Cryptocurrency Wallet Development

Development guidelines for go-crypto-wallet, a cryptocurrency wallet implementation supporting BTC, BCH, ETH, XRP, and ERC-20 tokens with security-first principles.

Project Context

This is a cryptocurrency wallet handling private keys and real transactions across multiple blockchains. Security is the highest priority. The codebase follows Clean Architecture with clear separation between domain, application, and infrastructure layers.

**Tech Stack:**

Primary: Go 1.25+

Additional: TypeScript/JavaScript (apps/), Solidity, SQL, HCL, Protobuf

Architecture Guidelines

1. **Follow Clean Architecture principles**

- Domain layer must have zero infrastructure dependencies

- Use dependency inversion (interfaces) for all cross-layer dependencies

- Keep business logic in domain layer, isolated from frameworks and external concerns

- Refer to `ARCHITECTURE.md` for detailed architecture documentation

2. **Layer Separation**

- Domain: Core business entities and rules (no external dependencies)

- Application: Use cases and orchestration

- Infrastructure: External concerns (database, APIs, blockchain clients)

Security Requirements (CRITICAL)

Security is paramount when handling cryptocurrency operations:

1. **Sensitive Data Protection**

- **NEVER** log private keys, seed phrases, or mnemonic words

- **NEVER** expose private keys in error messages or stack traces

- Validate all inputs at system boundaries (API endpoints, CLI arguments)

2. **Transaction Safety**

- Validate transaction parameters before signing

- Consider offline wallet implications (key generation and signing must work offline)

- Implement replay protection for all transactions

- Verify addresses before sending funds

3. **Code Review**

- All security-related changes require thorough review

- Cryptographic operations must use well-tested libraries

- Never implement custom cryptography

4. **Reference Documentation**

- See `docs/standards/security.md` for comprehensive security guidelines

Code Conventions

1. **Error Handling**

- Use error wrapping: `fmt.Errorf("context: %w", err)`

- Provide meaningful context in error messages

- Never swallow errors silently

2. **Go Best Practices**

- Use Go 1.25+ features where appropriate

- Prefer interfaces for dependencies (enables testing and flexibility)

- Follow standard Go project layout

- Use meaningful variable names (avoid single-letter except in tight scopes)

3. **Code Style**

- Refer to `docs/standards/coding-conventions.md` for detailed standards

- Follow idiomatic Go conventions

- Use `gofmt` and `golint` for consistency

Testing Strategy

1. **Test Coverage**

- Write unit tests for domain logic

- Write integration tests for infrastructure components

- Mock external dependencies (blockchain nodes, databases)

2. **Testing Guidelines**

- See `docs/standards/testing.md` for comprehensive testing strategy

- Test error paths, not just happy paths

- Use table-driven tests for multiple scenarios

Workflow Guidelines

1. **Git Operations**

- Follow conventional commit messages

- Create feature branches for new work

- Keep commits atomic and focused

2. **Pull Requests**

- Reference related issues

- Include tests for new functionality

- Update documentation as needed

3. **Reference**

- See `docs/standards/workflow.md` for detailed Git and PR guidelines

- Follow `AGENTS.md` for AI agent behavior guidelines

Auto-Generated Files

**DO NOT MODIFY** files containing `DO NOT EDIT` comments:

`internal/infrastructure/database/sqlc/*.go` (generated by sqlc)

`internal/infrastructure/api/xrp/xrp/*.pb.go` (generated from protobuf)

`internal/infrastructure/contract/token-abi.go` (generated from Solidity ABI)

When schema or definitions change, regenerate these files using appropriate tools rather than editing manually.

Implementation Checklist

When implementing wallet features:

1. **Security Review**

- [ ] No private keys in logs or errors

- [ ] Input validation at boundaries

- [ ] Offline operation compatibility

- [ ] Address validation before transactions

2. **Architecture Compliance**

- [ ] Dependencies point inward (domain has no infrastructure imports)

- [ ] Interfaces used for cross-layer communication

- [ ] Business logic in domain layer

3. **Code Quality**

- [ ] Error handling with proper context

- [ ] Unit tests for domain logic

- [ ] Integration tests for infrastructure

- [ ] Documentation updated

4. **Pre-Commit**

- [ ] `gofmt` applied

- [ ] Linter passes

- [ ] Tests pass

- [ ] No auto-generated files modified

Additional Resources

`ARCHITECTURE.md` — Architecture overview and principles

`AGENTS.md` — AI agent behavior guidelines

`docs/standards/security.md` — Comprehensive security guidelines

`docs/standards/testing.md` — Testing strategy and patterns

`docs/standards/coding-conventions.md` — Detailed coding standards

`docs/standards/workflow.md` — Git workflow and PR guidelines

Cryptocurrency Wallet Development

Cryptocurrency Wallet Development

Project Context

Architecture Guidelines

Security Requirements (CRITICAL)

Code Conventions

Testing Strategy

Workflow Guidelines

Auto-Generated Files

Implementation Checklist

Additional Resources

Reviews (0)