Skip to main content

Cleanup Baseline — 2026-04-09

Baseline marker tag: cleanup-2026-04-09
Tag target: 2c868e0b (chore(cleanup): remove generated output and tmp artifacts)

Scope

This baseline captures the repo-wide stale-file and stale-reference cleanup pass and the immediate hardening that followed.

Changelog (short)

  • 2c868e0b — remove tracked generated output and tmp artifacts.
  • 7ac50f08 — prune stale/contradictory .gitignore rules.
  • 2e23cd52 — patch frontend/CRE audit vulnerabilities (vite, hono, vitest chain).

Verification snapshot

  • pnpm -C frontend lint — pass
  • pnpm -C frontend typecheck — pass
  • pnpm -C frontend test --run — pass
  • pnpm -C cre test — pass
  • pnpm -C frontend audit — no actionable findings; only residual elliptic low (no upstream fixed version published)
  • pnpm -C cre audit — clean

Endpoint hardening deltas (post-baseline)

  • GET /api/v1/agents/creators?listed=false now requires an authenticated admin principal (not just any authenticated user) and keeps private, no-store response caching for unlisted reads.
  • GET /api/token/image now applies dual throttles (per-IP and per-IP+token-address) with explicit Retry-After + rate-limit headers before any expensive RPC/image processing.
  • POST /api/agent/stream now enforces explicit request-body size bounds and strict JSON object parsing for message/context input paths.
  • POST /api/paymaster legacy-withdraw mode now enforces extra wrapper/share provenance checks (deployed-code checks plus wrapper/share/vault/creator-token relationship validation) before sponsorship.
  • POST /api/rpc now enforces an explicit in-flight concurrency ceiling (RPC_PROXY_MAX_IN_FLIGHT) and fails fast with 503 rpc_proxy_busy + Retry-After when saturated.
  • POST /api/telegram/link/telemetry now bounds/sanitizes event metadata (field lengths, payload keys/depth/array sizes, string truncation, prototype-pollution key filtering) before persistence/logging.
  • POST /api/accounts/link and POST /api/accounts/unlink now reject invalid/oversized caller-supplied value payloads instead of accepting unbounded input.
  • PATCH /api/portfolio/me now has explicit write-side rate limiting and rejects non-http(s) or protocol-relative profile URL values.
  • POST /api/v1/chat/telemetry and POST /api/v1/chat/command-preflight now use stricter bounded string/object parsing and return Retry-After on local limiter denials.
  • POST /api/v1/agents/feedback/submit now enforces stricter numeric/hash/string validation (including explicit hash-format checks) and returns Retry-After on limiter denials.
  • GET /api/v1/agents/feedback now validates mode and client query params more strictly, normalizes indexed paging inputs, and returns Retry-After on limiter denials.
  • POST /api/v1/agents/feedback/review now validates optional review target URLs as http(s), bounds optional string inputs, and returns Retry-After on limiter denials.
  • POST /api/creator-access/request now enforces strict payload shape and explicit coin-address validation instead of silently accepting malformed coin values.
  • POST /api/waitlist/bootstrap now enforces a smaller request-body budget and rejects invalid typed email/referralCode payload fields.
  • POST /api/v1/build/charm/* and POST /api/v1/build/charm/vault/* now share a centralized body-size constant, normalize non-object payloads to a safe empty-object shape, and emit Retry-After headers on local limiter denials.
  • POST /api/v1/agents/access-proof/request, POST /api/v1/agents/access-proof/verify, POST /api/v1/agents/{telegram|xmtp}/join, and POST /api/v1/agents/identity/set-agent-wallet now emit Retry-After on local limiter denials and normalize non-object JSON payloads before schema validation.
  • GET /api/v1/agents/profile, GET /api/v1/agents/creators, and GET /api/v1/agents/identity/verification now emit Retry-After on local limiter denials; POST /api/v1/agents/creators/{enable|provision-wallet} now also emits Retry-After and normalizes non-object payloads.
  • /api/agents, /api/v1/spec.json, and the remaining v1 read clusters (auction, lottery, gauge, vault, ve4626, charm/strategy) now emit Retry-After on local limiter denials for consistent client/backoff handling.
  • POST /api/admin/waitlist/{approve|deny|delete} and POST /api/admin/creator-access/{approve|deny|revoke} now use tighter JSON body limits, normalize non-object payloads, and emit Retry-After on limiter denials.
  • POST /api/accounts/{link|unlink} and Lens write builders (/api/lens/agent-registration, /api/lens/feedback-payload, /api/lens/reputation-graph) now use tighter JSON body budgets and normalize non-object payloads before parsing/validation.
  • /api/v1/workspace/{rooms|monitoring|activity|strategies|tasks|settings|summary|actions} now emit Retry-After on local limiter denials; wallet limiter tests now assert Retry-After across /api/wallet/* rate-limit paths.
  • Non-v1 API surfaces now have consolidated Retry-After hardening coverage per family: telegram/*, uniswap/*, image/*, and zora/* (including explicit header assertions on local 429 responses).
  • Remaining non-v1 ops surfaces now have consistent 429 backoff signaling: cre/runtime/* emits Retry-After on limiter denials, status/_vaultReport emits Retry-After on upstream RPC 429 responses, and new consolidated hardening tests cover cre/*, deploy/*, and status/* 429 + Retry-After behavior.
  • Final non-v1 consistency sweep: auth/_handoff-{create,redeem} and admin/creator-access/_allowlist now emit Retry-After on limiter denials, with a consolidated regression test covering these remaining surfaces.
  • Cache/body guard sweep: write-side Zora trend endpoints now explicitly return Cache-Control: no-store and reject oversized payloads (413), and POST /api/agent/process now sets no-store at handler entry for all responses.
  • Telegram write-path body hardening: telegram/_{unlink,link-ready,link-complete,miniapp-session,bot-config,link-telemetry} now enforce bounded pre-parsed body size checks (preventing req.body max-bytes bypass) and return 413 on oversized payloads, with regression tests across the Telegram endpoint suite.
  • Shared body-read hardening + CI guarding: API handlers now consume readBoundedJsonObjectBody from server-core (including auth/_handoff-create, waitlist/_bootstrap, keepr/actions/_updateStatus, and token/_managedTokenList), and new guard:api-nonv1-hardening CI checks block non-v1 429 responses without Retry-After context plus readJsonBody(req) ?? req.body bypass patterns.

Hardening exceptions (intentional)

  • /api/rpc uses a dedicated in-handler dual-bucket limiter (principal + ip) plus JSON-RPC method blocking because it is a high-throughput RPC proxy surface with chain-aware forwarding behavior.
  • /api/telegram/link-telemetry uses checkDurableRateLimit (instead of the default in-memory limiter) because telemetry events can arrive across multiple instances and still require a shared per-IP budget.

Follow-ups