docs: sync vault with Task #7 backend + admin UI shipping (2.6.42)
- Handoff doc: mark Task #7 in-progress with what landed (backend modules, admin UI), what remains (cart-aware buyer UX, unit tests, live RN divergent-destination probe, optional auto-start cron). Promote the followups table from 'depends on' to 'status'. - Environment Variables: add DERIVED_DESTINATION_* block with KMS / Trezor production guidance. Code is on backend commit c98b3d7 / frontend commit 82d9a70, both on integrate-main-into-development. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -299,8 +299,22 @@ AUTO_SEED_ON_START=true
|
||||
ESCROW_WALLET_ADDRESS=0xa3049825c0785095EEd5E7976E0E539466c84044
|
||||
ADMIN_PAYOUT_WALLET_ADDRESS=
|
||||
|
||||
# Derived destinations (per-(buyer, sellerOffer) RN ephemeral wallets — Task #7)
|
||||
# Backend ONLY needs the xpub. The master seed must live in KMS/Trezor.
|
||||
DERIVED_DESTINATION_XPUB=
|
||||
# Only set DERIVED_DESTINATION_XPRIV when DERIVED_DESTINATION_SWEEP_SIGNER=hot-key
|
||||
# (dev shortcut). For prod, leave this blank and use the Trezor flow (Task #11).
|
||||
DERIVED_DESTINATION_XPRIV=
|
||||
DERIVED_DESTINATION_BASE_PATH=m/44'/60'/0'
|
||||
DERIVED_DESTINATION_CHAIN_ID=56
|
||||
DERIVED_DESTINATION_SWEEP_SIGNER=build-only
|
||||
DERIVED_DESTINATION_MIN_SWEEP_AMOUNT=0
|
||||
DERIVED_DESTINATION_SWEEP_INTERVAL_MS=300000
|
||||
|
||||
# OAuth
|
||||
GOOGLE_CLIENT_ID=
|
||||
```
|
||||
|
||||
> [!tip] Generate `JWT_SECRET` deterministically per environment so you don't accidentally invalidate sessions when restarting. Store it in your team's secret manager.
|
||||
|
||||
> [!warning] `DERIVED_DESTINATION_XPRIV` is a development-only shortcut. In production, set `DERIVED_DESTINATION_SWEEP_SIGNER=build-only` and pair with Task #11 Trezor signing so the master seed never sits on the backend host.
|
||||
|
||||
Reference in New Issue
Block a user