1.2 KiB
1.2 KiB
Security Hardening Checklist (Membership Flow)
Wallet Intent and Signature
- Enforce strict nonce uniqueness.
- Enforce intent TTL.
- Enforce origin allowlist.
- Verify chain ID against allowlist.
- Reject malformed or oversized signatures.
- Reject replayed
intent_id.
Quote and Confirm
- Use quote TTL and one-time confirmation semantics.
- Bind quote to wallet and designation.
- Confirm tx amount, currency, and contract destination exactly.
- Confirm tx success status and finality threshold.
- Idempotent confirm handling by
tx_hash+quote_id.
API Controls
- Rate limits on intent, verify, quote, confirm, and status.
- Request size limits.
- Structured error responses without sensitive internals.
- Correlation ID logging for all transitions.
Data Integrity
- Append-only audit records for state transitions.
- Immutable receipt hash generation.
- Versioned policy hash persistence with each quote and purchase.
Operational Safety
- Fail closed on RPC/node uncertainty.
- Multi-RPC fallback with deterministic selection policy.
- Emergency pause path for mint/checkout.
- Key rotation runbook for issuer and system keys.