Complete the alpha-hardening Ralph task set, including tracker billing/accounting guards, validator fraud-audit primitives, wallet binding proof support, documentation runbooks, and updated tests. Verification: .venv/bin/python -m compileall -q packages tests; .venv/bin/python -m pytest -q --tb=short (313 passed, 3 skipped, 1 failed: tests/test_mining_cli.py::test_legacy_start_without_port_uses_next_available_port because meshnet-node pid 1263451 is already listening on port 7000).
1.6 KiB
1.6 KiB
Status: done
03 — C5 + M1: Starting credit 0, funded-account gate, spend cap
What to build
Close the free-credit faucet. New API keys start at 0 USDT; inference requires a real deposit or admin credit. Add a configurable per-request spend cap (M1) to limit runaway charges on compromised keys.
Code refs:
packages/tracker/meshnet_tracker/billing.py—DEFAULT_STARTING_CREDIT = 1.0(~22),ensure_client(~73–85),has_funds(~87–88), duplicate credit on charge (~130–138)packages/tracker/meshnet_tracker/server.py— billing gate before routing (~1667–1690)
Per ADR-0017 §2 and ADR-0016 §3.
Test-first
- Red: new API key gets 1.0 USDT implicit credit — test expects 0 balance until deposit.
- Red: first inference without deposit returns 402.
- Green:
DEFAULT_STARTING_CREDIT = 0.0; optional--max-charge-per-requestconfig.
Acceptance criteria
DEFAULT_STARTING_CREDITis 0.0; no automatic caller credit on first touchhas_fundsfalse for fresh keys; 402 before routing (server.py ~1684)- Admin
credit_clientor bound-wallet deposit still funds accounts - Configurable max charge per request (M1) rejects oversize completions with clear error
- Tests: fresh key blocked; after credit/deposit, inference proceeds
ADR links
Blocked by
02-a2-unified-auth-boundary.md(admin credit path secured)