# Taskmaster Dashboard Generated from `.taskmaster/tasks/tasks.json` at 2026-05-28T11:49:27.076Z. Taskmaster remains the canonical source of truth. Re-run: ```sh node scripts/export-taskmaster-to-obsidian.mjs ``` ## Status Summary - done: 44 - in-progress: 2 - pending: 8 ## Task Index | ID | Title | Status | Priority | Dependencies | | --- | --- | --- | --- | --- | | [[Tasks/task-1|1]] | Stabilize Mermaid diagram rendering across documentation vault | done | medium | None | | [[Tasks/task-1-1|1.1]] | Fix Security Architecture email/password sequence | done | medium | None | | [[Tasks/task-1-2|1.2]] | Fix authentication login and refresh diagrams | done | medium | None | | [[Tasks/task-1-3|1.3]] | Fix chat, delivery, dispute, OAuth, purchase request, referral, registration, and seller-offer diagrams | done | medium | None | | [[Tasks/task-2|2]] | Implement platform audit remediation plan | done | high | None | | [[Tasks/task-2-1|2.1]] | Secure unauthenticated endpoints and owner enforcement | done | high | None | | [[Tasks/task-2-2|2.2]] | Re-enable and scope rate limiting | done | high | 1 | | [[Tasks/task-2-3|2.3]] | Replace stubbed passkey/WebAuthn flow | done | high | 1 | | [[Tasks/task-2-4|2.4]] | Strengthen DePay/Web3 payment verification | done | high | 1 | | [[Tasks/task-2-5|2.5]] | Lock Socket.IO room joins to authenticated context | done | medium | 1 | | [[Tasks/task-2-6|2.6]] | Enforce dispute hold before payout and release operations | done | medium | 1, 4 | | [[Tasks/task-2-7|2.7]] | Align documentation, API references, and runtime enums | done | medium | 1, 2, 3, 4, 5, 6 | | [[Tasks/task-3|3]] | Migrate payment architecture toward Request Network and internal funds management | done | high | 2 | | [[Tasks/task-3-1|3.1]] | Define provider-neutral payment contracts and adapter | done | high | None | | [[Tasks/task-3-2|3.2]] | Implement provider configuration, feature flags, and safe rollback | done | high | 3.1 | | [[Tasks/task-3-3|3.3]] | Create internal funds and payment ledger model | done | high | 3.1 | | [[Tasks/task-3-4|3.4]] | Build migration and indexing plan for existing SHKeeper records | done | high | 3.3 | | [[Tasks/task-3-5|3.5]] | Implement Request Network pay-in intent and secure payment pages | done | high | 3.2 | | [[Tasks/task-3-6|3.6]] | Implement signed Request Network webhook intake | done | high | 3.2 | | [[Tasks/task-3-7|3.7]] | Implement reconciliation and repair jobs | done | high | 3.5, 3.6 | | [[Tasks/task-3-8|3.8]] | Replace checkout and payment UI with provider-neutral flows | done | high | 3.5 | | [[Tasks/task-3-9|3.9]] | Add payout/release and refund orchestration using ledger gates | done | high | 3.3, 3.7 | | [[Tasks/task-3-10|3.10]] | Update release/refund APIs and marketplace release paths | done | high | 3.8, 3.9 | | [[Tasks/task-3-11|3.11]] | Add comprehensive observability, runbooks, and incident controls | done | high | 3.6, 3.8, 3.9, 3.10 | | [[Tasks/task-3-12|3.12]] | Add end-to-end integration, migration, and rollback test suites | done | high | 3.6, 3.10, 3.11 | | [[Tasks/task-3-13|3.13]] | Add durable RN webhook ingress and transaction safety | pending | high | None | | [[Tasks/task-4|4]] | Define backend security and refactor strategy from latest audit | done | high | None | | [[Tasks/task-4-1|4.1]] | Assign security ownership and launch decision criteria | done | high | None | | [[Tasks/task-4-2|4.2]] | Produce threat model for escrow platform | done | high | 1 | | [[Tasks/task-4-3|4.3]] | Specify funds ledger and escrow state machine | done | high | 2 | | [[Tasks/task-4-4|4.4]] | Create authorization matrix for REST and Socket.IO | done | high | 2 | | [[Tasks/task-4-5|4.5]] | Decide session, passkey, and admin step-up architecture | done | high | 2 | | [[Tasks/task-4-6|4.6]] | Specify webhook security and provider adapter contracts | done | high | 3 | | [[Tasks/task-4-7|4.7]] | Define secure build and supply-chain policy | done | medium | 1 | | [[Tasks/task-4-8|4.8]] | Make backend-core stack decision | done | medium | 2, 3, 4, 5, 6, 7 | | [[Tasks/task-4-9|4.9]] | Create migration and operational runbooks | done | medium | 8 | | [[Tasks/task-5|5]] | Deliver Telegram-native app, bot, and wallet experience | in-progress | high | None | | [[Tasks/task-5-1|5.1]] | Define Telegram product surface and flow map | done | high | None | | [[Tasks/task-5-2|5.2]] | Build Telegram identity linking and session model | done | high | 1 | | [[Tasks/task-5-3|5.3]] | Implement bot command and notification foundation | done | high | 1, 2 | | [[Tasks/task-5-4|5.4]] | Build Telegram Mini App shell for marketplace workflows | in-progress | high | 1, 2 | | [[Tasks/task-5-5|5.5]] | Add Telegram payment and wallet strategy | done | high | 2, 4 | | [[Tasks/task-5-6|5.6]] | Expose escrow, delivery, dispute, and release actions safely | pending | high | 4, 5 | | [[Tasks/task-5-7|5.7]] | Add admin and support surface for Telegram-originated cases | pending | high | 2, 3, 5 | | [[Tasks/task-5-8|5.8]] | Add security, compliance, and abuse controls for Telegram | done | high | 2, 3, 5, 6 | | [[Tasks/task-5-9|5.9]] | Prepare QA, rollout, analytics, and launch operations | done | high | 3, 4, 5, 6, 7, 8 | | [[Tasks/task-5-10|5.10]] | Implement Telegram as first-class authentication provider | done | high | 2, 8 | | [[Tasks/task-6|6]] | Request Network in-house checkout (Rabby-supporting) | done | high | None | | [[Tasks/task-6-1|6.1]] | Deploy confirmation repair before next paid probe | done | high | None | | [[Tasks/task-7|7]] | Per-(buyer, sellerOffer) ephemeral RN destination wallets | pending | high | None | | [[Tasks/task-8|8]] | Multichain RN proxy registry + USDC/USDT support | pending | high | None | | [[Tasks/task-9|9]] | Per-chain confirmation thresholds + admin UI | pending | medium | None | | [[Tasks/task-10|10]] | Optional AML screening on incoming payments (seller-paid) | pending | medium | None | | [[Tasks/task-11|11]] | Trezor signing for admin actions (release/refund/sweep) | pending | high | None | ## Obsidian Tasks Query ```tasks not done tag includes #taskmaster sort by priority sort by description ```