Files
nick-doc/.taskmaster/tasks/task-2.md
2026-05-24 08:57:38 +04:00

661 B

Task 2: Implement platform audit remediation plan

Status: pending
Priority: high
Source PRD: .taskmaster/docs/prd-platform-audit-remediation-plan-2026-05-24.md

Address the code-backed security and consistency issues identified in the 2026-05-24 platform audit remediation PRD.

Subtasks:

  1. Secure unauthenticated endpoints and owner enforcement.
  2. Re-enable and scope rate limiting.
  3. Replace stubbed passkey/WebAuthn flow.
  4. Strengthen DePay/Web3 payment verification.
  5. Lock Socket.IO room joins to authenticated context.
  6. Enforce dispute hold before payout and release operations.
  7. Align documentation, API references, and runtime enums.