docs(audit): align documentation with post-remediation backend reality
- Update data model enums to match backend models - Update API reference auth requirements - Add dispute module references and warning blocks - Add 2026-05-24 audit remediation callout to Overview - Generate task breakdowns and audit artifacts - Add doc alignment report (.taskmaster/reports/)
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
# Task 2: Implement platform audit remediation plan
|
||||
|
||||
Status: pending
|
||||
Status: done
|
||||
Priority: high
|
||||
Source PRD: `.taskmaster/docs/prd-platform-audit-remediation-plan-2026-05-24.md`
|
||||
|
||||
@@ -8,10 +8,10 @@ Address the code-backed security and consistency issues identified in the 2026-0
|
||||
|
||||
Subtasks:
|
||||
|
||||
1. Secure unauthenticated endpoints and owner enforcement.
|
||||
2. Re-enable and scope rate limiting.
|
||||
3. Replace stubbed passkey/WebAuthn flow.
|
||||
4. Strengthen DePay/Web3 payment verification.
|
||||
5. Lock Socket.IO room joins to authenticated context.
|
||||
6. Enforce dispute hold before payout and release operations.
|
||||
7. Align documentation, API references, and runtime enums.
|
||||
1. Secure unauthenticated endpoints and owner enforcement. ✅
|
||||
2. Re-enable and scope rate limiting. ✅
|
||||
3. Replace stubbed passkey/WebAuthn flow. ✅
|
||||
4. Strengthen DePay/Web3 payment verification. ✅
|
||||
5. Lock Socket.IO room joins to authenticated context. ✅
|
||||
6. Enforce dispute hold before payout and release operations. ✅
|
||||
7. Align documentation, API references, and runtime enums. ✅
|
||||
|
||||
Reference in New Issue
Block a user