LumireCRM

Product

One system of record for the brokerage back-office.

LumireCRM replaces the five-tool stack (CRM + KYC + payments + automation + reporting) with one API-first platform. Everything below is shipping today on every Starter deployment.

Identity & traders

  • Multi-tenant from day one — Postgres row-level security, one database many brokers.
  • Trader lifecycle: lead → converted → KYC → trading account → positions.
  • Sumsub-ready KYC with webhook ingest; manual override for compliance ops.
  • 2FA (TOTP) for every operator; external OTP-over-SMS lands in a later phase.

Money movement

  • Deposits + withdrawals with state machine (requested → approved → settled) and full audit trail.
  • Stripe live; PayPal Orders v2 and Coinbase Commerce shipped as adapter pairs (hosted checkout + HMAC-verified webhooks).
  • Affiliates + multi-tier rebates, automatic commission ledger on every deposit settlement.
  • Per-tenant risk rules (JSON-logic match → routing: A-book / B-book / manual / block) evaluated in priority order.

Automation

  • Domain event bus — 14 events (deposit/withdrawal lifecycle, KYC transitions, lead + trader created/converted, position opened/updated/closed) fanned out to webhooks, campaigns, and workflows.
  • Workflow engine: trigger event → JSON-logic condition → actions (tag trader, log activity, send email).
  • Campaign engine: drip sequences across email, SMS (Twilio), WhatsApp (Meta), delays, and tags.
  • Scheduled exports — cron-driven CSV exports from saved reports to S3/MinIO.

Operational UX

  • Back-office admin at /admin with builder UIs for workflows, campaigns, risk rules, saved reports, dashboards.
  • Composable dashboards — drop KPIs, saved-report tables, and activity feeds into a 12-column grid.
  • Trader-facing portal at /portal with KYC wizard, deposits, positions, and a 2FA enrollment wizard.
  • Audit log viewer with resource + action filters; 90-day rolling retention via the maintenance worker.

Platform

  • Real-time Socket.IO gateway: each tenant joins a private room; domain events push live to every admin surface.
  • API-first: every admin feature rides on /v1/* REST endpoints with OpenAPI docs at /docs and RFC 7807 problem details for errors.
  • Personal API keys (argon2-hashed, prefix-indexed) for external integrations, with scoped revocation and audit entries.
  • Background workers under PM2: webhook dispatch, campaign executor, workflow evaluator, scheduled exports, maintenance sweeps.