In-house Request Network checkout went fully end-to-end on dev today. A real 0.01 USDC payment flowed through wallet connect -> approve -> ERC20FeeProxy.transferFromWithReferenceAndFee -> RN webhook -> TransactionSafetyProvider -> Payment.status=completed -> page success state. Tx 0x494c77a29161b5100d8e0b1ac675f1822955d0bb3633ecdbfafb886f84f2f320. Docs: - New PRD: Wallet, Multichain, Confirmations, AML, Trezor (5 follow-ups, each sized for an independent contributor) - Updated PRD: Request Network In-House Checkout (phases 0..3 done, phase 4 partial, phases 5-6 not started) - Updated handoff: deployed versions, what is working end-to-end, follow-up tasks index Taskmaster: 5 new top-level tasks (#7..#11) covering ephemeral destination wallets, multichain proxy registry + USDC/USDT, runtime confirmation thresholds, optional seller-paid AML screening, and Trezor signing for admin actions. Tasks are scoped fine-grained so each is independent enough for kimi to pick up. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
36 lines
1.2 KiB
Markdown
36 lines
1.2 KiB
Markdown
---
|
|
taskmaster_id: "4.9"
|
|
status: "done"
|
|
priority: "medium"
|
|
depends_on: ["8"]
|
|
parent_id: "4"
|
|
source: "taskmaster"
|
|
generated_at: "2026-05-28T11:49:27.076Z"
|
|
---
|
|
|
|
# 4.9 - Create migration and operational runbooks
|
|
|
|
- [x] 4.9 - Create migration and operational runbooks #taskmaster #priority/medium #status/done 🔼 🆔 tm-4-9 ⛔ tm-8
|
|
|
|
## Metadata
|
|
|
|
| Field | Value |
|
|
| --- | --- |
|
|
| Taskmaster ID | 4.9 |
|
|
| Status | done |
|
|
| Priority | medium |
|
|
| Dependencies | 8 |
|
|
| Parent | 4 - Define backend security and refactor strategy from latest audit |
|
|
|
|
## Description
|
|
|
|
Document rollout, rollback, and incident response for the selected backend/funds architecture.
|
|
|
|
## Details
|
|
|
|
Include SHKeeper legacy read path, provider feature flag, ledger backfill, validation report before enforcement, rollback criteria, webhook cutoff, manual reconciliation, failed webhook, duplicate/missing payment, stuck release, disputed release attempt, compromised admin, leaked API key, provider outage, chain/RPC outage, suspicious payment proof, and npm/package compromise.
|
|
|
|
## Verification
|
|
|
|
Runbooks identify owner, trigger, detection signal, immediate action, recovery action, and post-incident documentation for each scenario.
|