Kế hoạch: Payment & Marketplace Feature
1. Hiện trạng
- 5 payment gateways tích hợp: Fincode/SBPS (card), Slash (crypto), Apple IAP, Google Play, Native token.
- Webhook handling cho Fincode, Slash, Node server callbacks.
- Batch jobs cho timeout/expiry xử lý.
- NFT transfer confirm với 3 transfer types.
2. Vấn đề đã biết
| # | Vấn đề | Mức độ |
|---|---|---|
| 1 | Idempotency không consistent giữa các gateways | High |
| 2 | Apple/Google timeout không có fallback | Medium |
| 3 | Webhook endpoints chưa có rate limiting | Medium |
| 4 | Presale/genesis flow không có clear retry strategy | Low |
3. Kế hoạch cải tiến
Phase 1: Idempotency audit
- Task 1-1: Audit tất cả webhook handlers → đảm bảo idempotent
- Task 1-2: Chuẩn hóa order status check trước khi credit
Phase 2: Resilience
- Task 2-1: Timeout handling cho Apple/Google verify (circuit breaker)
- Task 2-2: Retry strategy cho Node server callbacks
Phase 3: Testing
- Task 3-1: Test full card payment flow (Fincode)
- Task 3-2: Test Apple + Google IAP
- Task 3-3: Test crypto payment (Slash)
- Task 3-4: Test NFT transfer confirm (3 types)
4. Rủi ro
| Rủi ro | Ảnh hưởng | Biện pháp |
|---|---|---|
| Double webhook | Double credit | Idempotency check (order status guard) |
| Apple server down | Coin purchase blocked | Circuit breaker + fallback |
| Expired order with paid transaction | User paid but no coin | Reconciliation job |
| Webhook replay attack | Fake confirms | Signature validation + timestamp check |