Neobank Super Wallet

Most wallets that started as fiat-only bolt crypto onto a separate database when they add it. The result is two ledgers, two reconciliations, two truth sources, and a permanent class of edge cases where fiat balance and crypto balance disagree about who owes what to whom. Coreal Super Wallet is built on a single double-entry core where every fiat IBAN, every Visa authorisation, every BTC/USDC custody movement and every SEPA settlement posts to the same ledger as a typed entry. Currency is a column, not a separate system. Reconciliation drift across all asset classes runs at 0.00 bps because there is nothing to reconcile — there is only one set of postings.

When a Coreal-issued Visa card is presented at a merchant, the authorisation request hits the card processor, is forwarded over the issuer interface to the wallet service, and is matched against the customer subaccount tree. The available balance is calculated as posted balance minus the sum of open auth-blocks. If the auth passes risk and balance checks, a blocking entry is journaled (Dr customer:available · Cr customer:blocked) with the auth ID, scheme reference and merchant category. The auth then either captures (block → settled, with the cleared amount), partially captures (block split into settled + released), or expires after the scheme TTL (typically 7–30 days). Every state transition is a posting. The card processor never holds authoritative state.

The crypto custody module integrates Fireblocks (or an equivalent MPC custodian) for key management. Coreal does not hold raw private key material; what Coreal holds is the policy layer that decides which transactions are allowed to be signed. Every inbound deposit and outbound withdrawal is screened against a Chainalysis KYT result before the corresponding ledger posting is finalised. A flagged result (sanctions exposure, mixer interaction, dark-market provenance) routes the transaction to a manual review case in the operator workspace, with the wallet credit blocked until the analyst clears it. The customer sees a "pending review" status; the regulator sees a complete decision trail.

Switching between fiat and crypto inside the wallet is not a forwarded request to an exchange — it is a position adjustment on the Coreal treasury book. The customer sees a quote (with spread), confirms, and the trade posts as four entries: customer fiat debit, customer crypto credit, treasury fiat credit, treasury crypto debit. Coreal's treasury then nets exposures across all customers and hedges externally on a managed cadence (typically every 5–15 minutes during market hours, longer during low-volume windows). Customers get instant settlement; the firm carries managed FX risk.

A first-time customer can hold up to €1,000 in balance after passing Tier 1 KYC: telco-verified identity, name + DOB, sanctions screening. To go beyond that — to receive an IBAN, hold higher balance, or use crypto — they progress to Tier 2: OCR-extracted government ID, liveness check, address verification, expanded sanctions/PEP screening. Each tier has explicit limit multipliers on transactions per day, balance, single transaction, and cumulative volume. The BPM engine enforces these at the gateway layer: a customer attempting an out-of-tier action sees an in-app step-up flow that resumes the original transaction once verified.