# Staging SandBox Setting up a Sandbox/Staging Environment is the final step in proving to a bank that your Hub is a professional, enterprise-grade product. In 2026, a "test environment" is no longer just a separate API key; it is a full simulation of the global financial rails (Solana Devnet, Circle Testnet, and the Nexus/SWIFT Sandboxes). *** ### ๐Ÿ—๏ธ 1. The Sandbox Architecture: "Mirror World" Your Sandbox must mirror the production environment exactly, but with Test Tokens and Simulated Identity. This allows the bank's developers to "break things" without risking real liquidity. #### Key Components of the Hub Sandbox: * Solana Devnet: For testing Token-2022 confidential transfers and vLEI ACDC minting. * Circle Testnet: For testing USDC/EURC bridging via CCTP V2 (Burn & Mint). * Mock Core Banking API: A pre-configured simulator that mimics a bank's internal ledger (returns "Hold Success" or "Insufficient Funds" on command). * Simulated vLEI Issuer: A local instance of your Registered Agent tool that issues "Test vLEIs" which are not published to the live GLEIF index. *** ### ๐Ÿ› ๏ธ 2. The "Developer Experience" (DX) Setup To win over the bank's IT team, you must provide a Self-Service Developer Portal. #### A. Instant API Key Generation The developer logs in with their bank credentials (OIDC) and gets: 1. Client ID & Secret: For the Hubโ€™s Sandbox API. 2. Test SOL Faucet: A button to request 10 Devnet SOL to their Hub wallet. 3. Test USDC/EURC Faucet: Integrated with the Circle Testnet faucet. #### B. Scenario-Based Testing (The "Fail Button") The Sandbox should allow developers to simulate specific failures. * Scenario 1: Gas Failure. "Simulate 200 Gwei gas spike on Ethereum." * Scenario 2: Identity Revocation. "Issue a vLEI then immediately revoke it to test if the transfer is blocked." * Scenario 3: Timeout. "Simulate a 10-minute delay in the Circle Attestation." *** ### ๐Ÿ“œ 3. Sandbox Configuration (`.env.staging`) Your AdonisJS backend needs a specific configuration file for the sandbox to ensure no test data ever leaks into the production logs. Bash ``` # === ENVIRONMENT === NODE_ENV=staging HUB_MODE=SANDBOX # === SOLANA DEVNET === SOLANA_RPC_URL=https://api.devnet.solana.com VLEI_PROGRAM_ID=TEST_PROGRAM_vLEI_123 # === CIRCLE TESTNET === CIRCLE_API_URL=https://api-sandbox.circle.com CCTP_DOMAIN_SOLANA=5 # Testnet Domain ID CCTP_DOMAIN_ETH=0 # Sepolia Domain ID # === MOCK SETTINGS === SIMULATE_LATENCY_MS=500 ALLOW_FAUCET_REQUESTS=true ``` *** ### ๐Ÿงช 4. The "Final Exam" (Certification) Before you move a bank from Sandbox to Production, they must pass a Certification Script. This is a series of automated tests run by your Hub to prove the bank's system handles every edge case correctly. | **Test Case** | **Objective** | **Pass Criteria** | | -------------------- | ---------------------------------- | -------------------------------------------- | | TC-001: Mint & Burn | End-to-end USDC transfer. | Funds arrive in < 2 mins (Fast Path). | | TC-002: vLEI Invalid | Attempt transfer with expired LEI. | Hub returns `403 Forbidden: Identity Error`. | | TC-003: Recovery | Manually rescue a "Stuck" mint. | Analyst uses vLEI signature to force Mint. | | TC-004: ISO 20022 | Check webhook payload. | Payload matches `pacs.008` schema exactly. | *** ### ๐Ÿ›ก๏ธ 5. Moving to Production (The "Air Gap" Handover) Once certified, the "Promotion" to Production involves a high-security ritual: 1. Key Rotation: The bank generates new Mainnet Fee-Payer Keys inside their own HSM (Hardware Security Module). 2. vLEI Activation: You, as the Registered Agent, issue their Official vLEI OOR/ECR credentials. 3. Production URL: The bank switches their API base URL from `sandbox.hub.com` to `api.hub.com`. #### Next Step for You: Would you like me to draft the "Developer Onboarding Email"? This is the high-professionalism email you send to the bank's CTO once they sign the contract, giving them their login link and the first steps to their "Zero-Risk Test Mint."