Commit Graph

8 Commits

Author SHA1 Message Date
Siavash Sameni
fdb92a5056 docs: adopt RTK.md as canonical rule set; update RN handover
Moves the canonical agent rule set into nick-doc/RTK.md (previously only
present in the untracked escrow root). backend/AGENTS.md and
frontend/AGENTS.md now point here instead of duplicating the rules
3-ways and drifting.

New rules introduced as part of this session:
- Every build patch-bumps the version (image tracker on git.manko.yoga
  overwrites tags otherwise).
- Pre-deploy CLI verification: smoke tests in scripts/smoke/ must pass
  before pushing a build-triggering commit.
- CI notification safety: HTML-escape commit messages and strip git
  trailers; never embed {{commit.message}} directly in the telegram
  plugin's HTML-formatted body.

Handover doc updated to record that the Request Network checkout flow is
now end-to-end working at 2.6.20 (idempotency in bdbcc32, v2 wire shape
in 40750d3).

Co-Authored-By: Claude Opus 4.7 noreply@anthropic.com
2026-05-27 09:56:43 +04:00
Siavash Sameni
2a00339882 docs(ops): mark Request Network intent idempotency fix as implemented
Backend solution (c) shipped in nick/backend@bdbcc32 — endpoint now reuses
existing pending Payments instead of colliding on the unique index.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-27 09:05:21 +04:00
Siavash Sameni
a9d7bf003d docs(ops): handover for Request Network intent duplicate key bug
Captures the E11000 collision on the uniq_pending_request_network_by_buyer_session
index, identifies reused purchaseRequestId as the root cause, and lays out the
mongo unblock, frontend id-rotation, and backend idempotency fixes.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-27 09:01:06 +04:00
Siavash Sameni
873a57874e Update docs for TON proof backend, Mini App fixes, and EVM wallet stub
PRD - TON Wallet Ownership Proof.md:
- Status updated from ready-to-implement -> backend-implemented.
- Added Implementation Status section documenting what is complete
  (challenge endpoint, tonProofService.ts, User model fields, 15 tests)
  and what remains (frontend proof wiring, verified badge).
- Acceptance criteria updated: backend items checked, frontend pending.

Handoff - Telegram Mini App Debug - 2026-05-24.md:
- New Implemented sections for session 3:
  - TON Wallet Ownership Proof backend (full detail of tonProofService,
    userController changes, User model fields, 15 unit tests).
  - Telegram Mini App shell dir="ltr" + smart displayName fallback.
  - Socket status suppressed on /telegram paths.
  - EVM WalletConnect stub card (disabled until project ID configured).
- Known Issues: TON proof updated to "frontend wiring pending";
  EVM WalletConnect section added with activation steps.
- Current Git State updated to Session 3.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-24 20:21:29 +04:00
Siavash Sameni
940ad0c655 Add full system audit reports and Telegram Mini App debug handoff
- Three-stream audit (security / logic / performance) with 35+ findings
  derived from actual source code, each with file:line and remediation
- Audit Index cross-references criticals across streams into prioritized
  fix tiers: immediately / before soft launch / before public launch
- Telegram Mini App debug handoff documenting what was implemented and
  all remaining work items with exact file lists and test commands
- Updated architecture, data model, auth API, and registration flow docs
  to reflect Telegram auth, TON wallet, and email verification additions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-24 17:20:08 +04:00
Siavash Sameni
6a451040d9 Complete task 4 backend security architecture docs 2026-05-24 11:31:40 +04:00
Siavash Sameni
b824ca0435 Document payment verification and trezor safekeeping 2026-05-24 11:12:17 +04:00
moojttaba
0da235ae27 Initial commit: nick docs 2026-05-23 20:35:34 +03:30