{"endpoints":{"/create":"POST - Create a new transfer (requires JSON body with token field in payload.signature format)","/status?id=<transferId>&token=<payload.signature>":"GET - Check status of a transfer (requires JWT-like token authentication)","/update":"POST - Update a transfer status (requires JSON body with token field in payload.signature format)","/transfers":"GET - List all transfers in the system (most recent 100 by default)","/transfers?limit=<number>&token=<payload.signature>":"GET - Limit number of transfers returned","/transfers/:id/ws?token=<payload.signature>":"WebSocket - Connect for real-time updates (requires JWT-like token authentication)","/scan":"POST - Broadcast scan event to all WebSocket listeners for a transfer","/unscan":"POST - Broadcast unscan event to all WebSocket listeners for a transfer"},"authentication":{"description":"JWT-like token authentication required for most endpoints","method":"Format: payload.signature where payload is base64-encoded JSON and signature is HMAC-SHA256","validity":"Tokens include an expiry field and are typically valid for 30 minutes"}}