- Update data model enums to match backend models - Update API reference auth requirements - Add dispute module references and warning blocks - Add 2026-05-24 audit remediation callout to Overview - Generate task breakdowns and audit artifacts - Add doc alignment report (.taskmaster/reports/)
5.2 KiB
5.2 KiB
Taskmaster Dashboard
Generated from .taskmaster/tasks/tasks.json at 2026-05-24T07:15:25.199Z.
Taskmaster remains the canonical source of truth. Re-run:
node scripts/export-taskmaster-to-obsidian.mjs
Status Summary
- done: 28
- in-progress: 3
- pending: 14
Task Index
| ID | Title | Status | Priority | Dependencies |
|---|---|---|---|---|
| [[Tasks/task-1 | 1]] | Stabilize Mermaid diagram rendering across documentation vault | done | medium |
| [[Tasks/task-1-1 | 1.1]] | Fix Security Architecture email/password sequence | done | medium |
| [[Tasks/task-1-2 | 1.2]] | Fix authentication login and refresh diagrams | done | medium |
| [[Tasks/task-1-3 | 1.3]] | Fix chat, delivery, dispute, OAuth, purchase request, referral, registration, and seller-offer diagrams | done | medium |
| [[Tasks/task-2 | 2]] | Implement platform audit remediation plan | done | high |
| [[Tasks/task-2-1 | 2.1]] | Secure unauthenticated endpoints and owner enforcement | done | high |
| [[Tasks/task-2-2 | 2.2]] | Re-enable and scope rate limiting | done | high |
| [[Tasks/task-2-3 | 2.3]] | Replace stubbed passkey/WebAuthn flow | done | high |
| [[Tasks/task-2-4 | 2.4]] | Strengthen DePay/Web3 payment verification | done | high |
| [[Tasks/task-2-5 | 2.5]] | Lock Socket.IO room joins to authenticated context | done | medium |
| [[Tasks/task-2-6 | 2.6]] | Enforce dispute hold before payout and release operations | done | medium |
| [[Tasks/task-2-7 | 2.7]] | Align documentation, API references, and runtime enums | done | medium |
| [[Tasks/task-3 | 3]] | Migrate payment architecture toward Request Network and internal funds management | done | high |
| [[Tasks/task-3-1 | 3.1]] | Define provider-neutral payment contracts and adapter | done | high |
| [[Tasks/task-3-2 | 3.2]] | Implement provider configuration, feature flags, and safe rollback | done | high |
| [[Tasks/task-3-3 | 3.3]] | Create internal funds and payment ledger model | done | high |
| [[Tasks/task-3-4 | 3.4]] | Build migration and indexing plan for existing SHKeeper records | done | high |
| [[Tasks/task-3-5 | 3.5]] | Implement Request Network pay-in intent and secure payment pages | done | high |
| [[Tasks/task-3-6 | 3.6]] | Implement signed Request Network webhook intake | done | high |
| [[Tasks/task-3-7 | 3.7]] | Implement reconciliation and repair jobs | done | high |
| [[Tasks/task-3-8 | 3.8]] | Replace checkout and payment UI with provider-neutral flows | done | high |
| [[Tasks/task-3-9 | 3.9]] | Add payout/release and refund orchestration using ledger gates | done | high |
| [[Tasks/task-3-10 | 3.10]] | Update release/refund APIs and marketplace release paths | done | high |
| [[Tasks/task-3-11 | 3.11]] | Add comprehensive observability, runbooks, and incident controls | done | high |
| [[Tasks/task-3-12 | 3.12]] | Add end-to-end integration, migration, and rollback test suites | done | high |
| [[Tasks/task-4 | 4]] | Define backend security and refactor strategy from latest audit | in-progress | high |
| [[Tasks/task-4-1 | 4.1]] | Assign security ownership and launch decision criteria | done | high |
| [[Tasks/task-4-2 | 4.2]] | Produce threat model for escrow platform | done | high |
| [[Tasks/task-4-3 | 4.3]] | Specify funds ledger and escrow state machine | pending | high |
| [[Tasks/task-4-4 | 4.4]] | Create authorization matrix for REST and Socket.IO | pending | high |
| [[Tasks/task-4-5 | 4.5]] | Decide session, passkey, and admin step-up architecture | pending | high |
| [[Tasks/task-4-6 | 4.6]] | Specify webhook security and provider adapter contracts | pending | high |
| [[Tasks/task-4-7 | 4.7]] | Define secure build and supply-chain policy | done | medium |
| [[Tasks/task-4-8 | 4.8]] | Make backend-core stack decision | pending | medium |
| [[Tasks/task-4-9 | 4.9]] | Create migration and operational runbooks | pending | medium |
| [[Tasks/task-5 | 5]] | Deliver Telegram-native app, bot, and wallet experience | in-progress | high |
| [[Tasks/task-5-1 | 5.1]] | Define Telegram product surface and flow map | in-progress | high |
| [[Tasks/task-5-2 | 5.2]] | Build Telegram identity linking and session model | pending | high |
| [[Tasks/task-5-3 | 5.3]] | Implement bot command and notification foundation | pending | high |
| [[Tasks/task-5-4 | 5.4]] | Build Telegram Mini App shell for marketplace workflows | pending | high |
| [[Tasks/task-5-5 | 5.5]] | Add Telegram payment and wallet strategy | pending | high |
| [[Tasks/task-5-6 | 5.6]] | Expose escrow, delivery, dispute, and release actions safely | pending | high |
| [[Tasks/task-5-7 | 5.7]] | Add admin and support surface for Telegram-originated cases | pending | high |
| [[Tasks/task-5-8 | 5.8]] | Add security, compliance, and abuse controls for Telegram | pending | high |
| [[Tasks/task-5-9 | 5.9]] | Prepare QA, rollout, analytics, and launch operations | pending | high |
Obsidian Tasks Query
not done
tag includes #taskmaster
sort by priority
sort by description