910390f35b6100eb6100e636600461060a565b6101de565b60405190151581526020016100cf565b61010a670de0b6b3a764000081565b6040519081526020016100cf565b6100eb610126366004610634565b6102a0565b610133600681565b60405160ff90911681526020016100cf565b61010a610153366004610670565b6001600160a01b031660009081526020819052604090205490565b6100c260405180604001604052806005815260200164191554d11560da1b81525081565b6100eb6101a036600461060a565b61049a565b61010a6101b3366004610692565b6001600160a01b03918216600090815260016020908152604080832093909416825291909152205490565b60006001600160a01b03831661023b5760405162461bcd60e51b815260206004820152601760248201527f417070726f766520746f207a65726f206164647265737300000000000000000060448201526064015b60405180910390fd5b3360008181526001602090815260408083206001600160a01b03881680855290835292819020869055518581529192917f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92591015b60405180910390a350600192915050565b60006001600160a01b0384166102f85760405162461bcd60e51b815260206004820152601a60248201527f5472616e736665722066726f6d207a65726f20616464726573730000000000006044820152606401610232565b6001600160a01b0383166103495760405162461bcd60e51b81526020600482015260186024820152775472616e7366657220746f207a65726f206164647265737360401b6044820152606401610232565b6001600160a01b0384166000908152602081905260409020548211156103a85760405162461bcd60e51b8152602060048201526014602482015273496e73756666696369656e742062616c616e636560601b6044820152606401610232565b6001600160a01b03841660009081526001602090815260408083203384529091529020548211156104145760405162461bcd60e51b8152602060048201526016602482015275496e73756666696369656e7420616c6c6f77616e636560501b6044820152606401610232565b6001600160a01b03848116600081815260208181526040808320805488900390559387168083528483208054880190558383526001825284832033845282529184902080548790039055925185815290927fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910160405180910390a35060019392505050565b60006001600160a01b0383166104ed5760405162461bcd60e51b81526020600482015260186024820152775472616e7366657220746f207a65726f206164647265737360401b6044820152606401610232565b336000908152602081905260409020548211156105435760405162461bcd60e51b8152602060048201526014602482015273496e73756666696369656e742062616c616e636560601b6044820152606401610232565b33600081815260208181526040808320805487900390556001600160a01b03871680845292819020805487019055518581529192917fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910161028f565b600060208083528351808285015260005b818110156105cd578581018301518582016040015282016105b1565b506000604082860101526040601f19601f8301168501019250505092915050565b80356001600160a01b038116811461060557600080fd5b919050565b6000806040838503121561061d57600080fd5b610626836105ee565b946020939093013593505050565b60008060006060848603121561064957600080fd5b610652846105ee565b9250610660602085016105ee565b9150604084013590509250925092565b60006020828403121561068257600080fd5b61068b826105ee565b9392505050565b600080604083850312156106a557600080fd5b6106ae836105ee565b91506106bc602084016105ee565b9050925092905056fea264697066735822122028c97073f6e7db0ad943d101cb6873b31c3eb19bcea3eda83148447ab676a5ee64736f6c63430008130033