docs: ship in-house RN checkout, scope 5 follow-up tasks (#7-11)
In-house Request Network checkout went fully end-to-end on dev today. A real 0.01 USDC payment flowed through wallet connect -> approve -> ERC20FeeProxy.transferFromWithReferenceAndFee -> RN webhook -> TransactionSafetyProvider -> Payment.status=completed -> page success state. Tx 0x494c77a29161b5100d8e0b1ac675f1822955d0bb3633ecdbfafb886f84f2f320. Docs: - New PRD: Wallet, Multichain, Confirmations, AML, Trezor (5 follow-ups, each sized for an independent contributor) - Updated PRD: Request Network In-House Checkout (phases 0..3 done, phase 4 partial, phases 5-6 not started) - Updated handoff: deployed versions, what is working end-to-end, follow-up tasks index Taskmaster: 5 new top-level tasks (#7..#11) covering ephemeral destination wallets, multichain proxy registry + USDC/USDT, runtime confirmation thresholds, optional seller-paid AML screening, and Trezor signing for admin actions. Tasks are scoped fine-grained so each is independent enough for kimi to pick up. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
# Taskmaster Dashboard
|
||||
|
||||
Generated from `.taskmaster/tasks/tasks.json` at 2026-05-24T07:15:25.199Z.
|
||||
Generated from `.taskmaster/tasks/tasks.json` at 2026-05-28T11:49:27.076Z.
|
||||
|
||||
Taskmaster remains the canonical source of truth. Re-run:
|
||||
|
||||
@@ -10,9 +10,9 @@ node scripts/export-taskmaster-to-obsidian.mjs
|
||||
|
||||
## Status Summary
|
||||
|
||||
- done: 28
|
||||
- in-progress: 3
|
||||
- pending: 14
|
||||
- done: 44
|
||||
- in-progress: 2
|
||||
- pending: 8
|
||||
|
||||
## Task Index
|
||||
|
||||
@@ -43,26 +43,35 @@ node scripts/export-taskmaster-to-obsidian.mjs
|
||||
| [[Tasks/task-3-10|3.10]] | Update release/refund APIs and marketplace release paths | done | high | 3.8, 3.9 |
|
||||
| [[Tasks/task-3-11|3.11]] | Add comprehensive observability, runbooks, and incident controls | done | high | 3.6, 3.8, 3.9, 3.10 |
|
||||
| [[Tasks/task-3-12|3.12]] | Add end-to-end integration, migration, and rollback test suites | done | high | 3.6, 3.10, 3.11 |
|
||||
| [[Tasks/task-4|4]] | Define backend security and refactor strategy from latest audit | in-progress | high | None |
|
||||
| [[Tasks/task-3-13|3.13]] | Add durable RN webhook ingress and transaction safety | pending | high | None |
|
||||
| [[Tasks/task-4|4]] | Define backend security and refactor strategy from latest audit | done | high | None |
|
||||
| [[Tasks/task-4-1|4.1]] | Assign security ownership and launch decision criteria | done | high | None |
|
||||
| [[Tasks/task-4-2|4.2]] | Produce threat model for escrow platform | done | high | 1 |
|
||||
| [[Tasks/task-4-3|4.3]] | Specify funds ledger and escrow state machine | pending | high | 2 |
|
||||
| [[Tasks/task-4-4|4.4]] | Create authorization matrix for REST and Socket.IO | pending | high | 2 |
|
||||
| [[Tasks/task-4-5|4.5]] | Decide session, passkey, and admin step-up architecture | pending | high | 2 |
|
||||
| [[Tasks/task-4-6|4.6]] | Specify webhook security and provider adapter contracts | pending | high | 3 |
|
||||
| [[Tasks/task-4-3|4.3]] | Specify funds ledger and escrow state machine | done | high | 2 |
|
||||
| [[Tasks/task-4-4|4.4]] | Create authorization matrix for REST and Socket.IO | done | high | 2 |
|
||||
| [[Tasks/task-4-5|4.5]] | Decide session, passkey, and admin step-up architecture | done | high | 2 |
|
||||
| [[Tasks/task-4-6|4.6]] | Specify webhook security and provider adapter contracts | done | high | 3 |
|
||||
| [[Tasks/task-4-7|4.7]] | Define secure build and supply-chain policy | done | medium | 1 |
|
||||
| [[Tasks/task-4-8|4.8]] | Make backend-core stack decision | pending | medium | 2, 3, 4, 5, 6, 7 |
|
||||
| [[Tasks/task-4-9|4.9]] | Create migration and operational runbooks | pending | medium | 8 |
|
||||
| [[Tasks/task-4-8|4.8]] | Make backend-core stack decision | done | medium | 2, 3, 4, 5, 6, 7 |
|
||||
| [[Tasks/task-4-9|4.9]] | Create migration and operational runbooks | done | medium | 8 |
|
||||
| [[Tasks/task-5|5]] | Deliver Telegram-native app, bot, and wallet experience | in-progress | high | None |
|
||||
| [[Tasks/task-5-1|5.1]] | Define Telegram product surface and flow map | in-progress | high | None |
|
||||
| [[Tasks/task-5-2|5.2]] | Build Telegram identity linking and session model | pending | high | 1 |
|
||||
| [[Tasks/task-5-3|5.3]] | Implement bot command and notification foundation | pending | high | 1, 2 |
|
||||
| [[Tasks/task-5-4|5.4]] | Build Telegram Mini App shell for marketplace workflows | pending | high | 1, 2 |
|
||||
| [[Tasks/task-5-5|5.5]] | Add Telegram payment and wallet strategy | pending | high | 2, 4 |
|
||||
| [[Tasks/task-5-1|5.1]] | Define Telegram product surface and flow map | done | high | None |
|
||||
| [[Tasks/task-5-2|5.2]] | Build Telegram identity linking and session model | done | high | 1 |
|
||||
| [[Tasks/task-5-3|5.3]] | Implement bot command and notification foundation | done | high | 1, 2 |
|
||||
| [[Tasks/task-5-4|5.4]] | Build Telegram Mini App shell for marketplace workflows | in-progress | high | 1, 2 |
|
||||
| [[Tasks/task-5-5|5.5]] | Add Telegram payment and wallet strategy | done | high | 2, 4 |
|
||||
| [[Tasks/task-5-6|5.6]] | Expose escrow, delivery, dispute, and release actions safely | pending | high | 4, 5 |
|
||||
| [[Tasks/task-5-7|5.7]] | Add admin and support surface for Telegram-originated cases | pending | high | 2, 3, 5 |
|
||||
| [[Tasks/task-5-8|5.8]] | Add security, compliance, and abuse controls for Telegram | pending | high | 2, 3, 5, 6 |
|
||||
| [[Tasks/task-5-9|5.9]] | Prepare QA, rollout, analytics, and launch operations | pending | high | 3, 4, 5, 6, 7, 8 |
|
||||
| [[Tasks/task-5-8|5.8]] | Add security, compliance, and abuse controls for Telegram | done | high | 2, 3, 5, 6 |
|
||||
| [[Tasks/task-5-9|5.9]] | Prepare QA, rollout, analytics, and launch operations | done | high | 3, 4, 5, 6, 7, 8 |
|
||||
| [[Tasks/task-5-10|5.10]] | Implement Telegram as first-class authentication provider | done | high | 2, 8 |
|
||||
| [[Tasks/task-6|6]] | Request Network in-house checkout (Rabby-supporting) | done | high | None |
|
||||
| [[Tasks/task-6-1|6.1]] | Deploy confirmation repair before next paid probe | done | high | None |
|
||||
| [[Tasks/task-7|7]] | Per-(buyer, sellerOffer) ephemeral RN destination wallets | pending | high | None |
|
||||
| [[Tasks/task-8|8]] | Multichain RN proxy registry + USDC/USDT support | pending | high | None |
|
||||
| [[Tasks/task-9|9]] | Per-chain confirmation thresholds + admin UI | pending | medium | None |
|
||||
| [[Tasks/task-10|10]] | Optional AML screening on incoming payments (seller-paid) | pending | medium | None |
|
||||
| [[Tasks/task-11|11]] | Trezor signing for admin actions (release/refund/sweep) | pending | high | None |
|
||||
|
||||
## Obsidian Tasks Query
|
||||
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: []
|
||||
parent_id: "1"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 1.1 - Fix Security Architecture email/password sequence
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: []
|
||||
parent_id: "1"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 1.2 - Fix authentication login and refresh diagrams
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: []
|
||||
parent_id: "1"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 1.3 - Fix chat, delivery, dispute, OAuth, purchase request, referral, registration, and seller-offer diagrams
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 1 - Stabilize Mermaid diagram rendering across documentation vault
|
||||
|
||||
35
Taskmaster/Tasks/task-10.md
Normal file
35
Taskmaster/Tasks/task-10.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "10"
|
||||
status: "pending"
|
||||
priority: "medium"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 10 - Optional AML screening on incoming payments (seller-paid)
|
||||
|
||||
- [ ] 10 - Optional AML screening on incoming payments (seller-paid) #taskmaster #priority/medium #status/pending 🔼 🆔 tm-10
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 10 |
|
||||
| Status | pending |
|
||||
| Priority | medium |
|
||||
| Dependencies | None |
|
||||
| Parent | None |
|
||||
|
||||
## Description
|
||||
|
||||
Turn the existing aml_screening placeholder in TransactionSafetyProvider into a real Chainalysis (or equivalent) Address Screening call that the seller opts into per-offer and pays the per-check cost for.
|
||||
|
||||
## Details
|
||||
|
||||
See PRD - Wallet, Multichain, Confirmations, AML, Trezor.md §4. Default provider recommendation: Chainalysis Address Screening (cheapest, simplest). Files: new backend/src/services/payment/safety/amlProvider.ts interface + chainalysisProvider.ts impl behind env TRANSACTION_SAFETY_AML_PROVIDER=chainalysis with API_KEY in KMS; transactionSafetyProvider's evaluateAmlPlaceholder() becomes real, persists raw provider response on Payment.metadata.amlResult; Offer schema add requireAmlCheck + amlBlockOnFailure booleans; offer-edit UI toggle 'Require AML on incoming payments ($X per payment, paid by you)'; admin global config UI for provider selection + API key rotation + per-chain enabled flag; cost accounting: deduct per-check cost from seller's escrow on completion as a separate ledger line item, surfaced on payment-details. Open questions before code: pick provider (Chainalysis vs TRM vs Elliptic — need 1-page comparison of cost/latency/coverage); failure mode (fail-closed only when seller opted in AND amlBlockOnFailure=true, else warn/log); cost batching cadence. Acceptance: seller toggles AML on an offer; incoming payment triggers a real Chainalysis call; sanctions verdict blocks the safety gate; clean verdict passes; seller's settled amount reduced by check cost; admin can rotate API key without redeploy; provider-down + amlBlockOnFailure=true keeps payment pending with provider_unavailable reason. Dependencies: none. This is task #10 in the PRD.
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
35
Taskmaster/Tasks/task-11.md
Normal file
35
Taskmaster/Tasks/task-11.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "11"
|
||||
status: "pending"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 11 - Trezor signing for admin actions (release/refund/sweep)
|
||||
|
||||
- [ ] 11 - Trezor signing for admin actions (release/refund/sweep) #taskmaster #priority/high #status/pending ⏫ 🆔 tm-11
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 11 |
|
||||
| Status | pending |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | None |
|
||||
|
||||
## Description
|
||||
|
||||
Replace the hot-key admin signing flow with a WebUSB-based Trezor flow so the backend never holds a private key. All admin-side txes are built backend, signed via Trezor in the browser, broadcast from the browser.
|
||||
|
||||
## Details
|
||||
|
||||
See PRD - Wallet, Multichain, Confirmations, AML, Trezor.md §5. Lib: @trezor/connect-web (WebUSB; Chromium-only — Firefox users need Trezor Bridge native helper). Files: new frontend/src/web3/trezor/trezorConnector.ts wrapping @trezor/connect-web; existing admin actions (release/refund/sweep when #7 lands) get a 'Sign with Trezor' button that flows: POST /api/admin/actions/build-tx → returns unsigned tx bytes → send to Trezor → sign → wagmi sendTransaction broadcasts → POST /api/admin/actions/confirm-tx with hash; admin settings page to register Trezor address(es) (backend rejects signatures from unauthorized devices); audit log on every Trezor-signed action; break-glass hot-key path requires explicit admin toggle, expires after 1h, fires Telegram alarm. Open questions: m-of-n multi-admin signing — default single-signer for v1; Trezor One vs Model T — lib abstracts; fallback when Trezor unavailable — break-glass with alarm. Acceptance: admin registers Trezor address; release flow uses Trezor end-to-end; backend rejects signatures from unregistered devices; audit log captures admin user + Trezor addr + tx hash + before/after escrow state; break-glass works and alarms. Non-goals: mobile Trezor flow, buyer-side Trezor (buyer uses wagmi injected). Dependencies: task #7 (ephemeral wallets) for the sweep step — but task #11 can ship the release/refund flows first. This is task #11 in the PRD.
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: []
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.1 - Secure unauthenticated endpoints and owner enforcement
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["1"]
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.2 - Re-enable and scope rate limiting
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["1"]
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.3 - Replace stubbed passkey/WebAuthn flow
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["1"]
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.4 - Strengthen DePay/Web3 payment verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: ["1"]
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.5 - Lock Socket.IO room joins to authenticated context
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: ["1", "4"]
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.6 - Enforce dispute hold before payout and release operations
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: ["1", "2", "3", "4", "5", "6"]
|
||||
parent_id: "2"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2.7 - Align documentation, API references, and runtime enums
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 2 - Implement platform audit remediation plan
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: []
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.1 - Define provider-neutral payment contracts and adapter
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.8", "3.9"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.10 - Update release/refund APIs and marketplace release paths
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.6", "3.8", "3.9", "3.10"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.11 - Add comprehensive observability, runbooks, and incident controls
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.6", "3.10", "3.11"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.12 - Add end-to-end integration, migration, and rollback test suites
|
||||
|
||||
35
Taskmaster/Tasks/task-3-13.md
Normal file
35
Taskmaster/Tasks/task-3-13.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "3.13"
|
||||
status: "pending"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.13 - Add durable RN webhook ingress and transaction safety
|
||||
|
||||
- [ ] 3.13 - Add durable RN webhook ingress and transaction safety #taskmaster #priority/high #status/pending ⏫ 🆔 tm-3-13
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 3.13 |
|
||||
| Status | pending |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | 3 - Migrate payment architecture toward Request Network and internal funds management |
|
||||
|
||||
## Description
|
||||
|
||||
Roadmap follow-up from the 2026-05-28 dev payment probe: Request Network delivered the webhook but Amanat returned 404. Add Cloudflare Worker durable webhook ingress with storage/replay and keep backend Transaction Safety Provider checks as the trust boundary before marking escrow funded.
|
||||
|
||||
## Details
|
||||
|
||||
_No details._
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.1"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.2 - Implement provider configuration, feature flags, and safe rollback
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.1"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.3 - Create internal funds and payment ledger model
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.3"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.4 - Build migration and indexing plan for existing SHKeeper records
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.2"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.5 - Implement Request Network pay-in intent and secure payment pages
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.2"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.6 - Implement signed Request Network webhook intake
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.5", "3.6"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.7 - Implement reconciliation and repair jobs
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.5"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.8 - Replace checkout and payment UI with provider-neutral flows
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3.3", "3.7"]
|
||||
parent_id: "3"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3.9 - Add payout/release and refund orchestration using ledger gates
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["2"]
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 3 - Migrate payment architecture toward Request Network and internal funds management
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: []
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.1 - Assign security ownership and launch decision criteria
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["1"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.2 - Produce threat model for escrow platform
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["2"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.3 - Specify funds ledger and escrow state machine
|
||||
@@ -28,8 +28,6 @@ Define canonical money movement and legal state transitions before refactor or p
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `09 - Audits/Funds Ledger and Escrow State Machine Specification.md` (states, transitions, invariants, and migration guidance for canonical funds/escrow transitions).
|
||||
|
||||
Create specs for FundsAccount, LedgerEntry, FundsBalance, gross paid, provider fees, platform fees, held, disputed, releasable, released, refunded, idempotency keys, reconciliation behavior, purchase request states, payment states, escrow/funds states, dispute states, valid transitions, forbidden transitions, and release/refund/admin override preconditions.
|
||||
|
||||
## Verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["2"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.4 - Create authorization matrix for REST and Socket.IO
|
||||
@@ -28,8 +28,6 @@ Map every endpoint and realtime event to access level, ownership checks, state p
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `09 - Audits/Authorization Matrix - REST and Socket.IO.md` and `09 - Audits/Realtime Authorization Spec.md`.
|
||||
|
||||
Include public/authenticated/owner/buyer/seller/admin/support/service-role classifications. Socket.IO rooms must be server-derived from authenticated identity, not client-supplied user IDs.
|
||||
|
||||
## Verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["2"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.5 - Decide session, passkey, and admin step-up architecture
|
||||
@@ -28,8 +28,6 @@ Choose browser session model and high-risk admin authentication requirements.
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `09 - Audits/Session and Authentication Architecture Decision.md`.
|
||||
|
||||
Decide localStorage versus httpOnly cookies, access/refresh token lifetimes, CSRF strategy, refresh rotation, WebAuthn requirements, OAuth requirements, device/session revocation, and whether payouts/role changes require step-up authentication or two-person approval.
|
||||
|
||||
## Verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["3"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.6 - Specify webhook security and provider adapter contracts
|
||||
@@ -28,8 +28,6 @@ Define provider-neutral payment interface and signed webhook processing rules.
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `09 - Audits/Webhook Security Spec.md` and `09 - Audits/Payment Provider Adapter Spec.md`.
|
||||
|
||||
Document createPayInIntent, getPayInStatus, handleProviderWebhook, createHostedPaymentLink, createReleaseInstruction, createRefundInstruction, getPayoutStatus, searchProviderPayments, raw-body signature verification, replay prevention, delivery ID idempotency, duplicate/unknown event behavior, retry semantics, dead-letter/replay storage, and alert thresholds.
|
||||
|
||||
## Verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: ["1"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.7 - Define secure build and supply-chain policy
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: ["2", "3", "4", "5", "6", "7"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.8 - Make backend-core stack decision
|
||||
@@ -28,8 +28,6 @@ Choose whether the security-critical backend core remains TypeScript or moves to
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `09 - Audits/Backend Core Stack Decision Record - 2026-05-24.md`.
|
||||
|
||||
Evaluate team capability, two-year maintainability, operational footprint, rewrite cost, dual-stack complexity, auditability, supply-chain exposure, and which modules belong in a payment/auth/escrow core versus the existing marketplace/chat API.
|
||||
|
||||
## Verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "medium"
|
||||
depends_on: ["8"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.9 - Create migration and operational runbooks
|
||||
@@ -28,8 +28,6 @@ Document rollout, rollback, and incident response for the selected backend/funds
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `08 - Operations/Backend Funds Migration and Operational Runbooks.md`.
|
||||
|
||||
Include SHKeeper legacy read path, provider feature flag, ledger backfill, validation report before enforcement, rollback criteria, webhook cutoff, manual reconciliation, failed webhook, duplicate/missing payment, stuck release, disputed release attempt, compromised admin, leaked API key, provider outage, chain/RPC outage, suspicious payment proof, and npm/package compromise.
|
||||
|
||||
## Verification
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4 - Define backend security and refactor strategy from latest audit
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.1"
|
||||
status: "in-progress"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.1 - Define Telegram product surface and flow map
|
||||
|
||||
- [ ] 5.1 - Define Telegram product surface and flow map #taskmaster #priority/high #status/in-progress ⏫ 🆔 tm-5-1
|
||||
- [x] 5.1 - Define Telegram product surface and flow map #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-1
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.1 |
|
||||
| Status | in-progress |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -2,16 +2,15 @@
|
||||
taskmaster_id: "5.10"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: ["5.2", "5.8"]
|
||||
depends_on: ["2", "8"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T09:18:26.638Z"
|
||||
completed_at: "2026-05-24"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.10 - Implement Telegram as first-class authentication provider
|
||||
|
||||
- [x] 5.10 - Implement Telegram as first-class authentication provider #taskmaster #priority/high #status/done ⏫ 🆔 tm-5.10
|
||||
- [x] 5.10 - Implement Telegram as first-class authentication provider #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-10 ⛔ tm-2 ⛔ tm-8
|
||||
|
||||
## Metadata
|
||||
|
||||
@@ -20,24 +19,19 @@ completed_at: "2026-05-24"
|
||||
| Taskmaster ID | 5.10 |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | 5.2, 5.8 |
|
||||
| Parent | 5 |
|
||||
| Dependencies | 2, 8 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
## Description
|
||||
|
||||
Add `POST /api/auth/telegram` and frontend login flow so users can authenticate with Amanat using only Telegram identity, without email or password.
|
||||
Add a POST /auth/telegram endpoint and frontend login flow so users can authenticate with Amanat using only their Telegram identity — no email or password required.
|
||||
|
||||
## Details
|
||||
|
||||
Backend verifies Telegram Mini App `initData` and Telegram Login Widget payloads, checks/reuses `TelegramLink`, auto-provisions Telegram-only users with nullable email, `authProvider: "telegram"`, and `telegramVerified: true`, and returns the normal JWT/refresh-token pair plus `isNewUser`.
|
||||
|
||||
Frontend auto-authenticates Telegram Mini App launches from raw signed `initData`, adds a Telegram login action, and shows a lightweight onboarding dialog for new Telegram users.
|
||||
Source PRD: .taskmaster/docs/prd-telegram-phone-auth.md. Backend: create POST /auth/telegram that accepts Mini App initData or Telegram Login Widget payload, verifies the signature (reuse verifyMiniAppInitData; add verifyTelegramLoginWidget for the widget path), looks up TelegramLink by telegramUserId, and either authenticates the linked user or auto-provisions a new Amanat account (authProvider: telegram, telegramVerified: true, nullable email via sparse unique index). Returns JWT + refreshToken + isNewUser flag. Apply existing replay protection and rate limits. User model: make email nullable (sparse index), add authProvider and telegramVerified fields. Frontend: auto-detect Telegram Mini App context and skip login page; POST initData to /auth/telegram; show lightweight onboarding overlay for new users (optional email, language, currency). Add 'Continue with Telegram' button on web login page alongside Google OAuth. Security: blocked Telegram accounts return 403 regardless of re-linking attempts; high-risk action step-up policy is unchanged; never expose raw phone number.
|
||||
|
||||
## Verification
|
||||
|
||||
- Backend typecheck passed.
|
||||
- Backend targeted Jest passed: `__tests__/telegram-auth.test.ts`, `__tests__/telegram-service.test.ts`.
|
||||
- Frontend targeted Jest passed: `__tests__/auth/telegram-auth-action.test.ts`, `__tests__/sections/telegram/telegram-mini-app-shell.test.tsx`.
|
||||
- Full frontend typecheck still has unrelated pre-existing payment UI errors outside this task.
|
||||
Verify: new Telegram user auto-provisions and receives JWT; returning user authenticates via both initData and Login Widget; replayed initData is rejected; stale auth_date is rejected; blocked account returns 403; existing email-password users are unaffected; email remains optional (not required) for Telegram-authed users; isNewUser flag triggers onboarding overlay; high-risk actions still require step-up confirmation.
|
||||
|
||||
See [[Task 5.10 Telegram First-Class Authentication]] for the audit report.
|
||||
Implemented verification: backend typecheck; backend targeted Jest __tests__/telegram-auth.test.ts and __tests__/telegram-service.test.ts; frontend targeted Jest __tests__/auth/telegram-auth-action.test.ts and __tests__/sections/telegram/telegram-mini-app-shell.test.tsx. Full frontend typecheck still has unrelated pre-existing payment icon/payload errors outside Task 5.10.
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.2"
|
||||
status: "pending"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: ["1"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.2 - Build Telegram identity linking and session model
|
||||
|
||||
- [ ] 5.2 - Build Telegram identity linking and session model #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-2 ⛔ tm-1
|
||||
- [x] 5.2 - Build Telegram identity linking and session model #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-2 ⛔ tm-1
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.2 |
|
||||
| Status | pending |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | 1 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.3"
|
||||
status: "pending"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: ["1", "2"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.3 - Implement bot command and notification foundation
|
||||
|
||||
- [ ] 5.3 - Implement bot command and notification foundation #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-3 ⛔ tm-1 ⛔ tm-2
|
||||
- [x] 5.3 - Implement bot command and notification foundation #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-3 ⛔ tm-1 ⛔ tm-2
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.3 |
|
||||
| Status | pending |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | 1, 2 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.4"
|
||||
status: "pending"
|
||||
status: "in-progress"
|
||||
priority: "high"
|
||||
depends_on: ["1", "2"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.4 - Build Telegram Mini App shell for marketplace workflows
|
||||
|
||||
- [ ] 5.4 - Build Telegram Mini App shell for marketplace workflows #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-4 ⛔ tm-1 ⛔ tm-2
|
||||
- [ ] 5.4 - Build Telegram Mini App shell for marketplace workflows #taskmaster #priority/high #status/in-progress ⏫ 🆔 tm-5-4 ⛔ tm-1 ⛔ tm-2
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.4 |
|
||||
| Status | pending |
|
||||
| Status | in-progress |
|
||||
| Priority | high |
|
||||
| Dependencies | 1, 2 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.5"
|
||||
status: "pending"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: ["2", "4"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.5 - Add Telegram payment and wallet strategy
|
||||
|
||||
- [ ] 5.5 - Add Telegram payment and wallet strategy #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-5 ⛔ tm-2 ⛔ tm-4
|
||||
- [x] 5.5 - Add Telegram payment and wallet strategy #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-5 ⛔ tm-2 ⛔ tm-4
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.5 |
|
||||
| Status | pending |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | 2, 4 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["4", "5"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.6 - Expose escrow, delivery, dispute, and release actions safely
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["2", "3", "5"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.7 - Add admin and support surface for Telegram-originated cases
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.8"
|
||||
status: "pending"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: ["2", "3", "5", "6"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.8 - Add security, compliance, and abuse controls for Telegram
|
||||
|
||||
- [ ] 5.8 - Add security, compliance, and abuse controls for Telegram #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-8 ⛔ tm-2 ⛔ tm-3 ⛔ tm-5 ⛔ tm-6
|
||||
- [x] 5.8 - Add security, compliance, and abuse controls for Telegram #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-8 ⛔ tm-2 ⛔ tm-3 ⛔ tm-5 ⛔ tm-6
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.8 |
|
||||
| Status | pending |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | 2, 3, 5, 6 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
---
|
||||
taskmaster_id: "5.9"
|
||||
status: "pending"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: ["3", "4", "5", "6", "7", "8"]
|
||||
parent_id: "5"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5.9 - Prepare QA, rollout, analytics, and launch operations
|
||||
|
||||
- [ ] 5.9 - Prepare QA, rollout, analytics, and launch operations #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-9 ⛔ tm-3 ⛔ tm-4 ⛔ tm-5 ⛔ tm-6 ⛔ tm-7 ⛔ tm-8
|
||||
- [x] 5.9 - Prepare QA, rollout, analytics, and launch operations #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-9 ⛔ tm-3 ⛔ tm-4 ⛔ tm-5 ⛔ tm-6 ⛔ tm-7 ⛔ tm-8
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 5.9 |
|
||||
| Status | pending |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | 3, 4, 5, 6, 7, 8 |
|
||||
| Parent | 5 - Deliver Telegram-native app, bot, and wallet experience |
|
||||
|
||||
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:15:25.199Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 5 - Deliver Telegram-native app, bot, and wallet experience
|
||||
|
||||
35
Taskmaster/Tasks/task-6-1.md
Normal file
35
Taskmaster/Tasks/task-6-1.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "6.1"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: "6"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 6.1 - Deploy confirmation repair before next paid probe
|
||||
|
||||
- [x] 6.1 - Deploy confirmation repair before next paid probe #taskmaster #priority/high #status/done ⏫ 🆔 tm-6-1
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 6.1 |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | 6 - Request Network in-house checkout (Rabby-supporting) |
|
||||
|
||||
## Description
|
||||
|
||||
2026-05-28 dev BSC transaction succeeded and RN delivered four webhooks, but Amanat returned 404 due Request Network reference-correlation mismatch. Before another paid payment test, deploy the backend correlation fix, callback polling fix, signed-webhook smoke test, and Transaction Safety Provider gate; then repeat the probe and inspect safety decision state.
|
||||
|
||||
## Details
|
||||
|
||||
_No details._
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
35
Taskmaster/Tasks/task-6.md
Normal file
35
Taskmaster/Tasks/task-6.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "6"
|
||||
status: "done"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 6 - Request Network in-house checkout (Rabby-supporting)
|
||||
|
||||
- [x] 6 - Request Network in-house checkout (Rabby-supporting) #taskmaster #priority/high #status/done ⏫ 🆔 tm-6
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 6 |
|
||||
| Status | done |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | None |
|
||||
|
||||
## Description
|
||||
|
||||
Replace the redirect to pay.request.network with an Amanat-rendered checkout page that submits the same on-chain calls as RN's hosted UI, so RN's webhook fires unchanged but buyers stay on amn.gg and Rabby works.
|
||||
|
||||
## Details
|
||||
|
||||
See PRD: nick-doc/.taskmaster/docs/prd-request-network-in-house-checkout.md (summary at nick-doc/PRD - Request Network In-House Checkout.md). Status: draft, pending review with second developer. Approach: replicate the two on-chain calls (approve + RN_FEE_PROXY.transferFromWithReferenceAndFee) using wagmi v2 with existing injected()/metaMask() connectors (Rabby works via EIP-6963). Hard-known: proxy 0x0DfbEe143b42B41eFC5A6F87bFD1fFC78c2f0aC9, selector 0xc219a14d, paymentRef = last8Bytes(keccak256(requestId+salt+dest)), feeAmount=0, feeAddress=0x...dEaD. Backend: extend POST /payment/request-network/intents response with inHouseCheckout object (destination, tokenAddress, decimals, chainId, proxyAddress, paymentReference, feeAmount, feeAddress, amountWei). Frontend: new page /checkout/request-network/:paymentId with state machine reusing manual-payment.tsx layout chrome, hosted-page link kept as escape hatch. Implementation gated on a $0.50 cold probe on dev BSC to confirm RN's webhook fires for an externally-built tx. Out of scope: per-seller multi-chain config (§2), ephemeral wallets (§3), full RN removal (§4), gasless. Open questions in PRD §10.
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
35
Taskmaster/Tasks/task-7.md
Normal file
35
Taskmaster/Tasks/task-7.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "7"
|
||||
status: "pending"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 7 - Per-(buyer, sellerOffer) ephemeral RN destination wallets
|
||||
|
||||
- [ ] 7 - Per-(buyer, sellerOffer) ephemeral RN destination wallets #taskmaster #priority/high #status/pending ⏫ 🆔 tm-7
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 7 |
|
||||
| Status | pending |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | None |
|
||||
|
||||
## Description
|
||||
|
||||
Replace the single shared Amanat destination wallet with a per-(buyerId, sellerOfferId) HD-derived address sent to Request Network on intent creation, plus sweep-on-approval and an admin UI.
|
||||
|
||||
## Details
|
||||
|
||||
See PRD - Wallet, Multichain, Confirmations, AML, Trezor.md §1. Files: new backend/src/services/payment/wallets/derivedDestinations.ts (getDestinationFor(buyerId, sellerOfferId) → {address, derivationPath, chainId}); Payment schema add metadata.derivedDestination; requestNetworkPayInService.ts override destinationId before POST /v2/secure-payments (we confirmed RN accepts different destinations per intent); new sweep cron + admin manual-trigger endpoint gated on Transaction Safety Provider; admin UI at /dashboard/admin/derived-destinations with address, balance, last sweep tx (BscScan link), ownership status. Open questions to settle first: HD vs disposable EOAs vs smart-forwarder (recommended HD); sweep cadence (recommended immediate); granularity (recommended per-(buyer, seller), not per-payment); re-use vs rotate after sweep. KMS-rooted seed; backend never holds raw private keys; signing via KMS API (Task #11 Trezor flow is the longer-term replacement). Acceptance: two payments from one buyer to two sellers land on two different addresses; RN webhook fires for both; sweep is idempotent; master seed never leaves KMS.
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
35
Taskmaster/Tasks/task-8.md
Normal file
35
Taskmaster/Tasks/task-8.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "8"
|
||||
status: "pending"
|
||||
priority: "high"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 8 - Multichain RN proxy registry + USDC/USDT support
|
||||
|
||||
- [ ] 8 - Multichain RN proxy registry + USDC/USDT support #taskmaster #priority/high #status/pending ⏫ 🆔 tm-8
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 8 |
|
||||
| Status | pending |
|
||||
| Priority | high |
|
||||
| Dependencies | None |
|
||||
| Parent | None |
|
||||
|
||||
## Description
|
||||
|
||||
Probe and persist RN ERC20FeeProxy addresses on BSC/Arb/ETH/Polygon/Base, add USDC + USDT token entries with correct decimals per chain, and surface an admin networks page. Include the USDT-mainnet approve(0) reset quirk in the frontend approve step.
|
||||
|
||||
## Details
|
||||
|
||||
See PRD - Wallet, Multichain, Confirmations, AML, Trezor.md §2. Tasks: new backend/scripts/probe-rn-chains.ts that walks each chain in supported-chains.json and verifies the canonical 0x0DfbEe143b42B41eFC5A6F87bFD1fFC78c2f0aC9 proxy is the real RN proxy via a known view fn (CREATE2 is deterministic, but verify); promote backend/src/services/payment/requestNetwork/tokens.ts to load from JSON + admin override; add USDT entries on all 5 chains (BSC USDT 18-dec quirk, mainnet/Arb/Polygon/Base USDT 6-dec); buildInHouseCheckoutBlock returns reason='unsupported_chain:<id>' for unknowns; new admin route GET /api/admin/rn/networks + frontend page /dashboard/admin/networks rendering the registry with per-row 'probe again'. Frontend approve flow: if buyer is on Ethereum mainnet AND token is USDT AND current allowance > 0, do approve(spender, 0) first then approve(spender, amount). Acceptance: probe succeeds on at least BSC/Arb/Polygon/ETH/Base; one paid probe on BSC USDT end-to-end; mainnet USDT approve(0) reset works; admin page reflects registry. Dependencies: none — runs in parallel with #9. This is task #8 in the PRD.
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
35
Taskmaster/Tasks/task-9.md
Normal file
35
Taskmaster/Tasks/task-9.md
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
taskmaster_id: "9"
|
||||
status: "pending"
|
||||
priority: "medium"
|
||||
depends_on: []
|
||||
parent_id: ""
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 9 - Per-chain confirmation thresholds + admin UI
|
||||
|
||||
- [ ] 9 - Per-chain confirmation thresholds + admin UI #taskmaster #priority/medium #status/pending 🔼 🆔 tm-9
|
||||
|
||||
## Metadata
|
||||
|
||||
| Field | Value |
|
||||
| --- | --- |
|
||||
| Taskmaster ID | 9 |
|
||||
| Status | pending |
|
||||
| Priority | medium |
|
||||
| Dependencies | None |
|
||||
| Parent | None |
|
||||
|
||||
## Description
|
||||
|
||||
Make TransactionSafetyProvider's confirmation threshold tunable at runtime per chain via admin UI, with an awaiting-confirmation payments view that shows live confirmations vs threshold.
|
||||
|
||||
## Details
|
||||
|
||||
See PRD - Wallet, Multichain, Confirmations, AML, Trezor.md §3. Today TRANSACTION_SAFETY_MIN_CONFIRMATIONS is a global env var, default 12, baked in until redeploy. Move to runtime config: new Setting docs keyed 'confirmation_threshold:<chainId>' or extend existing model; cache reads in transactionSafetyProvider.ts for 30s; GET/PATCH /api/admin/settings/confirmation-thresholds (auth: admin); new admin page /dashboard/admin/confirmation-thresholds (table: chain, current, recommended default, edit-in-place with confirm dialog, audit log of changes); new admin page /dashboard/admin/payments/awaiting-confirmation (payments where escrowState !== 'funded' AND metadata.transactionSafety.lastCheck.status === 'pending'; for each show tx hash linked to explorer, current confirmations via 12s poll on BSC, threshold, ETA). Acceptance: admin lowers BSC threshold from 12 to 3 on dev, next webhook honors new value within 30s; awaiting-confirmation table updates live; audit log records every change. Non-goals: per-asset, per-seller thresholds. Dependencies: none. This is task #9 in the PRD.
|
||||
|
||||
## Verification
|
||||
|
||||
_No verification strategy._
|
||||
@@ -1,6 +1,6 @@
|
||||
# Taskmaster Tasks
|
||||
|
||||
Generated from `.taskmaster/tasks/tasks.json` at 2026-05-24T07:15:25.199Z.
|
||||
Generated from `.taskmaster/tasks/tasks.json` at 2026-05-28T11:49:27.076Z.
|
||||
|
||||
These lines use the Obsidian Tasks emoji format:
|
||||
|
||||
@@ -35,23 +35,32 @@ These lines use the Obsidian Tasks emoji format:
|
||||
- [x] 3.10 - Update release/refund APIs and marketplace release paths #taskmaster #priority/high #status/done ⏫ 🆔 tm-3-10 ⛔ tm-3-8 ⛔ tm-3-9
|
||||
- [x] 3.11 - Add comprehensive observability, runbooks, and incident controls #taskmaster #priority/high #status/done ⏫ 🆔 tm-3-11 ⛔ tm-3-6 ⛔ tm-3-8 ⛔ tm-3-9 ⛔ tm-3-10
|
||||
- [x] 3.12 - Add end-to-end integration, migration, and rollback test suites #taskmaster #priority/high #status/done ⏫ 🆔 tm-3-12 ⛔ tm-3-6 ⛔ tm-3-10 ⛔ tm-3-11
|
||||
- [ ] 4 - Define backend security and refactor strategy from latest audit #taskmaster #priority/high #status/in-progress ⏫ 🆔 tm-4
|
||||
- [ ] 3.13 - Add durable RN webhook ingress and transaction safety #taskmaster #priority/high #status/pending ⏫ 🆔 tm-3-13
|
||||
- [x] 4 - Define backend security and refactor strategy from latest audit #taskmaster #priority/high #status/done ⏫ 🆔 tm-4
|
||||
- [x] 4.1 - Assign security ownership and launch decision criteria #taskmaster #priority/high #status/done ⏫ 🆔 tm-4-1
|
||||
- [x] 4.2 - Produce threat model for escrow platform #taskmaster #priority/high #status/done ⏫ 🆔 tm-4-2 ⛔ tm-1
|
||||
- [ ] 4.3 - Specify funds ledger and escrow state machine #taskmaster #priority/high #status/pending ⏫ 🆔 tm-4-3 ⛔ tm-2
|
||||
- [ ] 4.4 - Create authorization matrix for REST and Socket.IO #taskmaster #priority/high #status/pending ⏫ 🆔 tm-4-4 ⛔ tm-2
|
||||
- [ ] 4.5 - Decide session, passkey, and admin step-up architecture #taskmaster #priority/high #status/pending ⏫ 🆔 tm-4-5 ⛔ tm-2
|
||||
- [ ] 4.6 - Specify webhook security and provider adapter contracts #taskmaster #priority/high #status/pending ⏫ 🆔 tm-4-6 ⛔ tm-3
|
||||
- [x] 4.3 - Specify funds ledger and escrow state machine #taskmaster #priority/high #status/done ⏫ 🆔 tm-4-3 ⛔ tm-2
|
||||
- [x] 4.4 - Create authorization matrix for REST and Socket.IO #taskmaster #priority/high #status/done ⏫ 🆔 tm-4-4 ⛔ tm-2
|
||||
- [x] 4.5 - Decide session, passkey, and admin step-up architecture #taskmaster #priority/high #status/done ⏫ 🆔 tm-4-5 ⛔ tm-2
|
||||
- [x] 4.6 - Specify webhook security and provider adapter contracts #taskmaster #priority/high #status/done ⏫ 🆔 tm-4-6 ⛔ tm-3
|
||||
- [x] 4.7 - Define secure build and supply-chain policy #taskmaster #priority/medium #status/done 🔼 🆔 tm-4-7 ⛔ tm-1
|
||||
- [ ] 4.8 - Make backend-core stack decision #taskmaster #priority/medium #status/pending 🔼 🆔 tm-4-8 ⛔ tm-2 ⛔ tm-3 ⛔ tm-4 ⛔ tm-5 ⛔ tm-6 ⛔ tm-7
|
||||
- [ ] 4.9 - Create migration and operational runbooks #taskmaster #priority/medium #status/pending 🔼 🆔 tm-4-9 ⛔ tm-8
|
||||
- [x] 4.8 - Make backend-core stack decision #taskmaster #priority/medium #status/done 🔼 🆔 tm-4-8 ⛔ tm-2 ⛔ tm-3 ⛔ tm-4 ⛔ tm-5 ⛔ tm-6 ⛔ tm-7
|
||||
- [x] 4.9 - Create migration and operational runbooks #taskmaster #priority/medium #status/done 🔼 🆔 tm-4-9 ⛔ tm-8
|
||||
- [ ] 5 - Deliver Telegram-native app, bot, and wallet experience #taskmaster #priority/high #status/in-progress ⏫ 🆔 tm-5
|
||||
- [ ] 5.1 - Define Telegram product surface and flow map #taskmaster #priority/high #status/in-progress ⏫ 🆔 tm-5-1
|
||||
- [ ] 5.2 - Build Telegram identity linking and session model #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-2 ⛔ tm-1
|
||||
- [ ] 5.3 - Implement bot command and notification foundation #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-3 ⛔ tm-1 ⛔ tm-2
|
||||
- [ ] 5.4 - Build Telegram Mini App shell for marketplace workflows #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-4 ⛔ tm-1 ⛔ tm-2
|
||||
- [ ] 5.5 - Add Telegram payment and wallet strategy #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-5 ⛔ tm-2 ⛔ tm-4
|
||||
- [x] 5.1 - Define Telegram product surface and flow map #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-1
|
||||
- [x] 5.2 - Build Telegram identity linking and session model #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-2 ⛔ tm-1
|
||||
- [x] 5.3 - Implement bot command and notification foundation #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-3 ⛔ tm-1 ⛔ tm-2
|
||||
- [ ] 5.4 - Build Telegram Mini App shell for marketplace workflows #taskmaster #priority/high #status/in-progress ⏫ 🆔 tm-5-4 ⛔ tm-1 ⛔ tm-2
|
||||
- [x] 5.5 - Add Telegram payment and wallet strategy #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-5 ⛔ tm-2 ⛔ tm-4
|
||||
- [ ] 5.6 - Expose escrow, delivery, dispute, and release actions safely #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-6 ⛔ tm-4 ⛔ tm-5
|
||||
- [ ] 5.7 - Add admin and support surface for Telegram-originated cases #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-7 ⛔ tm-2 ⛔ tm-3 ⛔ tm-5
|
||||
- [ ] 5.8 - Add security, compliance, and abuse controls for Telegram #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-8 ⛔ tm-2 ⛔ tm-3 ⛔ tm-5 ⛔ tm-6
|
||||
- [ ] 5.9 - Prepare QA, rollout, analytics, and launch operations #taskmaster #priority/high #status/pending ⏫ 🆔 tm-5-9 ⛔ tm-3 ⛔ tm-4 ⛔ tm-5 ⛔ tm-6 ⛔ tm-7 ⛔ tm-8
|
||||
- [x] 5.8 - Add security, compliance, and abuse controls for Telegram #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-8 ⛔ tm-2 ⛔ tm-3 ⛔ tm-5 ⛔ tm-6
|
||||
- [x] 5.9 - Prepare QA, rollout, analytics, and launch operations #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-9 ⛔ tm-3 ⛔ tm-4 ⛔ tm-5 ⛔ tm-6 ⛔ tm-7 ⛔ tm-8
|
||||
- [x] 5.10 - Implement Telegram as first-class authentication provider #taskmaster #priority/high #status/done ⏫ 🆔 tm-5-10 ⛔ tm-2 ⛔ tm-8
|
||||
- [x] 6 - Request Network in-house checkout (Rabby-supporting) #taskmaster #priority/high #status/done ⏫ 🆔 tm-6
|
||||
- [x] 6.1 - Deploy confirmation repair before next paid probe #taskmaster #priority/high #status/done ⏫ 🆔 tm-6-1
|
||||
- [ ] 7 - Per-(buyer, sellerOffer) ephemeral RN destination wallets #taskmaster #priority/high #status/pending ⏫ 🆔 tm-7
|
||||
- [ ] 8 - Multichain RN proxy registry + USDC/USDT support #taskmaster #priority/high #status/pending ⏫ 🆔 tm-8
|
||||
- [ ] 9 - Per-chain confirmation thresholds + admin UI #taskmaster #priority/medium #status/pending 🔼 🆔 tm-9
|
||||
- [ ] 10 - Optional AML screening on incoming payments (seller-paid) #taskmaster #priority/medium #status/pending 🔼 🆔 tm-10
|
||||
- [ ] 11 - Trezor signing for admin actions (release/refund/sweep) #taskmaster #priority/high #status/pending ⏫ 🆔 tm-11
|
||||
|
||||
Reference in New Issue
Block a user