Siavash Sameni
85fe50aca0
docs: sync from backend 882096f — notification pg dev cutover
2026-06-02 12:33:58 +04:00
Siavash Sameni
bf82e7d628
docs: sync from backend f1ba14b — notification pg backfill tooling
2026-06-02 10:44:18 +04:00
Siavash Sameni
c90f286b12
docs: sync from backend 10de752 — defer legacy mongo imports
2026-06-02 10:30:06 +04:00
Siavash Sameni
1a59dacf87
docs: sync from backend 134d155 — lazy-load pg-capable store fallbacks
2026-06-02 10:21:43 +04:00
Siavash Sameni
1d983c8bfa
docs: sync from backend 2c5c3c7 — pg ledger repo seam
2026-06-01 22:38:33 +04:00
Siavash Sameni
e908cfce63
docs: sync from deployment 38cb75b — pg store defaults
2026-06-01 21:40:42 +04:00
Siavash Sameni
8a90bb69be
docs: sync from backend c5db471 — request templates
2026-06-01 19:02:03 +04:00
Siavash Sameni
02641e1333
docs: sync from backend 1543b53 — category uniqueness
2026-06-01 17:22:53 +04:00
Siavash Sameni
78707c11a7
docs: sync from backend 6df113d — marketplace pg backfill
2026-06-01 14:53:35 +04:00
Siavash Sameni
5352a78e96
docs: record postgres health store modes
2026-06-01 14:00:16 +04:00
Siavash Sameni
7b5dbb2683
docs: sync from backend 1757f1e - postgres cutover stores
2026-06-01 11:54:56 +04:00
Siavash Sameni
e8a1bba471
docs: sync from backend 8e03360 — auth health hotfix
2026-05-31 16:28:09 +04:00
Siavash Sameni
35640e38cc
docs: sync from backend cbc32dc — template delivery rails
2026-05-31 15:52:30 +04:00
Siavash Sameni
9f8cc104c7
docs: sync from backend a4d72df - cap confirmation floors
2026-05-31 15:21:28 +04:00
Siavash Sameni
798fa2f48e
docs: sync from backend 896f17f - persist webhook confirmations
2026-05-31 15:08:50 +04:00
Siavash Sameni
0bd3fe5598
docs: sync from backend cab0719 - align request budget validation
2026-05-31 14:46:59 +04:00
Siavash Sameni
773f5db454
docs: sync from backend 3a50dc4 - promote postgres integration
2026-05-31 14:20:40 +04:00
Siavash Sameni
dceaf82934
audit: 2026-05-30 full-codebase audit — report, issues, docs, runbooks
...
Full-codebase-audit 2026-05-30 outputs:
- Audit report: 09 - Audits/Full Codebase Audit - 2026-05-30.md
- 81 issue files ISSUE-055..135 (decisions + 1 skipped no-brainer).
- Scanner docs from scratch (was zero): architecture, data model, API ref, payment
flow, operations runbook + repo README.
- Doc-sync updates across API reference, data models, flows, design system.
- Secret Rotation Runbook (08 - Operations) for the exposed credentials.
- Reusable workflow guide (07 - Development) + .claude/workflows/full-codebase-audit.js.
Issues remain status:open intentionally — the code fixes are uncommitted-then-committed
working-tree changes per repo and aren't "resolved" until merged/deployed.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-05-30 18:48:04 +04:00
moojttaba
c6bbb4bdcb
docs: sync from frontend 9013b70 — staged node-package upgrade + TS6 test fix + lint sweep
...
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-30 03:20:28 +03:30
Siavash Sameni
5113b0df23
docs: add doc vs code audit report and comprehensive UAT test plan (2026-05-29)
...
228 findings (35 critical, 123 major, 54 minor) across 8 domains.
513 UAT test cases (165 P0, 233 P1, 102 P2, 13 P3) across 9 domains.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-29 14:32:02 +04:00
Siavash Sameni
67cfe4469b
docs: sync from backend cdc8df1 + frontend a5dd48e + scanner 8fee27e — AMN Pay Scanner
...
- Activity Log: new entry for AMN Pay Scanner implementation
- Environment Variables: document AMN_SCANNER_URL, AMN_SCANNER_WEBHOOK_SECRET, AMN_SCANNER_DEFAULT
- PRD status table: mark all components implemented
2026-05-29 13:07:07 +04:00
Siavash Sameni
eeb8066b87
docs: sync from backend 7688f57 — sweep gas strategy: PermitPull + GasTopUp signers
2026-05-29 10:13:44 +04:00
Siavash Sameni
8623762b85
docs: sync from deployment 4e8658d — Gatus service config committed
2026-05-29 05:40:02 +04:00
Siavash Sameni
02846aced9
docs: sync from backend 6c01a30 — Gatus /api/health endpoint shipped
...
- Mark backend work as complete in Gatus Monitoring doc
- Update follow-up issues table with status column
- Add Activity Log entry for 2.6.49
2026-05-29 05:36:22 +04:00
Siavash Sameni
ddc0434819
docs: sync from backend 19f7eb9, frontend 60ee6fb — Task #10 AML screening
2026-05-28 20:35:38 +04:00
Siavash Sameni
fd2aa71ef4
docs: Task #9 confirmation thresholds + PRD AC updates + API docs
...
- Update Activity Log with backend@441c8be, frontend@717d5c8
- Update PRD §3 acceptance criteria for Task #9
- Update Payment API.md with confirmation-threshold and awaiting-confirmation endpoints
2026-05-28 20:13:15 +04:00
Siavash Sameni
f5e1106e77
docs: Task #8 Base fix + USDT fork test verification + PRD AC updates
...
- Update Handoff - RN Multichain Probe with corrected Base proxy address
- Document anvil fork test verifying USDT-mainnet approve(0) reset
- Update PRD §2 AC #4 to verified
- Update Activity Log with backend@4a85737
2026-05-28 20:04:21 +04:00
Siavash Sameni
85cb439ce2
docs: Task #8 probe results + handoff + PRD AC updates
...
- Add Handoff - RN Multichain Probe - 2026-05-28.md
- Update Handoff - Request Network In-House Checkout with Task #8 status
- Update Activity Log with backend@ae17b18, frontend@0ebb2f1
- Update PRD §2 acceptance criteria for Task #8
- Update Payment API.md with /api/admin/rn/networks endpoints
2026-05-28 19:53:06 +04:00
Siavash Sameni
2308db8074
docs: sync from backend 34f542e — Task #7 B unit tests + C protocol + PRD updates
2026-05-28 19:18:53 +04:00
Siavash Sameni
e00129d40d
docs: sync from backend 1889169, frontend c44ed64 — Task #7 A verification fix: multi-checkout conversion + orphan-payment guard
2026-05-28 17:21:14 +04:00
Siavash Sameni
4017aee800
docs: sync from backend faf2221, frontend 022ecb6 — Task #7 derived destinations sweep autostart, recordSweep fix, multi-seller checkout
2026-05-28 17:15:18 +04:00
moojttaba
04afa95547
docs: add Sync-From-Code rule + Activity Log
...
- AGENTS.md: mandate Activity Log entry + section updates after every code push
- 09 - Audits/Activity Log.md: new append-only log, seeded with this session's
frontend fixes (Docker build unblock, request template debug improvements,
429 storm fix) and the cross-repo rule rollout
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-28 10:39:57 +03:30
Siavash Sameni
940ad0c655
Add full system audit reports and Telegram Mini App debug handoff
...
- Three-stream audit (security / logic / performance) with 35+ findings
derived from actual source code, each with file:line and remediation
- Audit Index cross-references criticals across streams into prioritized
fix tiers: immediately / before soft launch / before public launch
- Telegram Mini App debug handoff documenting what was implemented and
all remaining work items with exact file lists and test commands
- Updated architecture, data model, auth API, and registration flow docs
to reflect Telegram auth, TON wallet, and email verification additions
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-24 17:20:08 +04:00
Siavash Sameni
2533bedb91
Update Telegram auth verification report
2026-05-24 16:15:40 +04:00
Siavash Sameni
fa7234cbe1
Document Telegram first-class auth
2026-05-24 16:12:46 +04:00
Siavash Sameni
7651d69811
Document telegram-native task 5 foundation
2026-05-24 13:19:54 +04:00
Siavash Sameni
6a451040d9
Complete task 4 backend security architecture docs
2026-05-24 11:31:40 +04:00
Siavash Sameni
4cf5c49274
docs(audit): align documentation with post-remediation backend reality
...
- Update data model enums to match backend models
- Update API reference auth requirements
- Add dispute module references and warning blocks
- Add 2026-05-24 audit remediation callout to Overview
- Generate task breakdowns and audit artifacts
- Add doc alignment report (.taskmaster/reports/)
2026-05-24 11:16:29 +04:00
Siavash Sameni
10a6c2fa53
docs: add backend security refactor assessment
2026-05-24 08:43:01 +04:00
Siavash Sameni
5b93b2d23e
docs: add comprehensive logical audit report
...
Adds a full cross-document audit covering:
- Data Models (broken refs, ghost states, missing constraints)
- API Reference (unauthenticated endpoints, field mismatches, missing pagination)
- Architecture (fictitious deps, statelessness claims vs reality)
- Flows (race conditions, missing failure paths, auth bypasses)
- Security (passkey stubs, JWT storage, webhook verification)
32 findings organized by severity with recommended fixes.
2026-05-24 08:03:20 +04:00