docs(audit): align documentation with post-remediation backend reality
- Update data model enums to match backend models - Update API reference auth requirements - Add dispute module references and warning blocks - Add 2026-05-24 audit remediation callout to Overview - Generate task breakdowns and audit artifacts - Add doc alignment report (.taskmaster/reports/)
This commit is contained in:
@@ -301,7 +301,7 @@ Payouts are SHKeeper-side outbound transfers (admin pays the seller from a hot w
|
||||
### POST /api/payment/decentralized/save
|
||||
|
||||
**Description:** Persists a Web3-initiated payment record.
|
||||
**Auth required:** No
|
||||
**Auth required:** Bearer JWT (enforces `userId` ownership match)
|
||||
**Request body:**
|
||||
```ts
|
||||
{
|
||||
@@ -326,7 +326,7 @@ Payouts are SHKeeper-side outbound transfers (admin pays the seller from a hot w
|
||||
### PUT /api/payment/decentralized/update
|
||||
|
||||
**Description:** Update a decentralized payment's status / confirmations.
|
||||
**Auth required:** No
|
||||
**Auth required:** Bearer JWT (owner or admin)
|
||||
**Request body:** `{ paymentId, status, confirmations? }`
|
||||
|
||||
### GET /api/payment/decentralized/receiver
|
||||
@@ -337,17 +337,17 @@ Payouts are SHKeeper-side outbound transfers (admin pays the seller from a hot w
|
||||
### GET /api/payment/decentralized/history/:userId
|
||||
|
||||
**Description:** Decentralized payment history for a user.
|
||||
**Auth required:** No
|
||||
**Auth required:** Bearer JWT (self or admin)
|
||||
|
||||
### POST /api/payment/decentralized/verify/:paymentId
|
||||
|
||||
**Description:** Re-verifies a single decentralized payment against the chain.
|
||||
**Auth required:** No
|
||||
**Auth required:** Bearer JWT (owner or admin)
|
||||
|
||||
### POST /api/payment/decentralized/verify-all-pending
|
||||
|
||||
**Description:** Iterates all `pending` decentralized payments and re-verifies them.
|
||||
**Auth required:** No (typically called by a cron)
|
||||
**Auth required:** Bearer JWT (admin only)
|
||||
|
||||
### POST /api/payment/decentralized/admin-payout
|
||||
|
||||
@@ -371,6 +371,7 @@ Payouts are SHKeeper-side outbound transfers (admin pays the seller from a hot w
|
||||
|
||||
- `pending` - intent created, awaiting on-chain settlement
|
||||
- `processing` - settlement seen, awaiting confirmations
|
||||
- `confirmed` - fully credited (intermediate; sometimes skipped)
|
||||
- `completed` - confirmed, escrow funded
|
||||
- `failed` - intentionally failed (expired, declined, refused)
|
||||
- `cancelled` - cancelled by user/admin
|
||||
|
||||
Reference in New Issue
Block a user