proxmox/docs/00-meta/TODO_TASK_LIST_MASTER.md

# Master TODO Task List

**Last Updated:** 2026-03-02  
**Purpose:** Consolidated list of all fixes, enhancements, improvements, optimizations, recommendations, and missed steps.  
**Full index (1–139):** [ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md). **Full deployment order:** [DEPLOYMENT_ORDER_OF_OPERATIONS.md](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md) (Phase 0–6); before deploy run `./scripts/deployment/preflight-chain138-deploy.sh [--cost]`.

**Fully expanded checklist (everything conceivable):** **[MASTER_TODO_EXPANDED.md](MASTER_TODO_EXPANDED.md)** — Blitzkrieg Steps 0–19, R1–R23, tasks 1–30, Ledger 8–17, DEX/TransactionMirror, Tezos/CCIP, CONTRACT_NEXT_STEPS, GAPS, Supreme Command, Absolute Air Superiority, ALL_REQUIREMENTS, and validation commands.

**Execution mode: Full maximum parallel.** Run all remaining items in parallel by wave. See **[FULL_PARALLEL_EXECUTION_ORDER.md](FULL_PARALLEL_EXECUTION_ORDER.md)** for the ordered wave list (Wave 0 → Wave 1 → Wave 2 → Wave 3). Within each wave, execute every item concurrently; no artificial sequencing. Validation commands at bottom.

**Status:** [FULL_PARALLEL_RUN_LOG.md](../archive/00-meta-pruned/FULL_PARALLEL_RUN_LOG.md) (archived) | [WAVE1_COMPLETION_SUMMARY.md](WAVE1_COMPLETION_SUMMARY.md) | [WAVE2_WAVE3_OPERATOR_CHECKLIST.md](WAVE2_WAVE3_OPERATOR_CHECKLIST.md) | [REMAINING_WORK_DETAILED_STEPS.md](REMAINING_WORK_DETAILED_STEPS.md) (step-by-step; 2026-02-05 completion) | **[REMAINING_TASKS_AND_API_FEATURES.md](REMAINING_TASKS_AND_API_FEATURES.md)** (2026-02-10: consolidated remaining tasks + API features inventory). **Single plan (required/optional/recommended):** [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md).

**2026-02-05:** Master documentation updated (MASTER_INDEX v5.8, docs/README, MASTER_PLAN, NEXT_STEPS_MASTER); "Can be accomplished now" list completed; 32 files archived to docs/archive/00-meta-status/.

**2026-02-23:** Placeholders/fixes sync: TODOS_CONSOLIDATED, NEXT_STEPS_AND_REMAINING_TODOS, NEXT_STEPS_FOR_YOU updated to reference REQUIRED_FIXES_UPDATES_GAPS §4 (canonical addresses, AlltraAdapter, smart accounts, quote FABRIC_CHAIN_ID, .bak — all Done or Documented). Remaining in-repo fixes complete; operator/LAN and deferred items unchanged.

**2026-02-28:** Master documentation refresh — MASTER_INDEX 6.6; REPOSITORIES_AND_PRS_CHAIN138; pr-ready (eip155-138 public RPC only, Trust Wallet); set-missing-dotenv-chain138.sh; deploy-bridges-config-ready-chains.sh; ENV_CONFIG_READY_CHAINS (Gnosis/Celo/Wemix); WHATS_LEFT_OPERATOR_AND_EXTERNAL, NEXT_STEPS_INDEX updated.

**2026-02-27:** Deployment order of operations ([DEPLOYMENT_ORDER_OF_OPERATIONS.md](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md)) and preflight script (`preflight-chain138-deploy.sh`) added. Deployment safety: correct RPC (Core only), correct dotenv (smom-dbis-138/.env), gas/cost estimate before deploy, do not deploy when stuck. NEXT_STEPS_AND_REMAINING_TODOS, TODOS_CONSOLIDATED updated with next-steps table and 2026-02-27 completion.

---

## 1. Critical Fixes (Do First)

### CT 2301 (besu-rpc-private-1) — Corrupted Rootfs

- [ ] **Option A:** Restore from backup (if exists): `pct restore 2301 /path/to/backup.tar.zst --storage local-lvm`
- [x] **Option B:** Recreate container: Done 2026-02-04 via scripts/recreate-ct-2301.sh. See [scripts/README.md](../../scripts/README.md) § CT 2301.

### dbis-frontend (10130) — ✅ Deployed and Serving

- [x] Provision script: `./scripts/dbis/provision-dbis-frontend-container-10130.sh` (nginx, /opt/dbis-core)
- [x] Deploy script: python3 http.server fallback when nginx absent (improved to start reliably)
- [x] **Deployment complete:** Frontend built, pushed to `/tmp/dbis-frontend/dist`, python3 http.server running on port 80. Health check: 200 from container. Access: http://192.168.11.130 (on same network).

### Contract Verification on Blockscout

- [x] Script ready: `./scripts/verify/run-contract-verification-with-proxy.sh` (starts proxy if needed; --only/--skip supported)
- [x] **Executed:** Ran verification; some contracts may need manual verification (Blockscout API format/Invalid JSON). Use `--only ContractName` to retry individual contracts.

---

## 2. Gas & Deployment Steps

- [x] Verify validators have `min-gas-price=0` (scripts/verify/verify-min-gas-price.sh)
- [x] Use `GAS_PRICE=1000000000` when deploying (bridge script defaults to this)
- [x] **Bridge dry-run verified:** `GAS_PRICE=1000000000 ./scripts/bridge/run-send-cross-chain.sh <amount> [recipient] --dry-run`
- [x] **Real transfer:** Omit `--dry-run` to execute sendCrossChain; documented in [scripts/README.md](../../scripts/README.md) §8. Ensure LINK approved for fee token if needed.
- [ ] **Paymaster (optional):** `forge script script/smart-accounts/DeployPaymaster.s.sol --rpc-url $RPC_URL_138 --broadcast` — requires contract sources; see [SMART_ACCOUNTS_DEPLOYMENT_NOTE.md](../../metamask-integration/docs/SMART_ACCOUNTS_DEPLOYMENT_NOTE.md)

### Undeployed contracts — pre-deployment (test, gas check, gas API, dry-run)

**Full checklist:** [UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md](../03-deployment/UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md)

- [x] **Check deployer wallet for gas** on Chain 138 and all target chains: `cd smom-dbis-138 && ./scripts/deployment/check-balances-gas-and-deploy.sh`
- [x] **Use gas API to estimate** all undeployed contract deployment costs: `./scripts/deployment/get-multichain-gas-prices.sh`; optionally `update-gas-estimates.sh`; estimate per-script gas (forge/cast) for PMM pool creation, TransactionMirror, EnhancedSwapRouter, DODOPMMProvider, and any multichain cW*/PMM.
- [x] **Dry-run Chain 138 deployments:** `deploy-contracts-unified.sh --dry-run` (RPC + init fixes applied); DeployDeterministicCore simulated; PMM pool creation: set `DODO_PMM_INTEGRATION_ADDRESS` then `DRY_RUN=true ./scripts/create-all-dodo-pools-from-token-api.sh`; TransactionMirror script (no --broadcast); `deploy-optional-future-all.sh --dry-run`; `fund-ccip-bridges-with-link.sh --dry-run`.
- [ ] **Dry-run mainnet/multichain** (if applicable): `dry-run-mainnet-deployment.sh` (requires ETHEREUM_MAINNET_RPC, PRIVATE_KEY) or per-script `forge script ... --dry-run` for each target chain.
- [x] **Test not-deployed components:** Run `check-contracts-on-chain-138.sh` after any new deploy (36/36 present). Validate PMM pool creation path when pools created; DODOPMMProvider when implemented; TransactionMirror receive path after deploy; EnhancedSwapRouter when pools exist.

---

## 3. Verification Fixes (Applied — Verify)

- [x] Forge proxy: v2 API first for flattened code
- [x] verify-backend-vms: IP from net0; nginx sanitization; rpc-thirdweb path
- [x] export-npmplus: skip when NPM_PASSWORD missing
- [x] verify-udm-pro: internal failure → warn
- [x] verify-all-systems: flexible patterns; bash --norc
- [x] Re-run: `bash scripts/verify/run-full-verification.sh` (2026-02-03)
- [x] **validate-genesis.sh (smom-dbis-138):** Fixed 2026-02-05 — runs standalone; QBFT supported. See [FULL_PARALLEL_RUN_LOG.md](../archive/00-meta-pruned/FULL_PARALLEL_RUN_LOG.md) Wave 1 fifth batch.
- [x] **validate-config-files.sh:** Pass (ip-addresses.conf, .env.example). Optional env warnings only.
- [x] **E2E routing:** verify-end-to-end-routing.sh run; 25 DNS pass, 14 HTTPS pass, 6 RPC 405 until NPMplus fix from LAN.
- [x] **502 fix flow:** When E2E 502s persist (dbis-admin, secure, dbis-api, rpc-http-prv, rpc-alltra/hybx), from LAN run `./scripts/maintenance/address-all-remaining-502s.sh` (optionally `--run-besu-fix --e2e`). Runbook: [502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md](502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md).
- [x] **Full verification includes config:** run-full-verification.sh Step 0 runs validate-config-files.sh (6 steps total).
- [x] **Maintenance script:** daily-weekly-checks.sh [daily|weekly|all] — tested; RPC check OK.
- [x] **shellcheck (optional):** `bash scripts/verify/run-shellcheck.sh` or `run-shellcheck-docker.sh`; use `--optional` to exit 0 when shellcheck not installed.

---

## 4. All Improvements & Gaps (1–139) — Full Checklist

**Run in full parallel where possible.** See [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md) for details and [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md) for cohorts.

| Range | Category | Count |
|-------|----------|-------|
| 1–11 | Proxmox high priority | 11 |
| 12–20 | Proxmox medium | 9 |
| 21–30 | Proxmox low | 10 |
| 31–35 | Quick wins | 5 |
| 36–67 | Code quality & scripts | 32 |
| 68–74 | Documentation enhancements | 7 |
| 75–91 | Infrastructure & deployment | 17 |
| 92–105 | MetaMask & explorer | 14 |
| 106–121 | Tezos / Etherlink / CCIP | 16 |
| 122–126 | Besu / blockchain | 5 |
| 127–130 | RPC translator | 4 |
| 131–134 | Orchestration portal | 4 |
| 135–139 | Maintenance | 5 |

- [ ] **1–139** — Work through [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md) (parallel by cohort where no deps). Docs 68–74 index: [QUICK_REFERENCE_CARDS.md](../12-quick-reference/QUICK_REFERENCE_CARDS.md) §3.1. **CI validation:** `bash scripts/verify/run-all-validation.sh [--skip-genesis]` (dependencies + config + optional genesis). Config only: `scripts/validation/validate-config-files.sh` (set VALIDATE_REQUIRED_FILES for CI/pre-deploy). **Last full parallel run (2026-02-05):** run-all-validation, validate-config-files, security dry-runs, phase2 --config-only, CCIP checklist, phase4 --show-steps, config backup, Wave 0 --dry-run — see [FULL_PARALLEL_RUN_LOG.md](../archive/00-meta-pruned/FULL_PARALLEL_RUN_LOG.md) batch 11.

---

## 5. Security (High Priority)

- [x] chmod 600 .env (2026-02-03)
- [x] **SSH/firewall scripts:** `./scripts/security/setup-ssh-key-auth.sh [--dry-run|--apply]`, `./scripts/security/firewall-proxmox-8006.sh [--dry-run|--apply] [CIDR]`
- [ ] smom: Security audits VLT-024, ISO-024; Bridge integrations BRG-VLT, BRG-ISO

---

## 6. Monitoring & Backup

- [x] **Monitoring:** `./scripts/deployment/phase2-observability.sh [--config-only]` → config/monitoring/; runbook OPERATIONAL_RUNBOOKS § Phase 2
- [x] Besu metrics 9545; Prometheus: scripts/monitoring/prometheus-besu-config.yml
- [x] Health alerting: ALERT_EMAIL/ALERT_WEBHOOK in storage-monitor, npmplus monitor
- [x] **Automated backup:** `./scripts/backup/automated-backup.sh [--with-npmplus]`; runbook OPERATIONAL_RUNBOOKS

---

## 7. Infrastructure Phases

- [x] **Phase 2:** Monitoring config + runbook; backup script; SSH/firewall scripts (see §5, §6).
- [x] **Phase 3 CCIP checklist:** `./scripts/ccip/ccip-deploy-checklist.sh` — validates env, prints deployment order; full deploy per [CCIP_DEPLOYMENT_SPEC.md](../07-ccip/CCIP_DEPLOYMENT_SPEC.md).
- [x] **Phase 4 (runbook):** [OPERATIONAL_RUNBOOKS.md](../03-deployment/OPERATIONAL_RUNBOOKS.md) § Phase 4; `scripts/deployment/phase4-sovereign-tenants.sh [--show-steps|--dry-run]`; NETWORK_ARCHITECTURE, ORCHESTRATION_DEPLOYMENT_GUIDE, UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.

---

## 8. Codebase

- [ ] dbis_core: ~1186 TS errors remain (deferred)
- [x] smom: EnhancedSwapRouter/DODOPMMProvider/Quote Service documented in [PLACEHOLDERS_AND_TBD.md](../PLACEHOLDERS_AND_TBD.md); AlltraAdapter setBridgeFee done
- [x] Scripts: --dry-run (create-chain138-containers, deploy-weth9, backup-proxmox-configs); sendCrossChain real transfer documented

---

## 9. Documentation (see also MASTER_TODO_EXPANDED §12)

- [x] Update NEXT_STEPS_MASTER with 2026-02-03 completions (2026-02-05)
- [x] Sync VM_RESTART known-issue #1 (Corrupted rootfs) — Resolved 2026-02-04; VM_RESTART doc updated
- [x] Add fix-ct-2301 to scripts/README

---

## 10. Blitzkrieg, DEX, Supreme Command (full list in MASTER_TODO_EXPANDED)

- [ ] **Blitzkrieg trail:** Steps 0–19 (env freeze, canonical registry, token lists, GRU M1, CCIP, W-Tokens, wallet ingestion, Blockscout, bridge hardening, CI/CD, monitoring, security, dry-run done; optional Tezos/DODO)
- [ ] **Recommendations R1–R23:** Verification, single source of truth, on-chain check, secrets, RPC/gas/order, runbooks, automation, monitoring, tests, Sankofa/network placeholders
- [ ] **DEX / cross-chain:** TransactionMirror (Mainnet verify, Chain 138 deploy if needed); DODO (DODOPMMIntegration + Provider); EnhancedSwapRouter when pools exist; full trustless stack; Jumper/FABRIC_CHAIN_ID. **Before any Chain 138 deploy:** run `./scripts/deployment/preflight-chain138-deploy.sh [--cost]`; follow [DEPLOYMENT_ORDER_OF_OPERATIONS.md](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md) Phase 0–6.
- [ ] **Tezos/CCIP:** External verification (CCIP/Jumper/LiFi); InitializeRegistry/DeployAllAdapters; Etherlink receivers; relay; DON; monitoring; testing
- [ ] **Supreme Command:** Deployment matrix, risk scoreboard, RAG dashboard, reconciliation, prod vs testnet, war-room
- [ ] **Absolute Air Superiority:** Sentinel, canonical anchoring, circuit breaker, stress test, time-to-containment, formal verification, sovereign continuity

**Detail and every sub-task:** [MASTER_TODO_EXPANDED.md](MASTER_TODO_EXPANDED.md).

---

## 10b. Chain 138 deployment (smom-dbis-138)

- [x] **Verify script:** Optional checks (CCIPTxReporter, genesis.json) → warnings; log_* fallbacks; unset-var safe (2026-02-16).
- [x] **@emoney/interfaces:** Relative imports in ReserveTokenIntegration.sol and DeployReserveSystem.s.sol for Hardhat/CCIPLogger.
- [x] **.env.example:** CHAIN138_CCIP_REPORTER and DODO_VENDING_MACHINE_ADDRESS documented.
- [x] **Optional (completed where possible):** CCIPLogger deployed (mainnet); CCIPTxReporter contract added and deployed (Chain 138); LINK funding script run (transfers need deployer LINK); PMM still requires DODO_VENDING_MACHINE_ADDRESS from operator.

**Warnings and optional tasks:** [smom-dbis-138/docs/deployment/WARNINGS_AND_OPTIONAL_TASKS.md](../../smom-dbis-138/docs/deployment/WARNINGS_AND_OPTIONAL_TASKS.md).

---

## 11. Optional / Enhancements

- [x] **Token-aggregation:** Admin routes use strict rate limit; [COINGECKO_SUBMISSION.md](../../smom-dbis-138/services/token-aggregation/docs/COINGECKO_SUBMISSION.md) for CoinGecko listing steps.
- [x] **API key placeholders:** All vars from [API_KEYS_REQUIRED.md](../../reports/API_KEYS_REQUIRED.md) added to root `.env.example`, `dbis_core/.env.example`, `the-order/services/legal-documents/.env.example` (see [API_KEYS_DOTENV_STATUS.md](API_KEYS_DOTENV_STATUS.md)). Obtaining keys remains operator task.
- [ ] Resource/network/database optimization

---

## 12. Maintenance (135–139)

- [x] **Runbook and script:** [OPERATIONAL_RUNBOOKS.md](../03-deployment/OPERATIONAL_RUNBOOKS.md) § Maintenance; `scripts/maintenance/daily-weekly-checks.sh [daily|weekly|all]` for 135–137. Schedule via cron (e.g. daily 08:00).
- [x] **Script tested:** daily-weekly-checks.sh daily (explorer SKIP off-LAN, RPC OK).
- [x] **Ongoing scheduled (2026-02-05):** `schedule-daily-weekly-cron.sh --install` — daily 08:00, weekly Sun 09:00.
- [x] Monitor explorer sync — Daily (cron runs daily-weekly-checks.sh daily)
- [x] Monitor RPC 2201 — Daily (same script)
- [x] Config API uptime — Weekly (cron runs weekly)
- [x] Review explorer logs — Weekly (runbook: OPERATIONAL_RUNBOOKS § Maintenance [138])
- [x] Update token list — Validated token-lists/lists/dbis-138.tokenlist.json; update as needed per runbook [139]

---

## Validation Commands

| Check | Command |
|-------|---------|
| All validation (CI) | `bash scripts/verify/run-all-validation.sh [--skip-genesis]` |
| Dependencies | `bash scripts/verify/check-dependencies.sh` |
| Backend VMs | `bash scripts/verify/verify-backend-vms.sh` |
| Full verification | `bash scripts/verify/run-full-verification.sh` |
| E2E routing only | `bash scripts/verify/verify-end-to-end-routing.sh` |
| All systems | `bash scripts/verify-all-systems.sh` |
| Config files | `bash scripts/validation/validate-config-files.sh` |
| Genesis (smom-dbis-138) | `bash smom-dbis-138/scripts/validation/validate-genesis.sh` |
| Chain 138 full deploy verify | `bash smom-dbis-138/scripts/deployment/verify-chain138-full-deployment.sh` |
| Besu peers | `bash scripts/besu-verify-peers.sh ${RPC_URL_138:-http://192.168.11.211:8545}` |
| Shellcheck (optional) | `bash scripts/verify/run-shellcheck.sh [--optional]` or `bash scripts/verify/run-shellcheck-docker.sh` |
| Wave 0 from LAN | `bash scripts/run-wave0-from-lan.sh [--dry-run] [--skip-backup] [--skip-rpc-fix]` |
| NPMplus backup cron | `bash scripts/maintenance/schedule-npmplus-backup-cron.sh [--install|--show]` |
| Daily/weekly checks cron | `bash scripts/maintenance/schedule-daily-weekly-cron.sh [--install|--show]` |

---

**Related:** [MASTER_TODO_EXPANDED.md](MASTER_TODO_EXPANDED.md) (fully expanded checklist) | [REMAINING_TASKS_AND_API_FEATURES.md](REMAINING_TASKS_AND_API_FEATURES.md) (remaining tasks + Phoenix/OMNL/Explorer API inventory) | [NEXT_STEPS_MASTER.md](NEXT_STEPS_MASTER.md) | [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md) | [IMPLEMENTATION_CHECKLIST.md](../10-best-practices/IMPLEMENTATION_CHECKLIST.md) | [REMAINING_TASKS.md](../REMAINING_TASKS.md) | [reports/status/VM_RESTART_AND_VERIFICATION_20260203.md](../../reports/status/VM_RESTART_AND_VERIFICATION_20260203.md).