diff --git a/server.js b/server.js
index 1ba7b6a..de31e98 100644
--- a/server.js
+++ b/server.js
@@ -1,88 +1,101 @@
+// app.js
 const express = require('express');
-const bodyParser = require('body-parser');
 const Web3 = require('web3');
 const config = require('./config.json');
 
-const walletPrivateKey = process.env.walletPrivateKey;
-const web3 = new Web3('https://mainnet.infura.io/v3/_your_api_key_here_');
+const INFURA_ID = process.env.INFURA_ID || '_your_api_key_here_';
+const WALLET_PRIVATE_KEY = process.env.WALLET_PRIVATE_KEY || process.env.walletPrivateKey;
 
-web3.eth.accounts.wallet.add(walletPrivateKey);
-const myWalletAddress = web3.eth.accounts.wallet[0].address;
+if (!WALLET_PRIVATE_KEY) {
+  throw new Error('WALLET_PRIVATE_KEY env değişkeni eksik.');
+}
+
+const web3 = new Web3(`https://mainnet.infura.io/v3/${INFURA_ID}`);
+const account = web3.eth.accounts.privateKeyToAccount(
+  WALLET_PRIVATE_KEY.startsWith('0x') ? WALLET_PRIVATE_KEY : '0x' + WALLET_PRIVATE_KEY
+);
+web3.eth.accounts.wallet.clear();
+web3.eth.accounts.wallet.add(account);
+web3.eth.defaultAccount = account.address;
 
 const cEthAddress = config.cEthAddress;
 const cEthAbi = config.cEthAbi;
 const cEthContract = new web3.eth.Contract(cEthAbi, cEthAddress);
 
 const app = express();
-const port = 3000;
+const port = process.env.PORT || 3000;
 
-app.use(bodyParser.json());
-app.use(bodyParser.urlencoded({ extended: true }));
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
 
-app.route('/protocol-balance/eth/').get((req, res) => {
-  cEthContract.methods.balanceOfUnderlying(myWalletAddress).call()
-    .then((result) => {
-      const balanceOfUnderlying = web3.utils.fromWei(result);
-      return res.send(balanceOfUnderlying);
-    }).catch((error) => {
-      console.error('[protocol-balance] error:', error);
-      return res.sendStatus(400);
-    });
+app.get('/protocol-balance/eth/', async (req, res) => {
+  try {
+    const result = await cEthContract.methods.balanceOfUnderlying(account.address).call();
+    const balanceOfUnderlying = web3.utils.fromWei(result.toString(), 'ether');
+    return res.send(balanceOfUnderlying);
+  } catch (error) {
+    return res.sendStatus(400);
+  }
 });
 
-app.route('/wallet-balance/eth/').get((req, res) => {
-  web3.eth.getBalance(myWalletAddress).then((result) => {
-    const ethBalance = web3.utils.fromWei(result);
+app.get('/wallet-balance/eth/', async (req, res) => {
+  try {
+    const result = await web3.eth.getBalance(account.address);
+    const ethBalance = web3.utils.fromWei(result.toString(), 'ether');
     return res.send(ethBalance);
-  }).catch((error) => {
-    console.error('[wallet-balance] error:', error);
+  } catch (error) {
     return res.sendStatus(400);
-  });
+  }
 });
 
-app.route('/wallet-balance/ceth/').get((req, res) => {
-  cEthContract.methods.balanceOf(myWalletAddress).call().then((result) => {
-      const cTokenBalance = result / 1e8;
-      return res.send(cTokenBalance.toString());
-    }).catch((error) => {
-      console.error('[wallet-ctoken-balance] error:', error);
-      return res.sendStatus(400);
-    });
+app.get('/wallet-balance/ceth/', async (req, res) => {
+  try {
+    const result = await cEthContract.methods.balanceOf(account.address).call();
+    const cTokenBalance = (Number(result) / 1e8).toString();
+    return res.send(cTokenBalance);
+  } catch (error) {
+    return res.sendStatus(400);
+  }
 });
 
-app.route('/supply/eth/:amount').get((req, res) => {
-  if (isNaN(req.params.amount)) {
+app.get('/supply/eth/:amount', async (req, res) => {
+  const amountStr = String(req.params.amount).trim();
+  const amount = parseFloat(amountStr);
+  if (!isFinite(amount) || amount <= 0) {
     return res.sendStatus(400);
   }
 
-  cEthContract.methods.mint().send({
-    from: myWalletAddress,
-    gasLimit: web3.utils.toHex(500000),
-    gasPrice: web3.utils.toHex(20000000000),
-    value: web3.utils.toHex(web3.utils.toWei(req.params.amount, 'ether'))
-  }).then((result) => {
+  try {
+    await cEthContract.methods.mint().send({
+      from: account.address,
+      gas: 500000,
+      value: web3.utils.toWei(amountStr, 'ether')
+    });
     return res.sendStatus(200);
-  }).catch((error) => {
-    console.error('[supply] error:', error);
+  } catch (error) {
     return res.sendStatus(400);
-  });
+  }
 });
 
-app.route('/redeem/eth/:cTokenAmount').get((req, res) => {
-  if (isNaN(req.params.cTokenAmount)) {
+app.get('/redeem/eth/:cTokenAmount', async (req, res) => {
+  const amtStr = String(req.params.cTokenAmount).trim();
+  if (!/^\d+(\.\d+)?$/.test(amtStr)) {
     return res.sendStatus(400);
   }
 
-  cEthContract.methods.redeem(req.params.cTokenAmount * 1e8).send({
-    from: myWalletAddress,
-    gasLimit: web3.utils.toHex(500000),
-    gasPrice: web3.utils.toHex(20000000000)
-  }).then((result) => {
+  try {
+    const mantissa = web3.utils.toBN('100000000');
+    const base = web3.utils.toBN(web3.utils.toWei(amtStr, 'gwei')).div(web3.utils.toBN('1000000000')); // güvenli tam sayı dönüşümü
+    const cTokenAmountScaled = base.mul(mantissa);
+
+    await cEthContract.methods.redeem(cTokenAmountScaled).send({
+      from: account.address,
+      gas: 500000
+    });
     return res.sendStatus(200);
-  }).catch((error) => {
-    console.error('[redeem] error:', error);
+  } catch (error) {
     return res.sendStatus(400);
-  });
+  }
 });
 
 app.listen(port, () => console.log(`API server running on port ${port}`));