18 lines
661 B
Markdown
18 lines
661 B
Markdown
# Task 2: Implement platform audit remediation plan
|
|
|
|
Status: pending
|
|
Priority: high
|
|
Source PRD: `.taskmaster/docs/prd-platform-audit-remediation-plan-2026-05-24.md`
|
|
|
|
Address the code-backed security and consistency issues identified in the 2026-05-24 platform audit remediation PRD.
|
|
|
|
Subtasks:
|
|
|
|
1. Secure unauthenticated endpoints and owner enforcement.
|
|
2. Re-enable and scope rate limiting.
|
|
3. Replace stubbed passkey/WebAuthn flow.
|
|
4. Strengthen DePay/Web3 payment verification.
|
|
5. Lock Socket.IO room joins to authenticated context.
|
|
6. Enforce dispute hold before payout and release operations.
|
|
7. Align documentation, API references, and runtime enums.
|