=== Thentic Pay — Crypto Payments for WooCommerce ===
Contributors: thenticpay
Tags: crypto, payments, woocommerce, ethereum, bitcoin
Requires at least: 5.8
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 1.0.7
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Accept crypto payments directly to your wallet. 30+ tokens across 12 blockchains. No KYC. No custodian. Auto order confirmation.

== Description ==

Thentic Pay lets your customers pay with crypto at WooCommerce checkout — and sends funds directly to your wallet. No exchange. No custodian. No KYC. No waiting.

Customers select their preferred blockchain and token at checkout (USDT, USDC, ETH, BNB, WBTC and 30+ more across 12 networks), complete payment on the Thentic Pay page, and your WooCommerce order is automatically confirmed on-chain via webhook.

**Why merchants choose Thentic Pay:**

* **Non-custodial** — funds go directly from the customer's wallet to yours. Thentic never touches your money.
* **No KYC, no registration friction** — customers pay from any compatible wallet, no accounts required.
* **12 blockchains** — Ethereum, Polygon, BNB Chain, Arbitrum, Optimism, Base, Avalanche, Cronos, Gnosis, Flare, Conflux, Monad
* **30+ tokens** — USDT, USDC, DAI, ETH, BNB, WBTC, WETH, LINK, AAVE, UNI, SHIB, DOGE, XRP, ADA and more
* **Auto order confirmation** — webhook marks your WooCommerce order as Processing the moment payment confirms on-chain. Zero manual work.
* **Customer chooses network and token** — dropdown selectors at checkout. You configure which options to show.
* **Multi-currency stores** — live exchange rate conversion for EUR, GBP and 20+ currencies
* **Block and classic checkout** — fully compatible with WooCommerce's block-based and classic checkout. Zero warnings.
* **1% fee on transaction volume**, billed monthly via invoice in your merchant portal. No monthly minimums, no setup costs.

**How it works:**

1. Customer selects "Pay with Crypto" at checkout
2. Customer picks their preferred network (e.g. Polygon) and token (e.g. USDT)
3. Customer is redirected to the Thentic Pay payment page to complete the transaction
4. Once confirmed on-chain, your WooCommerce order automatically moves to Processing

== Installation ==

1. Upload the plugin folder to `/wp-content/plugins/thentic-pay/`
2. Activate the plugin through the Plugins menu in WordPress
3. Go to WooCommerce > Settings > Payments > Thentic Pay
4. Enter your Thentic Merchant ID (sign up free at thentic.tech/pay)
5. Enter your EVM-compatible wallet address
6. Choose which blockchains and tokens to offer at checkout
7. Save — you are live

== Frequently Asked Questions ==

= Is the plugin free to install? =
Yes. The plugin is free. Thentic Pay charges 1% on transaction volume, billed monthly via invoice in your merchant portal. No monthly minimums, no setup costs — you only pay when you receive payments.

= Do customers need a crypto wallet? =
Yes. Customers need a WalletConnect-compatible wallet (MetaMask, Trust Wallet, Coinbase Wallet, etc.) holding the token they want to pay with.

= Does Thentic hold my funds? =
Never. Payments go directly from the customer's wallet to your wallet address on-chain. Thentic only provides the payment page infrastructure.

= Which WooCommerce versions are supported? =
WooCommerce 5.0 and above, WordPress 5.8+, PHP 7.4+.

= Does it work with the new block-based checkout? =
Yes. Fully compatible with both WooCommerce's classic and block-based checkout.

= My store uses EUR or GBP. Will it work? =
Yes. The plugin fetches live exchange rates and converts to USD automatically before creating the crypto payment request.

= Can I choose which blockchains and tokens to accept? =
Yes. In the plugin settings you can enable or disable individual chains and tokens. Customers only see what you've enabled.

= What data is sent to external services? =
When a customer places an order using Thentic Pay, the following data is sent to the Thentic Pay API (thentic.tech) to create the payment request: order total, selected token and network, your configured wallet address, your merchant ID, and the customer's email address. This data is required to process the payment. Please review the [Thentic Pay Terms of Service](https://thentic.tech) for details on how this data is handled.

The plugin also makes a request to open.er-api.com to fetch live currency exchange rates when your store uses a non-USD currency. No user data is sent in this request.

== Screenshots ==

1. Crypto payment option at WooCommerce checkout with Network and Token dropdowns
2. Plugin settings page showing supported chains and token configuration
3. WooCommerce order marked as Processing after confirmed on-chain payment

== External Services ==

This plugin connects to the following external services:

= Thentic Pay API =
Used to create and process crypto payment transactions.
Data sent: payment amount, recipient wallet address, selected token and chain.
Terms of Service: https://thentic.tech/terms
Privacy Policy: https://thentic.tech/policy

= Exchange Rate API (open.er-api.com) =
Used to convert fiat amounts to crypto equivalents at checkout.
Data sent: no personal data, only a request for current USD exchange rates.
Terms of Service: https://www.exchangerate-api.com/terms
Privacy Policy: https://www.exchangerate-api.com/privacy

== Changelog ==

= 1.0.7 =
* Security: Added chain/token allowlist validation in validate_fields() and process_payment()
* Security: Replaced json_encode with wp_json_encode throughout
* Security: Added wp_unslash() before sanitize_text_field() on all $_POST reads
* Security: Replaced intval() with absint() for order ID handling
* Compliance: Bundled plugin icon locally — removed external hotlink from storefront
* Compliance: Wrapped all error_log() calls behind WP_DEBUG check
* Compliance: Added phpcs:ignore annotations on intentional error_log usage
* Compliance: Updated plugin display name to avoid trademark conflicts
* i18n: Wrapped remaining untranslated strings in __() calls with thentic-pay text domain
* Bumped asset version strings to match plugin version

= 1.0.6 =
* Security: Added nonce verification for admin settings form
* Security: Improved output escaping throughout
* Added Text Domain and License URI to plugin header
* Full token support: ETH, BNB, WBTC, WETH, LINK, AAVE, UNI, SHIB, DOGE, XRP, ADA and more
* Block checkout compatibility improvements
* Multi-currency live exchange rate conversion
* WooCommerce feature compatibility declarations

= 1.0.0 =
* Initial release

== Upgrade Notice ==

= 1.0.7 =
Security and compliance improvements. Recommended update for all users.

= 1.0.6 =
Security improvements and full token support. Recommended update for all users.
