From 6fb93fa99184718abfb0672211bf4d1293af8667 Mon Sep 17 00:00:00 2001
From: Bekiboo <julien.connault@gmail.com>
Date: Wed, 18 Feb 2026 09:04:36 +0300
Subject: [PATCH 1/2] feat: update database configurations and environment path
 for evoting and registry platforms

---
 docker-compose.databases.yml        | 2 +-
 platforms/evoting/api/src/index.ts  | 2 +-
 platforms/registry/api/src/index.ts | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docker-compose.databases.yml b/docker-compose.databases.yml
index 04a747497..2e800546e 100644
--- a/docker-compose.databases.yml
+++ b/docker-compose.databases.yml
@@ -10,7 +10,7 @@ services:
     environment:
       - POSTGRES_USER=${POSTGRES_USER:-postgres}
       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-postgres}
-      - POSTGRES_MULTIPLE_DATABASES=registry,provisioner
+      - POSTGRES_MULTIPLE_DATABASES=registry,provisioner,evoting
     volumes:
       - postgres_data:/var/lib/postgresql/data
       - ./db/init-multiple-databases.sh:/docker-entrypoint-initdb.d/init-multiple-databases.sh
diff --git a/platforms/evoting/api/src/index.ts b/platforms/evoting/api/src/index.ts
index 899a35405..1425ffac6 100644
--- a/platforms/evoting/api/src/index.ts
+++ b/platforms/evoting/api/src/index.ts
@@ -18,7 +18,7 @@ import { CronManagerService } from "./services/CronManagerService";
 config({ path: path.resolve(__dirname, "../../../.env") });
 
 const app = express();
-const port = process.env.PORT || 4000;
+const port = process.env.EVOTING_API_PORT || process.env.PORT || 4001;
 
 // Initialize database connection and adapter
 AppDataSource.initialize()
diff --git a/platforms/registry/api/src/index.ts b/platforms/registry/api/src/index.ts
index 19745bdb2..d383be64e 100644
--- a/platforms/registry/api/src/index.ts
+++ b/platforms/registry/api/src/index.ts
@@ -26,7 +26,7 @@ fs.watchFile(path.resolve(__dirname, "../motd.json"), (_curr, _prev) => {
     motd = loadMotdJSON();
 });
 
-dotenv.config({ path: path.resolve(__dirname, "../../../.env") });
+dotenv.config({ path: path.resolve(__dirname, "../../../../.env") });
 
 const server = fastify({ logger: true });
 

From 024dcd7df615f2e543be65cfe3beeca6642e052a Mon Sep 17 00:00:00 2001
From: Bekiboo <julien.connault@gmail.com>
Date: Wed, 18 Feb 2026 10:17:07 +0300
Subject: [PATCH 2/2] feat: enhance QR code handling and improve message
 signing logic

---
 .../dev-sandbox/src/routes/+page.svelte       | 27 ++++++++++++++-----
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/infrastructure/dev-sandbox/src/routes/+page.svelte b/infrastructure/dev-sandbox/src/routes/+page.svelte
index d5e645e81..e1c946bf6 100644
--- a/infrastructure/dev-sandbox/src/routes/+page.svelte
+++ b/infrastructure/dev-sandbox/src/routes/+page.svelte
@@ -331,7 +331,11 @@
             if (text) {
                 w3dsInput = text.trim();
                 actionError = null;
-                addLog("info", "Decoded QR", text.slice(0, 50) + (text.length > 50 ? "…" : ""));
+                addLog(
+                    "info",
+                    "Decoded QR",
+                    text.slice(0, 50) + (text.length > 50 ? "…" : ""),
+                );
             } else {
                 qrDecodeError = "No QR code found in image.";
             }
@@ -354,8 +358,8 @@
     }
 
     function handlePaste(e: ClipboardEvent) {
-        const item = Array.from(e.clipboardData?.items ?? []).find(
-            (it) => it.type.startsWith("image/"),
+        const item = Array.from(e.clipboardData?.items ?? []).find((it) =>
+            it.type.startsWith("image/"),
         );
         const file = item?.getAsFile();
         if (file) {
@@ -428,21 +432,31 @@
             } else {
                 const sessionId = url.searchParams.get("session") ?? "";
                 const redirectUri = url.searchParams.get("redirect_uri") ?? "";
+                const dataParam = url.searchParams.get("data") ?? "";
                 if (!sessionId || !redirectUri) {
                     actionError = "w3ds://sign needs session and redirect_uri.";
                     return;
                 }
+                // Decode base64 data if present, otherwise fallback to sessionId
+                let messageToSign = sessionId;
+                if (dataParam) {
+                    try {
+                        messageToSign = atob(dataParam);
+                    } catch {
+                        messageToSign = dataParam;
+                    }
+                }
                 const signature = await signPayload({
                     cryptoAdapter: adapter,
                     keyId: selectedIdentity.keyId,
                     context: "onboarding",
-                    payload: sessionId,
+                    payload: messageToSign,
                 });
                 const body = {
                     sessionId,
                     signature,
                     w3id: selectedIdentity.w3id,
-                    message: sessionId,
+                    message: messageToSign,
                 };
                 const res = await fetch(redirectUri, {
                     method: "POST",
@@ -578,7 +592,8 @@
                     <p>
                         Paste a <code>w3ds://auth</code> or
                         <code>w3ds://sign</code> URI (or HTTP URL with session/redirect_uri).
-                        You can also upload or paste an image of a QR code to decode the request.
+                        You can also upload or paste an image of a QR code to decode
+                        the request.
                     </p>
                     <div class="w3ds-qr-actions">
                         <input