39 lines
1.2 KiB
Markdown
39 lines
1.2 KiB
Markdown
# Security Hardening Checklist (Membership Flow)
|
|
|
|
## Wallet Intent and Signature
|
|
|
|
1. Enforce strict nonce uniqueness.
|
|
2. Enforce intent TTL.
|
|
3. Enforce origin allowlist.
|
|
4. Verify chain ID against allowlist.
|
|
5. Reject malformed or oversized signatures.
|
|
6. Reject replayed `intent_id`.
|
|
|
|
## Quote and Confirm
|
|
|
|
1. Use quote TTL and one-time confirmation semantics.
|
|
2. Bind quote to wallet and designation.
|
|
3. Confirm tx amount, currency, and contract destination exactly.
|
|
4. Confirm tx success status and finality threshold.
|
|
5. Idempotent confirm handling by `tx_hash` + `quote_id`.
|
|
|
|
## API Controls
|
|
|
|
1. Rate limits on intent, verify, quote, confirm, and status.
|
|
2. Request size limits.
|
|
3. Structured error responses without sensitive internals.
|
|
4. Correlation ID logging for all transitions.
|
|
|
|
## Data Integrity
|
|
|
|
1. Append-only audit records for state transitions.
|
|
2. Immutable receipt hash generation.
|
|
3. Versioned policy hash persistence with each quote and purchase.
|
|
|
|
## Operational Safety
|
|
|
|
1. Fail closed on RPC/node uncertainty.
|
|
2. Multi-RPC fallback with deterministic selection policy.
|
|
3. Emergency pause path for mint/checkout.
|
|
4. Key rotation runbook for issuer and system keys.
|