563729aa19
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Made-with: Cursor
8.5 KiB
8.5 KiB
All Remaining Items and Tasks — Full Maximum Parallel Mode
Last Updated: 2026-02-05
Purpose: Single list of every remaining task, grouped by wave. Within each wave, run all items in parallel.
Refs: FULL_PARALLEL_EXECUTION_ORDER.md | TODO_TASK_LIST_MASTER.md | REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md
How to run
- Wave 0 — Run W0-1, W0-2, W0-3 in parallel (where different owners).
- Wave 1 — Run every W1-* item in parallel (assign to owners or automation).
- Wave 2 — Run every W2-* item in parallel (by host or by component).
- Wave 3 — After Wave 2: run W3-1 and W3-2 in parallel.
- Ongoing — Schedule O-* (cron / runbooks).
Wave 0 — Gates / credentials
| ID | Task | Command / note |
|---|---|---|
| W0-1 | Apply NPMplus RPC fix (405) | From LAN: bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh |
| W0-2 | Execute sendCrossChain (real) | Omit --dry-run in run-send-cross-chain.sh; LINK approved; bridge 0xcacfd227A040002e49e2e01626363071324f820a |
| W0-3 | NPMplus backup (export/config) | NPM_PASSWORD in .env; ./scripts/backup/automated-backup.sh [--with-npmplus] |
Wave 1 — Full parallel (all at once)
Security
| ID | Task | Status |
|---|---|---|
| W1-1 | SSH key-based auth; disable password (coordinate to avoid lockout): ./scripts/security/setup-ssh-key-auth.sh [--dry-run|--apply] |
✅ Dry-run done; apply = operator |
| W1-2 | Firewall: restrict Proxmox 8006: ./scripts/security/firewall-proxmox-8006.sh [--dry-run|--apply] [CIDR] |
✅ Dry-run done; apply = operator |
| W1-3 | smom: Security audits VLT-024, ISO-024 | |
| W1-4 | smom: Bridge integrations BRG-VLT, BRG-ISO |
Monitoring (config)
| ID | Task | Status |
|---|---|---|
| W1-5 | Prometheus scrape (Besu 9545); alert rules; config/monitoring/ |
✅ phase2-observability.sh --config-only run; config in config/monitoring/ |
| W1-6 | Grafana dashboards; Alertmanager config | ✅ alertmanager.yml in config/monitoring/; Grafana = deploy |
| W1-7 | Loki / Alertmanager config (no deploy yet) | ✅ Config present |
Backup
| ID | Task | Status |
|---|---|---|
| W1-8 | Verify/schedule backup cron: scripts/maintenance/schedule-npmplus-backup-cron.sh [--install|--show]; schedule-daily-weekly-cron.sh |
✅ --show run; daily-weekly cron installed; NPMplus install needs NPM_PASSWORD |
VLAN (optional)
| ID | Task |
|---|---|
| W1-9 | VLAN enablement: UDM Pro VLAN docs; Proxmox VLAN-aware bridge design |
| W1-10 | VLAN migration plan (per-service table) |
Documentation
| ID | Task |
|---|---|
| W1-11 | Documentation consolidation (by folder); archive old status |
| W1-12 | Quick reference cards; decision trees; config templates (ALL_IMPROVEMENTS 68–74) |
| W1-13 | Final IP assignments; service connectivity matrix; runbooks |
Codebase
| ID | Task |
|---|---|
| W1-14 | dbis_core: TypeScript/Prisma fixes (~1186 errors; parallelize by file) — or defer |
| W1-15 | smom: EnhancedSwapRouter quoter; AlltraAdapter fee |
| W1-16 | smom: IRU remaining tasks |
| W1-17 | Placeholders: canonical addresses env; AlltraAdapter; smart accounts kit; quote-service Fabric chainId; .bak deprecation (87–91) |
Quick wins & checklist
| ID | Task |
|---|---|
| W1-18 | Progress indicators in scripts; config validation in CI |
| W1-19 | Validator key permissions (chmod 600, chown besu) |
| W1-20 | Secret audit; input validation; security scanning (48–51) |
| W1-21 | Config validation (JSON/YAML); config templates; env standardization (52–54) |
Optional: MetaMask / explorer
| ID | Task |
|---|---|
| W1-22 | Token-aggregation hardening; CoinGecko submission |
| W1-23 | Chain 138 Snap: market data, swap quotes, bridge routes |
| W1-24 | Explorer: dark mode, network selector, sync indicator |
| W1-25 | Paymaster deploy (optional): forge script script/smart-accounts/DeployPaymaster.s.sol --rpc-url $RPC_URL_138 --broadcast |
| W1-26 | API keys: Li.Fi, Jumper, 1inch (API_KEYS_REQUIRED.md) |
Improvements index (parallel by range)
| ID | Task |
|---|---|
| W1-27 | ALL_IMPROVEMENTS 1–11 (Proxmox high) |
| W1-28 | ALL_IMPROVEMENTS 12–20 (Proxmox medium) |
| W1-29 | ALL_IMPROVEMENTS 21–30 (Proxmox low) |
| W1-30 | ALL_IMPROVEMENTS 31–35 (Quick wins) |
| W1-31 | ALL_IMPROVEMENTS 36–43 (script shebang, shellcheck, consolidation) |
| W1-32 | ALL_IMPROVEMENTS 44–47 (doc consolidation, API doc) |
| W1-33 | ALL_IMPROVEMENTS 48–57 (security, validation, RBAC, tests, CI) |
| W1-34 | ALL_IMPROVEMENTS 58–67 (logging, metrics, health, DevContainer, backup) |
| W1-35 | ALL_IMPROVEMENTS 68–74 (docs: quick ref, decision trees, glossary) |
| W1-36 | ALL_IMPROVEMENTS 75–81 (Phase 1–4 design; missing containers list) |
| W1-37 | ALL_IMPROVEMENTS 82–86 (smom audits, BRG, CCIP AMB, dbis_core, IRU) |
| W1-38 | ALL_IMPROVEMENTS 87–91 (placeholders) |
| W1-39 | ALL_IMPROVEMENTS 92–105 (MetaMask/explorer) |
| W1-40 | ALL_IMPROVEMENTS 106–121 (Tezos/Etherlink/CCIP) |
| W1-41 | ALL_IMPROVEMENTS 122–126 (Besu/blockchain) |
| W1-42 | ALL_IMPROVEMENTS 127–130 (RPC translator) |
| W1-43 | ALL_IMPROVEMENTS 131–134 (Orchestration portal) |
| W1-44 | ALL_IMPROVEMENTS 135–139 (Maintenance — document/automate) |
Detail: ALL_IMPROVEMENTS_AND_GAPS_INDEX.md
Wave 2 — Infra / deploy (parallel by host or component)
| ID | Task | Parallelize by |
|---|---|---|
| W2-1 | Deploy monitoring stack (Prometheus, Grafana, Loki, Alertmanager) | By component |
| W2-2 | Grafana via Cloudflare Access; alerts configured | After stack |
| W2-3 | VLAN enablement: UDM Pro VLAN; Proxmox bridge; migrate services to VLANs | By VLAN/host |
| W2-4 | Phase 3 CCIP: Ops/Admin (5400-5401); NAT pools; commit/execute/RMN scripts | Ops → NAT → scripts |
| W2-5 | Phase 4: Sovereign tenant VLANs; isolation; access control | By tenant/VLAN |
| W2-6 | Done (doc) | |
| W2-7 | DBIS services start (10100–10151); Hyperledger | By host |
| W2-8 | NPMplus HA (Keepalived, 10234) | Optional |
Wave 3 — After Wave 2
| ID | Task | Depends on |
|---|---|---|
| W3-1 | CCIP Fleet: 16 commit (5410-5425), 16 execute (5440-5455), 7 RMN (5470-5476) | W2-4 (Ops/Admin, NAT) |
| W3-2 | Phase 4 tenant isolation enforcement; access control | W2-3 / W2-5 |
Ongoing (schedule, not sequenced) — ✅ Completed 2026-02-05
| ID | Task | Frequency | Status |
|---|---|---|---|
| O-1 | Monitor explorer sync | Daily — scripts/maintenance/daily-weekly-checks.sh daily |
✅ Cron installed (08:00) |
| O-2 | Monitor RPC 2201 | Daily — same script | ✅ Cron installed (08:00) |
| O-3 | Config API uptime | Weekly — daily-weekly-checks.sh weekly |
✅ Cron installed (Sun 09:00) |
| O-4 | Review explorer logs | Weekly (manual; runbook) | ✅ Runbook: OPERATIONAL_RUNBOOKS § Maintenance |
| O-5 | Update token list | As needed | ✅ Token list validated (token-lists/lists/dbis-138.tokenlist.json) |
Validation (after changes)
| Check | Command |
|---|---|
| CI / config | bash scripts/verify/run-all-validation.sh [--skip-genesis] |
| Full verification | bash scripts/verify/run-full-verification.sh |
| E2E routing | bash scripts/verify/verify-end-to-end-routing.sh |
| Backend VMs | bash scripts/verify/verify-backend-vms.sh |
| Besu peers | bash scripts/besu-verify-peers.sh http://192.168.11.211:8545 |
Summary counts
| Wave | Item count | Run rule |
|---|---|---|
| Wave 0 | 3 | Parallel (different owners) |
| Wave 1 | 44 (W1-1 … W1-44) | All in parallel |
| Wave 2 | 8 | All in parallel (by host/component) |
| Wave 3 | 2 | Parallel after Wave 2 |
| Ongoing | 5 | Cron / runbooks |
Total remaining (actionable): Wave 0: 3 · Wave 1: 44 · Wave 2: 8 · Wave 3: 2 · Ongoing: 5.
Last parallel run (2026-02-05): Batch 11 covered CI validation, validate-config-files.sh, security dry-runs, phase2 config, CCIP checklist, phase4 show-steps, config backup, shellcheck --optional, Wave 0 dry-run. Current checks: ./scripts/validation/validate-config-files.sh, ./scripts/verify/run-all-validation.sh (optional --skip-genesis), WAVE1_COMPLETION_SUMMARY.md.