I currently run our transactions through an Android app that was written in Java, but we do not have access to its source code and there is no API documentation available. Every payment has to be keyed in manually because the traffic is SSL-pinned, so we cannot see or reuse the requests. Your task is to break through that barrier and hand me four working, fully mapped endpoints: • Login • Login QR • Transactions (list / history) • Send Money What I need from you – Remove or bypass the app’s SSL handshake / certificate-pinning so the traffic can be inspected (Frida, Objection, mitmproxy—use whatever tooling you prefer). – Reverse-engineer the requests and responses for those four features. – Deliver the final endpoint URLs, required headers, payload structure, and sample JSON for both successful and failure cases. – Provide a short test script (curl, Postman collection or simple Python) that proves each call works without the original app. Acceptance will be based on my ability to run your test script and reproduce the same behaviour the app shows in production. No UI work is needed—pure network/API level only.