661 B
661 B
Task 2: Implement platform audit remediation plan
Status: pending
Priority: high
Source PRD: .taskmaster/docs/prd-platform-audit-remediation-plan-2026-05-24.md
Address the code-backed security and consistency issues identified in the 2026-05-24 platform audit remediation PRD.
Subtasks:
- Secure unauthenticated endpoints and owner enforcement.
- Re-enable and scope rate limiting.
- Replace stubbed passkey/WebAuthn flow.
- Strengthen DePay/Web3 payment verification.
- Lock Socket.IO room joins to authenticated context.
- Enforce dispute hold before payout and release operations.
- Align documentation, API references, and runtime enums.