docs: ship in-house RN checkout, scope 5 follow-up tasks (#7-11)
In-house Request Network checkout went fully end-to-end on dev today. A real 0.01 USDC payment flowed through wallet connect -> approve -> ERC20FeeProxy.transferFromWithReferenceAndFee -> RN webhook -> TransactionSafetyProvider -> Payment.status=completed -> page success state. Tx 0x494c77a29161b5100d8e0b1ac675f1822955d0bb3633ecdbfafb886f84f2f320. Docs: - New PRD: Wallet, Multichain, Confirmations, AML, Trezor (5 follow-ups, each sized for an independent contributor) - Updated PRD: Request Network In-House Checkout (phases 0..3 done, phase 4 partial, phases 5-6 not started) - Updated handoff: deployed versions, what is working end-to-end, follow-up tasks index Taskmaster: 5 new top-level tasks (#7..#11) covering ephemeral destination wallets, multichain proxy registry + USDC/USDT, runtime confirmation thresholds, optional seller-paid AML screening, and Trezor signing for admin actions. Tasks are scoped fine-grained so each is independent enough for kimi to pick up. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -5,7 +5,7 @@ priority: "high"
|
||||
depends_on: ["2"]
|
||||
parent_id: "4"
|
||||
source: "taskmaster"
|
||||
generated_at: "2026-05-24T07:26:29.052Z"
|
||||
generated_at: "2026-05-28T11:49:27.076Z"
|
||||
---
|
||||
|
||||
# 4.5 - Decide session, passkey, and admin step-up architecture
|
||||
@@ -28,8 +28,6 @@ Choose browser session model and high-risk admin authentication requirements.
|
||||
|
||||
## Details
|
||||
|
||||
Completed. Produced `09 - Audits/Session and Authentication Architecture Decision.md`.
|
||||
|
||||
Decide localStorage versus httpOnly cookies, access/refresh token lifetimes, CSRF strategy, refresh rotation, WebAuthn requirements, OAuth requirements, device/session revocation, and whether payouts/role changes require step-up authentication or two-person approval.
|
||||
|
||||
## Verification
|
||||
|
||||
Reference in New Issue
Block a user