Cointacted – Social Terminal

Cointacted Social Terminal adds a beautiful, modern, keyboard-first terminal interface to any WordPress site. It works seamlessly across pages, posts, builders, communities, dashboards, and custom layouts.

The terminal provides a clean command-driven experience with:

• 🎨 Fully theme-inherited UI
• ⌨️ Interactive CLI-style input
• 📐 Monospace-accurate typing + perfect cursor alignment
• 🧩 Extensible command registry
• 🦊 Safe, optional, read-only wallet awareness
• 🛡️ Optional Cloudflare Turnstile protection (anti-bot)
• 🔌 Add-on architecture for advanced features

The terminal can optionally be protected with Cloudflare Turnstile. When enabled, the terminal remains locked until the visitor successfully passes the security check. This feature is fully configurable and disabled by default.

This is the core of the Cointacted Ecosystem — lightweight, free, safe, and designed to integrate everywhere.

✨ Key Features

• Interactive terminal UI – Fast, responsive, keyboard-friendly.
• Automatic theme matching – Uses your theme’s buttons and styles.
• Accurate prompt + cursor – Perfect alignment for a real terminal feel.
• Command registry – Add, remove, or extend commands.
• JS Developer API – Register custom commands or hook into output events.
• Secure by design
  • Normalized input
  • Command access rules
  • Server-side validation
  • Cloudflare Turnstile support
• Optional wallet awareness
  • Only detects what the browser already exposes
  • Never requests connection or signs anything
• Add-on ready – Extend functionality without touching the core.

Works in: – Gutenberg / FSE – Elementor, Divi, Bricks, Oxygen – BuddyBoss, FluentCommunity, Peepso – Membership sites – Web3 dashboards – Custom frontend admin tools

🛡️ Cloudflare Turnstile Security (Optional)

The terminal can be protected by Cloudflare Turnstile to prevent automated abuse.

• Invisible challenge runs on page load
• Server verifies tokens before unlocking the terminal
• If verification fails, the terminal stays locked
• Fully optional — disabled by default
• No user data is sent anywhere except to Cloudflare’s Turnstile API (standard behavior)

Turnstile is loaded via wp_enqueue_script() and used only when enabled.

🧩 Optional Wallet Awareness (Read-Only)

Admin can activate/deactivate BLockchain completely in plugin settings.

The core plugin includes a safe, read-only wallet detector:

• Detects if a browser wallet exists (e.g., MetaMask)
• Reads exposed account / chain info only if the wallet is already unlocked
• Shows chain ID, network name, and address

✔ The core plugin never: – requests connection – triggers popups – reads private keys – signs messages – makes RPC calls

Blockchain actions require separate add-ons.

🧩 Upcoming Official Add-Ons

Social Mining: – Shortcodes integration – Social Mining (on-chain logs & claimable rewards) – EVM Integration – Solana Integration

Gamification / Community: – myCred Integration – GamiPress Integration – BuddyBoss Integration – FluentCommunity Integration – Peepso Integration

Advanced: – AI Commands Add-On – Analytics Add-On – Customization Pack (themes, cursors, styles) – And many more to come

🧠 Developer API & Add-On Integration

Cointacted Social Terminal is built around a secure core + add-on architecture.

The core plugin provides: – the terminal UI – command registry – security model – permission enforcement

All custom functionality (commands, integrations, blockchain actions, social features) is implemented via add-ons.

Developers can: – register new terminal commands (PHP) – control command access (public / user / capability-based) – hook into terminal output events – append output lines from JavaScript – integrate with third-party plugins and SPAs

All command execution is server-side only for security.

📘 Full developer documentation: https://docs.cointacted.com

⛶️️ Screenshots

1. The Terminal interface displayed on the frontend.
2. The Help panel showing available command groups and usage examples.
3. Optional wallet-awareness summary (read-only) when blockchain features are enabled.
4. General settings page for URLs, guest mode, and terminal behavior.
5. Commands settings page showing command groups and configuration options.
6. Security settings page with Cloudflare Turnstile configuration and enforcement modes.
7. Blockchain settings page with the global blockchain-enable toggle.

🌍️ External services

This plugin optionally integrates with Cloudflare Turnstile to protect the terminal interface from automated abuse and bots.

Cloudflare Turnstile is a privacy-friendly CAPTCHA alternative used only when enabled by the site administrator in the plugin settings.

When Cloudflare Turnstile is enabled: – The Turnstile JavaScript is loaded from Cloudflare servers. – A verification request is sent to Cloudflare when a user accesses the terminal. – The verification is used to determine whether the terminal should be unlocked for use.

Data sent to Cloudflare includes: – The Turnstile challenge response token generated in the browser. – The visitor’s IP address (as part of the verification request).

This service is provided by Cloudflare, Inc.

Cloudflare Turnstile: – Terms of Service: https://www.cloudflare.com/terms/ – Privacy Policy: https://www.cloudflare.com/privacypolicy/ – Turnstile documentation: https://developers.cloudflare.com/turnstile/

🧾 Changelog

1.0.3

• Updated wallet integration to remain compatible with recent MetaMask API and provider changes.
• Improved terminal UX and responsiveness across desktop and mobile devices.
• Refined command input behavior for faster, terminal-style interaction, including keyboard command history navigation.
• Removed the terminal header for a cleaner, native terminal experience.
• Improved automatic link detection in terminal output, including support for links without protocol.
• General internal cleanup and stability improvements across core terminal rendering and input handling.
• Documentation updates and clarifications for optional third-party services used by the plugin.

1.0.2

• Moved all inline JavaScript from templates to proper WordPress enqueue flows using wp_add_inline_script().
• Scoped Cloudflare Turnstile loading strictly to pages where the terminal is rendered.
• Added clear documentation of optional Cloudflare Turnstile usage under External Services in the readme.
• Improved asset loading structure to fully comply with WordPress.org plugin guidelines.
• Added internal hooks and structural support for a forthcoming FluentCommunity add-on providing native SPA integration.
• Prepared core logic to allow the terminal to run as a native FluentCommunity SPA page (no full page reloads), with automatic light/dark mode adaptation and social-network-specific terminal commands, delivered via a separate add-on.
• Minor internal refactoring to ensure consistent script initialization and safer execution order.

1.0.1

• Added Security settings page with full Cloudflare Turnstile integration to protect the terminal from bots and automated abuse.
• Added Blockchain settings page with a global toggle to fully enable/disable all blockchain-related features.
• Implemented server-side Turnstile verification and terminal lock/unlock logic for strict anti-bot protection.
• Added advanced command payload normalization, sanitization and argument validation (including Unicode/control character stripping).
• Added base64 and suspicious-input detection guards in the dispatcher for improved command security.
• Enhanced permission model: registry-driven command access rules, capability checks, and guest-mode safeguards.
• Introduced global wallet-awareness toggle and terminal behavior changes when blockchain features are disabled.
• Improved help system to dynamically hide blockchain/wallet command groups when disabled.
• Localized all assets: replaced external logo with internal plugin asset and enqueued Turnstile using wp_enqueue_script().
• General structural hardening and consistency improvements across core terminal logic, REST API, and JS–PHP command pipeline.

1.0.0

• 🎉 First stable public release.
• Strong theme isolation.
• Added safe wallet detection (read-only).
• Expanded developer API & command registry.
• Add-on ecosystem architecture implemented.

🔒 Privacy

Cointacted Social Terminal does not collect, track, or store personal data by default.

The plugin does not send user data to external services and does not interact with blockchains unless optional features are explicitly enabled by the site administrator.

Wallet addresses are only stored locally in WordPress user metadata when the administrator enables wallet persistence. No private keys are ever accessed or stored.

If Cloudflare Turnstile is enabled, the plugin communicates with Cloudflare to verify whether a visitor is a human before allowing access to the terminal. This verification involves sending a challenge response token and the visitor’s IP address to Cloudflare for validation.

This data is processed according to Cloudflare’s privacy policy and is not stored by the plugin itself.

Cloudflare Privacy Policy: https://www.cloudflare.com/privacypolicy/

Cointacted Social Terminal is designed to be GDPR-friendly and minimizes data processing wherever possible.

🆘 Support

Documentation: https://docs.cointacted.com Plugin website: https://cointacted.com Support: https://cointacted.com/support