diff --git a/install.sh b/install.sh
new file mode 100644
index 0000000..399b90b
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,173 @@
+#!/bin/bash
+set -e
+
+REPO_URL="https://git.simplifiedprivacy.com/Support/sp-hydra-veil-core"
+BRANCH="core-laravel-proxyTEST"
+INSTALL_DIR="$HOME/sp-hydra-veil-core"
+SINGBOX_VERSION="1.13.5"
+SINGBOX_BIN="/usr/bin/sing-box"
+WRAPPER_PATH="/usr/local/bin/hydraveil-singbox"
+SUDOERS_PATH="/etc/sudoers.d/hydraveil"
+HV_DATA_HOME="$HOME/.local/share/hydra-veil"
+
+echo "=== sp-hydra-veil-core installer ==="
+
+# 1. Clone repo
+echo ""
+echo "[1/6] Cloning repository (branch: $BRANCH)..."
+if [ -d "$INSTALL_DIR" ]; then
+    echo "Directory already exists, removing..."
+    rm -rf "$INSTALL_DIR"
+fi
+git clone --branch "$BRANCH" "$REPO_URL" "$INSTALL_DIR"
+cd "$INSTALL_DIR"
+
+# 2. .env
+echo ""
+echo "[2/6] Creating .env..."
+cat > "$INSTALL_DIR/.env" << 'DOTENV'
+SP_API_BASE_URL_LOCAL=http://simplifiedprivacy.test/api/v1
+SP_API_BASE_URL_PRODUCTION=https://fake.simplifiedprivacy.org/api/v1
+APP_ENV=production
+DOTENV
+echo ".env created."
+
+# 3. venv + dependencies
+echo ""
+echo "[3/6] Setting up virtual environment..."
+python3 -m venv "$INSTALL_DIR/.venv"
+source "$INSTALL_DIR/.venv/bin/activate"
+
+pip install --quiet --upgrade pip
+
+pip install \
+    python-dotenv \
+    "cryptography~=46.0.3" \
+    "dataclasses-json~=0.6.7" \
+    "marshmallow~=3.26.1" \
+    "psutil~=7.1.3" \
+    "pysocks~=1.7.1" \
+    "python-dateutil~=2.9.0.post0" \
+    "requests~=2.32.5" \
+    "annotated-types==0.7.0" \
+    "certifi==2026.4.22" \
+    "charset-normalizer==3.4.7" \
+    "click==8.3.3" \
+    "cytoolz==1.1.0" \
+    "eth-hash==0.8.0" \
+    "eth-typing==6.0.0" \
+    "eth-utils==6.0.0" \
+    "idna==3.13" \
+    "packaging==26.2" \
+    "pathspec==1.1.1" \
+    "platformdirs==4.9.6" \
+    "py-ecc==8.0.0" \
+    "pydantic==2.13.3" \
+    "pydantic_core==2.46.3" \
+    "pydeps==3.0.6" \
+    "pytokens==0.4.1" \
+    "stdlib-list==0.12.0" \
+    "toolz==1.1.0" \
+    "typing-inspect==0.9.0" \
+    "typing-inspection==0.4.2" \
+    "typing_extensions==4.15.0" \
+    "urllib3==2.6.3"
+
+pip install -e "$INSTALL_DIR" --no-deps
+echo "Dependencies installed."
+
+# 4. sing-box
+echo ""
+echo "[4/6] Checking sing-box..."
+
+# Find sing-box in any common location
+FOUND_SINGBOX=""
+for candidate in /usr/bin/sing-box /usr/local/bin/sing-box /bin/sing-box /usr/local/sbin/sing-box; do
+    if [ -x "$candidate" ]; then
+        FOUND_SINGBOX="$candidate"
+        break
+    fi
+done
+
+# Also check PATH
+if [ -z "$FOUND_SINGBOX" ]; then
+    FOUND_SINGBOX=$(command -v sing-box 2>/dev/null || true)
+fi
+
+if [ -n "$FOUND_SINGBOX" ]; then
+    echo "sing-box found at: $FOUND_SINGBOX"
+    echo "Version: $($FOUND_SINGBOX version | head -1)"
+    # If not at /usr/bin/sing-box, create symlink
+    if [ "$FOUND_SINGBOX" != "$SINGBOX_BIN" ]; then
+        echo "Creating symlink: $FOUND_SINGBOX -> $SINGBOX_BIN"
+        sudo ln -sf "$FOUND_SINGBOX" "$SINGBOX_BIN"
+    fi
+else
+    echo "sing-box not found, installing v$SINGBOX_VERSION..."
+    wget -q "https://github.com/SagerNet/sing-box/releases/download/v${SINGBOX_VERSION}/sing-box-${SINGBOX_VERSION}-linux-amd64.tar.gz" -O /tmp/sing-box.tar.gz
+    tar -xzf /tmp/sing-box.tar.gz -C /tmp
+    sudo cp "/tmp/sing-box-${SINGBOX_VERSION}-linux-amd64/sing-box" "$SINGBOX_BIN"
+    sudo chmod 755 "$SINGBOX_BIN"
+    rm -rf /tmp/sing-box.tar.gz "/tmp/sing-box-${SINGBOX_VERSION}-linux-amd64"
+    echo "sing-box installed: $($SINGBOX_BIN version | head -1)"
+fi
+
+# Final check
+if [ ! -x "$SINGBOX_BIN" ]; then
+    echo "ERROR: sing-box not found at $SINGBOX_BIN after install. Aborting."
+    exit 1
+fi
+echo "sing-box OK at $SINGBOX_BIN"
+
+# 5. wrapper + sudoers + HV_DATA_HOME
+echo ""
+echo "[5/6] Installing wrapper..."
+
+sudo tee "$WRAPPER_PATH" > /dev/null << WRAPPER
+#!/bin/bash
+CONFIG=\$1
+ACTION=\$2
+
+if [[ "\$ACTION" == "stop" ]]; then
+    pkill -9 -f sing-box
+    exit 0
+fi
+
+if [[ "\$CONFIG" != /tmp/*.json ]] && \\
+   [[ "\$CONFIG" != /home/*/.local/share/hydra-veil/*.json ]]; then
+    echo "Error: config path not allowed"
+    exit 1
+fi
+
+exec $SINGBOX_BIN run -c "\$CONFIG"
+WRAPPER
+
+sudo chmod 755 "$WRAPPER_PATH"
+
+# Verify wrapper points to correct sing-box
+if grep -q "$SINGBOX_BIN" "$WRAPPER_PATH"; then
+    echo "Wrapper OK — points to $SINGBOX_BIN"
+else
+    echo "ERROR: wrapper does not reference $SINGBOX_BIN"
+    exit 1
+fi
+
+# 6. sudoers
+echo ""
+echo "[6/6] Configuring sudoers..."
+if [ ! -f "$SUDOERS_PATH" ]; then
+    echo "$USER ALL=(ALL) NOPASSWD: $WRAPPER_PATH" | sudo tee "$SUDOERS_PATH" > /dev/null
+    sudo chmod 440 "$SUDOERS_PATH"
+    echo "Sudoers configured."
+else
+    echo "Sudoers already exists, skipping."
+fi
+
+# Create HV_DATA_HOME directory
+mkdir -p "$HV_DATA_HOME"
+echo "HV_DATA_HOME created: $HV_DATA_HOME"
+
+echo ""
+echo "=== Installation complete ==="
+echo "Activate the environment with:"
+echo "  source $INSTALL_DIR/.venv/bin/activate"
\ No newline at end of file